Upgrading Samba to work with Windows 7
I am posting this as a note for myself and anyone who ever has to get Samba and Win7 to play together nicely. Also, this is a work in progress and I will appreciate any thoughts, though posting to the samba list could be more productive...
This is our set up at work:server running Samba on debian - domain controller
Various machines either single booting XP or dual booting XP and debian - domain members
New machines with Windows 7 Professional - trying to join domain as members Roaming profiles are in use both on XP and debian
Samba shares - each person in the research group has their own filespace, profile, and a common shared area which is read/write/accessible Previously, we were using the stable lenny package of samba, which is version 3.2.5
http://packages.debian.org/lenny/sambaViewing the samba shares seem to work fine after some changes to the local security policy.
http://www.builderau.com.au/blogs/codemonkeybusiness/viewblogpost.htm?p=339270746
Can even print from the shared printers, which is pretty good, I thought. This is all before I join Win 7 to the domain, it's just a normal computer sitting in the department private network.Out of the box, Win 7 will not join a samba domain. As stated on the samba wiki, a version of samba 3.3 or higher is required, and some registry keys need to be changed.
http://wiki.samba.org/index.php/Windows7
I first tried changing the registry keys and joining the domain on the Win7 machine while keeping samba at 3.2.5 Although the join is now successful (with the DNS error message ignored), attempts to log in fail with "the trusted relationship between this workstation and the primary domain failed". So I proceeded to update samba using lenny-backports, which has samba version 3.4.2
http://packages.debian.org/lenny-backports/samba
I forgot to look at dependencies first time round (yes I'm a noob), but after using some commands like
dpkg -l | grep samba
dpkg --configure --pending
dependencies can be sorted out.(I could have avoided it by using apt, but I had some problems doing aptitude update, possibly a missing public key somewhere =S) After the update is completed, log in on the Win 7 now works, but with only a temporary profile instead of a properly persistent roaming profile. It appears that this is because they made a new version of the profiles protocol in Vista and Windows 7.
http://bugs.contribs.org/show_bug.cgi?id=3666Attempted to add some kind of profiles.v2 reference in samba's configuration file does not work. So, in the samba "profile" share, I added $username.v2 in addition to the existing $username folder. This fixed the roaming profile issue. The home/filespace area was not successfully mounted initially because Win7 decided to reserve the drive letter for some usb thing. Again, some regedit-ing sorted it out - the relevant DosDevices key in HKLM/System/MountedDevices need to be free. So, now, the Win 7 is finally a member of the domain, allows log in, has a functional (I think) roaming profile, and has the right home filespace mounted. The shared drive is mounted, however, it now insists that "Access is denied" (even though it worked before I joined the domain or updated samba, and it still works on pre Win7 machines and everywhere when booted into debian). Printing is not yet tested-- will need to do that tomorrow. This has taken 2 work days and most of this weekend (and I started the weekend ago). Gaaaah.
![[�O�������N]](image/external_link.gif){kind=small}
