Site Navigation
What's This All About?
Linux Server Setup
   Initial LDAP Setup
   NFS Setup
   SAMBA Setup
   Additional LDAP Setup
Linux Client Setup
   LDAP Setup
   NFS Setup
Mac OS X Client Setup
   LDAP Setup
   NFS Setup
Windows 2000 Client/Domain Setup
Adding Users and Final Use

Samba Background Info:
Samba is the open source solution to working with Windows networking, be it User authentication, File Sharing, Printer Sharing, or just about anything else. SMB stands for Server Message Block, and works with NetBios (Network Basic Input Output System) to allow *nix based machines to communicate with Windows based machines.
  • Allows control of Host, Workgroup, and Domain
  • Uses the Windows Name Service (so you don't have to use ip addreses)
    • NetBIOS name to IP translations are stored in cache Use nbtstat on windows or nmblookup on samba to list the contents of the cache.
    • NetBIOS names are registered at startup through a series of broadcast messages.
    • The LMHOSTS file translates ips to NetBIOS names
    • WINS (Windows Internet Name Server) use network server to lookup NetBIOS translations.
    • Domain Master Browser (elected by machines, short-term 10-15 minutes) will keep the best list possible of all NetBIOS names.
  • Security options
    • Plain text password transmission
    • Encrypted password transmission (NT hash or LanMan hash)
    • Server Mode - SAMBA asks windows NT server if user/pass ok
    • Domain Mode - SAMBA machine joins NT domain to find server
    • PDC Mode - SAMBA acts as NT domain controler
      • Users and machines need accounts on SAMBA machine.
  • Primary Domain Controller (PDC)
    • Allow domain logons
    • Manage lists of users/groups
    • Manage roaming profiles
    • Manage some system policies

The way our system will work for windows clients is a bit different then it is for Linux or Mac OS X clients. Windows machines will join the domain of our server. When a user logs in to the domain, the client machine sends a login attempt to the SAMBA server. The Samba server then falls back to the LDAP server which authenticates the username and password, and supplies the home directory information. The client then mounts the home directory, from the samba server, which once again falls back to the NFS server to mount the home directory.

The user profile is stored separatley on the Samba server, and is not part of the home directory. One other note to be careful about is the way the Desktop works on the Windows machines. On the Mac's, the desktop is just a folder inside of the users home directory. On the Windows machines, the desktop is a part of the users profile. At login, anything that is on the desktop is fully copied over the network to the local machine. At logout everthing is copied back. This is a dangerous way of doing it (although there is no alternative) for a couple reasons. One, if the user puts a lot of files on the desktop, it creates a LOT of unneccesary network traffic. Also, the files on the Desktop are NOT part of their home directory, so they are NOT available through FTP, or on the Mac or Linux clients.

The other major concern with this is that if the user logs in on one machine, and then logs in on a second windows machine, then logs out of both, the last logout is the only one that counts, as it overwrites everything else when the person logs out. We have had students loose massive amounts of work by doing this on accident. Our only solution is to teach the students that they basically should NOT use the desktop on the windows machines.

Now lets move on to setting up our Samba server, and once we are done with that we will have to go back and edit our LDAP configuration to work with samba.


On to the Samba setup page.