[wellylug] Win2K + Linux Problem

Sam Cannell sam at plaz.net.nz
Wed Mar 17 09:13:41 NZDT 2004


On Wed, Mar 17, 2004 at 12:24:24AM +1300, Michael Dittmer wrote:
> I need a hand with a problem that I have with Win2K and Linux. How can I get
> Win2K clients to log into a linux box and map their home directories
> (including My Documents, My Pictures etc) to their Home directories on the
> linux box. It's easy to do in Win2K Server, but I'm not sure how to do it in
> Linux.
> 
> BTW, the Linux box is running Samba and is provding the Domain for the
> network.

When you say "providing the domain", do you mean it's authenticating
domain logins for the Windows clients, or do you just mean you've just
set "domain master = yes" in the smb.conf?

There's a bunch of stuff you need to configure if you want domain logons
from a samba server to work.

My memory is a little hazy as I haven't done it in a couple of years,
but from memory, you need to:
* Ensure that the Samba server wins the browser election
* Make Samba a WINS server, and configure your Windows clients to use it
  for netbios resolution, either through the network control panel or
  DHCP.
* Make sure you have a NETLOGON share on the Samba server configured.
* Add 'domain logons = yes' to the [global] section of smb.conf
* Add 'logon script = logon.bat' to the [global] section of smb.conf
* Add 'logon home = \\%N\%U' to the [global] section of smb.conf

Edit \\servername\netlogon\logon.bat, and add:

-----------------------
@echo off
net use h: /home
-----------------------

This will map H: to \\servername\username during the login.

If you want to have a per-user login script, change 'logon script =
logon.bat' to 'logon script = %U.bat' and make a batch file for every
user called \\servername\netlogon\username.bat

Next, you need to create a machine account for every computer that will
be logging into the domain.  For an example machine PC01:

useradd PC01$
smbpasswd -a -m PC01

Note that PC01 should not be able to login into Linux itself.

Now you can join the machine to the domain.  Note that under Windows
2000, it seems that you can't change from a workgroup to a
Samba-controlled domain if the name of the domain is the same as the
name of the workgroup.  If you try, you'll get the error "The
credentials supplied conflict with an existing set of credentials."  If
you need to change from, say, a workgroup called MYNETWORK to a domain
also called MYNETWORK, change the workgroup of the Windows PC to
WORKGROUP, reboot, then join the MYNETWORK domain and reboot again.

In theory, after doing all that the Samba DC should authenticate Windows
logins, and map the H: drive to the home directory at login time.  I
believe that My Documents et al will be redirected there.

As I said though, this is all from memory and I haven't done it in quite
some time.  YMMV. :)

PS.  If enough people are interested in Windows / Linux integration with
Samba, I'd be willing to stand up and do a presentation about it at a
LUG meeting once I've made sure I can remember how to do it ;)

Cheers,

Sam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.wellylug.org.nz/pipermail/wellylug/attachments/20040317/0cf2c77e/attachment.pgp 


More information about the wellylug mailing list