How do I configure a Samba PDC in Red Hat

Enterprise Linux 5?

Issue
How do I configure a Samba PDC in Red Hat Enterprise Linux 5?

Environment
Red Hat Enterprise Linux 5

Resolution
Install the following packages:

samba-common-3.0.25b-1.el5_1.2
samba-client-3.0.25b-1.el5_1.2
samba-3.0.25b-1.el5_1.2

Configure the /etc/samba/smb.conf file as specified below.

[global]
workgroup = MYDOMAIN
server string = Samba PDC
passdb backend = tdbsam
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
add user script = /usr/sbin/useradd "%u" -n -g users
delete user script = /usr/sbin/userdel "%u"
add group script = /usr/sbin/groupadd "%g"
delete group script = /usr/sbin/groupdel "%g"
delete user from group script = /usr/sbin/userdel "%u" "%g"
add machine script = /usr/sbin/useradd -n -c "Workstation (%u)"

Copyright (c) 2009 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set
forth in the Open Publication License, v1.0 or later (available at http://www.opencontent.org/openpub/).
1
How do I configure a Samba PDC in Red Hat Enterprise Linux 5?

-M -d /nohome -s /bin/false "%u"

domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
cups options = raw

Create the group ntadmins. This group will be mapped to group "Domain Admins". The
group "Domain Admins" has special privileges in Windows.

#groupadd ntadmin

Create 2 additional groups, one for the Domain Users group and other for "Guests" group.

#groupadd ntusers
#groupadd ntguests

Execute the below steps (note the well known RIDs for the groups).

net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins rid=512 type=d

net groupmap add ntgroup="Domain Users" unixgroup=ntusers rid=513 type=d
net groupmap add ntgroup="Domain Guests" unixgroup=ntguests rid=514 type=d

Check if it is mapped properly.

#net groupmap list

Copyright (c) 2009 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set
forth in the Open Publication License, v1.0 or later (available at http://www.opencontent.org/openpub/).
2
How do I configure a Samba PDC in Red Hat Enterprise Linux 5?

Add the root user (also called Administrator).

#smbpasswd -a root

Now create local users and add them to the above groups which are mapped to Domain
Users, Domain Admins and Guests.

#useradd -G ntusers testuser

#passwd testuser

Add testuser to the samba tdbsam backend.

#smbpasswd -a testuser

Join the Windows system to the domain MYDOMAIN. When joining to the domain for the
first time, Join the system with user root and password as set earlier. Once the system is
joined, login as user testuser with password set earlier.

Copyright (c) 2009 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set
forth in the Open Publication License, v1.0 or later (available at http://www.opencontent.org/openpub/).
3