I would notice that based on my experience, configuring Samba PDC + OpenLDAP on openSUSE 11.1 are a long journey that would bring you into headache, so you must be careful on copying the configuration and make a proper changes to meet with your environment. Please give me a comment if you found a typo or an error message while trying the tutorial.
I’m using vavai.net as domain name, server as hostname and 192.168.1.254 as server IP address.
INSTALLING BASE SYSTEM
- Install openSUSE with the default option. You may choose to use standard disk partition, LVM or a RAID array. Also, select your preferred interface between graphical or text mode environment
- Install the following pattern with YAST | Software | Software Management or Zypper : lamp_server dhcp_dns_server file_server directory_server
- Install following package using openSUSE Build Service : perl-Unicode-MapUTF8 perl-ldap smbldap-tools phpldapadmin
- Backup old Samba configuration
su cd /etc/samba/ mv smb.conf smb.conf.old
- Create a new /etc/samba/smb.conf with your preferred editor and with root permission. Copy-paste the following configuration and make a proper changes according to your environment :
# Primary Domain Controller smb.conf # Global parameters [global] unix charset = utf8 workgroup = VAVAI netbios name = server # passdb backend =ldapsam:"ldap://server.vavai.net" ## Leave it as is username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 0 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS add user script = /usr/sbin/smbldap-useradd -m '%u' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u' delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' logon script = logon.bat logon path = \serverprofiles%u logon drive = H: domain logons = Yes domain master = Yes wins support = Yes # peformance optimization all users stored in ldap ldapsam:trusted = yes ldap suffix = dc=vavai,dc=net ldap machine suffix = ou=Computers,ou=Users ldap user suffix = ou=People,ou=Users ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=vavai,dc=net idmap backend = ldap://127.0.0.1 idmap uid = 10000-20000 idmap gid = 10000-20000 printer admin = root printing = cups #========================Share Definitions========================= [homes] comment = Home Directories valid users = %S browseable = yes writable = yes create mask = 0600 directory mask = 0700 [sysvol] path = /data/samba/sysvol read only = no [netlogon] comment = Network Logon Service path = /data/samba/sysvol/vavai.net/scripts writeable = yes browseable = yes read only = no [profiles] path = /data/samba/profiles writeable = yes browseable = no read only = no create mode = 0777 directory mode = 0777 [Documents] comment = share to test samba path = /data/documents writeable = yes browseable = yes read only = no valid users = "@Domain Users"
- Create Samba folder
mkdir /data mkdir /data/samba mkdir /data/samba/sysvol mkdir /data/samba/sysvol/vavai.net mkdir /data/samba/sysvol/vavai.net/scripts mkdir /data/documents mkdir /data/samba/profiles
- Edit /etc/hosts so the content would like this :
# IP-Address FullyQualifiedHostName ShortHostname # 127.0.0.1Â localhost localhost.localdomain 192.168.1.254 server server.vavai.net
- Get the Samba server Local SID with the following command :
Samba will response with the SID for domain, ex : SID for domain SERVER is: S-1-2-33-4444444444-5555555555-6666666666. Write it because we will need the SID for smbldap-tools
- Edit /etc/samba/smb.conf and remove the mark from the following line :
# passdb backend =ldapsam:"ldap://server.vavai.net" ## Leave it as is
so, it will looks like this :
passdb backend =ldapsam:"ldap://server.vavai.net"
We will continue to the second tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Configuring LDAP Server