Enable root user
Now I can login with the username and password i entered above. First I enable the root user for ease of installation. You can disable it later if you want.
sudo passwd root
su
Now we are logged in as root user.
Configure The Network
Because the Ubuntu installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):
# This file describes the network interfaces available on your system |
Then restart your network:
/etc/init.d/networking restart
Edit /etc/hosts and add your new IP address(es):
127.0.0.1 localhost.localdomain localhost server1 |
Setting The Hostname
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
Edit /etc/apt/sources.list And Update Your Linux Installation
Edit /etc/apt/sources.list. It should look like this:
# deb cdrom:[Ubuntu 5.10 _Breezy Badger_ - Release i386 (20051012)]/ breezy main restricted |
Then run
apt-get update
apt-get upgrade
Install SSH Daemon
apt-get install ssh openssh-server
The Next Steps...
Now you can login to your Server with an SSH Client like putty (http://www.chiark.greenend.org.uk/~sgtatham/putty/). Its easier to follow this howto if you connect to your server with putty and copy and paste the commands. If you want to edit config files on the server, you can use commandline editors like vi, pico or joe or use a program like WinSCP (http://winscp.net/eng/index.php) to edit the files over your SSH connection in a Windows client.
Quota
apt-get install quota
Edit /etc/fstab to look like this (I added ,usrquota,grpquota to the partitions with the mount point / and /home):
# /etc/fstab: static file system information. |
Then run:
touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /
touch /home/quota.user /home/quota.group
chmod 600 /home/quota.*
mount -o remount /home
quotacheck -avugm
quotaon -avug
Install And Configure The SAMBA Server
In order to install SAMBA, run
apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient
Edit /etc/samba/smb.conf so that it looks like this
[global] |
Remark: The "netbios name" in the smb.conf must be the same then the hostname of your server.
workgroup = MYWORKGROUP specifies the Windows domain that the Windows workstations use.
logon drive = H: is the drive letter under which the SAMBA share will appear in the Windows Explorer.
With logon script = scripts/logon.bat you can specify a Windows batch script that is executed as soon as a Windows workstation logs in. If the script does not exist, you can comment out that line.
Create the directories for domain logons and profiles:
mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/
Now we restart Samba:
/etc/init.d/samba restart
Edit /etc/nsswitch.conf. Change the line:
hosts: files dns
to:
hosts: files wins dns
Add all computers of your workgroup in the /etc/hosts file on the server.
192.168.0.100 server1 |
Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.
smbpasswd -a root
Create the file /etc/samba/smbusers and add the line by executing:
echo "root = Administrator" > /etc/samba/smbusers
This will allow us to use the common windows username "Administrator" as alias for the Linux root user.
Now I will test if the setup is correct:
smbclient -L localhost -U%
The output should look similar to this:
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu] |
Setup the default domain groups for windows:
net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup
Adding Users To Our SAMBA Domain
Now we will add a user, e.g. tom, to our Samba domain. You will have to add a user like this for each user account you want to connect to this SAMBA domain server.
1) Add a linux user tom:
useradd tom -m -G users
2) Add the linux user tom to the SAMBA password database:
smbpasswd -a tom
Adding Shares
Now I will add a share that is accessible by all users.
mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/
At the end of the file /etc/samba/smb.conf add the following lines:
[allusers] |
Now we restart Samba:
/etc/init.d/samba restart
Installing CUPS
If you want your SAMBA server to act as a print server also, you have to install and configure CUPS:
apt-get install cupsys cupsys-client cupsys-driver-gimpprint cupsys-driver-gimpprint-data defoma fontconfig foomatic-db foomatic-filters libcupsimage2 libexpat1 libfontconfig1 libfreetype6 libgimpprint1 libjpeg62 libpaper1 libpng12-0 libpoppler0c2 libslp1 libtiff4 patch perl perl-modules ttf-bitstream-vera ucf (1 line!)
To get access to the web interface from my workstation, I will change cups to listen on the Server IP.
Edit /etc/cups/cupsd.conf in the section Network Options:
Listen 127.0.0.1:631 |
Set AuthGroupName to shadow in the section Security Options:
AuthGroupName shadow |
To allow access only from my admin workstation (IP: 192.168.0.70), I add Allow From 192.168.0.70 the security options and set AuthClass to Group:
|
Add the cupsys user to the shadow group:
adduser cupsys shadow
and restart the cups daemon:
/etc/init.d/cupsys restart
The cups webinterface is now accessible with any webbrowser from my workstation:
http://192.168.0.100:631/
Now I can login to the cups interface with username root and my root password.
Hint: If there is no linux driver available for your printer and you want to use this printer only from your windows workstations trough SAMBA, you can use the printer manufacturer RAW and install the correct driver on your windows workstation.
If you created a new printer in cups, you will have to add it to samba with the command:
cupsaddsmb -a
Have fun!
Links
All trademarks belong to their respective owner.