Roaming profiles and system/network policies are advanced network administration topics
that are covered in
Desktop Profile Management and
System and Account Policies of this document. However, these are not
necessarily specific to a Samba PDC as much as they are related to Windows NT networking concepts.
A domain controller is an SMB/CIFS server that:
Registers and advertises itself as a domain controller (through NetBIOS broadcasts
as well as by way of name registrations either by Mailslot Broadcasts over UDP broadcast,
to a WINS server over UDP unicast, or via DNS and Active Directory).
Provides the NETLOGON service. (This is actually a collection of services that runs over
multiple protocols. These include the LanMan logon service, the Netlogon service,
the Local Security Account service, and variations of them.)
Provides a share called NETLOGON.
It is rather easy to configure Samba to provide these. Each Samba domain controller must provide the NETLOGON
service that Samba calls the
domain logons functionality (after the name of the
parameter in the
smb.conf file). Additionally, one server in a Samba-3 domain must advertise itself as the
domain master browser. This causes the PDC to claim a domain-specific NetBIOS name that identifies
it as a DMB for its given domain or workgroup. Local master browsers (LMBs) in the same domain or workgroup on
broadcast-isolated subnets then ask for a complete copy of the browse list for the whole wide-area network.
Browser clients then contact their LMB, and will receive the domain-wide browse list instead of just the list
for their broadcast-isolated subnet.