[PLUG] Windows/Linux/Samba
David Phillips
redhat at crisponions.com
Sat Dec 25 06:40:04 UTC 2004
Thanks for the advice. I just discovered the samba newsgroup (yeah I am
a little behind in some aspects :-) ). Luckily from your tips and what
I read, this looks like it should be pretty easy for me. Fortunately
this server is getting installed on different hardware than my current
server so I should have minimal downtime, and it will also be hosting
almost all my shared files, now i just gotta find the time to do it.
On Fri, 2004-12-24 at 22:09 -0800, Carla Schroder wrote:
> On Friday 24 December 2004 8:55 pm, David Phillips wrote:
> > I am finally going to try to take that final leap from being windows
> > dependent and move my backend to linux. I am looking to replace my MS
> > domain controller/mail server with a linux box. What I am curious about
> > is how to implement windows (for my wife's PC, and i still have some
> > apps I have to use that only work on windows) into my new linux network.
> > I have used samba in the past but in the opposite direction, using it to
> > access windows shares. How difficult is it to have samba be the "domain
> > controller" for my new network? Can you still have file level security
> > on the MS machines? My understanding of samba is it works in the old
> > "workgroup" style of MS networking - which in windows land means no file
> > level security.
> >
>
> Windows NTFS and Linux filesystems operate with different sets of file
> permissions, which Samba does not try to translate. And FAT filesystems have
> no access controls at all. To restrict access to files set up Samba shares,
> then configure access controls on the shares.
>
> One option is to set up shared directories on each PC. Then each shared
> directory has its own Samba share and access controls. Another way is to use
> Samba as a central file server, and put all shared files on it. Or mix n
> match.
>
> It's dead easy to use Samba as a NT4-style domain controller. These are the
> steps:
>
> 1. Configure Samba to act as a PDC
> 2. Create a Samba root user account on the Samba box
> 3. Configure your windows PCs as domain clients
> 4. Set up Windows machine accounts on the Samba box. This is the bit everyone
> leaves out- each windows PC needs its own Samba account, plus you must log in
> immediately to establish the trust relationship between Samba and the Windows
> PC. You'll need the Samba root user for this initial login
> 5. Create human user accounts in Linux on the Samba box, and again in Samba
> 6. Create file and printer shares
> 7. Set up access controls on shares
>
> Shares can allow/deny access on a per-user basis, or groups. The users must
> have Samba accounts. The groups are ordinary NIS or /etc/groups. Again,
> because of the differences in the many Windows and the differences between
> Windows and Linux, these extra steps are required.
>
> Windows NT/2000/XP are fairly sane as far as Samba logins go. They send both a
> login and password, so you can log into Samba as a different user than the
> Windows user. Windows 95/98/ME default to the Windows user, and lets you send
> only a password. And of course windows XP home can't connect to any kind of
> domain, not winderz, not Samba.
>
> The Samba docs on Samba.org are good. In fact I think they are excessively
> detailed. And if you had my book you would have all this nailed down in an
> hour. :)
>
More information about the PLUG
mailing list