But Samba3 lacks some of the features of Active Directory so recently Samba4 has been launched by Samba which can used to configure Active directory Domain controller on the Linux machine and can be controlled using client software on any of the windows machine consisting of all the features of Active Directory. I won't be able to explain the feature of all the command for that you can take help of "GOOGLE" but I will try my level best from my side to explain all the required commands.
You can just follow the steps which I am going to post here and if you face any problem regarding the same kindly revert back with your error.
NOTE: Kindly take a backup copy of all the original configuration files you are going to use in this tutorial.
Server: CentOS 6IP Address: 10.10.10.100
users : user1, user2
machine name : machine1
First of all make sure all the required packages are installed in your system and if not you can install them using "yum"
# rpm -qa | grep samba samba-3.5.10-116.el6_2.i686 samba-common-3.5.10-116.el6_2.i686 samba-winbind-clients-3.5.10-116.el6_2.i686 samba-client-3.5.10-116.el6_2.i686and if the package is missing
# yum -y install samba
# vi /etc/samba/smb.conf [Global] workgroup = EXAMPLE #corresponds to domain name local master = yes preferred master = yes domain master = yes domain logons = yes security = user passdb backend = tdbsam logon path = \\%L\Profiles\%U logon script = logon.bat add machine script = /usr/sbin/useradd -d /dev/null -g 200 -s /sbin/nologin -M %u [homes] browseable = yes writable = yes [netlogon] path = /home/netlogon writable = no browseable = no [Profiles] path = /home/profiles createmask = 0755 directory mask = 0755 writable = yes
The line, domain logons = yes, is what tells Samba we want this server to handle domain logons.
Defining a logon path is necessary for supporting roaming profiles. The UNC \\%L\profiles\%u refers to a share held on the samba server where the profiles are kept. The variables %L and %u are replaced by samba with the name of the server and the username of the logged on user respectively.
The logon script = logon.bat line specifies the name of an MS-DOS batch file that will be executed when the client logs on to the domain. The path specified here is relative to the [netlogon] share that is defined later in the smb.conf file.
For further knowledge on the above used syntax in the smb.conf file kindly refer to this website
# mkdir -m 1777 /home/profiles # mkdir -m 1777 /home/netlogon # groupadd -g 200 machineSince we have used a "add machine script" in our conf file as you can see above, we don't need to create any user for the machine of the client as it will automatically create one evrytime we login to domain connected client machine. But if you don't use that script then you can do the same manually
# useradd -d /dev/null -s /sbin/nologin -g 200 machine1$
# smbpasswd -m -a machine1$
# useradd user1 # useradd user2 # smbpasswd -a root # smbpasswd -a user1 # smbpasswd -a user2 # service smb restart # service nmb restartCheck your firewall settings as in my case I have disabled my firewall and selinux.
Client side configuration:Open your windows XP machine and make sure the machine is in network with the server. Login to the computer as Administrator or another user in the Administrators group. Right click on the "My Computer" icon and click on prperties then go to "Computer Name" tab and click on "change".
NOTE: You might have to perform some registry related changes in order to add your Windows 7 machine to Samba 3
The following error occurred attempting to join the domain „.....“:
The specified domain either does not exist or could not be contacted.
After sucessfully joining the domain you might get an error like below
Changing the Primary Domain DNS name of this computer to "" failed. The name will remain ".....".
The error was:
The specified domain either does not exist or could not be contacted
You can safely ignore this message or to silent the error pop up download and install the below hotfix from Microsoft
You incorrectly receive an error message when you join a computer that is running Windows 7 or Windows Server 2008 R2 to a Samba 3-based domain
Samba 4 as Active Directory configuration guide
Samba 4.1 as Active Directory configuration guide
Changing password for Administrator in Samba4
Configure NTP server for Samba4
Samba4 related commands
Create Roaming Profiles in Samba4
Follow the below links for more tutorials:
How to secure Apache web server in Linux using password (.htaccess)
How to register Red Hat Linux with RHN (Red Hat Network )
Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
15 tips to enhance security of your Linux machine
Why is Linux more secure than windows and any other OS
What is the difference between "su" and "su -" in Linux?
How to log iptables messages in different log file
What are the s and k scripts in the etc rcx.d directories