653
edits
Changes
From SME Server
Jump to navigationJump to search
mLine 5:
Line 5: − + − Although an upstream fix was made available for SME Server 8 (based on CentOS 5, see [[bugzilla:5425|bug 5425]]), there is no comparable fix available from the upstream vendor for SME 7.x (based on CentOS 4).+ − + − Before to make a trick to your w7 registry, you can not reach the SME Server Domain, but we can do it easily either with an usb key or by the network with http.+ − + − + Line 30:
Line 30: + − + − {{Warning box| This howto is based upon limited testing and may cause SME Server to experience issues when backing up, installing regular updates, and upgrading to version 8 upon release. '''SerNet packages are NOT supported by SME Server developers.''' You should only use these instructions if Windows 7 support is critical for your environment.}}+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + − Thanks to [http://www.sernet.de/ SerNet], SME 7 users can now install an updated version of Samba which fixes the domain trust issues.+ + + + + + + − ===Installation=== − *Add the SerNet repository for CentOS 4.x − db yum_repositories set SerNet repository \+ − BaseURL http://ftp.sernet.de/pub/samba/3.5/centos/4 \ − EnableGroups yes \ − GPGCheck no \ − Name 'SerNet Samba Team packages (CentOS 4)' \ − Visible yes \ − status enabled − signal-event yum-modify − + + − yum update+ − signal-event post-upgrade ; signal-event reboot Line 75:
Line 112: − ==Source Code== − SerNet publishes the source code for their latest Samba build at http://ftp.sernet.de/pub/samba/3.5/src/rpm/ − − Code for older builds is also available at http://ftp.sernet.de/pub/samba/old/src/rpm/ − − ----
→Background
==Background==
==Background==
Windows 7 was released in October 2009. Due to changes in the way that trust relationships are established with domain controllers, older versions of Samba do not allow Windows 7 clients to log in once joined to a domain.
Support for Windows 7 ended on January 14, 2020. If you are still using Windows 7, your PC may become more vulnerable to security risks. The only Microsoft-supported Windows version now is Windows 10. We strongly recommend you do not use versions of Windows unsupported by Microsoft.
Windows 7 was released in October 2009. Due to changes in the way that trust relationships are established with domain controllers, some modifications to the windows registry needs to take place.
==Join a SME Server 8.0 Domain with Win7==
==Join a Window 7 client to SME Server 8 or 9==
Previously you needed to edit your Win7 registry to facilitate the joining of a SME Server Domain, however this can more easily be achieved by importing win7samba.reg fix by using either a usb key or by the network with http.
*Save the Win7 registry patch (win7samba.reg) from https://your-server-ip/server-resources/regedit/ with your favourite web browser
*Save the Win7 registry patch (win7samba.reg) from https://your-server-ip/server-resources/regedit/ with your favourite web browser
*On your windows seven, start "regedit" by the start menu and import the win7samba.reg
*On your windows desktop, start "regedit" from the start menu and import the win7samba.reg
*Set your domain instead of your workgroup. Add the client machine to the domain as normal.
*Set your domain instead of your workgroup. Add the client machine to the domain as normal.
*Log in as the 'admin' user of your SME Server with the same password for the first time
*When asked on your Windows PC use the 'admin' username and your SME Server admins password.
*You have to reboot your computer to reach the domain
*You have to reboot your computer to reach the domain
Image:W7-8.png
Image:W7-8.png
</gallery>
</gallery>
{{Note box|You will receive one warning about DNS domain name configuration after the join has succeeded:
==Adding Windows 7 Support to SME Server 7==
"Changing the Primary Domain DNS name of this computer to "" failed.
The name will remain "MYDOM". The error was:
The specified domain either does not exist or could not be contacted"
But this error can safely be ignored or, if you run Windows 7, silenced by a hotfix, that was published by [http://support.microsoft.com/kb/2171571 Microsoft: KB2171571: You incorrectly receive an error message when you join a computer that is running Windows 7 or Windows Server 2008 R2 to a Samba 3-based domain].}}
===Setting up network drives===
In order to have logon script working you must add the following Keys in registry
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
"\\\\*\\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0"
If you are using SME Server as a domain controller and the workstations have joined the domain
you can automate drive mapping and syncronise the PC time with the netlogon.bat file
Note: [[:SME_Server:Documentation:Administration_Manual:Chapter13#Workgroup |Chapter 13]] has a method for admin to edit the netlogon.bat file without using the command line. You can consider also the [[SME_Server:Documentation:Administration_Manual:Chapter7|chapter 7]] on Configuring the Computers on Your Network
nano -w /home/e-smith/files/samba/netlogon/netlogon.bat
REM To set the time when clients logon to the domain:
net time \\servername /set /yes
REM To map a home directory to drive h:
net use h: /home /persistent:no
net use j: \\servername\ibay1 /persistent:no
net use p: \\servername\ibay2 /persistent:no
if exist Z: net use Z: /del /yes
and reset file to dos format
unix2dos /home/e-smith/files/samba/netlogon/netlogon.bat
===Slow login with win7 to sme8 domain===
With certain networks you may have an issue with a slow login to the SME Server domain due to a timeout issue on the network. In this case you should install a second patch (in first you have to install the win7samba.reg). The history of this patch can be found at [[bugzilla:7332]]
This is what you need to find in your server-ressources
cat /home/e-smith/files/server-resources/regedit/windows_samba_performance.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
"SlowLinkDetectEnabled"=dword:00000000
"DeleteRoamingCache"=dword:00000001
"WaitForNetwork"=dword:00000000
"CompatibleRUPSecurity"=dword:00000001
After this you follow the usual way to add the patch to your windows registery
*Update SME Server - the new Samba packages will install automatically.
*Save the registry patch ('''windows_samba_performance.reg''') from https://your-server-ip/server-resources/regedit/ with your favourite web browser
*On your windows desktop, start "regedit" from the start menu and import the windows_samba_performance.reg
==Adding Windows 7 Support to SME Server 7==
===Configuring Clients===
===Configuring Clients===
Version 2 profiles are not compatible with Windows XP and earlier. If you have mixed environments you will be required to maintain two separate profiles for each user.
Version 2 profiles are not compatible with Windows XP and earlier. If you have mixed environments you will be required to maintain two separate profiles for each user.
[[Category:Howto]]
[[Category:Howto]]
[[Category:Administration]]
[[Category:Administration]]
