[Samba] phpldapadmin URI

Rowland Penny rowlandpenny at googlemail.com
Fri May 2 03:14:49 MDT 2014


On 02/05/14 03:37, Stuart Naylor wrote:
> Nope, didn't work.
>
> Are you using samba4 as an AD or in classic mode?
>
> As far as I can tell you have to change the modules and it would never just log in with just a fixed list entry.
>
> I like the look of Lam but there is so much that makes it a no brainer for Lam Pro that I don't think I am going to waste my time.
>
> Many thanks about the SSL tunnelling, to be honest I don't want go that way.
>
> I know it might seem a little contrite but I don't want to add any complexity as it just makes for harder problems.
>
> I don't mind paying but the cost of Lam for what it does ! I would just use Jxplorer.
>
> That is why phpldapadmin did seem to be the only one that could simply run on localhost without excessive cost or network arrangements.
>
> Stuart
>
>   
>   
> -----Original message-----
>> From:mourik jan heupink - merit <heupink at merit.unu.edu>
>> Sent: Thursday 1st May 2014 20:03
>> To: Stuart Naylor <stuartiannaylor at thursbygarden.org>; samba at lists.samba.org
>> Subject: Re: [Samba] phpldapadmin URI
>>
>> Hi,
>>
>> On 05/01/2014 03:32 PM, Stuart Naylor wrote:
>>> My first go with LAM was straight from the wheezy repo's and I think that must be an old version.
>>>
>>> I am now running 4.5-1 and trying to get it to connect.
>>>
>>> I have enabled the windows module.
>>>
>>> Mourik you would you be so kind and send me your connection settings as I have tried so many combinations so far that I think I need to come back to it.
>> There were no special settings...just the correct 'tree suffix' (base
>> dn), add account types and their respective tree suffixes.
>>
>> Under login method I selected a fixed list, and added some domain admin
>> users there.
>>
>> This does not work for you?
>>
>> MJ
>>
>>
Hi Stuart,

This is how I got Ldap-account-manager to work for me.

install ldap-account-manager on your ad server

in your browser goto http://ip-of-your-ad-server/lam

Click on 'LAM configuration' (top right corner)

Click 'Edit server profiles'

Enter the password (lam) and click Ok

General settings tab:

change the tree suffix under 'Server settings'
change the List of valid users under 'Security settings'

Account types tab:

Change the suffix in Users, Groups and Hosts
turn off 'Samba domains' (click the red X)

Modules tab:

Select the following modules:

Users:
Windows (windowsUser)(*)
Unix (posixAccount)

Groups:
Windows  (windowsGroup)(*)
Unix (windowsPosixGroup)

Hosts:
Windows (windowsHost)(*)

Module settings tab:
Add your domain (workgroup) under 'Windows'

Now click 'Save' at the bottom of the page.

This will bring you back to the login page, enter a username (if you 
entered more than one to the list), then enter the users password and 
click 'login'.

This will get you to where I am now, it will display a list of all your 
users and if you click the relevant tab, your groups and hosts.

On the right hand side of the top bar is 'Tree view', if you click this, 
you will get something very similar to what phpldapadmin displays.

If you come back to the users page, at the top left is a 'New user' 
button, if you click this, you should be able to add a user. 
Unfortunately, this is where it went pear shaped for me, I do not have 
anywhere in AD, any of the posix objectClasses and it would seem that 
lam depends on these, I just get a red banner across the top of the 
screen with 'No Unix groups found in LDAP! Please create one first.'
I have reported this to lam and it will be changed for version 4.6

I also tried phpldapadmin, I finally got this to work on Ubuntu 14.04 
after:
a) sorting out the installation problem, it tried to put the apache conf 
in a directory that didn't exist.
b) patching phpldapadmin (with patches I got from iRedmail of all 
places) because out of the box it will not work with PHP 5.5.

I couldn't get it to work correctly at all, it doesn't seem to 
understand AD and I do not think that it understands unicode passwords.

Rowland



More information about the samba mailing list