Professional Documents
Culture Documents
OUT LINE
o o o
Domain Controller Samba Cu hnh Samba nh Primary Domain Controller Kt ni Window client to Domain
DOMAIN CONTROLLER
Domain : l tp hp cc ti khon ngi dng v ti khon my tnh c nhm li vi nhau qun l mt cch tp trung. V cng vic qun l l dnh cho domain controller (b iu khin min) nhm gip vic khai thc ti nguyn tr nn d dng hn.
V D DOMAIN
DOMAIN CONTROLLER
DOMAIN CONTROLLER
S
SAMBA
Samba
l mt b tnh nng cho php Linux chia s file v nhng ti nguyn khc nh my in, vi Windows. Chng ny ni v cch a Linux ca bn vo Windows Primary Domain Controller (PDC) hay mt server cho Windows Workgroup.
SAMBA
Mt
SAMBA
Mc [global] [printer] [homes] M t Cc thng s cu hnh chnh ca Samba Dng cu hnh cc my in Xc nh cch s l khi ngi dng ng nhp
[netlogon]
[profile]
/etc/samba/smb.conf
[global]
workgroup = DOMAIN netbios name = NETBIOS_NAME passdb backend = tdbsam add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/groupmod -A %u %g
CI T SAMBA NH MT PDC
logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\home\%U domain logons = Yes os level = 35 preferred master = Yes domain master = Yes idmap uid = 15000-20000 idmap gid = 15000-20000
CI T SAMBA NH MT PDC
CI T SAMBA NH MT PDC
[netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon admin users = root guest ok = No browseable = No
CI T SAMBA NH MT PDC
[Profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes
First check that Client for Microsoft Networks is installed; if not, install it (Control Panel > Network > Client for Microsoft Networks). To install, place your Windows CD in the drive and select Add from the afforementioned dialog, then: Client > Add... > Microsoft > Client for Microsoft Networks. Make sure Client for Microsoft Networks is the primary network protocol (Control Panel > Network > Primary Network Logon). Next, go to Control Panel > Network > Client for Microsoft Networks > Properties > Logon to NT Domain. If you've employed the add user script option, select the checkbox Create a Computer Account in the Domain; otherwise you'll need to ensure a machine account already exists for the client. Fill in the domain, and click OK.
Go to Control Panel > Network > Identification > Change option. If the machine is currently configured under the Workgroup option, select the Domain radio button and enter the domain name. Select Create a Computer Account in the Domain as necessary. Now, logon to the domain using the username root and the appropriate password. This is necessary to initialize the "secret" between the server and client machines. From here forward, any authenticated user can logon from this machine. A message should appear welcoming you to the domain_name domain.
Open the Local Security Policy editor (Start > All Programs > Administrative Tools > Local Security Policy). Locate the entry "Domain member: Digitally encrypt or sign secure channel (always)". Disable it. Locate the entry "Domain member: Disable machine account password changes". Make sure it's disabled as well. Locate the entry "Domain member: Require strong (Windows 2000 or later) session key". Disable it. Next, download the WinXP_SignOrSeal registry patch from www.samba.org or collect it from the Resources section at the end of this tutorial. Apply it by double-clicking and answering Yes to the dialog prompt. Now join the domain the same as you would for Windows NT or 2000. Right-click My Computer, select Properties, Computer Name, and Change. Or click the Network ID button and run the Network Wizard.
THANK YOU