[Samba] what OS do you use for Samba? (short FreeBSD how-to)

Nathan Vidican nvidican at wmptl.com
Mon Nov 27 13:33:55 GMT 2006 

Charles Marcus wrote:
>> http://www.FreeBSD.org/ <-- check it out, been running Samba+LDAP
>> directory services with unified logon for Windows, Unix, and
>> Intranet/Groupware for several years now, easy to upgrade, and
>> rock-solid stability (server uptimes > 370 days).
>
> Hi Nathan,
>
> Ben giving serious thought to giving FreeBSD a try for Samba - is 
> there a good HowTo for getting Samba+LDAP working on FreeBSD that you 
> know of?
>
> Thanks,
>
Personally, I always prefer to compile my own apps using the ports 
collection, so to install Samba+LDAP via the ports collection for FreeBSD:

freebsd# cd /usr/ports/net/openldap23-server
freebsd# make && make install

...

freebsd# cd /usr/ports/net/samba3/
freebsd# make && make install

...

freebsd# vi /usr/local/etc/openldap/slapd.conf
freebsd# echo 'slapd_enable="YES"' >> /etc/rc.conf
freebsd# /usr/local/etc/rc.d/slapd.sh start

freebsd# vi /usr/local/etc/smb.conf
freebsd# echo 'samba_enable="YES"' >> /etc/rc.conf
freebsd# /usr/local/etc/rc.d/samba.sh start


That's it! (in a nutshell; assuming you follow the docs and modify 
according to your requirements)

Optionally, if you wish to make the FreeBSD users (local/unix users) 
also authenticate and obtain session information from LDAP, (which 
you'll probably want to do), then:

freebsd# cd /usr/ports/security/pam_ldap
freebsd# make && make install
...
 - make sure local ldap connections work (check/edit 
/usr/local/etc/ldap.conf as required, do 'ldapsearch -x')
...
freebsd# cd /etc/pam.d
freebsd# vi system
 - add two lines that looks like this towards the top of the file:
       auth          sufficient      pam_ldap.so
       account    sufficient       pam_ldap.so
 - alternatively, edit other places you want to  (ie: ftpd)
 - editing pam.d/* files will take effect almost immediately
freebsd# cd /usr/ports/net/nss_ldap
freebsd# make && make install
freebsd# vi /etc/nsswitch.conf
 - change the line for passwd, and groups like so:
      passwd: files ldap
      group: files ldap

That should be it; mind you there are some blanks to be filled in... but 
that's the basic process. You'll have all users, passwords, groups, and 
account information binding to ldap from both samba and FreeBSD this 
way. I'd also reccomend going to /usr/ports/net/lam and installing 'LDAP 
Account Manager' - simple to use php/web-based app for managing the LDAP 
directory (used to create/modify accounts, groups, passwords in the 
database - also has a nifty pdf/reporting utility).

Anyhow, that's a quick start... try it on your own, and post a more 
specific question should you run into anything. It really is fairly 
painless though ;)

--
Nathan Vidican
nvidican at wmptl.com

More information about the samba mailing list