Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.3: Set up Samba to use NT Domain Manager security UNIX
This hint is for the ones want connect their Mac under a domain called MYDOMAIN served by a NTServer (or linux/samba server) called MYSERVER on a Windows network, and you want the to Mac get permissions and users from the domain controller (once again MYSERVER).

First of all open Directory Access application in Utility, click on padlock icon to grant permission and write your password. Select SMB from the list and then click on "Configure..." button. In the workgroup field box type your domain name (MYDOMAIN in this explanation) select OK then Apply button. Quit Directory Access. From now on, your Mac is connected to the domain MYDOMAIN and you will see all servers under this domain.

Now you need to edit, with root permissions, smb.conf in /etc. I use vi, but you can choose whatever else text editor. Opened smb.conf make a new line under workgruop = MYDOMAIN and enter the follow code:

password server = *
security = domain 
hide files = .Trashes/Temporary Items/Desktop */TheFindByContentFolder/
NOTE: The hide files line is shown on two lines; enter it as one with no added spaces.

The first two lines say to Samba to get the password from the domain controller. The following line tells Samba to hide all Mac stuff and dot starting file to the client. Now go at the end of the file and add these lines:

path = <b>/Volumes/MysecondHD/Afolder</b>
public = yes
browseable = yes
writable = yes
force create mask = 0775
force create mask = 0775
force user = <b>myuser</b>
force group = unknown
hide dot files = yes
This is only an example of a share; you can put how many share you want following this scheme. The things you need to change are the name (MYSHARE in example), the path (/Volumes/MysecondHD/Afolder), and the user (myuser). Is important to change the user to one already existing on your Mac; even better if that user has admin permissions. Now save smb.conf and type in a terminal the following command:
sudo net join -U Administrator
I assumed that your network user administrator is called "Administrator," if not then change the line accordingly. At the first prompt, enter your Mac password and hit return. At the second prompt, enter the network administrator password and hit return.

Well done, now all that's left is to start (or restart if already running) the Windows sharing from the Sharing control panel of your Mac.

If you go on a Windows machine, now you see your Mac on the network browser, and inside the Mac is your shared directory. The first time you try connecting, an annoying window ask you for a login and password; type none and hit return, and, if you already logged onto domain, you'll get full access to the shared Mac directory.
  • Currently 2.33 / 5
  You rated: 3 / 5 (9 votes cast)

10.3: Set up Samba to use NT Domain Manager security | 2 comments | Create New Account
Click here to return to the '10.3: Set up Samba to use NT Domain Manager security' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: Set up Samba to use NT Domain Manager security
Authored by: stevec on Dec 05, '03 03:39:14PM

Hey cool, I did this and then my network admin came to me complaining that my Mac had taken over the master browser list.

so BE CAREFUL doing this!

[ Reply to This | # ]
10.3: Set up Samba to use NT Domain Manager security
Authored by: stevec on Dec 05, '03 03:54:28PM

And now that I have done some research and had my rear kicked you need to add one entry to the [GLOBAL] section of the /etc/smb.conf file:

local master = no

that should do it. Your Mac will no longer attempt to become the browse/local master for the Winders network

[ Reply to This | # ]