[Samba] Samba 3.0.1 and LDAP

Norm Dressler ndressler at dinmar.com
Wed Feb 4 12:44:36 GMT 2004


Check out idealx.org (I think its .org) they have a great Webmin module
for Samba 3.0.1 and the latest schema.  If using the older schema, try
directory_administrator.  Idealx also has smbldap tools for command line
additions, deletions etc.

Norm

-----Original Message-----
From: samba-bounces+ndressler=dinmar.com at lists.samba.org
[mailto:samba-bounces+ndressler=dinmar.com at lists.samba.org]On Behalf Of
Christian Arguello
Sent: Tuesday, February 03, 2004 6:16 PM
To: samba at lists.samba.org
Subject: [Samba] Samba 3.0.1 and LDAP


I have configured my Samba to work with LDAP.
 
My question is:
 
How do I have to add users??? Should I use smbpasswd command or I have
to create an LDIF entry for each user that I have to add??
 
If I have to create an entry for each user, how do I get the
sambaLMPassword, SambaPrimaryGroupSID,userPassword,sambaSID and
sambaNTPassword, because in the “samba-how to” I see that this values
are encrypted.
 
Here is what I have done,
 
I have configure my smb.conf like this:
 
 
 [global]
        workgroup = NOVA
        server string = %h server (Samba %v) PDC
        interfaces = 192.168.1.0/255.255.255.0
        bind interfaces only = Yes
        obey pam restrictions = Yes
        passdb backend = ldapsam:ldap://localhost
        unix password sync = Yes
        log file = /var/log/samba/log.%m
        max log size = 1000
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
        logon script = netlogon.bat
        logon drive = H:
        logon home = \\%h\%U
        domain logons = Yes
        os level = 64
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        ldap suffix = "o=NOVA"
        ldap machine suffix = ou=Computers
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap admin dn = "cn=Admin,o=NOVA"
        ldap ssl = off
        ldap filter = (uid=%u)
        panic action = /usr/share/samba/panic-action %d
#        invalid users = root
 
[homes]
        comment = Home Directories
        read only = No
        create mask = 0700
        directory mask = 0700
        browseable = No
 
[netlogon]
        comment = Network Logon Service
        path = /home/samba
        browseable = No
 
[printers]
        comment = All Printers
        path = /tmp
        create mask = 0700
        printable = Yes
        browseable = No
 
[recurso1]
        comment = Recurso 1
        path = /home/samba/recurso1
        read only = No
        browseable = No
 
And then I have added the structure od my LDAP using this LDIF entry:
# Organizacion para Samba Base
dn: o=NOVA
objectclass: dcObject
objectclass: organization
dc: NOVA
o: Red NOVA
description: Ejemplo de Red Samba-3 LDAP
 
# Organizational Role for Directory Management
dn: cn=Manager,o=NOVA
objectclass: organizationalRole
cn: Manager
description: Directory Manager
 
# Setting up container for users
dn: ou=People,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: People
 
# Setting up admin handle for People OU
dn: cn=manager,ou=People,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
 
# Setting up container for groups
dn: ou=Groups,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Groups
 
# Setting up admin handle for Groups OU
dn: cn=manager,ou=Groups,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
 
# Setting up container for computers
dn: ou=Computers,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Computers
 
# Setting up admin handle for Computers OU
dn: cn=manager,ou=Computers,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
 
Hos do I have to add users????
 
 
Thanks..
 
 
 
**********************************
Ing. Christian Arguello C.
Web: www.novadevices.com
Telèfono: (593-2) 225-7711 ext. 116
Celular: 099729119
Av. Brasil N45-08 y Condor, Quito Ecuador
**********************************
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba





More information about the samba mailing list