1.0: Configuring Samba: Difference between revisions

1.0: Configuring Samba

Samba is an ambitious project to provide solutions for file & print sharing between Linux ™ and Microsoft Windows.

If you are familiar with Samba this document may give you some ideas of how you can bundle different software packages together to produce a very reliable configuration.

We are building a fault tolerant domain controller, which provides you with the following;

Samba Configuration

- Primary Domain Controller

- Backup Domain Controller

A master domain controller, that provides authentication through the use of LDAP

A slave domain controller that can load balance client login requests which also provide redundancy through the use of a replica LDAP database.

Step1

Get the latest version of samba http://us4.samba.org/samba/ftp/samba-latest.tar.gz

It is essential that both the PDC and BDC are running the same version of samba.

[root@node1 samba]# wget http://us4.samba.org/samba/ftp/samba-latest.tar.gz
--19:28:04--  http://us4.samba.org/samba/ftp/samba-latest.tar.gz
               => `samba-latest.tar.gz'
Resolving us4.samba.org... 192.48.170.15
Connecting to us4.samba.org|192.48.170.15|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 17,704,221 (17M) [application/x-tar]
100%[====================================>] 17,704,221    53.01K/s    ETA 00:00
19:33:40 (51.62 KB/s) - `samba-latest.tar.gz' saved [17704221/17704221]

Step2

[root@node1 samba]# tar zxvf samba-latest.tar.gz
[root@node1 samba]# cd samba-3.0.23d/

Choose the appropriate distribution.

[root@node1 samba-3.0.23d]# cd packaging/
bin/      Example/  Mandrake/ RedHat-9/ SGI/      SuSE/
Debian/   LSB/      README    RHEL/     Solaris/  sysv/

Step3

This will take some time.

[root@node1 samba-3.0.23d]# cd packaging/RHEL/
[root@node1 RHEL]# ls
makerpms.sh  makerpms.sh.tmpl  samba.spec  samba.spec.tmpl  setup

[root@node1 RHEL]# chmod 777 makerpms.sh
[root@node1 RHEL]# ./makerpms.sh
Wrote: /usr/src/redhat/SRPMS/samba-3.0.23d-1.src.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-3.0.23d-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-client-3.0.23d-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-common-3.0.23d-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-swat-3.0.23d-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-doc-3.0.23d-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/samba-debuginfo-3.0.23d-1.i386.rpm
makerpms.sh: Done.
[root@node1 RHEL]#

Step4

Install the RPM files we built from source.

[root@node2]# cd /usr/src/redhat/RPMS/i386/

[root@node1 i386]# rpm -Uvh samba-3.0.23d-1.i386.rpm samba-client-3.0.23d-1.i386.rpm samba-common-3.0.23d-1.i386.rpm samba-debuginfo-3.0.23d-1.i386.rpm samba-doc-3.0.23d-1.i386.rpm samba- swat-3.0.23d-1.i386.rpm
Preparing...               ########################################### [100%]
  1:samba-common           ########################################### [ 17%]
  2:samba                  ########################################### [ 33%]
  3:samba-client           ########################################### [ 50%]
  4:samba-debuginfo        ########################################### [ 67%]
  5:samba-doc              ########################################### [ 83%]
  6:samba-swat             ########################################### [100%]
[root@node1 i386]#

Step5

Login to node2 – the backup domain controller and repeat the above steps.

'''1.1: smb.conf PDC'''

You will need to replace the high lightened parameters with your domain name. Take note of the use of failover ldap backbends; this is very useful.

[root@node2 ~]# mkdir /data [root@node1 ~]# vi /etc/samba/smb.conf

1. # Primary Domain Controller smb.conf

1. # Global parameters

[global] unix charset = LOCALE workgroup = DDESIGN netbios name = node1

1. passdb backend = ldapsam:ldap://127.0.0.1
2. passdb backend = ldapsam:"ldap://192.168.0.2 ldap://192.168.0.3"

passdb backend =ldapsam:"ldap://node1.differentialdesign.org ldap://node2.differentialdesign.org" username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 0 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS add user script = /opt/IDEALX/sbin/smbldap-useradd -m '%u' delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u' add group script = /opt/IDEALX/sbin/smbldap-groupadd -p '%g' delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g' add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%g' '%u' delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%g' '%u' set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u' add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%u' shutdown script = /var/lib/samba/scripts/shutdown.sh abort shutdown script = /sbin/shutdown -c logon script = %u.bat

1. logon path = \\192.168.0.4\profiles\%u

logon path = \\nodes.differentialdesign.org\profiles\%u logon drive = H: domain logons = Yes domain master = Yes wins support = Yes ldap suffix = dc=differentialdesign,dc=org ldap machine suffix = ou=Computers,ou=Users ldap user suffix = ou=People,ou=Users ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=sambaadmin,dc=differentialdesign,dc=org idmap backend = ldap://127.0.0.1 idmap uid = 10000-20000 idmap gid = 10000-20000 printer admin = root printing = cups

1. ========================Share Definitions=========================

[homes]

 comment = Home Directories
 valid users = %S
 browseable = yes
 writable = yes
 create mask = 0600
 directory mask = 0700

[netlogon]

comment = Network Logon Service
path = /data/samba/netlogon
writeable = yes
browseable = yes
read only = no

[profiles]

path = /data/samba/profiles
writeable = yes
browseable = no
read only = no
create mode = 0777
directory mode = 0777

[Documents]

comment = share to test samba
path = /data/documents
writeable = yes
browseable = yes
read only = no
valid users = "@Domain Users"