If you already have an NT domain, you can easily add a Samba server to it. First, you will need to stop the Samba daemons. Then, add the Samba server to the NT domain on the PDC using the "Windows NT Server Manager for Domains" tool. When it asks for the computer type, choose "Windows NT Workstation or Server," and give it the NetBIOS name of the Samba server. This creates the machine account on the NT server.
Next, generate a Microsoft-format machine password using the
smbpasswd tool, which is explained in further detail in the next section. For example, if our domain is SIMPLE and the Windows NT PDC is
beowulf, we could use the following command on the Samba server to accomplish this:
smbpasswd -j SIMPLE -r beowulf
Finally, add the following options to the
[global] section of your
smb.conf and restart the Samba daemons.
[global]
security = domain
domain logins = yes
workgroup = SIMPLE
password server = beowulf
Samba should now be configured for domain-level security. The
domain
logins option is explained in more detail later in this chapter.
