Tutorial: Configuring Ubuntu as PDC
After a lot of effort I was able to configure Ubuntu (in my sister’s workplace) as a Primary Domain Server for client machines running Windows. I am going to tell you the process step by step. I think it will solve your problem. If not comment here with what is the error you are getting.
Now as I was experimenting on this in my home, I installed Windows XP SP2 in VirtualBox(Guest OS) on my Ubuntu 9.04 (Host OS). [ If you have more than one PC for testing you can do it without installing Windows in Virtual Machine. ]
This is for who is using Windows in VirtualBox:
Configure network of the virtual machine as in the following screenshot.
Set proper IP in both your Host & Guest OS. Done! We are ready to setup our Ubuntu as a PDC.
We are going to use the following shell script to install samba & configure it. You can download the script from link below.
Please change the bold text as your need. I mean you can use server name, directory you wanna share & the username through which you wanna login form Windows clients as you wish.
domainname=”mydomain”
fileshare=”/home/mypdc/data”
# \\machinename\fileshare
homeshare=”\\\\pdcserver\data”apt-get -y install samba
mv /etc/samba/smb.conf /etc/smb.conf.orig
echo “[global]
workgroup = $domainname
passwd chat = *New*Password* %n\n*Re-enter*new*password* %n\n *Password*changed*
username map = /etc/samba/smbuserspassdb backend = tdbsam
add user script = /usr/sbin/useradd -m -G users ‘%u’
delete user script = /usr/sbin/userdel -r ‘%u’
add group script = /usr/sbin/groupadd ‘%g’
delete group script = /usr/sbin/groupdel ‘%g’
add user to group script = /usr/sbin/usermod -A ‘%g’ ‘%u’
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody ‘%u’logon script = logon.bat
logon path =
logon drive = H:
logon home = \\%n\%udomain logons = Yes
preferred master = Yes
wins support = Yes[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
valid users = %S
read only = Yes[data]
path = $fileshare
valid users = %G
read only = No” > /etc/samba/smb.confecho “myuser = Administrator”> /etc/samba/smbusers
mkdir /var/lib/samba/netlogon
echo “net use H: $homeshare”>/var/lib/samba/netlogon/logon.batecho “Enter samba’s root password:”
smbpasswd -a myuseraddgroup domadm
adduser myuser domadm
net groupmap add ntgroup=”Domain Admins” unixgroup=domadm rid=512 type=d
net groupmap add ntgroup=”Domain Users” unixgroup=users type=d
net groupmap add ntgroup=”Domain Guests” unixgroup=nobody type=d/etc/init.d/samba restart
Download the file here.
After you done all changes save it with name sambapdc.sh (you can use any name). Now open terminal. Navigate to the directory where you had kept the file. Run the following command.
sudo chmod +x ./sambapdc.sh
sudo ./sambapdc.sh
Now if you want to add more user to login from different Windows client just do the follwing.
- Create the user from System ->Administration -> User and Groups.
- After that un these commands for each user.
adduser username domadm
smbpasswd -a username
Replace username with your usernames. Now server side configuration is done!
Login to your client (In my case its Windows XP SP2). Do the following:
- Right click on my computer. Select Properties.
- Select Computer Name tab.
- Click Change to rename you computer.
- Set your domain name as you have given in Ubuntu.
- Click OK.
- Done! You will have to restart your Windows PC. And After you login you will see your login like this
Choose your given domain name. And you will be able to login to the domain.
Hope that helps!! Happy computing….. 🙂 🙂
nice howto, this might be a little bit more detailed tho 🙂
What user and password to give when you want to change to the domain ?
I already found that you need the normal root password you set for samba 🙂
Now some extra info about how to store the set profile options on the PDC, so on every WS your background is the same and so on would be nice to see !
keep up the good work.
Nice job! Thanks! But at the same time i stuck in one problem. Access denied on all Domain Admins users when i want to join domain. Perhaps some permissions but where?
Best Regards,
@Aleksandrs 😮 I didn’t face that prob. Plez check that u have done all the steps correctly or not! 🙂
Nice post. I was checking continuously this blog and I’m impressed!
Very useful information specially the last part :
) I care for such info a lot. I was looking for
this particular information for a very long time.
Thank you and best of luck.