[Samba] Samba 3.0.1 and LDAP
Norm Dressler
ndressler at dinmar.com
Wed Feb 4 12:44:36 GMT 2004
Check out idealx.org (I think its .org) they have a great Webmin module
for Samba 3.0.1 and the latest schema. If using the older schema, try
directory_administrator. Idealx also has smbldap tools for command line
additions, deletions etc.
Norm
-----Original Message-----
From: samba-bounces+ndressler=dinmar.com at lists.samba.org
[mailto:samba-bounces+ndressler=dinmar.com at lists.samba.org]On Behalf Of
Christian Arguello
Sent: Tuesday, February 03, 2004 6:16 PM
To: samba at lists.samba.org
Subject: [Samba] Samba 3.0.1 and LDAP
I have configured my Samba to work with LDAP.
My question is:
How do I have to add users??? Should I use smbpasswd command or I have
to create an LDIF entry for each user that I have to add??
If I have to create an entry for each user, how do I get the
sambaLMPassword, SambaPrimaryGroupSID,userPassword,sambaSID and
sambaNTPassword, because in the “samba-how to” I see that this values
are encrypted.
Here is what I have done,
I have configure my smb.conf like this:
[global]
workgroup = NOVA
server string = %h server (Samba %v) PDC
interfaces = 192.168.1.0/255.255.255.0
bind interfaces only = Yes
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://localhost
unix password sync = Yes
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
logon script = netlogon.bat
logon drive = H:
logon home = \\%h\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap suffix = "o=NOVA"
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = "cn=Admin,o=NOVA"
ldap ssl = off
ldap filter = (uid=%u)
panic action = /usr/share/samba/panic-action %d
# invalid users = root
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba
browseable = No
[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No
[recurso1]
comment = Recurso 1
path = /home/samba/recurso1
read only = No
browseable = No
And then I have added the structure od my LDAP using this LDIF entry:
# Organizacion para Samba Base
dn: o=NOVA
objectclass: dcObject
objectclass: organization
dc: NOVA
o: Red NOVA
description: Ejemplo de Red Samba-3 LDAP
# Organizational Role for Directory Management
dn: cn=Manager,o=NOVA
objectclass: organizationalRole
cn: Manager
description: Directory Manager
# Setting up container for users
dn: ou=People,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: People
# Setting up admin handle for People OU
dn: cn=manager,ou=People,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for groups
dn: ou=Groups,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Groups
# Setting up admin handle for Groups OU
dn: cn=manager,ou=Groups,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for computers
dn: ou=Computers,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Computers
# Setting up admin handle for Computers OU
dn: cn=manager,ou=Computers,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
Hos do I have to add users????
Thanks..
**********************************
Ing. Christian Arguello C.
Web: www.novadevices.com
Telèfono: (593-2) 225-7711 ext. 116
Celular: 099729119
Av. Brasil N45-08 y Condor, Quito Ecuador
**********************************
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list