Beranda > Linux, Tutorial > SAMBA PDC di Centos 5.4

SAMBA PDC di Centos 5.4


Mungkin sudah banyak artikel di internet yang menulis tentang samba PDC, artikel ini merupakan dokumentasi pekerjaan saya dan mungkin dapat bermanfaat untuk yang lainnya.

Persiapan :

  1. Centos 5.4 with LVM Partition ( Optional )
  2. Samba Server  default centos 5.4 sudah berjalan baik.

Konfigurasi samba :

  1. vim /etc/samba/smb.conf

NOTE : Huruf yang ditebalkan pada konfigurasi samba PDC yang di edit/tambahkan

[global]

unix charset = UTF-8

dos charset = CP932

# ———————– Network Related Options ————————-

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

#

# Interfaces lets you configure Samba to use multiple interfaces

# If you have multiple network interfaces then you can list the ones

# you want to listen on (never omit localhost)

#

# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can

# specifiy it as a per share option as well

#

workgroup = YOLITA

        server string = Samba Server Version %v

 

        netbios name = YOLITAPDC

        unix password sync = No

;       interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24

      hosts allow = 127.  192.168.1.

# ———————– Standalone Server Options ————————

#

# Security can be set to user, share(deprecated) or server(deprecated)

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

        security = user

        passdb backend = tdbsam

# ———————– Domain Controller Options ————————

#

# Security must be set to user for domain controllers

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

#

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don’t use this

# if you already have a Windows NT domain controller doing this job

#

# Domain Logons let Samba be a domain logon server for Windows workstations.

#

# Logon Scrpit let yuou specify a script to be run at login time on the client

# You need to provide it in a share called NETLOGON

#

# Logon Path let you specify where user profiles are stored (UNC path)

#

# Various scripts can be used on a domain controller or stand-alone

# machine to add or delete corresponding unix accounts

 

   domain master = yes

   domain logons = yes

   pam password change = yes

# the login script name depends on the machine name

# mapping drive automatis ke drive P folder yg akan di bagi

        logon drive = p:

        encrypt passwords = yes

        logon home = \\netbiosname\%U

        passwd program = /usr/bin/passwd %u

        hide files = /*.pst/

;       logon script = %m.bat

# the login script name depends on the unix user used

#file login.bat di simpan di  /var/lib/samba/netlogon/login.bat

        logon script = login.bat

        logon path = \\192.168.1.254\profiles\%U

 

;       add user script = /usr/sbin/useradd “%u” -n -g users

;       add group script = /usr/sbin/groupadd “%g”

;       add machine script = /usr/sbin/useradd -n -c “Workstation (%u)” -M -d /nohome -s

/bin/false “%u”

 

         add machine script = /usr/sbin/useradd -s /bin/false -d /home/nobody %u

;       delete user script = /usr/sbin/userdel “%u”

;       delete user from group script = /usr/sbin/userdel “%u” “%g”

;       delete group script = /usr/sbin/groupdel “%g”

# ———————– Browser Control Options —————————-

#

# set local master to no if you don’t want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

#

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

#

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

        local master = yes

        os level = 64

        preferred master = yes

#—————————– Name Resolution ——————————-

# Windows Internet Name Serving Support Section:

# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

#

# – WINS Support: Tells the NMBD component of Samba to enable it’s WINS Server

# DNS Proxy – tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups.

        wins support = yes

;       wins server = w.x.y.z

;       wins proxy = yes

;       dns proxy = yes

# ————————— Printing Options —————————–

#

# Load Printers let you load automatically the list of printers rather

# than setting them up individually

#

# Cups Options let you pass the cups libs custom options, setting it to raw

# for example will let you use drivers on your Windows clients

#

# Printcap Name let you specify an alternative printcap file

#

# You can choose a non default printing system using the Printing option

 

      load printers = yes

     cups options = raw

;       printcap name = /etc/printcap

#obtain list of printers automatically on SystemV

;       printcap name = lpstat

;       printing = cups

# ————————— Filesystem Options —————————

#

# The following options can be uncommented if the filesystem supports

# Extended Attributes and they are enabled (usually by the mount option

# user_xattr). Thess options will let the admin store the DOS attributes

# in an EA and make samba not mess with the permission bits.

#

# Note: these options can also be set just per share, setting them in global

# makes them the default for all shares

;       map archive = no

;       map hidden = no

;       map read only = no

;       map system = no

;       store dos attributes = yes

#============================ Share Definitions ==============================

[homes]

        comment = Home Directories

        browseable = no

        writable = yes

        writable = yes

        valid users = %S

        read only = no

        create mode = 0600

        directory mode = 0700

;       valid users = %S

;       valid users = MYDOMAIN\%S

[printers]

        comment = All Printers

        path = /var/spool/samba

        browseable = no

        guest ok = no

        writable = no

        printable = yes

 

# Un-comment the following and create the netlogon directory for Domain Logons

        [netlogon]

        comment = Network Logon Service

        path = /var/lib/samba/netlogon

        guest ok = yes

        writable = no

        share modes = no

 

# Un-comment the following to provide a specific roving profile share

# Roaming profile user dibuat di masing2 direktori home user linux

     

  [Profiles]

        create mode = 0600

        directory mode = 0700

        path = /home/%U

        profile acls = yes

        read only = no

        writable = yes

 

 

#folder yang dishare di drive P : /var/lib/samba/netlogon/login.bat

[Share]

   comment = sharing file

   path = /home/share

   writable = yes

   guest ok = yes

   guest only = yes

   create mode = 0777

   directory mode = 0777

   share modes = yes

Finish

_____________________________________________________________________________________

 

Membuat administrator / root username di samba :

[root@router ~]#  smbpasswd -a root

[root@router ~]#  service smb restart

Unix2 Dos

[root@router ~]#  unix2dos /var/lib/samba/netlogon/login.bat

 

KONFIGURASI DI WINDOWS  XP SP 3

  1. start  – run – regedit

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Pilih  requiresignorseal   ganti value data menjadi    0 hexadesimal

  1. Start – Run – gpedit.msc

Computer configuration à Administrative Templates à System à User profiles

Pilih   Do not check for user ownership of roaming profiles folder   ganti ke  enable

  1. Join domain samba PDC

Klik kanan My computer à Computer Name –> Change à Domain

Ketik nama workgroup sesuai dengan konfigurasi workgroup disamba server.

Masukan username / password root untuk pertama kali login ke samba. Restart Win Xp

  1. Buat user samba di linux

[root@router ~]#   useradd karu

[root@router ~]# passwd karu

Changing password for user karu.

New UNIX password:

BAD PASSWORD: it is based on a dictionary word

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

[root@router ~]# smbpasswd -a karu

New SMB password:

Retype new SMB password:

Added user karu.

Windows XP

Log on mengunakan user tsb. Dan ganti logon to ke domain workgroup samba

Screenshoot di Windows XP :

 

 

Log file di sever samba

tail –f /var/log/samba/smbd.log

[2011/06/22 10:01:44, 1] smbd/service.c:make_connection_snum(1033)

gudangllb (192.168.1.167) connect to service Profiles initially as user karu (uid=502, gid=502) (pid 4845)

[2011/06/22 10:01:44, 1] smbd/service.c:make_connection_snum(1033)

gudangllb (192.168.1.167) connect to service netlogon initially as user karu (uid=502, gid=502) (pid 4844)

[2011/06/22 10:01:55, 1] smbd/service.c:close_cnum(1230)

gudangllb (192.168.1.167) closed connection to service Profiles

[2011/06/22 10:01:55, 1] smbd/service.c:close_cnum(1230)

gudangllb (192.168.1.167) closed connection to service netlogon

 

 

Iklan
Kategori:Linux, Tutorial
  1. Belum ada komentar.
  1. No trackbacks yet.

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: