LDAP and NT PDC

Ignacio Coupeau icoupeau at unav.es
Wed May 26 17:12:48 GMT 1999 

Kevin Myer wrote:
> 
> Hi,
> 
> I am looking at overhauling our systems setup and replacing several
> disparate database systems (/etc/passwd, NT login info, email, etc.) with
> one centralized LDAP server system.  I have the CVS source and am running

This is my cookbook:

1. Create a ldap entry in slap.conf:
---
#
database        ldbm
suffix          "o=SMB-Universidad de Navarra, c=ES"
rootdn          "uid=root, o=SMB-Universidad de Navarra, c=ES"
rootpw          a_secret_word
replogfile      /usr/tmp/slurpd-smb.replog
directory       /usr/local/etc/openldap/samba-slapd
#
index           cn
index           sn,uid,mail     pres,sub,eq
index           default         sub
#index          default         none
#
defaultaccess   read
access  to dn=".*, o=SMB-Universidad de Navarra, c=ES"
        by self         write
        by *            search
---
2. Add the schema to sldap.oc.conf:
---
objectclass sambaAccount
        requires
                ObjectClass,
                uid,
                uidNumber,
                ntuid,
                rid
        allows
                gidNumber,
                grouprid,
                nickname,
                userpassword,
                ou,
                description,
                lmPassword,
                ntPassword,
                pwdLastSet,
                smbHome,
                homeDrive,
                script,
                profile,
                workstations,
                acctFlags,
                pwdCanChange,
                pwdMustChange,
                logonTime,
                logoffTime,
                kickoffTime

---
3. With the ldapadd, add these 2 records (look at uid):
-----
dn: o=SMB-Universidad de Navarra, c=ES
o: SMB-Universidad de Navarra
objectclass: organization

dn: uid=root, o=SMB-Universidad de Navarra, c=ES
uid: root
grouprid: 1
uidnumber: 0
gidnumber: 1
ntuid: Administrator
rid: 0
nickname: sadmin
ou: CTI
description: Admin
smbhome: samba
homedrive: Z:
script: scripts\admin
profile: profile\admin
logontime: 111
logofftime: 111
kickofftime: 111
acctflags: [DU         ]
objectclass: sambaAccount
---
4. Add to smb.conf:
[global]
ldap suffix = "o=SMB-Universidad de Navarra, c=ES"
ldap bind as = "uid=root, o=SMB-Universidad de Navarra, c=ES"
ldap passwd file = /usr/local/etc/samba/private/ldappasswd
ldap server = localhost
ldap port = 389

5. run the smbpasswd to add new entries WS or people... of course, you
need the /etc/passwd contains the accounts... runs fine... in the linux
boxes with Samba HEAD-CVS and OpenLdap 1.2.




____________________________________________________
Ignacio Coupeau, Ph.D.     e-mail: icoupeau at unav.es
CTI, Director              fax:    948 425619
University of Navarra      voice:  948 425600
Pamplona, SPAIN            http://www.unav.es/cti/

More information about the samba-ntdom mailing list