[Samba] Question on LDAP+Samba+PDC
jwilliams at courtesymortgage.com
Thu May 15 21:13:35 GMT 2003
Well, I have been working very hard lately, trying to get a server up to
act as our Samba PDC with LDAP. So far, everything seems to be working
well. I've been able to get samba 2.2.8 and openldap 2.0.27 installed with
no problems. I've setup my config files (ldap.conf, slapd.conf, smb.conf)
as well as added some initial entries to the LDAP directory.
I've been able to add a user to the directory and set the password for that
This is where I wanted to ask some questions:
Now, let me try and explain what I want to do:
As it is now, our network is setup in a workgroup, with 30+ users. I want
all of our users to be able to join the Domain/Samba PDC. They will not be
using roaming profiles, just login to their workstation into the Domain.
What I am trying to understand is the best way to go about adding my users
to the domain as well as authenticating against the domain. It may seem
vague, but im a little confused here myself.
I thought i'd post some of my initial entries and go from there. Here goes:
# mycompany, com
description: mycompany comanization
# Groups, mycompany, com
description: System Groups
# Users, mycompany, com
description: Users of the comanization
# Computers, mycompany, com
description: Windows Domain Computers
# Domain Admins, Groups, mycompany, com
dn: cn=Domain Admins,ou=Groups,dc=mycompany,dc=com
cn: Domain Admins
description: Windows Domain users
# Domain Users, Groups, mycompany, com
dn: cn=Domain Users,ou=Groups,dc=mycompany,dc=com
cn: Domain Users
description: Windows Domain Users
# Administrators, Groups, mycompany, com
description: Windows Domain Members can administer the computer and Domain
That is just some initial entries. Here is what I have questions about:
I am going to have about 3-4 groups. For instance, officers, processors and
Now, I need to add my users to the PDC. From what I have read, not only do
I need to add my users to the PDC, but a machine/computer account as well,
So, my question is what is the best way to add my users to the PDC and
their machine accounts?
Secondly, as you can see in my LDAP directory above, I have some initial
entires. I am unclear as how to add my users to the server and LDAP and
make sure they go into the correct group and correct part of the LDAP
Directory. That make sense? For example, if I have a user named Todd that
needs to go into the group "officers" how would I go about doing that?
Lastly, (for now :) ) when I go around to my Windows 2000 workstations to
have my users join the domain, from some prior testing, once I change it
from a workgroup to a domain, a username and password box will pop up. What
username and password must I use here? Is it what I have specified in my
slapd.conf and smb.conf: "cn=Manager,dc=company,dc=com"
I appreciate everyone's help.
More information about the samba