[Samba] making BDC samba + ldap server

Sun Feb 20 07:14:10 MST 2011

Hi

Ok, and how I config nss_ldap? When I copy all database is included?

Sorry for the newbie questions, If any time comes to barcelona contact me,
you has a beer paid (Daniel too)  :-)

Thanks and Best Regards

2011/2/20 <tms3 at tms3.com>

>
>
> Hi
>
> Thanks, this howto for me its better. I have other doubt, syncrepl needs to
> be installed or comes integrated with slapd daemon?
>
> It is all part of the openldap suite.
>
>
>
> And to transfer all shared samba folders and profile content, when it's the
> better moment? I understand when samba is down or when is up?
>
> Depends on the permissions. However, so long as ALL the files to be
> transferred belong to users in LDAP then, with nss_ldap properly configured,
> any copy that preserves permissions should be fine.
>
>
>
> Thanks and Best Regards
>
> 2011/2/20 <tms3 at tms3.com>
>
>>
>>
>> Now you are on to copy your slapd.conf and ldap.conf to your new machine:
>> Ex: scp slapd.conf root at 2machine:/etc/openldap
>>
>> ---------------------------HOw I can make this If slurpd is deprecated?
>> The guide
>>
>>
>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html
>>
>> not's easy to understand, not exist other howto more simple?
>>
>> Here is another guide. The first link is quite comprehensive.
>> http://www.zytrax.com/books/ldap/ch7/
>>
>> The entire online manual is a good read. I highly recommend it.
>>
>>
>>
>> >>>>Now important I do the trick with slurpd. There are many other ways
>> but this
>> >>>>is easy.
>> >>>>Slurpd should be installed on your Master an only there.
>> >>>>So go in to the slapd.conf on your master and put a few lines in it at
>> the
>> >>>>end.
>> >>>>Be carefull all tabs must fit exact as this example:
>>
>> replica uri=ldap://IPOFYOUR2MACHINE:389
>> binddn="cn=youradmin,dc=your,dc=ldap"
>>  suffix="dc=yourc,dc=ldap"
>>  bindmethod=simple
>>  credentials=securepassword
>>
>> I understand the part of backup slapd only works with the service stopped?
>>
>>
>> Well Im grateful for all your time :-)
>>
>> Thanks and Best Regards
>>
>>
>>
>> 2011/2/18 <tms3 at tms3.com>
>>
>>>
>>>
>>> In my hint I think your samba PDC/Ldap is cuurently working well!
>>> First of all install a second machine with the samba and ldap.
>>> Do not start samba, do not start ldap.
>>> The ldap database should be nearly empty ex:/var/lib/ldap
>>>
>>> Now copy your smb.conf to your new machine ex: scp root at 2machine
>>> :/etc/samba
>>> Edit the smb.conf to your needs and adjust it to be a bdc:
>>> domain master=NO
>>> domain logons=YES
>>> Make a testparm it should succed like this:
>>> testparm
>>> Load smb config files from /etc/samba/smb.conf
>>> Processing section "[netlogon]"
>>> WARNING: The "share modes" option is deprecated
>>> Processing section "[sysvol]"
>>> WARNING: The "share modes" option is deprecated
>>> Processing section "[homes]"
>>> Processing section "[profiles]"
>>> Processing section "[alles]"
>>> Processing section "[printers]"
>>> Processing section "[print$]"
>>> Loaded services file OK.
>>> Server role: ROLE_DOMAIN_BDC <----------------------------you are a BDC
>>> Press enter to see a dump of your service definitions
>>>
>>> Yes very nice!
>>>
>>>
>>>
>>> Now you are on to copy your slapd.conf and ldap.conf to your new machine:
>>> Ex: scp slapd.conf root at 2machine:/etc/openldap
>>>
>>> Now important I do the trick with slurpd.
>>>
>>> Sorry, but Slurpd is depricated and no longer available in Openldap since
>>> 2.3
>>> http://www.openldap.org/doc/admin24/replication.html#Replacing%20Slurpd
>>>
>>> Here is nice overview of the way LDAP currently works:
>>>
>>>
>>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html
>>>
>>> Once you have sync-repl set up on the current master, and a proper
>>> slapd.conf and ldap.conf file on the new machine, start ldap, then
>>>
>>> smbpasswd -w <ldap-master-passwd>
>>> net rpc join -U<administrator> <domain name>
>>>
>>> Done.
>>>
>>
>>
>>
>
>