Create SAMBA Domain: Unterschied zwischen den Versionen

Aktuelle Version vom 4. August 2012, 13:11 Uhr

1. Create a Domain Administrator Account on Domain Server

smbldap-useradd -a -c "Domain Administrator" -d /home/domadmin -g 512 -m -s /bin/bash -H [UHX] -N "Domain Administrator" -P domadmin

2. Grant user domadmin Domain joining rights

net rpc rights grant domadmin SeMachineAccountPrivilege -U domadmin

-- WARNING : run smbldap-populate beforehand ----> DO NOT CHANGE ROOT PW -- 3. join XP machine to domain

Control Panel-> System -> Network Identification -> Enter Domain Name, then enter user/pass for domadmin

                 must be done twice, 1st error "Benutzername konnte nicht gefunden werden, 2nd time it works

3a. join WINDOWS 7 machine to domain

Change (Both Keys do not exist on a fresh install)

           HKLM\System\CCS\Services\LanmanWorkstation\Parameters
           DWORD  DomainCompatibilityMode = 1
           DWORD  DNSNameResolutionRequired = 0
           (In Effect immediately, no restart required)

like 3) also twice.

       TODO: check why join domain twice

> smbldap-tools Version 0.9.8 required. 0.9.4-r1 doesn't have the -W flag.

CREATING Domain Users:

4. Grant user domadmin user modification rights

net rpc rights grant domadmin SeAddUsersPrivilege -U domadmin

5. Log on onto domain as domuser

6. add an user to the domain

net user add donald test /add /domain

 ( add user script in this case was : /usr/sbin/smbldap-useradd -B 1 -m "%u" )
 - TODO : check samba's Domain Users Group membership
 - TODO : check why -B 1 doesn't work (change password on 1st logon)

7. Log on as the new user

TODO : check why with ldapsam:trusted machine accounts still wont get their credentials TODO : check that algorithmic rid base shit

@@ Zeile 1: / Zeile 1: @@
 . Create a Domain Administrator Account on Domain Server
@@ Zeile 8: / Zeile 7: @@
 net rpc rights grant domadmin SeMachineAccountPrivilege -U domadmin
+-- WARNING : run smbldap-populate beforehand ----> DO NOT CHANGE ROOT PW --
 . join XP machine to domain
 Control Panel-> System -> Network Identification -> Enter Domain Name, then enter user/pass for domadmin
                    must be done twice, 1st error "Benutzername konnte nicht gefunden werden, 2nd time it works
+a. join WINDOWS 7 machine to domain
+Change (Both Keys do not exist on a fresh install)
+            HKLM\System\CCS\Services\LanmanWorkstation\Parameters
+            DWORD  DomainCompatibilityMode = 1
+            DWORD  DNSNameResolutionRequired = 0
+            (In Effect immediately, no restart required)
+like 3) also twice.
+        TODO: check why join domain twice
+----> smbldap-tools Version 0.9.8 required. 0.9.4-r1 doesn't have the -W flag.
 CREATING Domain Users:
@@ Zeile 26: / Zeile 39: @@
    ( add user script in this case was : /usr/sbin/smbldap-useradd -B 1 -m "%u" )
    - TODO : check samba's Domain Users Group membership
+  - TODO : check why -B 1 doesn't work (change password on 1st logon)
 . Log on as the new user
+TODO : check why with ldapsam:trusted machine accounts still wont get their credentials
+TODO : check that algorithmic rid base shit

Create SAMBA Domain: Unterschied zwischen den Versionen

Aktuelle Version vom 4. August 2012, 13:11 Uhr

Navigationsmenü

Suche