i need to know a few things about Sama TNg 0.6 + Netscape LDA
P 4.1 + PDC
Mayers, P J
p.mayers at ic.ac.uk
Tue Feb 29 18:59:06 GMT 2000
The LDAP account entries must have a particular format - namely the
sambaAccount / sambaGroup objectclass entries in Ignacio's FAQ. Re-read the
FAQ. Then modify the account entries to have that objectclass and all
required properties
You'll need to add:
objectclass: sambaAccount
uid: <I user NT username, YMMV with something different - I don't recommend
it>
ntuid: <NT username>
rid: <unique rid, encoded as a hex, starting from 400 up - eg "4f3">
uidNumber: <so samba knows which UID to switch down to>
Amongst others. Also, the users will still need to be in the local (Unix)
system password database - presumably using nss_ldap
(ftp://ftp.padl.com/pub) or NIS or something.
Cheers,
Phil
-----Original Message-----
From: muchos
To: Multiple recipients of list SAMBA-NTDOM
Sent: 29/02/00 17:13
Subject: i need to know a few things about Sama TNg 0.6 + Netscape LDAP 4.1
+ PDC
I'm not configure LDAP, but i know that netscape directory have a
parameter or
something that is called "ntuser", someone knows if it is enought for
samba
authentification?
I read Samba-PDC LDAP TNG howto made by Ignacio Coupeau at University of
Navarra, but i find it a bit confuse or may be not clear for me.
Well, i want to know if i must use smbpasswd if all the accounts are in
the ldap
server now, and i must add a machines account in the smbpasswd or in
ldap
directory?
I think that my smb.conf is ok (i pasted below), but i don't know the
requirements of LDAP (Netscape server)
I'm using the Netscape LDAP with that parameter and Samba TNG 0.6 as a
PDC
------------------------------------------------------------------------
---------------
[global]
# LDAP
ldap suffix = "o=Root_Ldap"
ldap bind as = "uid=root, o=Root_Ldap"
ldap passwd file = /usr/local/samba/private/ldappasswd
ldap server = localhost
ldap port = 389
# DOMAIN SERVER
domain groups = ROOT_NT
workgroup = ROOT_NT
server string = Servidor Primario de Dominios
domain master = yes
domain logons = yes
preferred master = yes
comment = Linux sever Samba 2.1
# PRINTERS GLOBAL SETUP
load printers = yes
printcap name = /etc/printcap
# LOG SETUP
log file = /var/log/samba/log.%m
max log size = 500
# PASSWORD SETUP
security = user
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
unix password sync = yes
passwd program = /bin/passwd %u
password level = 0
# OPTIONS
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Netbios Setup
logon script = %U.bat
logon path = \\%L\profiles\%U
netbios name = diablo
logon path = \\diablo\profiles\%U
# Options
map to guest = never
null passwords = no
os level = 34
wins support = yes
dead time = 0
debug level = 20
admin users = smbadmin
# SHARES PARA EL PDC
[homes]
comment = Directorios Personales
browseable = no
writeable = yes
public = no
only user = no
path = /home/samba/profiles/
create mode = 0600
directory mode = 070
[netlogon]
comment = Servicio Autentificacion
path = /home/samba/netlogon
guest ok = yes
writable = no
share modes = no
browsable = no
[profiles]
comment = Perfil de Usuario
path = /home/samba/profiles
create mode = 0600
directory mode = 0700
writable = yes
browsable = no
# SHARED OPCIONALES
--
========================================================================
=
Gabriel D´iaz L´opez de la Llave
Ip6 Seguridad S.L gabidiaz at ip6seguridad.com
c: Zurbaran 28 tlf : 91 700 01 84 ext 165
28010 Madrid fax : 91 700 01 73
http://www.ip6seguridad.com
========================================================================
=
More information about the samba-ntdom
mailing list