Difference between revisions of "1.1 smb.conf PDC"
Whitеcraig (talk | contribs) ({{subst:internet}}) |
m (Reverted edit of Whitеcraig, changed back to last version by Asender) |
||
| Line 1: | Line 1: | ||
| − | + | [[1.0: Configuring Samba]] | |
| + | [[2.0: Configuring LDAP]] | ||
| + | [[3.0: Initialization LDAP Database]] | ||
| + | [[4.0: User Management]] | ||
| − | [[ | + | [[5.0: Heartbeat HA Configuration]] |
| + | |||
| + | [[6.0: DRBD]] | ||
| + | |||
| + | [[7.0: BIND DNS]] | ||
| + | |||
| + | ---- | ||
| + | |||
| + | |||
| + | <u>'''Table of Contents'''</u> | ||
| + | |||
| + | [[1.1 smb.conf PDC]] | ||
| + | |||
| + | [[1.2 smb.conf BDC]] | ||
| + | |||
| + | [[1.3 /etc/hosts]] | ||
| + | |||
| + | [[1.4 Samba Security]] | ||
| + | |||
| + | |||
| + | |||
| + | You will need to replace the high lightened parameters with your domain name. Take note of the use of failover ldap backbends; this is very useful. | ||
| + | |||
| + | [root@node2 ~]# mkdir /data | ||
| + | [root@node1 ~]# vi /etc/samba/smb.conf | ||
| + | |||
| + | # # Primary Domain Controller smb.conf | ||
| + | |||
| + | # # Global parameters | ||
| + | [global] | ||
| + | unix charset = LOCALE | ||
| + | workgroup = DDESIGN | ||
| + | netbios name = node1 | ||
| + | #passdb backend = ldapsam:ldap://127.0.0.1 | ||
| + | #passdb backend = ldapsam:"ldap://192.168.0.2 ldap://192.168.0.3" | ||
| + | passdb backend =ldapsam:"ldap://node1.differentialdesign.org ldap://node2.differentialdesign.org" | ||
| + | username map = /etc/samba/smbusers | ||
| + | log level = 1 | ||
| + | syslog = 0 | ||
| + | log file = /var/log/samba/%m | ||
| + | max log size = 0 | ||
| + | name resolve order = wins bcast hosts | ||
| + | time server = Yes | ||
| + | printcap name = CUPS | ||
| + | add user script = /opt/IDEALX/sbin/smbldap-useradd -m '%u' | ||
| + | delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u' | ||
| + | add group script = /opt/IDEALX/sbin/smbldap-groupadd -p '%g' | ||
| + | delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g' | ||
| + | add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%g' '%u' | ||
| + | delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%g' '%u' | ||
| + | set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u' | ||
| + | add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%u' | ||
| + | shutdown script = /var/lib/samba/scripts/shutdown.sh | ||
| + | abort shutdown script = /sbin/shutdown -c | ||
| + | logon script = %u.bat | ||
| + | #logon path = \\192.168.0.4\profiles\%u | ||
| + | logon path = \\nodes.differentialdesign.org\profiles\%u | ||
| + | logon drive = H: | ||
| + | domain logons = Yes | ||
| + | domain master = Yes | ||
| + | wins support = Yes | ||
| + | ldap suffix = dc=differentialdesign,dc=org | ||
| + | ldap machine suffix = ou=Computers,ou=Users | ||
| + | ldap user suffix = ou=People,ou=Users | ||
| + | ldap group suffix = ou=Groups | ||
| + | ldap idmap suffix = ou=Idmap | ||
| + | ldap admin dn = cn=sambaadmin,dc=differentialdesign,dc=org | ||
| + | idmap backend = ldap://127.0.0.1 | ||
| + | idmap uid = 10000-20000 | ||
| + | idmap gid = 10000-20000 | ||
| + | printer admin = root | ||
| + | printing = cups | ||
| + | |||
| + | #========================Share Definitions========================= | ||
| + | |||
| + | [homes] | ||
| + | comment = Home Directories | ||
| + | valid users = %S | ||
| + | browseable = yes | ||
| + | writable = yes | ||
| + | create mask = 0600 | ||
| + | directory mask = 0700 | ||
| + | |||
| + | [netlogon] | ||
| + | comment = Network Logon Service | ||
| + | path = /data/samba/netlogon | ||
| + | writeable = yes | ||
| + | browseable = yes | ||
| + | read only = no | ||
| + | |||
| + | [profiles] | ||
| + | path = /data/samba/profiles | ||
| + | writeable = yes | ||
| + | browseable = no | ||
| + | read only = no | ||
| + | create mode = 0777 | ||
| + | directory mode = 0777 | ||
| + | |||
| + | [Documents] | ||
| + | comment = share to test samba | ||
| + | path = /data/documents | ||
| + | writeable = yes | ||
| + | browseable = yes | ||
| + | read only = no | ||
| + | valid users = "@Domain Users" | ||
Latest revision as of 03:06, 26 February 2007
3.0: Initialization LDAP Database
5.0: Heartbeat HA Configuration
Table of Contents
You will need to replace the high lightened parameters with your domain name. Take note of the use of failover ldap backbends; this is very useful.
[root@node2 ~]# mkdir /data [root@node1 ~]# vi /etc/samba/smb.conf
# # Primary Domain Controller smb.conf # # Global parameters [global] unix charset = LOCALE workgroup = DDESIGN netbios name = node1 #passdb backend = ldapsam:ldap://127.0.0.1 #passdb backend = ldapsam:"ldap://192.168.0.2 ldap://192.168.0.3" passdb backend =ldapsam:"ldap://node1.differentialdesign.org ldap://node2.differentialdesign.org" username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 0 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS add user script = /opt/IDEALX/sbin/smbldap-useradd -m '%u' delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u' add group script = /opt/IDEALX/sbin/smbldap-groupadd -p '%g' delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g' add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%g' '%u' delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%g' '%u' set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u' add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%u' shutdown script = /var/lib/samba/scripts/shutdown.sh abort shutdown script = /sbin/shutdown -c logon script = %u.bat #logon path = \\192.168.0.4\profiles\%u logon path = \\nodes.differentialdesign.org\profiles\%u logon drive = H: domain logons = Yes domain master = Yes wins support = Yes ldap suffix = dc=differentialdesign,dc=org ldap machine suffix = ou=Computers,ou=Users ldap user suffix = ou=People,ou=Users ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=sambaadmin,dc=differentialdesign,dc=org idmap backend = ldap://127.0.0.1 idmap uid = 10000-20000 idmap gid = 10000-20000 printer admin = root printing = cups #========================Share Definitions========================= [homes] comment = Home Directories valid users = %S browseable = yes writable = yes create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /data/samba/netlogon writeable = yes browseable = yes read only = no [profiles] path = /data/samba/profiles writeable = yes browseable = no read only = no create mode = 0777 directory mode = 0777 [Documents] comment = share to test samba path = /data/documents writeable = yes browseable = yes read only = no valid users = "@Domain Users"