I would notice that based on my experience, configuring Samba PDC + OpenLDAP on openSUSE 11.1 are a long journey that would bring you into headache, so you must be careful on copying the configuration and make a proper changes to meet with your environment. Please give me a comment if you found a typo or an error message while trying the tutorial.
I’m using vavai.net as domain name, server as hostname and 192.168.1.254 as server IP address.
INSTALLING BASE SYSTEM
- Install openSUSE with the default option. You may choose to use standard disk partition, LVM or a RAID array. Also, select your preferred interface between graphical or text mode environment
- Install the following pattern with YAST | Software | Software Management or Zypper : lamp_server dhcp_dns_server file_server directory_server
- Install following package using openSUSE Build Service : perl-Unicode-MapUTF8 perl-ldap smbldap-tools phpldapadmin
CONFIGURING SAMBA
- Backup old Samba configuration
[code language=’cpp’]
su
cd /etc/samba/
mv smb.conf smb.conf.old
[/code] - Create a new /etc/samba/smb.conf with your preferred editor and with root permission. Copy-paste the following configuration and make a proper changes according to your environment :
[code language=’cpp’]
# Primary Domain Controller smb.conf
# Global parameters
[global]
unix charset = utf8
workgroup = VAVAI
netbios name = server
# passdb backend =ldapsam:”ldap://server.vavai.net” ## Leave it as is
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
add user script = /usr/sbin/smbldap-useradd -m ‘%u’
delete user script = /usr/sbin/smbldap-userdel ‘%u’
add group script = /usr/sbin/smbldap-groupadd -p ‘%g’
delete group script = /usr/sbin/smbldap-groupdel ‘%g’
add user to group script = /usr/sbin/smbldap-groupmod -m ‘%g’ ‘%u’
delete user from group script = /usr/sbin/smbldap-groupmod -x ‘%g’ ‘%u’
set primary group script = /usr/sbin/smbldap-usermod -g ‘%g’ ‘%u’
add machine script = /usr/sbin/smbldap-useradd -w ‘%u’
logon script = logon.bat
logon path = \serverprofiles%u
logon drive = H:
domain logons = Yes
domain master = Yes
wins support = Yes
# peformance optimization all users stored in ldap
ldapsam:trusted = yes
ldap suffix = dc=vavai,dc=net
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=People,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=vavai,dc=net
idmap backend = ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = root
printing = cups
#========================Share Definitions=========================
[homes]
comment = Home Directories
valid users = %S
browseable = yes
writable = yes
create mask = 0600
directory mask = 0700
[sysvol]
path = /data/samba/sysvol
read only = no
[netlogon]
comment = Network Logon Service
path = /data/samba/sysvol/vavai.net/scripts
writeable = yes
browseable = yes
read only = no
[profiles]
path = /data/samba/profiles
writeable = yes
browseable = no
read only = no
create mode = 0777
directory mode = 0777
[Documents]
comment = share to test samba
path = /data/documents
writeable = yes
browseable = yes
read only = no
valid users = “@Domain Users”
[/code] - Create Samba folder
[code language=’cpp’]
mkdir /data
mkdir /data/samba
mkdir /data/samba/sysvol
mkdir /data/samba/sysvol/vavai.net
mkdir /data/samba/sysvol/vavai.net/scripts
mkdir /data/documents
mkdir /data/samba/profiles
[/code] - Edit /etc/hosts so the content would like this :
[code language=’cpp’]
# IP-Address FullyQualifiedHostName ShortHostname
#
127.0.0.1Â localhost localhost.localdomain
192.168.1.254 server server.vavai.net
[/code] - Get the Samba server Local SID with the following command :
[code language=’cpp’]
net getlocalsid
[/code]
Samba will response with the SID for domain, ex : SID for domain SERVER is: S-1-2-33-4444444444-5555555555-6666666666. Write it because we will need the SID for smbldap-tools - Edit /etc/samba/smb.conf and remove the mark from the following line :
[code language=’cpp’]
# passdb backend =ldapsam:”ldap://server.vavai.net” ## Leave it as is
[/code]
so, it will looks like this :
[code language=’cpp’]
passdb backend =ldapsam:”ldap://server.vavai.net”
[/code]
We will continue to the second tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Configuring LDAP Server
I have been searching online for articles like this and appreciate the tim and effort you put into helping folks like me. Thank you
Hi,
I have configured samba pdc with ldap as backend…. i am able to add all win clients… Now i need to set up samba bdc with ldap as backend …can u guide me for this …..For me i am able to create samba bdc but i am facing problems with ldap …..Kindly guide me on this ….please provide sum docs
Hi,
I have configured samba pdc with ldap as backend…. i am able to add all win clients… Now i need to set up samba bdc with ldap as backend …can u guide me for this …..For me i am able to create samba bdc but i am facing problems with ldap …..Kindly guide me on this ….please provide sum docs
I am using SLES 11….. i configured everything using Yast