Setting up a Windows like domain

Hi,

I am fairly new with Linux and I have been playing around with different aspects of setting up a network at home for practice. I have managed to set up Samba on my OpenSuse 11.1 machine to access the files on my other computers ( 1 XP machine and 1 Vista machine). I have set up dhcp on the linux machine and it handled the addressing for the little network perfectly. It even managed to access the files a little quicker from the other computers this way. I have not left it set up like this for long because of one thing or another not working properly.

My first attempt was smooth but it was only a test run to see if it would work. The second I ran into a problem with Vista not pulling the correct IP address from the Linux machine. I had disabled dhcp on my router and did everything as before but still could not get online or the network. Vista looked like it kept going to the router and pulling information from my router, this I blame on Vista.

My real question are:

What tools would I need to set up my Linux machine to be a domain controller so that when I log into one of the other windows machines they check for credentials similar to Active Directory?

After creating another partition on my Linux machine, set that up as a shared drive?

Any help would be appreciated. Thank you.

This is a Working example of a openSUSE configured as a DC, DATOS is an example share, modify the path to your needs, just make sure that the DHCP server is running after a reboot.

[global]

            workgroup = BLUE

            netbios name = suse-blue

            domain logons = yes

            domain master = yes

            local master = yes

            os level = 65

            preferred master = yes

            security = user

            logon path =

            logon drive = P:

            passdb backend = tdbsam

            add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s /bin/false %m$

            name resolve order = wins bcast host lmhost

            server string = opensuseserver

            printing = cups

            printcap name = cups

            printcap cache time = 750

            cups options = raw

            wins support = yes

[homes]

             comment = Home Directories

            valid users = %S, %D%w%S

            browseable = No

            read only = No

            inherit acls = Yes

[profiles]

            comment = Network Profiles Service

            path = %H

            read only = No

            store dos attributes = Yes

            create mask = 0600

            directory mask = 0700

[printers]

            comment = All Printers

            path = /var/tmp

            printable = Yes

            create mask = 0600

            browseable = No

[print$]

            comment = Printer Drivers

            path = /var/lib/samba/drivers

            write list = @ntadmin root

            force group = ntadmin

            create mask = 0664

            directory mask = 0775

[netlogon]

            comment = network logon service

            path = /var/lib/samba/netlogon

            write list = root

[datos]

            comment = datos varios

            force user = easgs

            guest ok = No

            inherit acls = Yes

            path = /home/easgs/datos/

            valid users = easgs easgs1 easgs2 easgs3

            write list = easgs easgs1

            read list = easgs2 easgs3

you will have to map the groups as follows

net groupmap add ntgroup=”Domain Admins” unixgroup=root rid=512

net groupmap add ntgroup=”Domain Users” unixgroup=users rid=513

net groupmap add ntgroup=”Domain Guests” unixgroup=nobody rid=514

Add the users to the samba database as follow

pdbedit –a easgs

pdbedit –a easgs1

etc, change easgs to suit your needs

In the firewall open samba server, DHCP, and Netbios server.

To join a Windows vista machine to this DC do the following changes

Inicio -> Ejecutar -> secpol.msc

Network Security: LAN Manager authentication level and change: Send NTLMv2 response only to Send LM & NTLM - use NTLMv2 session security if negotiated.

Thank you for the help. I do have one question, is most this configurations for Samba?

Yes it does, the first part is the content of the smb.conf file, the other commands must be runned as root.