Setting up Samba as a PDC for Windows 95/98 clients is somewhat anticlimactic. All you really need to do on the server side is ensure that:
-
Samba is the only primary domain controller for the current workgroup.
-
There is a WINS server available on the network, either a Samba machine or a Windows NT server. (See Chapter 7,
Printing and Name Resolution, for more information on WINS.)
-
Samba is using user-level security (i.e., it doesn't hand off password authentication to anyone else). You do not want to use domain-level security if Samba itself is acting as the PDC.
At that point, you can insert the following options into your Samba configuration file:
[global]
workgroup = SIMPLE
domain logons = yes
# Be sure to set user-level security!
security = user
# Be sure to become the primary domain controller!
os level = 34
local master = yes
preferred master = yes
domain master = yes
The
domain
logons option enables Samba to perform domain authentication on behalf of other clients that request it. The name of the domain will be the same as the workgroup listed in the Samba configuration file, in this case: SIMPLE.
After that, you need to create a non-writable, non-public, non-browesable disk share called
[netlogon] (it does not matter where this share points to as long as each Windows client can connect to it):
[netlogon]
comment = The domain logon service
path = /export/samba/logon
public = no
writeable = no
browsable = no
