Samba upgrade HowTo

Author:  Darrell May
Contributor:
  
Release supported: SME >=5.5
License: GPL
Last updated: Sunday, January 12, 2003 09:58 AM



Problem:  You need to upgrade to the latest stable samba release.
Solution:
  follow this Howto ;->


STEP 1: Download the current samba rpms and place them in a temporary directory on your server:

For SME >=5.5:

http://myezserver.com/downloads/mitel/contrib/samba/

STEP 2: Install the rpms, reconfigure and restart samba

# sh ./install.sh
# /sbin/e-smith/signal-event ibay-modify

STEP 3: Use Windows Explorer or Network Neighborhood to confirm samba is alive and well.



How to remove a machine from a domain
How to re-add a machine to a domain

Author:  Darrell May
Contributor:
  
Release supported: e-smith 4.x, SME 5.x
License: GPL
Last updated: Thursday, August 01, 2002 09:58 AM



Problem1:  You want to remove a machine from a domain.
Problem2:  A domain machine account currently exists but the computer has been removed from the domain.  You want to reconnect this same computer or you have replaced the computer and want to reconnect to the domain using the same computer (netbios) name.
Solution:
  follow this Howto ;->


NOTE: %u when issued inside samba appends the $ to $machineName to create $machineName$. For instance if the computer netbios name is STATION1 then it becomes station1$. NOTE: uppercase netbios names are converted to lowercase.

STEP 1: To remove a machine from a domain once it is added you may follow these command-line steps:

# /usr/bin/smbpasswd -x $machineName$
# /usr/bin/passwd -d $machineName$ 
# /usr/sbin/userdel $machineName$
# /sbin/e-smith/db accounts delete $machineName$

As an example to remove a machine named STATION1 you would enter:

[root@e-smith /root]# /usr/bin/smbpasswd -x station1$
Deleted user station1$.

[root@e-smith /root]# /usr/bin/passwd -d station1$
Changing password for user station1$
Removing password for user station1$
passwd: Success

[root@e-smith /root]# /usr/sbin/userdel station1$

[root@e-smith /root]# /sbin/e-smith/db accounts delete station1$

[root@e-smith /root]# /etc/rc.d/init.d/smb restart

On the Windows side, you need to switch to workgroup mode (use a non-existent workgroup name ex. "workgroup1") and reboot your computer. After successfully rebooting in workgroup mode, you then may attempt to rejoin the computer to the domain following the steps below:



How to add a Windows 2000 computer to the domain

Author:  Darrell May
Contributor:
  
Release supported: e-smith 4.x, SME 5.x
License: GPL
Last updated: Thursday, August 01, 2002 09:58 AM



Problem1:  You want to add a W2K machine to a domain.
Solution:
  follow this Howto ;->


STEP 1:  Make sure you have no open workgroup connections to the domain server.

For instance, if you were previously connecting to the server in workgroup mode you must disconnect from the workgroup and close any open network shares.  To check on this, bring up a command prompt on your Windows box and type net use.  If it lists any connections to the server, do net use \\servername /delete.


STEP 2: Login as Administrator and perform the following:



Troubleshooting - Common Errors

"The Credentials supplied conflict with an existing set of credentials"
This error is almost always caused by already having an existing connection to the server while trying to join the domain.  To check on this, bring up a command prompt on your Windows box and type net use.  If it lists any connections to the server, do net use \\servername /delete and try joining the domain again.

"The account supplied is a computer account"
This error may arise if the domain that you're trying to join has the same name as your workgroup.  Change the name of the workgroup on your Windows machine, reboot, and then try joining the domain.


Windows 2000 - Local Area Connection Properties

It is suggested to limit your active protocols in use to as few as possible.  TCP/IP is the only required protocol.  Implement other protocols only if you absolutely must have others active to support your environment.  The more you have, the more trouble you may experience.  The recommended minimum Local Area Connection Properties are:

[X] Client for Microsoft Networks
[X] File and Printer Sharing for Microsoft Networks
[X] Internet Protocol (TCP/IP)


Windows 2000/XP Registry Settings
It is suggested that you check the following registry entries which should be set to (0).  This is the default under W2K (but check to confirm) however under XP the default is (1) and definitely needs changing:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon\Parameters]
"requirestrongkey"=dword:00000000
"requiresignorseal"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Netlogon\Parameters]
"requirestrongkey"=dword:00000000
"requiresignorseal"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requirestrongkey"=dword:00000000
"requiresignorseal"=dword:00000000