[Samba] Samba 3.0.1 and LDAP
Terry
td3201 at yahoo.com
Wed Feb 4 15:18:00 GMT 2004
samba.idealx.org
Look for the smbldap tools there, nice scripts.
--- Christian Arguello <carguello at novadevices.com>
wrote:
> I have configured my Samba to work with LDAP.
>
> My question is:
>
> How do I have to add users??? Should I use smbpasswd
> command or I have
> to create an LDIF entry for each user that I have to
> add??
>
> If I have to create an entry for each user, how do I
> get the
> sambaLMPassword,
> SambaPrimaryGroupSID,userPassword,sambaSID and
> sambaNTPassword, because in the “samba-how to” I see
> that this values
> are encrypted.
>
> Here is what I have done,
>
> I have configure my smb.conf like this:
>
>
> [global]
> workgroup = NOVA
> server string = %h server (Samba %v) PDC
> interfaces = 192.168.1.0/255.255.255.0
> bind interfaces only = Yes
> obey pam restrictions = Yes
> passdb backend = ldapsam:ldap://localhost
> unix password sync = Yes
> log file = /var/log/samba/log.%m
> max log size = 1000
> socket options = TCP_NODELAY IPTOS_LOWDELAY
> SO_RCVBUF=8192
> SO_SNDBUF=8192
> logon script = netlogon.bat
> logon drive = H:
> logon home = \\%h\%U
> domain logons = Yes
> os level = 64
> preferred master = Yes
> domain master = Yes
> dns proxy = No
> wins support = Yes
> ldap suffix = "o=NOVA"
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=People
> ldap group suffix = ou=Groups
> ldap admin dn = "cn=Admin,o=NOVA"
> ldap ssl = off
> ldap filter = (uid=%u)
> panic action = /usr/share/samba/panic-action
> %d
> # invalid users = root
>
> [homes]
> comment = Home Directories
> read only = No
> create mask = 0700
> directory mask = 0700
> browseable = No
>
> [netlogon]
> comment = Network Logon Service
> path = /home/samba
> browseable = No
>
> [printers]
> comment = All Printers
> path = /tmp
> create mask = 0700
> printable = Yes
> browseable = No
>
> [recurso1]
> comment = Recurso 1
> path = /home/samba/recurso1
> read only = No
> browseable = No
>
> And then I have added the structure od my LDAP using
> this LDIF entry:
> # Organizacion para Samba Base
> dn: o=NOVA
> objectclass: dcObject
> objectclass: organization
> dc: NOVA
> o: Red NOVA
> description: Ejemplo de Red Samba-3 LDAP
>
> # Organizational Role for Directory Management
> dn: cn=Manager,o=NOVA
> objectclass: organizationalRole
> cn: Manager
> description: Directory Manager
>
> # Setting up container for users
> dn: ou=People,o=NOVA
> objectclass: top
> objectclass: organizationalUnit
> ou: People
>
> # Setting up admin handle for People OU
> dn: cn=manager,ou=People,o=NOVA
> cn: admin
> objectclass: top
> objectclass: organizationalRole
> objectclass: simpleSecurityObject
> userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
>
> # Setting up container for groups
> dn: ou=Groups,o=NOVA
> objectclass: top
> objectclass: organizationalUnit
> ou: Groups
>
> # Setting up admin handle for Groups OU
> dn: cn=manager,ou=Groups,o=NOVA
> cn: admin
> objectclass: top
> objectclass: organizationalRole
> objectclass: simpleSecurityObject
> userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
>
> # Setting up container for computers
> dn: ou=Computers,o=NOVA
> objectclass: top
> objectclass: organizationalUnit
> ou: Computers
>
> # Setting up admin handle for Computers OU
> dn: cn=manager,ou=Computers,o=NOVA
> cn: admin
> objectclass: top
> objectclass: organizationalRole
> objectclass: simpleSecurityObject
> userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
>
> Hos do I have to add users????
>
>
> Thanks..
>
>
>
> **********************************
> Ing. Christian Arguello C.
> Web: www.novadevices.com
> Telèfono: (593-2) 225-7711 ext. 116
> Celular: 099729119
> Av. Brasil N45-08 y Condor, Quito Ecuador
> **********************************
>
> --
> To unsubscribe from this list go to the following
> URL and read the
> instructions:
http://lists.samba.org/mailman/listinfo/samba
=====
Terry
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/
More information about the samba
mailing list