Search This Blog

Thursday, December 15, 2011

How To Add Workstations To Your Samba Domain (SAMBA) - PART11


Adding workstations to a Samba domain is a two step process involving the creation of workstation trust accounts on the Samba server and then logging into each workstation to add them to the domain.

Create Samba Trust Accounts For Each Workstation

PDCs will accept user logins only from trusted PCs that have been placed in its PC client database. Samba can create these Machine Trusts in two ways, either manually or automatically.

Manual Creation Of Machine Trust Accounts (NT Only)

The commands in this example create a special Linux group for Samba clients and then add a special machine user that's a member of the group. The password for this user is then disabled and the machine is then added to the smbpasswd file to help keep track of which devices are members of the domain. In summary, a machine trust account needs to have entries in the /etc/passwd and /etc/smbpasswd files. Pay careful attention to the dollar sign ($) at the end and replace machine_name with the name of the Windows client machine.
[root@bigboy tmp]# groupadd samba-clients
[root@bigboy tmp]# /usr/sbin/useradd -g samba-clients \
-d /dev/null -s /bin/false machine_name$
[root@bigboy tmp]# passwd -l machine_name$
[root@bigboy tmp]# smbpasswd -a -m machine_name
This is the only way to configure machine trusts using Windows NT.

Dynamic Creation of Machine Trust Accounts

Although you can use the manual method, the recommended way of creating machine trust accounts is simply to allow the Samba server to create them as needed when the Windows clients join the domain which known as making a machine account on the fly. You can set this up by editing the /etc/samba/smb.conf file to automatically add the required users.
The easiest way to do this using SWAT in the Global menu to modify the add machine script parameter.
[global]
# <...remainder of parameters...>
add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u
When you have completed the modifications, you'll need to create the samba-clients Linux group that will be used to help identify the all the domain's Windows clients listed in the /etc/passwd file.
[root@bigboy tmp]# groupadd samba-clients
In Samba version 2, you need to add the client to the smbpasswd file also
[root@bigboy tmp]# smbpasswd -a -m machine_name
Samba version 3 adds it automatically.
Posted by at No comments:
Labels: , , , , ,

Tuesday, December 13, 2011

OPA-Backup is able to backup the product activation of Microsoft Office

OPA-Backup is able to backup the product activation of Microsoft Office XP, 2003, 2007 and 2010. After reinstalling Windows, it restores the backup so that there is no need for activating Office again
To use OPA-Backup, please follow the rules listed below:


  • You must have bought Microsoft Office.
  • Microsoft Office has to be activated.
  • You must fulfill the software license agreement of Microsoft Office.
  • OPA-Backup is not directed against Microsoft.
  • OPA-Backup is no illegal crack.
Requirements: Microsoft Windows, Microsoft .NET Framework 3.0
For More Details:
Posted by at No comments:
Labels: , , , , , ,

Sunday, December 11, 2011

How To Create A Samba PDC Administrator User (SAMBA) - Part10


To do both SWAT and user administration with Samba you'll need to create administrator accounts on the Samba PDC Linux server.

Home Environment

By default, the root user is the Samba administrator, and SWAT requires you to use the Linux root password to be used. Fortunately, you can add workstations to the Windows domain by creating a Samba specific root password. This is done using the smbpasswd command.
[root@bigboy tmp]# /usr/bin/smbpasswd -a root password
Note: Remember that regular Linux logins via the console, Telnet or SSH require the Linux passwd command. Samba domain logins use the smbpasswd password. Samba passwords are stored in the /etc/samba/smbpasswd file.

Corporate Environment

In a corporate environment, you may want more than one person to administer Samba, each with their own usernames. Here are the steps to do this:
1. Create a Linux user group, such as sysadmin with the groupadd command.
2. Use SWAT to update your smb.conf file so that the sysadmin group is listed in the [global] parameter settings.
domain admin group = @sysadmin
admin users = @sysadmin
printer admin = @sysadmin
3. Create individual Linux users that are part of this group.
4. Use the smbpasswd command to create Samba passwords for Domain logins for this group. For security reasons this password may be different from the Linux password used to log into the Linux system from the console, via telnet or ssh. (Remember that Linux passwords are changed with the passwd command.)
Posted by at No comments:
Labels: , , , , ,

Samba Passwords (SAMBA) - PART9


You should be aware that your Linux password and Samba passwords are stored in two different locations. This provides the Samba administer the flexibility of allowing only some of the Linux users to have Samba accounts.
Use the passwd command to change Linux passwords, which are stored in the /etc/shadow file. Samba passwords are stored in the /etc/samba/smbpasswd file and can be changed smbpasswd command.
This difference is important.
Posted by at No comments:
Labels: , , , , ,

The [printers] Share Section (SAMBA) - PART8


Samba has special shares just for printers, and these are configured in the [printers] section of SWAT. There is also a share under [printers] called printers which governs common printer settings. Print shares always have the printable parameter set to yes. The default smb.conf [printers] share section looks like this:
[printers]
    comment = All Printers
    path = /var/spool/samba
    printable = Yes
    browseable = No
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)