WELLCOME TO MY WORLD

terimakasih kepada pengunjung yang bersedia mampir di blog saya........................
selamat menjelajah........

Kamis, 08 Juli 2010

INSTALASI SAMBA DAN SETING DOMAIN CONTROLLER

• pertama install repository samba dan accesorisnya :
# apt-get install samba
• Konfigurasi /etc/samba/smb.conf sebagai berikut :
[global]
workgroup = dns.persegi.net # –> bisa diganti
netbios name = persegi # –> bisa diganti
server string = %h server (Samba, Ubuntu) # –> bisa diganti
passdb backend = tdbsam
security = user
username map = /etc/samba/smbusers
name resolve order = wins lmhosts bcast hosts
domain logons = yes
preferred master = yes
domain master = yes
wins support = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 65
path = /var/tmp
lm announce = yes
lm interval = 10
# Useradd scripts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
idmap uid = 50-9999999999
idmap gid = 50-9999999999
# sync smb passwords woth linux passwords
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
passwd chat debug = yes
unix password sync = yes
# set the loglevel
log level = 3
[homes]
comment = Home
valid users = %S
read only = no
browsable = no
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
admin users = Administrator
valid users = %U
read only = no
[profile]
comment = User profiles
path = /home/samba/profiles
valid users = %U
create mode = 0600
directory mode = 0700
writable = yes
browsable = no
• Buat beberapa direktori berikut sebagai domain logon dan profile :
# mkdir /home/samba
# mkdir /home/samba/netlogon
# mkdir /home/samba/profiles
# mkdir /var/spool/samba
# chmod 777 /var/spool/samba/
# chown -R root:users /home/samba/
# chmod -R 771 /home/samba/
# touch /home/samba/netlogon/logon.cmd

File /home/samba/netlogon/logo.cmd dapat diisi script yg bisa jalan pertama kali user login
• Lalu restart samba
# /etc/init.d/samba restart
• Membuat user administrator jaringan, sebaiknya jangan menggunkana user root dan lebih baik membuat unix‐user baru lagi dan unix‐group :
# groupadd netadmin
# useradd sysadmin -m -G netadmin –d /home/samba/profiles/sysadmin
# passwd sysadmin
Enter new UNIX password:
Retype new UNIX password:
# smbpasswd -a sysadmin
New SMB password:
Retype new SMB password:
Untuk mempermudah, password unix dan samba lebih baik disamakan. Kemudian buat group untuk users dan nogroup
# groupadd users
# groupadd nogroup
• buat file /etc/samba/smbusers dgn isi file : sysadmin = Administrator mengartikan bahwa user sysadmin = user administrator pada windows.
• Test drive, apakah settingan kita sudah benar :
# smbclient -L localhost -U%
akan menghasilkan output :
Domain=[DNS.PERSEGI.NET] OS=[Unix] Server=[Samba 3.3.2]
Sharename Type Comment
--------- ---- -------
netlogon Disk Network Logon Service
print$ Disk Printer Drivers
cdrom Disk Samba server's CD-ROM
share Disk Ubuntu File Server Share
IPC$ IPC IPC Service (persegi server (Samba, Ubuntu))
Domain=[DNS.PERSEGI.NET] OS=[Unix] Server=[Samba 3.3.2]
Server Comment
--------- -------
PERSEGI persegi server (Samba, Ubuntu)
Workgroup Master
--------- -------
DNS.PERSEGI.NET PERSEGI
• lalu kita setup domain group untuk windows, jalankan perintah :
net groupmap add ntgroup="Domain Admins" unixgroup=netadmin
net groupmap add ntgroup="Domain Users" unixgroup=users
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup
• Tambah user linux dan user samba dengan cara :
A.Admin Classes, contoh tambah user “opikdesign” sebagai “administrator”user linux :
# useradd opikdesign -m -G netadmin –d /home/samba/profiles/opikdesign
user samba :
#smbpasswd -a opikdesign
New SMB password:
Retype new SMB password:
edit file /etc/samba/smbusers dan tambahkan: opikdesign = Administrator
B. User Classes, contoh tambah user “dhani” sebagai “users” .user linux :
# useradd dhani -m -G users –d /home/samba/profiles/dhani
user samba :
#smbpasswd -a dhani
New SMB password:
Retype new SMB password:
edit file /etc/samba/smbusers dan tambahkan:
dhani = dhani
• Sekarang tambahan direktori share yang akan dipakai oleh seluruh user :
# mkdir -p /home/shares/allusers
# chown -R root:users /home/shares/allusers/
# chmod -R ug+rwx,o+rx-w /home/shares/allusers/

Tidak ada komentar: