Fedora Servers :: How To Replace Windows Domain Controller With Samba
Nov 26, 2010
First of all I am new user on fedora forum and I love Linux (special Redhat flavours) and want to replace windows into Linux Everywhere. I am having some issue in configuring PDC on Fedora,I want to replace my company Windows Domain controller and file server into fedora file and PDC, I tried from web and through 389-directory server but didn't succeed even once, how to configure PDC with Samba 4 + 389-directory Server, I have heard samba 4 is having awesome support and its better then windows DC, configuring Complete PDC. (Whatever need to configure PDC i.e. DNS, SAMBA 4, SWAT, WEBMIN, 389-Directory Server, Windows sync,).
View 4 Replies
ADVERTISEMENT
Apr 28, 2009
At the school i work in i have a server2k3 server that provides a domain to all the windows clients, aswell as a fedora server that acts as an imaging machine and webserver.
Im rather concious of the fact that if for any reason the Server2k3 server was to die there is no backup of active directory, or anything that can take its place whilst a replacement is found.
So is it possible to use a fedora machine with samba as a secondary domain controller? so it can be used as a login server, and has a copy of AD.
View 1 Replies
View Related
Apr 6, 2010
Does anyone have a link to a tutorial on how to set up a DHCP server and SAMBA as a windows domain controller? I can't really find good detailed guides by searching google.
View 2 Replies
View Related
Feb 27, 2011
My Windows 2003 domain has three domain controllers. All of them are configured as global catalog servers, but my krb.conf and krb5.conf only contain a reference to one of them. What if the DC referenced is down? Should my files reference the other DCs? The contents of my files follow...
krb.conf
--------
MYDOMAIN.COM dc01.MYDOMAIN.COM:88
MYDOMAIN.COM dc01.MYDOMAIN.COM:749 admin server[code]...........
View 1 Replies
View Related
Nov 1, 2009
is possible configure a samba server to a Backup Domain Controller in a windows 2003 Domain ? I have a Primary Domain controller Windows server 2003 , can integrate my network with a linux samba Backup Domain Controller server ?
View 1 Replies
View Related
Jul 23, 2010
i have a ubuntu server box with samba 3 as domain controller with all windows 7 clients.i am wanting all users to have local admin rights so they can install programs etc.
View 1 Replies
View Related
Oct 18, 2010
Im an IT manager for a small company with a small ammount of users. We already use linux for our data server and I would like to implement a domain controller. All of our user machines are WIndows XP pro.
Ive been reading up on using OpenLDAP as an alternative to active directory.
What I want is just a simple active directory like server, with a GUI if possible.
What do I need to look at and how would I go about setting this up? Im fairly proficient with Ubuntu already, I just need to be pointed in the right direction.
Is it even possible to have my windows users be able to log in to their machines using an ubuntu domain controller?
View 1 Replies
View Related
Dec 30, 2010
I'm working for a smallish non-profit that has gone through some recent growing pains. We have two sites that are currently without a domain controller, and no money for MS licenses, so I was thinking of trying to add a couple of additional Linux machines (we already run Linux for web services internally, and I've set up a test case previously to see if I could get a server to join the domain, which was a success) and was trying to find out if I can get them to act as Domain Controllers without replacing the domain. The main issue that I'm having at those locations is drive mappings are not happening correctly against our DFS file servers. The one other location that had this issue had it go away when we added a local DC. The domain is a Server 2008 domain.
View 2 Replies
View Related
Feb 13, 2010
i have configured samba as file server in fedora 11,it works fine for both windows and linux machines .but i want to configure ldap and samba as domain controller. Googled a lot on internet every thing is confusing me .
View 2 Replies
View Related
Dec 18, 2010
I've been configuring a PDC using samba I used this tutorial url as reference. It seems all went well during the installation and configuration not until when I try to join a windows machine to the domain.
Scenario: When the authentication dialog box prompts the username and password of the domain administrator. I supply root as username and its corresponding password. Then I will prompt an error "The user name could not be found. But, I have noticed that when I supply a wrong password of root the it will prompt "Login failure: unknown user name or bad password. It seems that the windows machine was able to recognize the account somehow.
View 8 Replies
View Related
Jul 22, 2010
We have a couple of Windows file servers that just share files. It is all they do. We'd like to use Ubuntu on two replacement servers allowing Windows XP and Windows 7 clients to access the files. Our network is active directory based due to Exchange and homegrown .NET apps, so it is important that active directory is used to authenticate the clients. Samba doesn't need to be a pdc or bdc, but provide pass through authentication.I understand that Samba can communicate with active directory through security-ads and security-domain.
Here are my questions to see if I should proceed:1) Folder permissions:If we move all our files to the Ubuntu server how do we set folder permissions and will we see the active directory accounts when we do this?2) Skipping ubuntu accounts: I know the domain and ads allow you to skip creating ubuntu accounts, right? If not, how do you keep the passwords synchronized?3) Easiest way? Is there a very easy way to pull this off that I've missed? My goal is to eliminate the Windows based file servers while ensuring the admin part of it is as easy as possible.To date I've been able to get the sharing to work with an ubuntu account mirroring the active directory account. I've been able to get Samba to talk to the pdc, but not successfully through domain security. ADS security was a complete cluster with winbindd
View 3 Replies
View Related
Sep 27, 2010
I want to Migrate Win2003 Domain Controller to Samba with All Settings Current Setup: Working Win2003 Domain Controller (DC)with home directories, group policies, shared printer, disk quotas. how to migrate all these settings to Samba Domain Controller. I have tried to search but didn't get detailed information.
View 14 Replies
View Related
Jun 10, 2010
Im running a Samba server as a PDC
Every thing works fine When I log in it creates a folder on the server for the user. when the user logs out, it is copying the user data to the server, for example folders like Documents,Favorites and so on.
My problem is,Im using a Dutch version of Windows 7 but the folders sync are English
View 4 Replies
View Related
Apr 28, 2010
I feel ashamed for even asking this, since it seems like there's about 3 samba questions here every day. However after an hour of searching, I keep finding strange variants that aren't what I need.
My Goal: Create a single file share on an Ubuntu Server - share it via samba to Windows clients that are on a domain with active directory. It sure would be nice if AD authentication would work - so users don't have to type in a linux user/passsword each time they want to access the share.
In my adventures, I've found the following items (which may overlap)
1. Joining the server to a Windows Domain
2. Turning the server into a Windows Domain Controller
3. Authentication with LDAP (still not quite sure how/what this would do)
4. Stuff with Kerberos
5. Lots of people bickering about Samba 3/4 & how it's impossible to make Samba a PDC.
I'm not sure if I need to make the ubuntu server a domain controller or not...all I want to do is create a file share and share it on the domain...I don't need to make the ubuntu server a domain controller for that, right? Maybe just a member? Maybe nothing at all?
I guess if I want to authenticate stuff correctly (or forward authentication requests? Not sure), I probably need to join the ubuntu server to the domain...I think.
But let's say I do join it to the domain...then how to I create a file share that is authenticated via active directory rather than a local ubuntu server account? I see a dozen guides on joining the server to the domain, but nobody ever mentions sharing the folder over the domain.
The lines are also blurred between joining Ubuntu to the domain and making it a domain controller. What should I keep an eye out to avoid in these tutorials?
I get lost between the Kerberos/LDAP/Samba/WinBind etc...and I have a feeling I don't need all of these for something this simple.
View 1 Replies
View Related
Aug 3, 2011
Intent is to use samba+winbind to authenticate Ubuntu desktop against a Windows 2008 R2 domain (seems like I was able to get it working temporarily but it stopped working after some time). Quick overview of the issue: winbind is failing to lookup group ID's for a domain user causing the domain user to receive group errors on login and an inability to use domain groups in other configuration (sudoers, etc)
- Very basic install, boot to Ubuntu Desktop 10.04 LTS 64bit install, basic install options, perform software updates
- Following an Ubuntu AD HowTo [URL]
- Install kerberos, samba, winbind packages
- Make changes to krb5.conf, smb.conf, files in pam.d/ (to make the home directory and restrict login based on group membership, which works even in the half-working state but requires SID instead of text name)
After a reboot I can login as a domain account but I get the following error(s):
groups: cannot find name for group ID #####
##### is usually a number that ranges from 10000 to 10020, based on the smb.conf line regarding idmap I will get multiple group errors (one for each group that the user belongs to that winbind can't lookup for whatever reason, some groups can be resolved - see below) If I log-out and then log-in as a local user I can run the following command: id username The output returns something similar to the following:
uid=10002(username) gid=10003(domain users) groups=10003(domain users),10033,10032,10031,10030,10029,10028,10027,1 0026,10025,10024,10023,10022,10021(some group),10020,10019,10018(some other group),10017,10016,10015,10014,10013,10012,10011(s ome other other group),10010,10009,10008,10007
On a working system (Ubuntu 10.10 and when 10.04 decides to work) each group is followed by parenthesis' and the name of the group, this result clearly shows that some groups can be looked up but for some reason other groups are failing An output of /var/log/samba/log.winbind produces the following entries (that are logged when you run the id command)
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
[2011/08/03 19:04:39, 1] winbindd/winbindd_ads.c:1137(lookup_groupmem)
lsa_lookupsids call failed with NT_STATUS_PIPE_BROKEN - retrying...
The above repeats for what looks to be each group that fails (based on count of entries)If I use wbinfo I can resolve text group name to SID and SID to GID
wbinfo -n groupname (returns proper SID)
wbinfo -s SID (returns proper text group name)
wbinfo -Y SID (returns proper linux mapped group ID)
Following that process for a group that my user belongs to that is not resolving (via the id username command) will return the group ID (GID) properly (even though id username fails to lookup info for that same GID) Version Information:
uname -a
Linux hostname 2.6.32-33-generic #71-Ubuntu SMP Wed Jul 20 17:27:30 UTC 2011 x86_64 GNU/Linux
lsb_release -a
No LSB modules are available.
[code]....
View 3 Replies
View Related
Sep 6, 2010
I'm stuck with this problem of adding Windows machine to Linux domain. for which samba has been configured as PDC .
operating system : Cent OS 5.3 with updates ., with hostname tester.com
Dnsdomainname = com Code: [global]
workgroup = TESTER
netbios name = TESTER
server string = Samba Server Version %v
interfaces = lo, eth0, 192.168.1.1/24, 192.168.1.2/24
passdb backend = tdbsam
code....
guest ok = Yes now everything work well i.e windows client can access their share. also permissions are set appropriately. Also account for users and particular XP machine are also created.when I try add windows machine to samba domain by changing windows machines domain name to the tester . Windows client gives error of can not connect to domain.If anyone has any idea about this problem of adding windows machines to SAMBA domain pls reply.
View 2 Replies
View Related
May 13, 2010
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
View 9 Replies
View Related
Jun 27, 2011
i need to allow window domain controller user to use file share of linux.windows DC user can see the share file and directories of linux file server but not able to access.
below is brief--
I have a Linux machine which is on my network but not on my domain. I have configured SAMBA FILESERVER for file sharing purpose. I have a Windows XP PC which is on the domain(windows server) that I am trying to connect to a share on the Linux box. I supply my credentials but regardless of which login I use I always get Logon Failure. I have created an account on the Linux machine with the same user name and password as my domain account but so far no luck. Can I connect from a domain PC to a non-domain Linux box? Is there something else I should be checking?
View 14 Replies
View Related
May 29, 2010
At home I am using a Windows Server 2003 as Domain controller with Active Directory. My "client" computers are all currently running Windows XP. They all require CONTROL-ALT-DELETE and the user to enter their credentials before they will allow logon.
Shared files reside on various other Server 2003 machines and have restrictions on so only specific users can access certain resources.
For example, I have the family finances and other important documents in a share named 'Private-Files', only members of the 'PrivateFiles' global group have access. Likewise, I have my movies sorted into their appropriate age categories - after all, I don't want my 5 year old son accidentally watching Aliens!
So this all works but as you can imagine, the copies of Windows XP and Server 2003 are far from legitimate. I want to go legal and the only real way I can afford to do this is to switch over to Linux.
I have used Suse, Ubuntu, Fedora and a few other distros in the past and found that for ease of use, I want to use Ubuntu on the desktop computers but power the servers with some flavour of Linux.
The problem is, although I can install the OSes, I have no idea where to proceed from there - for example, how do I create a Domain in Suse? Where and how do I create domain users and groups? How do I set permissions on shares for the domain users?
View 2 Replies
View Related
Feb 4, 2010
How to resolve a standalone RHEL machine under Windows Domain Controller?
View 4 Replies
View Related
Jan 3, 2011
I have update my linux server from mandriva 9 to mandriva 2010
I was working using samba 2.2.8 and now I have samba 3.5.3.I have transfer all passwd and smbpasswd to new linux.I have convert smbpasswd to tdbsam
when i am using win xp to logon on samba domain the windows XP does not load profiles from samba. I think that the problem is NTUSER.DAT storing in /home/user/profile
The same profile is working using samba 2.2.8 but not working in samba 3.5.3..
View 1 Replies
View Related
Feb 28, 2011
i need to configure Redhat Linux as Domain Controller in my organisation, whee all of my clients PC's will be Windows XP or Windows 7 ( where i can login through Domain users ). what exactly i need to configure in Redhat Linux, i heard Configuring Samba as PDC is quite enough ? is that right ? then what is Open LDAP ? should i need to Configure Open LDAP also ?
View 2 Replies
View Related
May 29, 2010
At home I am using a Windows Server 2003 as Domain controller with Active Directory. My "client" computers are all currently running Windows XP. They all require CONTROL-ALT-DELETE and the user to enter their credentials before they will allow logon. Shared files reside on various other Server 2003 machines and have restrictions on so only specific users can access certain resources.
For example, I have the family finances and other important documents in a share named 'Private-Files', only members of the 'PrivateFiles' global group have access. Likewise, I have my movies sorted into their appropriate age categories - after all, I don't want my 5 year old son accidentally watching Aliens! So this all works but as you can imagine, the copies of Windows XP and Server 2003 are far from legitimate. I want to go legal and the only real way I can afford to do this is to switch over to Linux.
I have used Suse, Ubuntu, Fedora and a few other distros in the past and found that for ease of use, I want to use Ubuntu on the desktop computers but power the servers with Open Suse. The problem is, although I can install the OSes, I have no idea where to proceed from there - for example, how do I create a Domain in Suse? Where and how do I create domain users and groups? How do I set permissions on shares for the domain users?
View 4 Replies
View Related
Aug 17, 2009
I want to give Administrator privileges to Root user in Linux Domain Controller
View 12 Replies
View Related
May 20, 2011
I've done a bit of googling but have not been able to find a definitive answer. Can Samba4 replace the Active Directory on a Windows Server 2008 platform? I want to bring down my DC and replace it with a Samba4 server, but the AD is at 2008 level.
View 3 Replies
View Related
Mar 31, 2011
I am practising setting up a small network using UBUNTU as a PDC through SAMBA to service xp clients.
I have sucessfully setup DNS on the Ubuntu server using Bind9 and can nslookup from both the client and the server by FQDN and can also ping ipaddress.
I have setup a basic smb.conf file however when I try to add the xp client to the domain I get an error message saying a domain controller for the domain could not be contacted.
I have disabled the firewalls on both the server and the xp client and still get the same error message when trying to join the domain. I've checked my network settings on the client, its set to use a static IP address and the DNS server and WINS server are set as my Ubuntu Samba PDC address.
I haven't been able to see anything odd in the smb.conf file that might cause this issue. I can connect directly to the shares using the samba network account that I created by going to start run and typing in the unc path.
Not sure what the cause of this issue is, I thought it might be a DNS issue on the client. One odd thing I noticed is that when I do nslookup using just the server name and not the FQDN i get a message in dos saying that the default server cannot be found but says that the server name for the [ipadress] cannot be found. It does list the correct ip.
I'm not sure what is causing the problem of stopping my xp client from joining the Ubuntu Samba PDC. I'm using UBUNTU server 10.04.
View 1 Replies
View Related
Apr 13, 2011
My samba domain controller will not serve up scripts upon login, and acts very slow when not connected to the Internet. Also, network browsing from windows boxes shows no computers on the network once all this happens. Once the net connection comes back up, everything is fine.
Domain server:
Ubuntu 10.04.2 LTS
Samba 3.4.7
Router: Smoothwall Express 3.0-polar-i386 3.0 (update6). Router is set up as DHCP, and appears to be serving up normal IP's when the Internet connection goes down. I can ping the domain server at its normal IP when the connection goes down.
Heres my smb.conf:
Code:
[global]
log file = /var/log/samba/log.%m
passwd chat = *Entersnews*spassword:* %n
*Retypesnews*spassword:* %n
[code]....
This only happens when our internet connection goes down. When its up, everything is works fine.
View 2 Replies
View Related
Feb 14, 2011
I want to replace Windows AD with SAMBA I want to know what policies restrictions I can get in SAMBA as compared to windows AD - whether it is possible to restrict clients not to change IP, access cdrom or control panel.
View 1 Replies
View Related
Sep 2, 2011
I'm trying to connect to a Samba share on a VirtualBox'ed Windows 7 that is connected to an openSUSE host in bridged mode. For reasons beyond my comprehension I cannot use the shared folders feature, so I'm using Samba instead. I configured a share through openSUSE's Samba server configuration tool:
[iTunes]
inherit acls = Yes
path = /home/myusername/iTunes
read only = No
valid users = myusername
I also set a password for this user using smbpasswd -a myusername. I can go to smb://192.168.1.6 on the host machine and log in to the share successfully, but on Windows 7 I see this: What am I doing wrong? I can connect to the shares list without any problems. It's just the login that doesn't work.
Update: I noticed that my Samba server is part of the WORKGROUP domain.
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.7-1.17.1-2505-SUSE-SL11.4-x86_64]
Sharename Type
[code]....
View 2 Replies
View Related
Jul 15, 2010
I have set up Samba to act as a domain login for a Windows 7 PC. The Windows 7 PC has the two correct registry compat entries.
So, I've added "root" to smbpasswd and the Windows machine tries the "LINNIS" server. Authentication is successful, as stated in the Samba log but the Windows machine fails with the following:
"The specified computer account could not be found. Contact an administrator to verify the account is in the domain. If the account has been deleted, unjoin, reboot and rejoin the domain."
I feel like I'm doing something dumb, but the authentication passed so what is it talking about?
Slack 13.1 (Samba 3.5.x)
View 11 Replies
View Related