[see updates at end for Ubuntu 9.10 info]
I finally managed to get the release of Windows 7 to join my Ubuntu domain controller at home. First I had to upgrade Ubuntu from 8.04 to 9.04 (
Jaunty Jackalope). This was pretty easy, since Ubuntu has a single button for upgrade, although I had to upgrade in two steps with 8.10 on the way.
The next step is to install Samba 3.3.4. The required version of Samba running is very specific since Windows 7 will only join a Samba domain of this exact version. Previous versions of Windows don't care. So the default 3.3.2 of Ubuntu 9.04, nor later versions of 3.3.7 etc will work at all.
I found a
posting here that helped my do the manual Samba upgrade. Quite a long and tedious process, but I got it to work in the end.
Finally, I had to tweak some Windows 7 registry settings to let it use some lower security options for dealing with the old style NT domains. All the details are
found here. You'll notice I posted a question here when I was having problems, and the poster Greg was really helpful with getting me on track. Thanks Greg!
My problem was the upgrade of Samba/Ubuntu left my smb.conf with an invalid -n option in the "add machine script" line, which caused an error when attempting to add a machine to the domain.
All sorted now, which means I'm one step closer to upgrading my main workstation OS from Vista x64 to Windows 7 x64. I just need to verify VMWare Workstation and a couple of other critical apps are going to work. Joy.
[Update 28/8/09]
Upgrading a Vista machine that is already connected to a Samba 3.3.4 domain to Windows 7 RTM also works fine. I notice the only reg entry it changed of the four above was the "RequireStrongKey" one.
[Update 16/11/09]
It seems Ubuntu 9.10, Karmic Koala,
does support Windows 7 clients in a samba domain (fix released), however I'm
waiting to upgrade my server for a while.
[Update 6/2/10]
Upgraded.
Seems fine.
[Update 26/5/10]
Now I've noticed that one of my accounts couldn't log into the domain. I had to change these reg settings:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
“RequireSignOnSeal”=dword:00000000
“RequireStrongKey”=dword:00000001
In smb.conf, I also added to
[netlogon]
write list = root
Not sure which is important, but the account now logs in.