... coming home ...
© 2012 Dennis Leeuw dleeuw at made-it dot com
With a big Thanks! to Eric Toirkens for his help with the Windows section.
License: GPLv2 or later
In the previous sections we built the ground work for our network, but the only share we had was the [netlogon] share. That is not what makes our users happy. With this member server we will provide them with their Home directory and give them the ability to use roaming profiles.
Of course this is an example setup that you should extend on. After you have this machine up and running, you can create more member servers providing more shares to your users, or you could extend one of the already available servers with more shares. We just wanted to give you and idea of what could be done.
[global] # Who are we workgroup = EXAMPLE server string = "Example home server" netbios name = fs03 netbios aliases = fs03.example.com os level = 65 # How do we find others name resolve order = lmhosts wins host bcast wins server = 192.168.1.5 dns proxy = no # What do we provide to whom smb ports = 445 139 hosts allow = 192.168. interfaces = lo, eth0 bind interfaces only = yes # Where do we write what we do log file = /var/log/samba/%m.log log level = 3 passdb:5 auth:10 winbind:2 max log size = 500 # What is our role local master = no domain master = no preferred master = no domain logons = no # How do we handle UIDs and GIDs map to guest = bad user # How must users login encrypt passwords = yes security = domain password server = pdc.example.com # Tell our users where their stuff is logon drive = z: logon home = \\fs03.example.com\%U logon path = \\fs03.example.com\%U\profile logon script = logon.bat # Printing load printers = no # Some optimizations oplocks = no level2 oplocks = no socket options = TCP_NODELAY SO_RCVBUF=32768 SO_SNDBUF=32768 dead time = 15 getwd cache = yes # Backend setup passdb backend = ldapsam:ldap://ldap.example.com ldap ssl = off ldap admin dn = cn=manager,dc=example,dc=com ldap suffix = dc=example,dc=com ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Devices idmap backend = ldap:ldap://ldap.example.com ldap idmap suffix = ou=idmap ldap delete dn = no [homes] comment = Home Directories browseable = no writable = yes hosts allow = 192.168. 127.0.0.1 inherit permissions = yes inherit acls = yes security mask = 0660 directory security mask = 0770 force security mode = 0660 force directory security mode = 0770
net rpc join -S pdc.example.com -U domadmin%<password>
net idmap secret EXAMPLE <password>
First start samba (smbd and nmbd) then start windbind (winbindd).