[H-GEN] Samba and Windows XP

Edwards_Ewan_B at cat.com Edwards_Ewan_B at cat.com
Thu Jun 24 20:01:18 EDT 2004 

On Thursday 24 June 2004 21:18, James Mills wrote:
>
> I'm wondering if anyone on this list has any information that
> might help. I have read the Samba manuals many a time and
> googled, but have failed to do what I want on Windows XP. I
> think ihmo Microsoft went and change too much of how it all
> worked... Anyway...
>
> With Windows 95/98, it was easy. You simply enter in the NT
> Domain that you wanted to logon to, Client for Micrsoft
> networking etc.. And way you go... You are presented with a
> logon screen, "username, password and domain". The "domain"
> you can change obviously.
>
> Now with Windows XP, how is this done ?
>
> I am going to be setting up a Debian box at my father's school
> which will run Samba 3. Now the school already has a domain
> running there off a Windows 2003 box called 'vss', this
> appears in the domain list (drop-down box) on the Windows XP
> clients.
>
> I would like to know how to add another entry to this
> drop-down box, I have read in the past that it's something to
> do with registered the Windows XP machine with the Samba
> server, though I have never been able to successfully do
> this...
>
> I would appreciate anyone's experience on this,

From my experience, you can forget all about adding "another 
entry to this drop-down box".

My advice is to take advantage of the "security = domain" option 
in combination with winbind[1].  This is exactly what I've done 
with a couple of Samba servers in the office.  It will save you 
an awful lot of dramas and hassles with user accounts and 
account synchronising.  Not to mention eleminating the need to 
go make mods on client boxes (XP, 2k, etc) and train (l)users.  
(ie: Do it all on the server side where you have control.)

All of my Samba servers are members of the NT domain[3] and very 
few people in the office have a clue they're mapping shares on 
Samba (not Windows) servers.  

In terms of privileges needed to do this, you only require local 
root on the Samba server and username/password for an account in 
the Account Operators, or, Administrators group on the NT 
domain[2].  And you only need that username/password for long 
enough to join the Samba server to the NT domain.

There is some good information online about making a Samba server 
a member of an NT domain and configuring winbind.

I just did a quick google using "winbind join net samba" and 
found these urls.  I haven't read them, but the summaries look 
okay.  It may also be worth your while getting hold of a book 
called "Using Samba", 2nd ed. www.oreilly.com/catalog/samba2 [4] 

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection.html
http://us1.samba.org/samba/docs/man/winbind.html

Good luck with getting it done, and good on you for wanting to do 
it in the first place.


[1]  Winbind is one of the utilities included in Samba, both 2.2 
and 3.0.  It runs as a separate daemon with nmbd and smbd, but 
uses the same smb.conf file for config options.
[2]  There are differences between a win2k domain and an NT 
domain.  I have no experience with win2k domains so don't know 
what the differences are, or what the gotchas might be.
[3]  Not to be confused with a DNS domain.
[4]  I can email the html version if you're interested.

More information about the General mailing list