P. 1
Samba

Samba

|Views: 167|Likes:
Published by Nurul Istiqomah

More info:

Published by: Nurul Istiqomah on Dec 14, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

02/21/2014

pdf

text

original

Before Windows 2000 can interact with Samba or any other client or server that uses the
NetBIOS protocol,it must be configured to run in compatibility mode.

To do this,you must make sure your Windows 2000 system (server or workstation) has
NetBIOS over TCP/IP enabled. To enable this,log into the Windows 2000 system as an
administrator and follow these steps:

1.Right-click My Network Places and select Properties. The Network and Dial-Up
Connections window will appear.

2.Select the local area connection for the Ethernet network that your Samba server is
connected to. Right-click and select Properties. The Local Area Connection
Properties dialog box will appear. Note that if you only have one local area con-
nection,select it.

3.Highlight Internet Protocol (TCP/IP) and click Properties. The Internet Protocol
(TCP/IP) Properties dialog box will appear.

4.Click the Advanced button in this dialog box. The Advanced TCP/IP Settings dia-
log box will appear. Select the WINS tab.

5.Make sure that the Enable NetBIOS over TCP/IP radio button is selected and click
OK. Close all other dialog boxes.

Figure 11.1 shows the Advanced TCP/IP Settings dialog box with NetBIOS over TCP/IP
enabled.

Working with Windows 2000

CHAPTER11

331

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

14 8628 CH11 3/17/00 1:08 PM Page 331

A Windows 2000 and Samba Peer-to-Peer
Network Without WINS

This simple example has a network that contains two computers—one running Windows
2000 Professional (W2KWKS-3) and one running Samba (PERSEUS). They are both mem-
bers of the Windows Workgroup MYGROUP,and domain controllers are now configured.

No WINS server will be running and,consequently,all name resolution and registration
requests will be done via the use of NetBIOS broadcasts. To achieve this,Samba is con-
figured with the following values in smb.conf:

workgroup = MYGROUP
encrypt passwords = yes
local master = yes
domain master = no
preferred master = no
os level = 0

Once the Samba daemon has been restarted to realize these parameters,the services
should be easily browseable from the Windows 2000 client. Figure 11.2 shows the
Samba server PERSEUSbeing browsed from the Windows 2000 Explorer.

As with Windows NT,the nbtstatcommand can be used under Windows 2000 to show
how name resolution is being handled. Figure 11.3 shows the result of this command in a
network where no WINS server exists.

Creating a Turnkey Samba System

PARTII

332

FIGURE11.1

Enabling NetBIOS
over TCP/IP on
Windows 2000.

14 8628 CH11 3/17/00 1:08 PM Page 332

Notice how the output of the WINS command shows that names have been registered
and resolved by means of broadcastsrather than by use of the name server (WINS).

A Windows 2000 and Samba Peer-to-Peer
Network with WINS

The benefitsof using WINS in your network for NetBIOS name resolution have been
widely discussed in the previous chapter. In short,with a WINS server in your network,
NetBIOS names are registered,managed,and resolved through a central point—a WINS
server. This leads to the ability to browse between different subnets,faster resolution of
NetBIOS names on the network,and a reduction in the occurrence of “ghost”NetBIOS
names appearing in network browsers,such as Network Neighborhood.

Working with Windows 2000

CHAPTER11

333

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

FIGURE11.2

Browsing a Samba
server using
Windows 2000.

FIGURE11.3

The nbtstatcom-
mand under
Windows 2000.

14 8628 CH11 3/17/00 1:08 PM Page 333

Samba can be configured as a WINS server for Windows 2000 clients in exactly the
same way as for NT. Here,you’ll see how to do this and how to check whether it’s
working correctly.

Creating a Turnkey Samba System

PARTII

334

Caution

Remember to nevermake Samba perform the function of a WINS server if a
Windows NT or Windows 2000 WINS server already exists in your network—
Samba does not support WINS replication.

Configuring Samba for WINS

First,configure your smb.conffile with the following parameters set:

workgroup = MYGROUP
encrypt passwords = yes
local master = yes
domain master = yes
preferred master = yes
wins support = yes
os level = 65

Note that as well as enabling WINS support,this also forces Samba to win all browser
elections for the network (by use of the domain master,local master,and preferred

masterparameters),thus ensuring that the Samba server is the domain master browser
(DMB). Also,os levelis set to 65so that the Samba server is guaranteed to win
browser elections over all Windows 2000 clients.

You’ll need to restart your Samba service for changes to take effect and the WINS server
to come into action.

Configuring Windows 2000 to Use Samba WINS

You’ll need to configure your Windows 2000 clients to look to the Samba WINS server
for name resolution. This can be achieved by the following method:

1.Right-click My Network Places and select Properties. The Network and Dial-Up
Connections window will appear.

2.Select the local area connection for the Ethernet network that your Samba server
is connected to. Right-click and select Properties. The Local Area Connection
Properties dialog box will appear. Note that if you only have one local area con-
nection,select it.

14 8628 CH11 3/17/00 1:08 PM Page 334

3.Highlight Internet Protocol (TCP/IP) and click Properties. The Internet Protocol
(TCP/IP) Properties dialog box will appear.

4.Click the Advanced button in this dialog box. The Advanced TCP/IP Settings
dialog box will appear. Select the WINS tab.

5.Under the WINS Addresses… pane,click the Add… button to display the TCP/IP
WINS Server dialog box.

6.Enter the IP address of your Samba WINS server under WINS Server and click the
Add button.

Figure 11.4 shows the TCP/IP WINS Server dialog box pointing to the sample server

PERSEUSat IP address 192.168.100.2.

Working with Windows 2000

CHAPTER11

335

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

FIGURE11.4

Defining the WINS
server under
Windows 2000.

Checking That Samba Is Running WINS

Once the Windows 2000 workstation is restarted,the nbtstatcommand can be used
again on the workstation to prove that name resolution is taking place using WINS and
not broadcasts. With the Windows 2000 Professional workstation having been rebooted,
Figure 11.5 shows the result of running nbtstat.

FIGURE11.5

Using nbtstat
under Windows
2000 with a
Samba WINS
server.

If you compare this output to that shown in Figure 11.3 previously,you can see that
name registration and resolution are now performed by the WINS name server as
opposed to via broadcasts.

14 8628 CH11 3/17/00 1:08 PM Page 335

A Windows 2000 Domain Control and Samba
Domain Member

This example shows you how to make a Samba server a member of a Windows 2000
domain.

One important note to remember is that neither Samba nor Windows NT support a great
deal of the networking enhancements under Windows 2000. Because of this,Windows
2000 needs to run in a backward-compatibility mode,and a large majority of the
Windows 2000 administration might not function fully with Samba systems.

This example uses a Windows 2000 domain called mydomain.com. This domain also has
a backward-compatible NetBIOS domain name,MYDOMAIN. A single Windows 2000
server (W2KPDC-1) is configured as the domain controller for Active Directory,thus
behaving like a primary domain controller for NT and Samba clients. The Samba server

PERSEUSwill be added to this domain.

Configuring a Windows 2000 Server to Support
Samba and NT

As discussed in the “What’s New in Windows 2000”section of this chapter,a Windows
2000 server running in its native network mode does not support the NetBIOS protocol
or WINS and therefore does not support Windows NT or Samba clients.

For this reason,when you install Windows 2000 Active Directory Services,it’s important
that you do so with backward-compatibility support for Windows NT.

On a newly installed Windows 2000 domain controller,which will need to be the first
server for the domain,controlling the top node of the Active Directory tree,you need to
run the program dcpromofrom the Windows 2000 command line. This will start the
Active Directory Installation Wizard,which will guide you through the installation.

When you reach the Permissions stage of the wizard,make sure that you select the
option Permissions Compatible with Pre–Windows 2000 Servers. Failing to do this will
require the deinstallation and reinstallation of Active Directory on the server. Figure 11.6
shows the Permissions stage with this option selected.

Creating a Turnkey Samba System

PARTII

336

Caution

If your Windows 2000 server already has ADS installed without NT backward
compatibility, you’ll need to first deinstall it and then follow the preceding
instructions to reinstall it. To deinstall ADS, run dcpromofrom the Windows 2000
command line.

14 8628 CH11 3/17/00 1:08 PM Page 336

Installing WINS Under Windows 2000

If you’re not using an existing Windows NT or Samba WINS server on your network,
you’ll need to install WINS on your Windows 2000 server to support the correct opera-
tion of name resolution.

The following method describes how to do this:

1.Open the Control Panel and then select Add/Remove Programs.

2.Select Add/Remove Windows Components from the menu on the left side.

3.Select Networking Services from the list and click Details.

4.Check the Windows Internet Naming Service (WINS) entry in the list found in the
Networking Services dialog box and then click OK.

Figure 11.7 shows the Networking Services dialog box with WINS selected for
installation.

Working with Windows 2000

CHAPTER11

337

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

FIGURE11.6

Installing ADS
with backward
compatibility for
NT and Samba.

FIGURE11.7

Installing WINS
on a Windows
2000 server.

14 8628 CH11 3/17/00 1:08 PM Page 337

You’ll also need to make sure NetBIOS over TCP/IP is enabled and that your Windows
2000 domain controller is configured to point to the correct WINS server (in this exam-
ple,itself). Refer to the sections “Windows 2000 Setup Requirements”and “Configuring
Windows 2000 to Use Samba WINS,”earlier in this chapter.

Configuring Samba for Domain Membership

Configuring Sambafor membership in a Windows 2000 domain is exactly the same as
configuring it for membership in a Windows NT domain,as described in Chapter 10,
“Working with Windows NT”You’ll need to include the following parameter settings in
your smb.conffile:

workgroup = MYDOMAIN
security = DOMAIN
password server = *
wins server = W2KPDC-1
wins support = no
local master = no
preferred master = no
domain master = no
domain logons = no

As discussed in the “Remote Authentication of Samba by NT”section of the previous
chapter,the password serverparameter is set to *. This causes Samba to search for the
first available domain controller to resolve authentication queries. On versions of Samba
before 2.0.6,you’ll need to specify a list of domain controllers separated by commas.
Here’s an example:

password server = W2KPDC-1

This parameter coupled with security = DOMAINforces Samba to use passthrough
authentication of client requests to the Windows 2000 domain controller W2KPDC-1.

Adding the Samba Client in Windows 2000

The next stage is the adding of the Samba client in the Active Directory database of
Windows 2000. This is the Windows 2000 equivalent of adding a computer in Server
Manager.

This task is achieved by the use of the Microsoft Management Console for Active
Directory Users and Computers. Follow these steps to do this:

1.Start Active Directory Users and Computers from the Administrative Tools pro-
gram group on the Start menu.

2.Right-click the Computers folder on the left and then select New,Computer from
the pop-up menu. The New Object – Computer window will appear.

Creating a Turnkey Samba System

PARTII

338

14 8628 CH11 3/17/00 1:08 PM Page 338

3.Enter the Samba server name (in this instance,PERSEUS) under Computer Name.

4.Check the Allow Pre–Windows 2000 Computers to Use This Account check box
and click OK. The computer will be added to the domain.

Figure 11.8 shows the details for adding the Samba server PERSEUSto the MYDOMAIN
domain.

Working with Windows 2000

CHAPTER11

339

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

FIGURE11.8

Adding a Samba
server to a
Windows 2000
domain.

Caution

If you do not allow pre–Windows 2000 computers to use the account, you’ll be
unable to join either Samba or NT clients to the domain using the computer
name. If you make a mistake, you can simply delete the computer and add it
again.

Joining the Windows 2000 Domain

Having added your Samba server in Active Directory Users and Computers,you can now
join the domain. This is achieved in the same way as joining Windows NT domains—by
using the smbpasswdcommand as follows:

% smbpasswd -R WINS -j MYDOMAIN -U Administrator -r W2KPDC-1
2000/01/14 14:13:15 : change_trust_account_password:
Changed password for domain MYDOMAIN.

Joined domain MYDOMAIN.

Having joined the domain,you now need to start (or restart) the Samba daemons in order
for the server to register itself with WINS. For example,here’s what you would do under
Red Hat Linux:

% /etc/rc.d/init.d/smb start

14 8628 CH11 3/17/00 1:08 PM Page 339

Having started the Samba daemons,you should find that your Samba server has been
registered with WINS on your Windows 2000 server. The WINS managercan be found
under Administrative Tools on the Windows 2000 Start menu. Right-click Active
Registrations in WINS and select Find Name…. Then enter the name of your Samba
server. Figure 11.9 shows the WINS entries for the Samba server PERSEUS.

Creating a Turnkey Samba System

PARTII

340

FIGURE11.9

Viewing WINS
registration for
Samba under
Windows 2000.

Adding a Samba Server into Windows 2000 DNS

Although not crucial to the interoperation of Samba and Windows 2000,DNS is used
heavily under Windows 2000 as the backbone for its Active Directory services. For this
reason,it’s useful to add your Samba server to the DNS database for Windows 2000.
This can be achieved using the following steps:

1.Start DNS from the Administrative Tools program group of the Start menu.

2.Select the Windows 2000 domain (in this example,mydomain.com) and then right-
click and select New Host…. The New Host dialog box appears.

3.In New Host dialog box,enter the name and IP address of your Samba server and
check the Create Associated Pointer (PTR) Record check box.

4.Click the Add Host button.

Figure 11.10 shows the New Host dialog box completed for the Samba server PERSEUS.

Management of a Samba Client from Windows 2000

You can use a few of the Windows 2000 administration tools to view (but not modify)
information about your Samba server. The only tools that I have found to work with a
Samba 2.0.6 server are the new Computer Management tool and Server Manager.

14 8628 CH11 3/17/00 1:08 PM Page 340

The use of the Computer Management toolis limited with Samba 2.0.6 because it cannot
support much of the functionality of Windows 2000; however,you are able to view the
shares available on the server. Figure 11.11 shows the shares available on the Samba
server PERSEUS.

Working with Windows 2000

CHAPTER11

341

11

W

O
R
K
I
N
G
W
I
T
H

W

I
N
D
O
W
S

2
0
0
0

FIGURE11.10

Adding a server to
Windows 2000
DNS.

FIGURE11.11

Viewing Samba
shares under
Windows 2000.

You can also use Server Manager under Windows 2000. It has been provided for back-
ward compatibility with Windows NT domains. To start it,you’ll need to run the srvmgr
command from the Windows 2000 command line. Figure 11.12 shows the MYDOMAIN
domain.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->