Difference between revisions of "SME Server:Documentation:Administration Manual:Chapter7"
(netlogon.bat) |
m |
||
Line 88: | Line 88: | ||
To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup' | To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup' | ||
− | + | ======Setting admin rights====== | |
If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible. | If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible. | ||
The domain always has three groups created, assigned as follows: | The domain always has three groups created, assigned as follows: | ||
Line 107: | Line 107: | ||
However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain. | However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain. | ||
− | + | ======Setting up network drives====== | |
If you are using SME Server as a domain controller and the workstations have joined the domain | If you are using SME Server as a domain controller and the workstations have joined the domain | ||
you can automate drive mapping and syncronise the PC time with the netlogon.bat file | you can automate drive mapping and syncronise the PC time with the netlogon.bat file |
Revision as of 08:44, 6 April 2007
Chapter 7. Configuring the Computers on Your Network
What Order to do Things
For efficiency, we recommend you configure your desktop computers in the following order:
Step 1: First, configure one of your desktop computers to work with TCP/IP (using the information in this chapter).
Step 2: With TCP/IP up and running on one of your computers, you can now access the server manager over the web and create your employees' user accounts. The next chapter,|Chapter 8.On-going Administration Using the server manager, explains this simple process.
Step 3: Once e-mail accounts are created, you can ensure that all the computers on your network are configured for TCP/IP, e-mail, web browsing and LDAP (using the information in this chapter).
This chapter helps you configure software and hardware supplied by other companies and for that reason is not as specific as the rest of this guide. Given the wide range of computers, operating systems and software applications, we cannot accurately explain the process of configuring each of them. If your computers and applications came with manuals, they might be useful supplements to this chapter. Technical problems encountered in networking your desktop computers and applications are best resolved with the vendors who support them for you.
Configuring Your Desktop Operating System
The dialog box where you configure your desktop differs from operating system to operating system and version to version. As an example, in Microsoft Windows 95 or 98, client configuration occurs in the "Properties" dialog box associated with the TCP/IP protocol for your ethernet adapter. To get there, go to the "Control Panel" and select "Network". If a TCP/IP protocol is not yet associated with your ethernet adapter, you may need to add one before you can configure its properties with the following information.
Item | Description | What to enter |
---|---|---|
enable TCP/IP protocol | All your computers must communicate on the network using the TCP/IP protocol. | In Windows you add a TCP/IP protocol. In Apple, open TCP/IP Control Panel. |
disable non-TCP/IP protocols | Unless an application relies on a non- TCP/IP protocol, disable all other protocols. | Turn "off" other networking protocols (e.g. NetBeui, etc.) |
enable DHCP service | See section below | In Windows, enable "Obtain an IP address service automatically". In Apple, select "DHCP server". |
On a Windows 95/98 system, the window will look like the image below.
Automatic DHCP Service
Your server provides a DHCP server that assigns each of the computers on your network an IP address, subnet mask, gateway IP address and DNS IP address(es). For a more detailed explanation of DHCP, consult the section in the|Chapter 5 called "Configuring Your DHCP Server".
Manual entry for computers not using DHCP service
As noted above, we strongly recommend that you perform all your client configuration using DHCP. It is even possible to assign a static IP address through the Hostnames and addresses web panel of the server manager that will be distributed through your DHCP server. However, if your computers do not support DHCP, you must manually enter the following information into your TCP/IP properties:
Item | Description | What to enter |
---|---|---|
IP address | Manually enter this information (see paragraph below). | You must assign a different, unique IP address to computers not accepting DHCP (see note below). |
subnet mask (or netmask) | Manually enter this number. | he default subnet mask (or netmask) is "255.255.255.0". |
gateway IP address | Enter the IP address for the server or, in the case of server-only mode, enter the IP address for your network's gateway (e.g. the firewall or network router). | If you are running in server and gateway mode, your server is your local network's gateway. Enter its IP address here: the default is "192.168.1.1". If you are running in server-only mode, enter the IP address for the device interfacing with your external network. |
IP addresses of your domain name servers | Manually enter this information. | Normally you would just add the IP address for your server - the default used in the server console is "192.168.1.1". If you have a firewall other than your server that restricts internal queries to Internet DNS servers, you may need to enter additional DNS servers here. |
It is critical that every computer on your network has a unique IP address and that you don't assign two computers the same address. In enabling DHCP service in the server console, you designated a range of IP addresses for DHCP assignment. You also allocated a block of IP addresses for manual assignment. If you accepted the defaults pre-configured into the server console, IP addresses 192.168.1.2 through 192.168.1.64 will have been set aside for manual entry. To avoid duplication, use only those IP addresses when manually assigning IP addresses to your computers.
After configuring the TCP/IP parameters, you may need to reboot your desktop computer to implement the configuration changes. (For example, most Windows systems need to be rebooted after the TCP/IP configuration has been changed.) Once the settings take effect, your computer will be connected to the server and to the Internet.
MS Windows workgroup configuration
If you are using a Microsoft operating system, you must ensure that your workgroup is the same as the workgroup name of your server. (In a subsequent chapter, we'll explain how this can be set using the web-based server manager.) Go to the Control Panel, select "System" --"Network"-- and "Computer Name" and click Change. In the field for "Workgroup", type your "workgroup".
MS Windows Domain configuration
SME Server can be configured to be the "Workgroup and Domain Controller" for your network, here users do not need accounts on individual PC's but authenticate against the Server. (In a subsequent chapter, we'll explain how this can be set using the web-based server manager.)
Connecting to a Domain
To connect a windows XP client to your domain, go to the "Control Panel", select "System", then "Computer Name", and click on change. Enter your servers "workgroup" value in the domain field and 'Connect'. Enter the username of admin with the servers admin password when asked, and you should get back the response 'Connected to workgroup'
Setting admin rights
If you are using SME Server as a domain controller and the workstations have joined the domain then the following is possible. The domain always has three groups created, assigned as follows:
Group Description | Domain Rights |
---|---|
Domain Admins | admin |
Domain Users | shared (everyone) |
Domain Guests | nobody |
However if you create a group and name it whatever you want but put one of the above for the description then the newly created group will replace the above mapping. So if you create a group called "admins" and give it a description of "Domain Admins" then anyone you assign to this group will be a domain admin and also a local admin on ANY box that has joined the domain.
Setting up network drives
If you are using SME Server as a domain controller and the workstations have joined the domain you can automate drive mapping and syncronise the PC time with the netlogon.bat file
edit netlogon.bat
pico -w /home/e-smith/files/samba/netlogon/netlogon.bat
REM To set the time when clients logon to the domain: net time \\kiwi /set /yes REM To map a home directory to drive h: net use h: /home /persistent:no net use j: \\servername\ibay2 /persistent:no net use p: \\servername\ibay2 /persistent:no if exist Z: net use Z: /del /yes
and reset file to dos format
unix2dos /home/e-smith/files/samba/netlogon/netlogon.bat