Thread: Setting up a Windows like domain
View Single Post
  #2 (permalink)  
Old 03-Jul-2009, 12:10
Easgs's Avatar
Easgs Easgs is offline
Explorer Penguin
  
Join Date: Jun 2008
Posts: 157
Easgs hasn't been rated much yet
Default Re: Setting up a Windows like domain
This is a Working example of a openSUSE configured as a DC, DATOS is an example share, modify the path to your needs, just make sure that the DHCP server is running after a reboot.



[global]

workgroup = BLUE

netbios name = suse-blue

domain logons = yes

domain master = yes

local master = yes

os level = 65

preferred master = yes

security = user

logon path =

logon drive = P:

passdb backend = tdbsam

add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$

name resolve order = wins bcast host lmhost

server string = opensuseserver

printing = cups

printcap name = cups

printcap cache time = 750

cups options = raw

wins support = yes

[homes]

comment = Home Directories

valid users = %S, %D%w%S

browseable = No

read only = No

inherit acls = Yes

[profiles]

comment = Network Profiles Service

path = %H

read only = No

store dos attributes = Yes

create mask = 0600

directory mask = 0700

[printers]

comment = All Printers

path = /var/tmp

printable = Yes

create mask = 0600

browseable = No

[print$]

comment = Printer Drivers

path = /var/lib/samba/drivers

write list = @ntadmin root

force group = ntadmin

create mask = 0664

directory mask = 0775

[netlogon]

comment = network logon service

path = /var/lib/samba/netlogon

write list = root

[datos]

comment = datos varios

force user = easgs

guest ok = No

inherit acls = Yes

path = /home/easgs/datos/

valid users = easgs easgs1 easgs2 easgs3

write list = easgs easgs1

read list = easgs2 easgs3



you will have to map the groups as follows


net groupmap add ntgroup=”Domain Admins” unixgroup=root rid=512

net groupmap add ntgroup=”Domain Users” unixgroup=users rid=513

net groupmap add ntgroup=”Domain Guests” unixgroup=nobody rid=514



Add the users to the samba database as follow

pdbedit –a easgs

pdbedit –a easgs1

etc, change easgs to suit your needs


In the firewall open samba server, DHCP, and Netbios server.



To join a Windows vista machine to this DC do the following changes

Inicio -> Ejecutar -> secpol.msc


Network Security: LAN Manager authentication level and change: Send NTLMv2 response only to Send LM & NTLM - use NTLMv2 session security if negotiated.
Reply With Quote