i found this online, and forgot the url where i copied it. so if you are the author or know the original url, please leave it in the commends and i’ll gladly link it.
Hi everyone, after digging over the net and after spending a lot of time trying to understand how things work, I’m proud to present a very quick and super easy tutorial to create a Samba Primary Domain Controller with LDAP integration inside Ubuntu 10.04, both 32bit and 64bit.
In less than 30 minutes you’ll have: – A fully working PDC for Windows Clients – Roaming profiles NOT enabled (this is what most of you want) – Be able to have shared folders automatically mounted when a user logs into the domain – Tested and fully working with(all flavours): Windows XP, Windows Vista and even Windows 7!
If you do everything exactly like I wrote I guarantee it will work. One single error can compromise everything and you’ll have to restart from the beginning! You have been warned!
General Information before reading: – In this guide each step will have a number, so if you ever have to ask me a question be sure you point the exact number, I will ignore any posts without the number being explicited. – Commands you must type start with a “–>”. – The guide presumes you know how to use Nano text editor (or any other text editor from shell like Vim). – In this guide my default password is always “pwd123″.
Install Ubuntu Server 10.04 32Bit or 64Bit Once Ubuntu 10.04 is up, log with root user:
From now on I assume you are always root user.
Set a static IP, in this example the NIC card is eth0 and the network is part of 192.168.1.x class.
1 2 3 4 5 6 7
The output should show you the static IP, try pinging a local IP or an internet IP to be sure you are on the net, ex:
or try pinging your gateway set before:
If you are unsure, reboot your machine to see if “ifconfig” command still shows you the same IP and to be sure you’re still part of the network by pinging as said before.
ONCE YOU FINISHED WITH THIS GUIDE, IF YOU EVER CHANGE YOUR IP BE SURE TO READ SECTION: “TIPS AND TRICKS”, FOUND AT THE END OF THIS GUIDE OR YOUR PDC WILL STOP WORKING.
1 2 3 4
1 2 3 4
Your next step will be to modify this file, the only thing you should care of changing is the password, which is set at line “olcRootPW:”. By default password is “pwd123″.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
From now on, if ldap commands similar to this ask for a password, put password set above in step 6, by default in this guide as said “pwd123″.
Now I’ll make you download my samba configuration file.
After downloading it, you’ll have to change ONLY two values: “workgroup = ” and “netbios = ”.
Workgroup is the name of the Domain. This is the name that you’ll have to enter in a Windows client to make it join the domain. Netbios is instead the name used to browse shared folders, for example in Windows you’ll put “\$netbiosname\$shared_folder”.
DO NOT PUT WORKGROUP NAME IDENTICAL TO NETBIOS NAME.
IMPORTANT: carefully decide the NETBIOS name, once you change it YOU CAN’T CHANGE IT AGAIN OTHERWISE IT WILL BREAK EVERYTHING! YOU’VE BEEN WARNED.
Type the following and change the two values.
Once you changed the two values type:
In the next command it will prompt you to put a password, this must be the same as set before in step 6, by default in this guide “pwd123″
Now you must check that samba is running, it will ask you for a password, just hit Enter.
It should not give you any errors, instead it must show some stuff and you should see your Workgroup Name set in step 9
1 2 3 4 5 6
1 2 3 4 5 6 7 8 9 10 11 12 13
Now you’ll have to edit a file, open the file with the following command and read below to understand what must be edited.
At the very top you’ll see:
Change it to:
Always at the top you’ll see:
Change it to:
At the end of the file you’ll see:
1 2 3 4 5 6 7
Delete all those lines, save and close.
Be sure the following command does not give errors:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Be sure the following does not give any errors.
Now thanks to the following command, you’ll finally understand if everything till now went fine. If everything goes fine, it will output a lot of stuff, including at the end strings similar to the ones found in step 18
Now that ldap is working perfectly, we must also be sure Samba is working too. The following command MUST not give errors, and it must output something similar to this:
So this is the command to type:
Next command is crucial to make Samba and Ldap work together. When prompted, press always Enter without inserting anything. There are only two cases where you must type something. When it asks for “Logon Home” and “Logon Path”, put a “.” character. At a certain point, it will ask you for a password two times, once for ldap bind master and then for ldap bind slave. In both cases, you must put the exact same password you put in step 6, by default in this guide “pwd123″. So now you know what to do, this is the command:
Following command should create some groups, at the end it will ask for a password. As always put password provided in step 6, default of this guide is “pwd123″.
1 2 3 4
If everything till now is really working, the next command will make user “root” be a Domain Administrator. In section “Tips and Tricks” you’ll see how to make other users be a Domain admin. THIS COMMAND MUST NOT GIVE ERRORS, otherwise it means LDAP is not working with Samba.
In the next command, it will ask you for some stuff. Do not make errors here! When it asks for questions that want a Yes/No reply, just press Enter leaving default.
When it asks for LDAP server Uniform Resource Identifier, leave it as it is “ldapi:///” When it asks for Distinguished name of the search base, put “dc=pdc” When it asks for LDAP account for root, put “cn=admin, dc=pdc” When it asks for LDAP password, put the same set in step 6, default of this guide was “pwd123″
The command is:
IMPORTANT: if you do a mistake, you can reconfigure the previous command typing:
The following command is used to enable Unix, Ldap and Samba authentication. Be sure all of them are selected with “*” character and press Enter. The command is:
The following command should output something similar to this:
1 2 3 4 5 6 7 8 9
The command is:
Good, we’re done. After reboot, let’s check that everything is working by creating a user.
If the following command does not give errors, it means Samba and Ldap are both working together, and you should be happy! It will ask for a password, the password is the password you want for the user, in this case for user “user1″:
If you reached this step without errors, it means you are ready to make your Windows Clients join the domain.
However for security reasons it’s not a good idea to make your customer know the password of “root” account. At the moment, to make a Windows Client join the domain you’ll have to put user “root” and its password, let’s instead make another user which will be part of the Domain Administrators. We’ll call the user “adminpdc”.
1 2 3 4
Good, now we have user “adminpdc” that is a Domain Administrator but is in no way a possible security danger for your Linux machine, since it’s not part of sudoers. In this way you’ll never have to use account “root” to make a Windows client join the domain or to make changes to the Windows client OS.
Finally, make your Windows Client (xp,vista,7) join the domain! : – In Windows XP, right click on Computer->Properties and click on Change as seen here: http://www.iaji.net/wp-content/uploa%E2%80%A6uter_name3.png – For Windows Vista and 7 instead, right click on Computer, on the left click on Advanced Settings and then click on “Change” under “Computer Name” Tab.
IMPORTANT ABOUT WINDOWS 7: To make Windows 7 be part of the domain, read below section Tips and Tricks. – As domain, put the workgroup name you set in step 9 – When it asks for username and password, put “adminpdc” and the password of this user, you set this on step 33. If everything goes well it will say you joined the domain and you must reboot.
That’s all! TIPS AND TRICKS: Create/Delete/Manage Users: To Add: smbldap-useradd -a -m -P user To Delete: smbldap-userdel user To ChangePassword: smbldap-passwd user To add a Domain Administrator:
1 2 3
If you ever change the static IP of the PDC:
1 2 3 4 5
To make Windows 7 join the domain: – Check : https://bugzilla.samba.org/attachmen%E2%80%A688&action=view
To make your PDC automatically map net drives:
In this example you’ll have a shared folder for all users, of course you can edit /etc/samba/smb.conf to create specific user shares.
1 2 3
NOTE: change “PSAMBA” with the Netbios name set in step 9. Change drive “m:” to any letter you prefer.
1 2 3 4
quick guide on how to use utf-8 encoding with php and mysql. first check that character set is set to utf-8 and that collation is set to utf8_general_ci. then, add the following :
1 2 3 4 5 6
after inserting some new reports in pentaho and trying to refresh it started giving some strange errors like : Cache refresh failed. after some digging around the logs in tomcat/bin/pentaho.log. it turned out that it was a duplicate entry in the fullPath field of the PRO_FILES table. the solution, which is pretty simple, is to change the collate of the field from latin1_swedish_ci to latin1_general_cs.
just change the ‘Start’ value of reg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm start to 4
all mikrotik version 3.x have a strange bug, when a user logs in via the hotspot the processor goes 100%. the solution is to disable the address pool in the user profile, and set it to none.