Samba in a Windows NT Domain

When operating in a Windows NT domain, Samba can act either as a primary domain controller or as a domain member server.

Primary Domain Controller

Setting up Samba as a primary domain controller is more complicated than the other configurations. However, the extra difficulty is offset by having a more secure network and additional features such as logon scripts and roaming profiles. In the following configuration file, we also include support for a Microsoft Dfs share:

[global] # Replace "toltec" with the hostname of your system. netbios name = toltec # Replace "METRAN" with the name of your Windows NT domain. workgroup = METRAN # Run a WINS server wins support = yes # Always act as the local master browser # and domain master browser. Do not allow # any other system to take over these roles! domain master = yes local master = yes preferred master = yes os level = 255 # Perform domain authentication. security = user encrypt passwords = yes domain logons = yes # The location of user profiles for Windows NT/2000/XP. logon path = \\%L\profiles\%u\%m # Users' Windows home directories and storage of Win95/98/Me roaming profiles. logon drive = G: logon home = \\toltec\%u\.win_profile\%m # The following line is optional because # Samba always offers NetBIOS time service. # This causes it to also be advertised: time server = yes # The logon script used for all users, # Relative to [netlogon] share directory. logon script = logon.bat # The group identifying administrative ...

Get Using Samba, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.