Setting up a Windows like domain

[Noctilucent]

Hi,

I am fairly new with Linux and I have been playing around with different aspects of setting up a network at home for practice. I have managed to set up Samba on my OpenSuse 11.1 machine to access the files on my other computers ( 1 XP machine and 1 Vista machine). I have set up dhcp on the linux machine and it handled the addressing for the little network perfectly. It even managed to access the files a little quicker from the other computers this way. I have not left it set up like this for long because of one thing or another not working properly.

My first attempt was smooth but it was only a test run to see if it would work. The second I ran into a problem with Vista not pulling the correct IP address from the Linux machine. I had disabled dhcp on my router and did everything as before but still could not get online or the network. Vista looked like it kept going to the router and pulling information from my router, this I blame on Vista.

My real question are:

What tools would I need to set up my Linux machine to be a domain controller so that when I log into one of the other windows machines they check for credentials similar to Active Directory?

After creating another partition on my Linux machine, set that up as a shared drive?

Any help would be appreciated. Thank you.

[Easgs]

This is a Working example of a openSUSE configured as a DC, DATOS is an example share, modify the path to your needs, just make sure that the DHCP server is running after a reboot.



[global]

workgroup = BLUE

netbios name = suse-blue

domain logons = yes

domain master = yes

local master = yes

os level = 65

preferred master = yes

security = user

logon path =

logon drive = P:

passdb backend = tdbsam

add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$

name resolve order = wins bcast host lmhost

server string = opensuseserver

printing = cups

printcap name = cups

printcap cache time = 750

cups options = raw

wins support = yes

[homes]

comment = Home Directories

valid users = %S, %D%w%S

browseable = No

read only = No

inherit acls = Yes

[profiles]

comment = Network Profiles Service

path = %H

read only = No

store dos attributes = Yes

create mask = 0600

directory mask = 0700

[printers]

comment = All Printers

path = /var/tmp

printable = Yes

create mask = 0600

browseable = No

[print$]

comment = Printer Drivers

path = /var/lib/samba/drivers

write list = @ntadmin root

force group = ntadmin

create mask = 0664

directory mask = 0775

[netlogon]

comment = network logon service

path = /var/lib/samba/netlogon

write list = root

[datos]

comment = datos varios

force user = easgs

guest ok = No

inherit acls = Yes

path = /home/easgs/datos/

valid users = easgs easgs1 easgs2 easgs3

write list = easgs easgs1

read list = easgs2 easgs3



you will have to map the groups as follows


net groupmap add ntgroup=”Domain Admins” unixgroup=root rid=512

net groupmap add ntgroup=”Domain Users” unixgroup=users rid=513

net groupmap add ntgroup=”Domain Guests” unixgroup=nobody rid=514



Add the users to the samba database as follow

pdbedit –a easgs

pdbedit –a easgs1

etc, change easgs to suit your needs


In the firewall open samba server, DHCP, and Netbios server.



To join a Windows vista machine to this DC do the following changes

Inicio -> Ejecutar -> secpol.msc


Network Security: LAN Manager authentication level and change: Send NTLMv2 response only to Send LM & NTLM - use NTLMv2 session security if negotiated.

[Noctilucent]

Thank you for the help. I do have one question, is most this configurations for Samba?

[Easgs]

Yes it does, the first part is the content of the smb.conf file, the other commands must be runned as root.