Practical Tips: How to Use Samba for PDC configuration in Linux

Article Title: Practical Tips: How to Use Samba for PDC configuration in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

1. Create related directories:

Mkdir/home/samba

Mkdir/home/samba/public

Mkdir/home/samba/exchange

Mkdir/home/samba/profiles

Mkdir/home/samba/netlogon

Mkdir/home/samba/computer

2. Run the chmod command to modify the permissions of these directories:

Chmod 777/home/samba/public

Chmod 1777/home/samba/exchange

Chmod 1777/home/samba/profiles

Chmod 700/home/samba/netlogon

Chmod 777/home/samba/computer

3. Create some users and groups:

Groupadd computer

Groupadd machines

Useradd? G computer jxgzoyke

Passwd jxgzoyke

....

...

4. Next, let's take a look at the configuration file settings.

[Global]

Workgroup = WORKGROUP // set a Working Group

Server string = Samba Server % v // Samba server description

Netbios name = SMBServer // name displayed by the Samba server in Windows

Hosts allow = 192.168.1. 192.168.2. 127. // The host that allows access to the Samba server. you can comment out the host.

Log file =/var/log/samba/% m. log // The location "% m" of the log file represents the NetBIOS name of the client.

Max log size = 0 // log File size

Security = user // Share Level

Encrypt passwords = yes // whether to encrypt

Smb passwd file =/etc/samba/smbpasswd // Password file Location

Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192 // This can improve the server performance. I do not know why, ^ o ^

Local master = Yes // whether Samba is allowed to participate in the election of the local host browser on the subnet

OS level = 33

Domain master = yes // whether to allow Samba to become the main browser of the domain

Preferred master = yes // you can specify Samba as the preferred browser.

Domain logons = yes // whether to enable Samba as the domain login server

Logon home =\\ % L \ % U // % L represents the NetBIOS Name of the server, and % U represents the user name of the client sending the request

Logon drive = H: // map the user's main directory to a local H Disk

Logon path =\\ % L \ profiles \ % U // path for saving the Desktop configuration information of the client machine. profiles corresponds to the [profiles] shared section below

Logon script = netlogon. bat // login script

[Homes]

Comment = Home Directories

Browseable = no // cannot be viewed

Writable = yes // yes

Valid users = % S // % S name of the current service

Create mode = 0664 // file creation permission

Directory mode = 0775 // permission to create a directory

[Netlogon]

Comment = Network Logon Service

Path =/home/samba/netlogon

Write list = root

Share modes = no

Browseable = no

[Profiles]

Path =/home/samba/profiles

Browseable = no

Public = yes

Writeable = yes

Create mask = 0700

Directory mask = 0700

[Public]

Comment = public

Path =/home/samba/public

Public = yes

Browseable = yes

Write list = jxgzoyke

[Exchange]

Comment = exchange

Path =/home/samba/exchange // anyone can read and write the shared directory, but cannot delete other people's files.

The reason is that the command chmod 1777/home/samba/exchange

Public = yes // accessible to all users

Writeable = yes // writable

[Computer]

Comment = computer

Path =/home/samba/computer

Browseable = yes

Valid users = @ computer // only users in the computer group can access

Writeable = yes

After modifying the configuration file, remember to restart samba: service smb restart. You can also use Chkconfig? Level 35 smb on enables Automatic startup when samba is started at the 3 or 5 running level

5. Now you have added the user account:

Smbpasswd? A jxgzoyke // note that this account must have a password in/etc/passwd:

Verification password:

Smbpasswd? A root // be sure to add the root user to/etc/samba/smbpasswd.

6. the samba server cannot be accessed from a windows Server, and the system may prompt that the network path cannot be found.

Using iptables? The F Command temporarily clears the firewall rules (I do not know how to add rules to the firewall that allow access to the samba server, but do not forget to teach me what I know ), now you should be able to access the samba server by entering the account password added above on the windows machine.

7. Let's take a look at how to add a domain. For example, the name of one of my windows2000 machines is oyke.

Create a linux Account first:

Useradd? G machines? D/dev/null? S/bin/false oyke $

Set password:

Passwd oyke $

Add the above account to/etc/samba/smbpasswd.

Smbpasswd? A? M oyke

Right-click my computer, properties, network ID, and properties on the machine 2000. Select "Domain" under "Recording", enter the name of the workgroup set by workgroup in the configuration file, and enter the root account and password in the displayed dialog box, you will be prompted to join the XXX domain later. Restart the computer and log in with the jxgzoyke account. 2000 is successfully added to the samba domain.

The method for adding XP and 2003 to the domain is the same, but you must change the Registry first:

Create a DWord: requiresignorseal under [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Netlogon \ Parameters] and set it to 0. if it already exists, modify the value.

98, the ME system can directly log on with an account in samba.