Difference between revisions of "SME Server:Documentation:Administration Manual:Chapter7"

From SME Server
Jump to navigationJump to search
(netlogon.bat)
m
Line 88: Line 88:
 
To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup'
 
To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup'
  
=======Setting admin rights=======
+
======Setting admin rights======
 
If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible.  
 
If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible.  
 
The domain always has three groups created,  assigned as follows:  
 
The domain always has three groups created,  assigned as follows:  
Line 107: Line 107:
 
However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain.
 
However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain.
  
=======Setting up network drives=======
+
======Setting up network drives======
 
If you are using SME Server as a domain controller and the workstations have joined the domain
 
If you are using SME Server as a domain controller and the workstations have joined the domain
 
you can automate drive mapping and syncronise the PC time with the netlogon.bat file  
 
you can automate drive mapping and syncronise the PC time with the netlogon.bat file  

Revision as of 08:44, 6 April 2007

Chapter 7. Configuring the Computers on Your Network

What Order to do Things

For efficiency, we recommend you configure your desktop computers in the following order:

Step 1: First, configure one of your desktop computers to work with TCP/IP (using the information in this chapter).

Step 2: With TCP/IP up and running on one of your computers, you can now access the server manager over the web and create your employees' user accounts. The next chapter,|Chapter 8.On-going Administration Using the server manager, explains this simple process.

Step 3: Once e-mail accounts are created, you can ensure that all the computers on your network are configured for TCP/IP, e-mail, web browsing and LDAP (using the information in this chapter).

This chapter helps you configure software and hardware supplied by other companies and for that reason is not as specific as the rest of this guide. Given the wide range of computers, operating systems and software applications, we cannot accurately explain the process of configuring each of them. If your computers and applications came with manuals, they might be useful supplements to this chapter. Technical problems encountered in networking your desktop computers and applications are best resolved with the vendors who support them for you.

Template:DrawBoxWarning

Configuring Your Desktop Operating System

The dialog box where you configure your desktop differs from operating system to operating system and version to version. As an example, in Microsoft Windows 95 or 98, client configuration occurs in the "Properties" dialog box associated with the TCP/IP protocol for your ethernet adapter. To get there, go to the "Control Panel" and select "Network". If a TCP/IP protocol is not yet associated with your ethernet adapter, you may need to add one before you can configure its properties with the following information.

Item Description What to enter
enable TCP/IP protocol All your computers must communicate on the network using the TCP/IP protocol. In Windows you add a TCP/IP protocol. In Apple, open TCP/IP Control Panel.
disable non-TCP/IP protocols Unless an application relies on a non- TCP/IP protocol, disable all other protocols. Turn "off" other networking protocols (e.g. NetBeui, etc.)
enable DHCP service See section below In Windows, enable "Obtain an IP address service automatically". In Apple, select "DHCP server".

Template:DrawBoxNote

On a Windows 95/98 system, the window will look like the image below.

Tcp ip properties ip auto.png

Automatic DHCP Service

Your server provides a DHCP server that assigns each of the computers on your network an IP address, subnet mask, gateway IP address and DNS IP address(es). For a more detailed explanation of DHCP, consult the section in the|Chapter 5 called "Configuring Your DHCP Server".

Template:DrawBoxNote

Template:DrawBoxWarning

Manual entry for computers not using DHCP service

As noted above, we strongly recommend that you perform all your client configuration using DHCP. It is even possible to assign a static IP address through the Hostnames and addresses web panel of the server manager that will be distributed through your DHCP server. However, if your computers do not support DHCP, you must manually enter the following information into your TCP/IP properties:

Item Description What to enter
IP address Manually enter this information (see paragraph below). You must assign a different, unique IP address to computers not accepting DHCP (see note below).
subnet mask (or netmask) Manually enter this number. he default subnet mask (or netmask) is "255.255.255.0".
gateway IP address Enter the IP address for the server or, in the case of server-only mode, enter the IP address for your network's gateway (e.g. the firewall or network router). If you are running in server and gateway mode, your server is your local network's gateway. Enter its IP address here: the default is "192.168.1.1". If you are running in server-only mode, enter the IP address for the device interfacing with your external network.
IP addresses of your domain name servers Manually enter this information. Normally you would just add the IP address for your server - the default used in the server console is "192.168.1.1". If you have a firewall other than your server that restricts internal queries to Internet DNS servers, you may need to enter additional DNS servers here.

It is critical that every computer on your network has a unique IP address and that you don't assign two computers the same address. In enabling DHCP service in the server console, you designated a range of IP addresses for DHCP assignment. You also allocated a block of IP addresses for manual assignment. If you accepted the defaults pre-configured into the server console, IP addresses 192.168.1.2 through 192.168.1.64 will have been set aside for manual entry. To avoid duplication, use only those IP addresses when manually assigning IP addresses to your computers.

Tcp ip properties ip select.png

After configuring the TCP/IP parameters, you may need to reboot your desktop computer to implement the configuration changes. (For example, most Windows systems need to be rebooted after the TCP/IP configuration has been changed.) Once the settings take effect, your computer will be connected to the server and to the Internet.

MS Windows workgroup configuration

If you are using a Microsoft operating system, you must ensure that your workgroup is the same as the workgroup name of your server. (In a subsequent chapter, we'll explain how this can be set using the web-based server manager.) Go to the Control Panel, select "System" --"Network"-- and "Computer Name" and click Change. In the field for "Workgroup", type your "workgroup".

MS Windows Domain configuration

SME Server can be configured to be the "Workgroup and Domain Controller" for your network, here users do not need accounts on individual PC's but authenticate against the Server. (In a subsequent chapter, we'll explain how this can be set using the web-based server manager.)

Connecting to a Domain

To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup'

Setting admin rights

If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible. The domain always has three groups created, assigned as follows:

Group Description Domain Rights
Domain Admins admin
Domain Users shared (everyone)
Domain Guests nobody

However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain.

Setting up network drives

If you are using SME Server as a domain controller and the workstations have joined the domain you can automate drive mapping and syncronise the PC time with the netlogon.bat file

edit netlogon.bat

pico -w /home/e-smith/files/samba/netlogon/netlogon.bat
REM To set the time when clients logon to the domain:
net time \\kiwi /set /yes
REM To map a home directory to drive h:
net use h: /home /persistent:no
net use j: \\servername\ibay2 /persistent:no
net use p: \\servername\ibay2 /persistent:no
if exist Z: net use Z: /del /yes

and reset file to dos format

unix2dos /home/e-smith/files/samba/netlogon/netlogon.bat

Template:DrawBoxNote