Installing SAMBA from Source as a PDC


Table of Contents
  1. Overview
  2. Configuration and Compilation
  3. Create needed support files
  4. Setting up a SAMBA PDC

Overview

I did the following on a Mandrake 9.0 box.
There is a sample smb.conf at the bottom and it is for use as a PDC

Once you have installed samba the documentation is all installed under the swat root in the following directories.
PREFIX=/usr/local # where you put swat
$PREFIX/swat/help/
$PREFIX/swat/using_samba/

Important: If you are going to use Windows XP clients make sure you launch the Local Group Policy snapin on the client and disable the encrypt traffic to servers options do a google for details.

Configuration and Compilation

Download and unpack samba

Check for any missing libraries you need

./configure | tee mylog

Add any libraries that you need

rpm -ivh libcups1-devel-1.1.16-0.4mdk.i586.rpm
rpm -ivh pam-devel-0.75-25mdk.i586.rpm

Configure with the samba options you require

# make sure you put --with-pam in or you wont be able to connect swat without the unsafe -a option
 # --with-pam_smbpass needs libpam
 # --enable-cups needs cups-devel
./configure  --prefix=/usr/local \
--with-pam \
--with-pam_smbpass \
--with-acl-support \
--with-winbind \
--with-msdfs \
--enable-cups \
--with-smbmount \
--with-ssl \
--with-libsmbclient \
--with-smbwrapper

make
make install

Create needed support files

Create smb.conf and the unix to smb user map file

touch /usr/local/lib/smb.conf
touch /usr/local/private/user.map

Add the necessary directories for profiles and netlogon shares

mkdir -p /var/lib/samba/netlogon
mkdir -p /var/lib/samba/profiles

Create a PAM file for authentication off the unix pam service

#!/bin/sh
 PAM_FILE=/etc/pam.d/samba
 cat << EOF > $PAM_FILE
 auth required /lib/security/pam_pwdb.so nullok shadow
 account required /lib/security/pam_pwdb.so
 EOF

Createxinetd service file

#!/bin/sh
XINETD_FILE=/etc/xinet.d/samba
cat << EOF > $XINETD_FILE

service swat

{

        port                    = 901
        socket_type             = stream
        wait                    = no
        user                    = root
        only_from               = 127.0.0.1 192.168.2.0
        server                  = /usr/local/sbin/swat
        server_args             = -s /usr/local/lib/smb.conf
        # tell it where smb.conf is stashed if non standard
        log_on_failure          += USERID
        disable                 = no

}
EOF

Create a /etc/rc.d/init.d/samba file

#!/bin/sh
#ident  "@(#)samba.server 1.0   96/06/19 TK"    /* SVr4.0 1.1.13.1*/
#
# Please send info on modifications to [email protected]
# # chkconfig: 2345 20 10
# # description: Starts and stops the Samba Server at boot time and shutdown.
#
# This file should have uid root, gid sys and chmod 744
#
if [ ! -d /usr/bin ]
then                    # /usr not mounted
        exit
fi

PS=`which ps`
GREP=`which grep`
SED=`which sed`


killproc() {            # kill the named process(es)

        pid=`$PS -e |
             $GREP -w $1 |
             $SED -e 's/^  *//' -e 's/ .*//'`
        [ "$pid" != "" ] && kill $pid
}

status () {

    nmbd=`$PS -e |
             $GREP -w nmbd |
             $SED -e 's/^  *//' -e 's/ .*//'`
    smbd=`$PS -e |
             $GREP -w smbd |
             $SED -e 's/^  *//' -e 's/ .*//'`

    if [ "$nmbd" != "" ] ; then
            echo nmbd is running on $nmbd
    else
            echo nbmd is not running
    fi

    if [ "$smbd" != "" ] ; then
             echo smbd is running on $smbd
    else
        echo sbmd is not running
    fi

}
# Start/stop processes required for samba server

case "$1" in

'start')
#
# Edit these lines to suit your installation (paths, workgroup, host)
#
    SAMBA_SBIN=/usr/local/sbin
    SAMBA_LIB=/usr/local/lib
    $SAMBA_SBIN/smbd -D -s$SAMBA_LIB/smb.conf
    $SAMBA_SBIN/nmbd -D -s$SAMBA_LIB/smb.conf
   ;;
'stop')
   killproc nmbd
   killproc smbd
   ;;
'status')
    status
    ;;
*)
   echo "Usage: /etc/rc.d/init.d/samba { start | stop | status }"
   ;;
esac

Edit /etc/services

Check to make sure /etc/services has the correct entries add them if not

netbios-ns      137/tcp                         # NETBIOS Name Service
netbios-ns      137/udp
netbios-dgm     138/tcp                         # NETBIOS Datagram Service
netbios-dgm     138/udp
netbios-ssn     139/tcp                         # NETBIOS session service
netbios-ssn     139/udp
swat            901/tcp                         # Samba Web Administration Tool
microsoft-ds    445/tcp
microsoft-ds    445/udp


Register samba for system start up

chkconfig --level 345 samba on

Now start the services

/etc/rc.d/init.d/samba start

Setting up a SAMBA PDC

On the Samba machine in your favourite browser goto http://localhost:901
set the options so you get a similar smb.conf to the following smb.conf

Note: Rely heavily on the doco and when you don't understand something ask at the linux-users list I'm sure some of them are hiding a windows background

# Samba config file created using SWAT
# from localhost.localdomain (127.0.0.1)
# Date: 2003/03/16 12:18:06

# Global parameters
[global]
	workgroup = JMCD
	netbios name = P3
	encrypt passwords = Yes
	username map = /usr/local/private/user.map
	log level = 1
	log file = /var/log/samba/log.%m
	time server = Yes
	socket options = IPTOS_LOWDELAY TCP_NODELAY
	domain admin group = root @adm
	logon script = logon.cmd
	logon path = \\P3\profiles\%U
	logon drive = H:
	logon home = \\P3\%U
	domain logons = Yes
	os level = 64
	preferred master = Yes
	domain master = Yes
	dns proxy = No
	wins support = Yes
	template homedir = 
	winbind use default domain = Yes
	admin users = root

[homes]
	comment = Home Shares
	read only = No
	browseable = No

[NETLOGON]
	comment = Netlogon
	path = /var/lib/samba/netlogon
	guest ok = Yes

[profiles]
	comment = Profile Home
	path = /var/lib/samba/profiles
	read only = No
	create mask = 0600
	directory mask = 0700
	profile acls = Yes
	csc policy = disable

Prepared from Samba documentation, and google searches by:
James McDonald
Qualifications { MCSE (NT/Win2K), CTLA, TLA }

mailto:[email protected]