Some requirements are needed for using Samba as a Public Domain Controller (PDC).
First Samba has to be installed through Pakfire. During the installation process in Pakfire, one has to confirm all dependencies as they are important for the Samba installation.
After the installation of Samba completed, browse to "ipfire" in the sidemenu in the webinterface; if the installation went well, a new option Samba should appear.
The names of the domain (set under "workgroup") and the netbios (i.e. the name of the server on the network) of the samba server can be adjusted according to your wish.
The security mode (under "security options") has to be set to "user".
The setting should be adjusted according to the example in the image below:
|WINS Support:||on||Activates the WINS-support|
|Local Master:||on||ensures that the Samba server is the master browser of the local subnet|
|Domain Master||on||ensures that the Samba server of the master browser goes over the subnet boundaries and administers all local Browse lists of the domain it control|
|Preferred Master||on||ensures that the Samba server takes priority in the selection of the master (domain) browser, when nmbd starts|
As a “thanks” for the past work you get then some additional options displayed.
Since the 2.3 version of IPFire, by the activation of the PDC mode, the text field PDC options was filled with more or less meaningful adjustments. These data was situated at this time - and still now - under
The original contents of the file:
filename = /var/ipfire/samba/default.pdc
[homes] path = /home/%U comment = Benutzer-Verzeichnisse browseable = yes writeable = yes valid users = %U [netlogon] path = /var/ipfire/samba/netlogon browseable = no writeable = no comment = NetLogON [profiles] path = /var/ipfire/samba/profiles browseable = no writeable = yes comment = Benutzerprofile valid users = %U
This configuration served for the releases
/profiles to occupy them into the samba domain. Whether the default is meaningful, is surely more or less a matter of taste -> it is valid to make certain however that the appropriate directories are configured with the necessary authorizations.
It is not arbitrary and thus essentially to indicate the samba server that he also answers the appropriate domain inquiries -> for this purpose complete the PDC-option with this line
domain logons = yes
The following links are useful--some of them overlap or provide further details about the settings discussed above.