[Samba] Yet Another LDAP Question
Gémes Géza
geza at kzsdabas.sulinet.hu
Mon Apr 26 18:39:17 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jean Krebs Fonseca írta:
| Hi All,
|
| I know this must have been discussed around here a million times, but
I really
| didn't find this info anywhere else and I'm on a deadline here.
|
| I already have an FC1 server with a working LDAP directory in
production. The
| same server runs a Samba PDC, but not with LDAP functionality yet.
|
| All I need to know right now is if I have to include some standard
user and
| group accounts, like Adminstrator and such. Also,how do I generate the
NT and
| Lanman password hashes so I can include them in the uses' ldifs?
|
| And please, don't point me to that Samba-LDAP howto 'cause it did
nothing but
| confuse me more.
|
| Thanks,
|
You can use mkntpwd tool to generate LMPassword and NTPassword hashes, I
do so. Attached you will find my root accounts ldif (Passwords removed
;-) ). You will find that it has lots of Objectclasses not necessarily
needed for Unix shell or Samba. Take care to use the Samba3 schema
/usr/share/doc/samba..../examples/LDAP/....
Anyway if you configure the ldap backend in Samba and SmbLDAP tools,
then a simple pdbedit operation could do the migration to ldapsam.
Cheers
Geza
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAjVdV/PxuIn+i1pIRAtWAAJ0fMwkhFRsx5wcFQ6bVI1yAFi+n7gCfQik2
7ha1Kgx+WzSrJn6907RnO4w=
=nkZG
-----END PGP SIGNATURE-----
-------------- next part --------------
dn: uid=root,ou=People,dc=kzsdabas,dc=hu
mailHost: mail.kzsdabas.sulinet.hu
objectClass: mailRecipient
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: kerberosSecurityObject
objectClass: shadowAccount
objectClass: sambaSamAccount
shadowMax: 60
shadowWarning: 7
shadowInactive: 30
loginShell: /bin/bash
uidNumber: 0
homeDirectory: /root
cn: LDAP's Fake root Account
cn: root
sn: LDAP's Fake root Account
displayName: LDAP's Fake root Account
gecos: LDAP's Fake root Account
shadowLastChange: 12013
sambaPwdMustChange: 2147483647
sambaAcctFlags: [U ]
sambaPwdCanChange: 1080799858
sambaLogonTime: 2147483647
sambaNTPassword: **********REMOVED*********
sambaPwdLastSet: 1080799858
sambaLogoffTime: 2147483647
sambaLMPassword: **********REMOVED*********
sambaKickoffTime: 2147483647
gidNumber: 4
sambaSID: S-1-5-21-2107120446-224765601-1821260193-500
mail: root at kzsdabas.sulinet.hu
mailForwardingAddress: root at mail.kzsdabas.sulinet.hu
uid: root
krbName: root at KZSDABAS.HU
sambaPrimaryGroupSID: S-1-5-21-2107120446-224765601-1821260193-512
userPassword: {CRYPT}$1$**********REMOVED*********
More information about the samba
mailing list