Domain Server
-
- New here
- Posts: 6
- Joined: Wed Dec 12, 2007 3:35 pm
- Location: Sweden
Eraser-EMC2- wrote: 2. run this commands to add the builtin groups:
Code: Select all
/usr/local/samba/bin/net sam createbuiltingroup "Administrators" /usr/local/samba/bin/net sam createbuiltingroup "Power Users" /usr/local/samba/bin/net sam createbuiltingroup "Users" /usr/local/samba/bin/net sam createbuiltingroup "Guests" /usr/local/samba/bin/net sam createbuiltingroup "Account Operators" /usr/local/samba/bin/net sam createbuiltingroup "System Operators" /usr/local/samba/bin/net sam createbuiltingroup "Print Operators" /usr/local/samba/bin/net sam createbuiltingroup "Backup Operators" /usr/local/samba/bin/net sam createbuiltingroup "Replicators"
I tried to follow this but gor these errors for "createbuiltingroup"
[/share/HDA_DATA/sambastuff] # $NET sam createbuiltingroup "Administrators"
[2007/12/27 17:39:51, 0] groupdb/mapping.c:pdb_create_builtin_alias(1380)
pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_UNSUCCESSFUL)
Any ideas to what causes this?
Do you have any more information about what needs to be done on the windows side? (I have Vista)
Best regards,
Anders
Anders
-
- Been there, done that
- Posts: 711
- Joined: Sat Oct 13, 2007 5:26 pm
- Location: Germany
It is possible, that there comes 2 errors for "Administrators" and "Users".
In this case are the groupmaming existing.
You can check it with "/usr/local/samba/bin/net groupmap list".
On the Windows side you need to change the PC from workgroup to domain with your domain name, after this it ask you for name and password of the domain admin.
I dont know where these settings on a Vista System, on a Win XP system you find it under the properties of the "My computer" -> "Computer name" -> "change".
In this case are the groupmaming existing.
You can check it with "/usr/local/samba/bin/net groupmap list".
On the Windows side you need to change the PC from workgroup to domain with your domain name, after this it ask you for name and password of the domain admin.
I dont know where these settings on a Vista System, on a Win XP system you find it under the properties of the "My computer" -> "Computer name" -> "change".
_________________
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
-
- New here
- Posts: 6
- Joined: Wed Dec 12, 2007 3:35 pm
- Location: Sweden
It seems like, since I have Vista Home premium, I can't add it to be part of a domain.Eraser-EMC2- wrote: I dont know where these settings on a Vista System, on a Win XP system you find it under the properties of the "My computer" -> "Computer name" -> "change".
What's the difference between workgroup and domain?
Best regards,
Anders
Anders
-
- Been there, done that
- Posts: 711
- Joined: Sat Oct 13, 2007 5:26 pm
- Location: Germany
Vista Home dont support domain login, only with business version.
EDIT: i dont know, if vista business support NT4-Ddomains.
In a workgroup have all pcs his own user accounts and passwords.
If you want to change your password, you have to change on all connected pcs.
In a domain you have a server with these accounts and passwords and all pc use only these accounts.
If you want to change your password, you need it only once.
It is easy to manage the user passwords / properties and
designed for business, not really for home user.
But i dont know, if vista supports a nt4 domain or only a active directory domain
EDIT: i dont know, if vista business support NT4-Ddomains.
In a workgroup have all pcs his own user accounts and passwords.
If you want to change your password, you have to change on all connected pcs.
In a domain you have a server with these accounts and passwords and all pc use only these accounts.
If you want to change your password, you need it only once.
It is easy to manage the user passwords / properties and
designed for business, not really for home user.
But i dont know, if vista supports a nt4 domain or only a active directory domain
Last edited by Eraser-EMC2- on Sat Dec 20, 2008 6:03 pm, edited 1 time in total.
_________________
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
-
- Starting out
- Posts: 25
- Joined: Fri Nov 02, 2007 10:41 pm
Re: Domain Server
Guys, cracking job so far.
Run into one problem:
[/bin] # /etc/init.d/smb.sh restart
Restarting SMB services:
Shutting down SMB services: smbd nmbd.
Shutting down Winbind services: done.
Starting Winbind services:Starting SMB services: smbd nmbd.
done.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Administrators"
/usr/local/samba/bin/net sam createbuiltingroup "Guests"
/usr/local/samba/bin/net sam createbuiltingroup "Account Operators"
/usr/local/samba/bin/net sam createbuiltingroup "System Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Print Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Backup Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Replicators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Power Users"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Users"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Guests"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Account Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "System Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Print Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Backup Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Replicators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] #
So looks like Winbind running, but the createbuiltingroup command doesn't seem to be happy.
Any thoughts anyone?
Run into one problem:
[/bin] # /etc/init.d/smb.sh restart
Restarting SMB services:
Shutting down SMB services: smbd nmbd.
Shutting down Winbind services: done.
Starting Winbind services:Starting SMB services: smbd nmbd.
done.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Administrators"
/usr/local/samba/bin/net sam createbuiltingroup "Guests"
/usr/local/samba/bin/net sam createbuiltingroup "Account Operators"
/usr/local/samba/bin/net sam createbuiltingroup "System Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Print Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Backup Operators"
/usr/local/samba/bin/net sam createbuiltingroup "Replicators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Power Users"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Users"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Guests"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Account Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "System Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Print Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Backup Operators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] # /usr/local/samba/bin/net sam createbuiltingroup "Replicators"
winbind seems not to run. createlocalgroup only works when winbind runs.
[/bin] #
So looks like Winbind running, but the createbuiltingroup command doesn't seem to be happy.
Any thoughts anyone?
-
- Been there, done that
- Posts: 711
- Joined: Sat Oct 13, 2007 5:26 pm
- Location: Germany
Re: Domain Server
You have to add these lines to the smb.conf inside of the [global]:
winbind needs these lines to starts and then you can use the missed net commands.
Code: Select all
idmap uid = 10000-20000
idmap gid = 10000-20000
_________________
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
-
- Starting out
- Posts: 25
- Joined: Fri Nov 02, 2007 10:41 pm
Re: Domain Server
Doh! I'm an idiot.
I had created a copy conf file to put the changes in, then planned to rename and backup the old config .
Guess what. I forgot to swop them....
I had created a copy conf file to put the changes in, then planned to rename and backup the old config .
Guess what. I forgot to swop them....
-
- Starting out
- Posts: 18
- Joined: Sun Feb 03, 2008 12:39 pm
Re: Domain Server
Hi there
Great thread guys.
This bit I don't understand:
Also, which is the correct smb.conf file to edit. Is it the /etc/smb.conf ?
Regards
Wongdai
Great thread guys.
This bit I don't understand:
Where do I do this? Using the Qnap's Admin function in the web browser, or in the smb.conf file, or somewhere else?For each pc on your domain is a user account required as mypc$,
pcname with a $ at the end.
Now you can add your pc with name "mypc" to your domain.
Also, which is the correct smb.conf file to edit. Is it the /etc/smb.conf ?
Regards
Wongdai
-
- Been there, done that
- Posts: 711
- Joined: Sat Oct 13, 2007 5:26 pm
- Location: Germany
Re: Domain Server
You can add the name of the worksation in the user management of your nas
( pcname + $ )
or to add it with ssh or telnet to the /etc/passwd with the command :
"mypc" is a example name for the windows workstation.
The you have to change on the windows workstation form workgroup to domain with your domain name.
It will ask you for the administrator name (admin) and password of the NAS.
When i is done without error, you have to reboot your windows workstation
and on the logon screen will appear a option with your pcname and domain name.
( pcname + $ )
or to add it with ssh or telnet to the /etc/passwd with the command :
Code: Select all
adduser -h /tmp mypc$
The you have to change on the windows workstation form workgroup to domain with your domain name.
It will ask you for the administrator name (admin) and password of the NAS.
When i is done without error, you have to reboot your windows workstation
and on the logon screen will appear a option with your pcname and domain name.
_________________
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
-
- Starting out
- Posts: 18
- Joined: Sun Feb 03, 2008 12:39 pm
Re: Domain Server
Thanks man
It's not working for me atm. Coming up saying Cannot find a domain controller.
I will go through the all the instructions again tomorrow and see if I can locate where i went wrong.
Thanks again
Wongdai
edit: W00t! I had a brainwave just prior to going to bed. I remembered to repoint my dns settings to the NAS in my network connections, and then also registered the NAS in WINS.
I get the domain login now, but it is not allowing me to join as yet. I used the admin login and password, but it came back with a dialogue box "The specified account already exists".
Not sure what this means.
Wongdai
It's not working for me atm. Coming up saying Cannot find a domain controller.
I will go through the all the instructions again tomorrow and see if I can locate where i went wrong.
Thanks again
Wongdai
edit: W00t! I had a brainwave just prior to going to bed. I remembered to repoint my dns settings to the NAS in my network connections, and then also registered the NAS in WINS.
I get the domain login now, but it is not allowing me to join as yet. I used the admin login and password, but it came back with a dialogue box "The specified account already exists".
Not sure what this means.
Wongdai
-
- Starting out
- Posts: 18
- Joined: Sun Feb 03, 2008 12:39 pm
Re: Domain Server
Ahh. got it worked out.
It turns out the weird results are something to do with Vista. XP Pro logged into the domain just perfectly.
Unfortunately it stalled on the "loading personal settings" screen, which is probably because I haven't set up any of the user directories.
Something for tomorrow.
Wongdai
It turns out the weird results are something to do with Vista. XP Pro logged into the domain just perfectly.
Unfortunately it stalled on the "loading personal settings" screen, which is probably because I haven't set up any of the user directories.
Something for tomorrow.
Wongdai
-
- Starting out
- Posts: 18
- Joined: Sun Feb 03, 2008 12:39 pm
Re: Domain Server
All working now.
One weird thing though, on the Windows start menu, instead of saying the name of the user at the top as per usual, it says, "Linux User,,,"
Any ideas?
Wongdai
One weird thing though, on the Windows start menu, instead of saying the name of the user at the top as per usual, it says, "Linux User,,,"
Any ideas?
Wongdai
-
- Been there, done that
- Posts: 711
- Joined: Sat Oct 13, 2007 5:26 pm
- Location: Germany
Re: Domain Server
This is the full name of the user.
You have to edit the passwd manual by
connecting with ssh or telnet and open the passwd with
You have to edit the passwd manual by
connecting with ssh or telnet and open the passwd with
Code: Select all
vi /etc/passwd
_________________
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
Windows 7 32/64bit, German
TS-439 , 1x 512GB SSD/1x 512GB Samsung ; SAMBA as NT4 PDC, DHCP/DNS-Server
TS-431+, 1x 1TB WD green, 2x 3TB WD red , 1x 2TB Samsung
TS-220 , 2x 2TB Samsung, for Backup
-
- Starting out
- Posts: 18
- Joined: Sun Feb 03, 2008 12:39 pm
Re: Domain Server
Spot on man. Well done!
The upside of this is that it has also fixed my problems with Workgroups, which I had before. Nice.
The only issue I currently have is that I am getting permission denied on gpedit.msc when I run it, even when I am logged in as administrator.
The upside of this is that it has also fixed my problems with Workgroups, which I had before. Nice.
The only issue I currently have is that I am getting permission denied on gpedit.msc when I run it, even when I am logged in as administrator.