Linux Step By Steps

Installing SAMBA from Source as a PDC
Written by James McDonald on 16-March-2003

Table of Contents
  1. Overview
  2. Configuration and Compilation
  3. Create needed support files
  4. Setting up a SAMBA PDC


I did the following on a Mandrake 9.0 box.
There is a sample smb.conf at the bottom and it is for use as a PDC

Once you have installed samba the documentation is all installed under the swat root in the following directories.

PREFIX=/usr/local # where you put swat

Important: If you are going to use Windows XP clients make sure you launch the Local Group Policy snapin on the client and disable the encrypt traffic to servers options do a google for details.

Configuration and Compilation

Download and unpack samba

Check for any missing libraries you need

./configure | tee mylog

Add any libraries that you need

rpm -ivh libcups1-devel-1.1.16-0.4mdk.i586.rpm
rpm -ivh pam-devel-0.75-25mdk.i586.rpm

Configure with the samba options you require

# make sure you put --with-pam in or you wont be able to connect swat without the unsafe -a option
# --with-pam_smbpass needs libpam
# --enable-cups needs cups-devel

./configure  --prefix=/usr/local \
--with-pam \
--with-pam_smbpass \
--with-acl-support \
--with-winbind \
--with-msdfs \
--enable-cups \
--with-smbmount \
--with-ssl \
--with-libsmbclient \

make install

Create needed support files

Create smb.conf and the unix to smb user map file

touch /usr/local/lib/smb.conf
touch /usr/local/private/

Add the necessary directories for profiles and netlogon shares

mkdir -p /var/lib/samba/netlogon
mkdir -p /var/lib/samba/profiles

Create a PAM file for authentication off the unix pam service

cat << EOF > $PAM_FILE
auth required /lib/security/ nullok shadow
account required /lib/security/

Create xinetd service file


service swat


        port                    = 901
        socket_type             = stream
        wait                    = no
        user                    = root
        only_from               =
        server                  = /usr/local/sbin/swat
        server_args             = -s /usr/local/lib/smb.conf
        # tell it where smb.conf is stashed if non standard
        log_on_failure          += USERID
        disable                 = no


Create a /etc/rc.d/init.d/samba file

#ident  "@(#)samba.server 1.0   96/06/19 TK"    /* SVr4.0*/
# Please send info on modifications to
# # chkconfig: 2345 20 10
# # description: Starts and stops the Samba Server at boot time and shutdown.
# This file should have uid root, gid sys and chmod 744
if [ ! -d /usr/bin ]
then                    # /usr not mounted

PS=`which ps`
GREP=`which grep`
SED=`which sed`

killproc() {            # kill the named process(es)

        pid=`$PS -e |
             $GREP -w $1 |
             $SED -e 's/^  *//' -e 's/ .*//'`
        [ "$pid" != "" ] && kill $pid

status () {

    nmbd=`$PS -e |
             $GREP -w nmbd |
             $SED -e 's/^  *//' -e 's/ .*//'`
    smbd=`$PS -e |
             $GREP -w smbd |
             $SED -e 's/^  *//' -e 's/ .*//'`

    if [ "$nmbd" != "" ] ; then
            echo nmbd is running on $nmbd
            echo nbmd is not running

    if [ "$smbd" != "" ] ; then
             echo smbd is running on $smbd
        echo sbmd is not running

# Start/stop processes required for samba server

case "$1" in

# Edit these lines to suit your installation (paths, workgroup, host)
    $SAMBA_SBIN/smbd -D -s$SAMBA_LIB/smb.conf
    $SAMBA_SBIN/nmbd -D -s$SAMBA_LIB/smb.conf
   killproc nmbd
   killproc smbd
   echo "Usage: /etc/rc.d/init.d/samba { start | stop | status }"

Edit /etc/services

Check to make sure /etc/services has the correct entries add them if not

netbios-ns      137/tcp                         # NETBIOS Name Service
netbios-ns      137/udp
netbios-dgm     138/tcp                         # NETBIOS Datagram Service
netbios-dgm     138/udp
netbios-ssn     139/tcp                         # NETBIOS session service
netbios-ssn     139/udp
swat            901/tcp                         # Samba Web Administration Tool
microsoft-ds    445/tcp
microsoft-ds    445/udp

Register samba for system start up

chkconfig --level 345 samba on

Now start the services

/etc/rc.d/init.d/samba start

Setting up a SAMBA PDC

On the Samba machine in your favourite browser goto http://localhost:901
set the options so you get a similar smb.conf to the following smb.conf

Note: Rely heavily on the doco and when you don't understand something ask at the linux-users list I'm sure some of them are hiding a windows background

# Samba config file created using SWAT
# from localhost.localdomain (
# Date: 2003/03/16 12:18:06

# Global parameters
workgroup = JMCD
netbios name = P3
encrypt passwords = Yes
username map = /usr/local/private/
log level = 1
log file = /var/log/samba/log.%m
time server = Yes
domain admin group = root @adm
logon script = logon.cmd
logon path = \\P3\profiles\%U
logon drive = H:
logon home = \\P3\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
template homedir =
winbind use default domain = Yes
admin users = root

comment = Home Shares
read only = No
browseable = No

comment = Netlogon
path = /var/lib/samba/netlogon
guest ok = Yes

comment = Profile Home
path = /var/lib/samba/profiles
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
csc policy = disable

Prepared from Samba documentation, and google searches by:
James McDonald
Qualifications { MCSE (NT/Win2K), CCNA, CNA }