Home » Blogs » loner's blog

Create a Windows Domain for Free with Samba

27 Oct 2008
Posted by loner

Keyword: Samba, Linux, Primary Domain Controller, PDC

Samba is a suite of programs from samba.org that lets Linux talk to Window.

One of its features is for Samba to act as the Primary Domain Controller in the Windows Domain, that is for Samba to act as a Windows Server that provides domain login. This provides a very inexpensive (free!) way to create a simple, but perfectly usable windows domain.

This setup is particularly attractive to homes or small businesses with a network of a small number of PCs. I am using here Samba 2.2.2, which can be downloaded from Samba.org

Warning! Do not use Samba < 2.0.0, since they do not provide adaquote PDC functionality

1. Install Samba (The simplest way is to use RPM version)

2. Find the directory where smb.conf is stored (call it SMB_DIRECTORY) and back up the file

3. Create a new smb.conf file using the following code and place it into SMB_DIRECTORY: 

# Global parameters
[global]
        workgroup = Your domain name (e.g. domain.com)
        netbios name = The server's netbios name (e.g. samba)
        server string = Samba Server (or whatever you want to put)
        encrypt passwords = Yes
        log file = /var/log/samba/log.%m 
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        domain logons = Yes
        os level = 33
        preferred master = True
        domain master = True
        dns proxy = No

[homes] //This lets users to access their home directory
        comment = Home Directories
        read only = No
        browseable = No

[printers] //This lets printers to be shared
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

4. Restart Samba service (Under RedHat, it's normally /etc/init.d/smb restart)

That is all to get the Samba PDC service running! Now....

5. Add Windows machines (let's add a machine called NT-06)

groupadd machines (You need to do this just once)
adduser -g machines -c Machine -d /dev/null -s /bin/false -n NT-06$ 
smbpasswd -a -m NT-06$

6. Add users (let's add a user called brown) 

adduser -g users  -s /bin/false -n brown
smbpasswd -a brown

7. Go to Windows (either NT or 2000) and join the newly created Domain! (If prompted to supply login and password, you MUST provide the Linux administrator's, in order to join the domain)

Having trouble logging into Samba domain? Account is not authorized to log in to this station? Your computer account was not found? 9 out of 10 cases are due to the password encryption enabled in Windows. Try Account is Not Authorized to Log In to This Station here

Tags:

What did I say then?

Reign of the 'chaos-maker' | FT (10 years 10 weeks ago): "When everything goes smoothly is the time when things go wrong." - Yun Jong-yong, the CEO of Samsung Electronics Yun Jong-yong (pictured), may not be as well known as Bill Gates, Larry Ellison, Michael Dell or Carly Fiorina but any list of the most powerful people in the information technology industry would be incomplete without the chief executive of Samsung Electronics. Mr Yun, an unimposing and gently spoken 59-year-old, is the man credited with transforming part of South Korea's biggest...