3,250
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + + + + + + + + + + − + + + + + + + Line 24:
Line 39: + − + − An effort to update the necessary core SME Server packages is being tracked in the following SME Server bug report:+ − [[bugzilla:4172]]. − It is the maintainers opinion that these changes will ultimately be included in the core SME Server packages. When this occurs, it is very likely that this section of this contrib will be removed.+ + − Until these changes are incorporated into the core packages, patched versions of the current release SME Server packages will be provided as part of this contrib. It is necessary that users install these "patched" core packages to take advantage of Samba server roles. '''Every''' effort is made to provide this additional functionality without changing standard SME Server functionality. In other words, the patched core SME Server packages will not change the way SME Server currently functions -- the modified core packages simply provide the additional server role functionality. + − + − ====Install necessary patched packages==== − − 1. Download the patched server role RPMs from my contribs repository to your local machine: http://mirror.contribs.org/contribs/gzartman/Contribs/7/Samba/ − − − yum localinstall *.rpm − − 3. Reconfigure and reboot machine: − Line 48:
Line 55: − + − wget http://mirror.contribs.org/releases/7/smecontribs/i386/RPMS/smeserver-adv-samba-0.1.0-2.el4.sme.noarch.rpm + − + − yum local install smeserver-adv-samba* − − 3. Reconfigure machine: − + Line 64:
Line 68: − Advanced Samba server role support is provided as follows:+ Line 91:
Line 95: + + + − 4. At the SME Server prompt:+ − 5. Verify settings:+ Line 118:
Line 125: − 6. At SME Server prompt:+ − For example: − [root@testbed2 ~]# signal-event workgroup-update − 7. At the SME Server prompt:+ Line 132:
Line 137: − 8. At the SME Server prompt:+ − + Line 149:
Line 154: − + + + − TO DO+ + + + + + + + + − + + + + + + + +
Undo revision 39939 by Unnilennium (talk)
{{Languages}}
{{Languages}}
===MAINTAINER===
{{usefulnote}}
==Advanced Samba Modifications==
{{Level|Advanced}}
===Maintainer===
[mailto:greg@leiinc.com Greg J. Zartman]
[mailto:greg@leiinc.com Greg J. Zartman]
=== Version ===
{{ #smeversion: smeserver-adv-samba }}
===DESCRIPTION===
===Description===
Advanced Samba is a SME Server contrib to extend SME Servers Samba functionality to support all standard Windows server roles. Out-of-the-box, SME Server supports workgroup and primary domain controller (PDC) server roles. These, out-of-the-box, server roles address many Windows Network needs, but they do not provide all of the functionality available to todays typical Windows Server.
Advanced Samba is a SME Server contrib to extend SME Servers Samba functionality to support all standard Windows server roles. Out-of-the-box, SME Server supports workgroup and primary domain controller (PDC) server roles. These, out-of-the-box, server roles address many Windows Network needs, but they do not provide all of the functionality available to todays typical Windows Server.
This document provides procedural and SME Server specific RPM(s) to configure SME Server to function in all mainstream Windows server roles:
This document provides procedural and SME Server specific RPM(s) to configure SME Server to function in all mainstream Windows server roles:
====Workgroup server====
In this server role, SME Server will act as a typical Windows NT, 2000, XP, or Vista machine in a windows peer-to-peer network. Access to network shares on the SME Server requires a local user account with appropriate network privileges.
====Primary domain controller====
In this server role, SME Server will function as a Windows NT4 style domain controller, providing client/user authentication, WINS, windows user profile management, and print services.
====Domain member====
====Domain member====
===Prerequisites===
===Prerequisites===
{{Warning box|this part seems related to SME7}}
The current releases of SME Server do not support Samba server roles directly. Modification of several core SME Server packages is required to support Samba server roles, therefore it is not possible to provide advanced Samba functions with a typical contrib RPM.
The current releases of SME Server do not support Samba server roles directly, but updated packages have been developed and are in the testing repos. It is just a matter of installing them.
====Update e-smith-samba====
1. Install from testing repo:
yum update --enablerepo=smeupdates-testing e-smith-samba
2. Reconfigure and reboot machine:
signal-event post-upgrade; signal-event reboot
2. Install the patched RPMs:
signal-event post-upgrade; signal-event reboot.
===Install Advanced Samba RPM===
===Install Advanced Samba RPM===
It is necessary to install one additional RPM prior to configuring SME Server in advanced server roles. This package provides necessary Samba functionality that may not be available in Core SME Server packages:
It is necessary to install one additional RPM prior to configuring SME Server in advanced server roles. This package provides necessary Samba functionality that may not be available in Core SME Server packages:
1. Download smeserver-adv-samba package to your local machine:
1. Install the latest advanced samba rpm from the contribs repos:
yum install --enablerepo=smecontribs smeserver-adv-samba
2. Install package:
2. Reconfigure machine:
signal-event post-upgrade; signal-event reboot
signal-event post-upgrade; signal-event reboot
=== Configure server roles ===
=== Configure server roles ===
As most of those familiar with SME Server know, much of configuration (management) of the SME Server can be done through the server-manager. The current SME Server server-manager provides a panel, Workgroup, which provides the Administrator the ability to configure SME Server as either a workgroup server of a primary domain controller. Nothing presented in this contrib (software or documentation) will change this. We have worked to provide seamless integration of new functionality with the current SME Server -- nothing will change if you desire to stick with the standard options.
As most of those familiar with SME Server know, much of the configuration (management) of the SME Server can be done through the server-manager web interface. The current SME Server server-manager includes a panel, Workgroup, which provides the Administrator the ability to configure SME Server as either a workgroup server of a primary domain controller. Nothing presented in this contrib (software or documentation) will change this. We have worked to provide seamless integration of new functionality with the current SME Server -- nothing will change if you desire to stick with the standard options.
However, further functionality with respect to Samba server roles is provided via shell command line options
However, further functionality with respect to Samba server roles is provided via shell command line options
{{Note box|It is this authors desire to add further functionality to the server-manager with respect to server roles -- perhaps it will happen one day.}}
{{Note box|It is this authors desire to add further functionality to the server-manager with respect to server roles -- perhaps it will happen one day.}}
Samba server role support is provided as follows:
==== Workgroup server ====
==== Workgroup server ====
3. At the SME Server prompt:
3. At the SME Server prompt:
config setprop smb Workgroup workgroup_or_domain_name
4. At the SME Server prompt:
config setprop smb ServerRole DM
config setprop smb ServerRole DM
5. At the SME Server prompt:
config setprop smb WINSServer ip_address_of_domain_PDC
config setprop smb WINSServer ip_address_of_domain_PDC
6. Verify settings:
config show smb
config show smb
Should show you an output similar to this:
Should show you an output similar to this:
status=enabled
status=enabled
7. At SME Server prompt:
signal-event workgroup-update
signal-event workgroup-update
8. At the SME Server prompt:
net rpc join -U pdc_admin_username%pdc_admin_password
net rpc join -U pdc_admin_username%pdc_admin_password
Output:
Output:
Also, take specific note of the format of the net command above. The admin username and password MUST follow the -U flag, otherwise the command will fail. This is due to a bug in the net command in the current version of samba.}}
Also, take specific note of the format of the net command above. The admin username and password MUST follow the -U flag, otherwise the command will fail. This is due to a bug in the net command in the current version of samba.}}
9. At the SME Server prompt:
signal-event workgroup-update
signal-event workgroup-update
Your SME Server domain client box shares should now be accessible.
Your SME Server domain member shares should now be accessible from authenticated windows network clients.
==== Backup domain controller ====
==== Backup domain controller ====
SME Server support for this server role is coming soon.}}
SME Server support for this server role is coming soon.}}
=== Known Issues ===
=== Known issues===
====Domain Users and Groups, SME Server as a domain member====
It is not currently possible to restrict access to network resources by username or groupname when SME Server is functioning as a domain member. This is because SME Server as a domain member relies on the domain controller for authentication. Therefore, local authentication databases (e.g., passwd, groups) do not contain the user and group names of domain users accessing the SME Server domain member box.
Access control to network resources is specified in the SME server-manager web interface, which only recognizes local groups, not domain groups. To maintain current SME Server functionality, this contrib treats all authenticated users as if they are members of the local group assigned to the network resource in the server-manager interface. At some point in the future, this contrib may provide functionality that would allow the administrator to restrict access to network resources based on domain groups.
Adding a Samba server to a Windows network can cause issues with Netbios browsing for the Windows workstations. The computers on the network will compete to win the (Netbios) 'browser election' with the system that wins in charge of maintaining the list of local network computers. The system that wins the election is controlled by OS Level setting. The default OS Level within the SME Samba configuration is 35. The default OS Level for a Windows 2003 server is 32. The higher number wins. Change the Samba (smb.conf) setting to allow whichever system is required to maintain the Netbios browse list to win the election.
====Active Directory====
NONE of the currently supported server roles will fully integrate with an Active Directory network environment. The currently supported server roles will work with NT4 network or windows workgroup environments only. Specifically, those who desire to deploy the Domain Member server role need to be aware that this server role WILL NOT provide domain membership in a Active Directory domain, only a NT4 domain.
=== Bugs ===
=== Bugs ===
Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=|component=|title=bugzilla}}.
Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=|component=smeserver-adv-samba|title=bugzilla}}.
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-adv-samba|noresultsmessage="No open bugs found."}}
=== Changelog ===
Only released version in smecontrib are listed here.
{{#smechangelog: smeserver-adv-samba}}
----
----
[[Category: Contrib]]
[[Category: Contrib]]
[[Category: Administration]]
[[Category: Administration]]