[CentOS] Samba PDC

Thu Apr 12 15:31:19 UTC 2007
John Summerfield <debian at herakles.homelinux.org>

Tronn Wærdahl wrote:
> On 4/11/07, John Summerfield <debian at herakles.homelinux.org> wrote:
>>
>> Tronn Wærdahl wrote:
>> > On 4/11/07, John Summerfield <debian at herakles.homelinux.org> wrote:
>> >
>> >>
>> >> Tronn Wærdahl wrote:
>> >> > I have Centos 4.4 setup as samba PDC with LDAP, With Xp pro clients
>> im
>> >> able
>> >> > to join the domain, but W2k clients allways fails, with some error
>> >> messages
>> >> > with wrong username password, even that I use the same username
>> >> password
>> >> as
>> >> > when joining the XP pro client to the domain
>> >>
>> >> I'm surprised it seems to work as well as you seem to think it does.
>> The
>> >> best I would expect to work is an NT-style PDC; if you want AD
>> >> functionality then best you shell out the shekels for Windows 2003
>> >> server and do the training.
>> >>
>> >>
>> >>
>> >> --
>> >>
>> >> Cheers
>> >> John
>> >>
>> >> -- spambait
>> >> 1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
>> >>
>> >> Please do not reply off-list
>> >> _______________________________________________
>> >> CentOS mailing list
>> >> CentOS at centos.org
>> >> http://lists.centos.org/mailman/listinfo/centos
>> >>
>> >
>> >
>> >
>> > Im not sure how I should interper your answer, get windows training
>> .......
>> > ???  :-) Basicly im look for somewhere I could store some files, and
>> with
>> > the samba PDC I allso go the opertunity to run centralized logon
>> > scripts. Is
>> > there a differense in the way XP and W2k joins a domain
>>
>> There is a considerable difference between a domain as it was for OS/2,
>> win9x/me and Windows NT and the position now.
>>
>> Then, for example, one could have a PDC and one (or more I think)
>> secondary and/or backup domain contoller. Now, one can have hierachy of
>> domains spanning the world. Then, domains didn't scale. Now, they scale
>> quite well, and one can even have a local domain controller for, say,
>> London when the gloabl catalog (held by the principal DC) is in, oh, New
>> York.
>>
>> Now, bear in mind that in the first instance you didn't actually give
>> out much info about what you are trying to achieve or why, what you have
>> tried or what your specific errrors are.
>>
>> Probably, you need to enabile WINS server in Samba, specify
>> domain logons = yes
>> logon script = logon.cmd
>> maybe these:
>>     logon drive = H:
>>     logon home = \\%N\%U
>>
>> and read closely what you need to do to make XP and 2000 talk to NT
>> domain controllers. Your prospects of emulating a Windows 200{0,3}
>> domain controller are fairly remote.
>>
>>
>>
>> -- 
>>
>> Cheers
>> John
>>
>> -- spambait
>> 1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
>>
>> Please do not reply off-list
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
> 
> Hi
> 
> I kind of trying to make a appliance, the main application is a
> groupware(open-xchange), it authenticates against a ldapserver, then I
> integrated a jabber server (wildfire) allso authenticates agains ldap. Then
> I know that you could get samba to authenticate against ldap, so then I
> thought I give that a go.
> 
> If i just makes some shares and give users access everything works as
> expected seen from the Windows client side, I'been struggeling for a long
> time to make a windows w2k pro to join the samba domain, then I just 
> thought
> I would try to make a XP client join the domain, and I was so supprised 
> when
> it get joined.  I think what made the trick was configure bind to know 
> about
> the samba PDC, then I really dont understand why I cant join a W2k 
> client to
> the domain. I've googled around for hours tried all kind of 
> configuration in
> samba. Still no luck. I tried enabling wins on samba, and the w2k client
> can  access samba with the netbios name. The reason i want to get that
> working is coz of centralized policys and logon scripts. And of course it
> need to be stable :-)

If you want to implement something akin to AD (including group policy), 
you want a fairly big budget. At present the best way to implement AD 
capabilities is to use Windows Server 2003. The big budget would be to 
implement equivalent functionality. You will need schemas for LDAP, plus 
an immense GUI, and probably more.

And if you do it, then quite some time to persuade people that matter 
that what you have is better than what MS has.

Implementing a workgroup is fairly simple, and enough for many small 
offices.

See www.samba.org for details on what Samba can do. By all means have a 
look at Samba 4, but heed the warnings. It will help you understand what 
Samba 3 does not do.

You might also read this:
http://www.samba-tng.org/faq.html


-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu

Please do not reply off-list