Skip to main content

If you don't have an IBM ID and password, register here.

By clicking Submit, you agree to the developerWorks terms of use.

The first time you sign into developerWorks, a profile is created for you. This profile includes the first name, last name, and display name you identified when you registered with developerWorks. Select information in your developerWorks profile is displayed to the public, but you may edit the information at any time. Your first name, last name (unless you choose to hide them), and display name will accompany the content that you post.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

By clicking Submit, you agree to the developerWorks terms of use.

All information submitted is secure.

Using Samba as a PDC

Tom Syroid is a contract writer for Studio B Productions, a literary agency based in Indianapolis, IN specializing in computer-oriented publications. Topics of interest/specialty include *NIX system security, Samba, Apache, and Web database applications based on PHP and MySQL. He has experience administering and maintaining a diverse range of operating systems including Linux (Red Hat, OpenLinux, Mandrake, Slackware, Gentoo), Windows (95, 98, NT, 2000, and XP), and AIX (4.3.3 and 5.1). He is also the co-author of Outlook 2000 in a Nutshell (O'Reilly & Associates) and OpenLinux Secrets (Hungry Minds). Tom lives in Saskatoon, Saskatchewan with his wife and two children. Hobbies include breaking perfectly good computer installations and then figuring out how to fix them, gardening, reading, and building complex structures out of Lego with his kids. Questions, comments, and errata submissions are welcome; you can either e-mail the author directly (dwcomments@syroidmanor.com.

Summary:  Open-source Samba turns a UNIX or Linux system into a file and print server for Microsoft Windows network clients. Tom Syroid dishes up a juicy tutorial that shows you how to configure Samba as the primary domain controller on an xSeries server.

Date:  03 Apr 2002
Level:  Introductory

Comments:  

Client configuration

Joining clients to the domain

Unfortunately, there's no easy way around it--joining Windows clients to a domain (assuming, of course, they were not a member of a domain previously) is a hands-on job. If you're lucky enough to be working with a single client across all users, then perhaps a HOWTO could be constructed and circulated, but most administrators are not so blessed. The difficult issue in a mixed-client environment is finding any sort of consistant approach. Every time Microsoft releases a new version of Windows, they also seem to introduce a new way to configure networking. A new dialog here, an extra checkbox there, some systems require you to go through the Control Panel, others by right-clicking on My Computer--all of which makes for a lot of confusion from the user perspective.

The process is actually relatively painless and mechanical, but it does differ across the gamut of Windows releases. With that in mind, the best approach is to "divide and conquer", which is exactly what we've done here.


Client configuration: Windows 95/98/ME

To join a Windows 95/98/ME client to the domain:

  1. First check that Client for Microsoft Networks is installed; if not, install it (Control Panel > Network > Client for Microsoft Networks). To install, place your Windows CD in the drive and select Add from the afforementioned dialog, then: Client > Add... > Microsoft > Client for Microsoft Networks.
  2. Make sure Client for Microsoft Networks is the primary network protocol (Control Panel > Network > Primary Network Logon).
  3. Next, go to Control Panel > Network > Client for Microsoft Networks > Properties > Logon to NT Domain.
  4. If you've employed the add user script option, select the checkbox Create a Computer Account in the Domain; otherwise you'll need to ensure a machine account already exists for the client.
  5. Fill in the domain, and click OK.

Client configuration: Windows NT/2000

Under Windows NT:

  1. Go to Control Panel > Network > Identification > Change option. If the machine is currently configured under the Workgroup option, select the Domain radio button and enter the domain name.
  2. Select Create a Computer Account in the Domain as necessary.
  3. Now, logon to the domain using the username root and the appropriate password. This is necessary to initialize the "secret" between the server and client machines. From here forward, any authenticated user can logon from this machine.
  4. A message should appear welcoming you to the domain_name domain.

The steps are the same for Windows 2000 except the network settings are found under Control Panel > System > Network Identification (or right-click the My Computer icon on your desktop, choose Properties, Computer Name, and select the Change button).


Client configuration: Windows XP

Enter Windows XP, and the most complex beast of the lot. But first a word of warning for those unaware: Windows XP Home Edition cannot join a Windows domain. For domain functionality, you must use Windows XP Professional. Second, sometimes joining an XP machine to a Samba PDC involved all the steps below; on other occasions, however, you can get away with just the registry patch. Don't ask--I haven't a clue.

To join a Windows XP machine to a domain:

  1. Open the Local Security Policy editor (Start > All Programs > Administrative Tools > Local Security Policy).
  2. Locate the entry "Domain member: Digitally encrypt or sign secure channel (always)". Disable it.
  3. Locate the entry "Domain member: Disable machine account password changes". Make sure it's disabled as well.
  4. Locate the entry "Domain member: Require strong (Windows 2000 or later) session key". Disable it.
  5. Next, download the WinXP_SignOrSeal registry patch from www.samba.org or collect it from the Resources section at the end of this tutorial. Apply it by double-clicking and answering Yes to the dialog prompt.
  6. Now join the domain the same as you would for Windows NT or 2000. Right-click My Computer, select Properties, Computer Name, and Change. Or click the Network ID button and run the Network Wizard.

4 of 8 | Previous | Next

Comments



Help: Update or add to My dW interests

What's this?

This little timesaver lets you update your My developerWorks profile with just one click! The general subject of this content (AIX and UNIX, Information Management, Lotus, Rational, Tivoli, WebSphere, Java, Linux, Open source, SOA and Web services, Web development, or XML) will be added to the interests section of your profile, if it's not there already. You only need to be logged in to My developerWorks.

And what's the point of adding your interests to your profile? That's how you find other users with the same interests as yours, and see what they're reading and contributing to the community. Your interests also help us recommend relevant developerWorks content to you.

View your My developerWorks profile

Return from help

Help: Remove from My dW interests

What's this?

Removing this interest does not alter your profile, but rather removes this piece of content from a list of all content for which you've indicated interest. In a future enhancement to My developerWorks, you'll be able to see a record of that content.

View your My developerWorks profile

Return from help

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=AIX and UNIX
ArticleID=105868
TutorialTitle=Using Samba as a PDC
publish-date=04032002
author1-email=dwcomments@syroidmanor.com
author1-email-cc=

Tags

Help
Use the search field to find all types of content in My developerWorks with that tag.

Use the slider bar to see more or fewer tags.

Popular tags shows the top tags for this particular content zone (for example, Java technology, Linux, WebSphere).

My tags shows your tags for this particular content zone (for example, Java technology, Linux, WebSphere).

Use the search field to find all types of content in My developerWorks with that tag. Popular tags shows the top tags for this particular content zone (for example, Java technology, Linux, WebSphere). My tags shows your tags for this particular content zone (for example, Java technology, Linux, WebSphere).