>samba+ldap setup

By | December 23, 2010

>

After working around 2 years on samba+ldap setup, i can say it is stable and most useful , where we need linux based authentication server to authenticate windows users.   Users, computers and group account get stored in ldap(openldap) format in samba+ldap setup, same as in windows Active Directory . My ideal setup that is functioning properly from last 2 years without any issues is as follows .


My smb.conf files content is as follows 
——————————————–
[global]
workgroup = test
server string = test1
netbios name = test1
ldap passwd sync = yes
security = user
passdb backend = ldapsam:ldap://127.0.0.1
ldap suffix = dc=test,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap admin dn= "uid=root,ou=People,dc=test,dc=com"
domain master = yes
domain logons = yes
logon path =     
add user script = /usr/sbin/smbldap-useradd "%u"
add group script = /usr/sbin/smbldap-groupadd "%g"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
delete group script = /usr/sbin/smbldap-groupdel "%g"
local master =  yes
os level = 254
preferred master = yes
wins support = yes

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = yes
writable = no
share modes = no
------------------------------------------------------
My ldap server configuration is as follows 
(content of slapd.conf file)
------------------------------------------------------
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/inetorgperson.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
access to *
by self write
by users read
by anonymous read
database bdb
suffix "dc=test,dc=com"
rootdn="cn=Manager,dc=test,dc=com"
rootpw {SSHA}oifg.ytugjhkk
directory /var/lib/ldap/test.com
index uidNumber,gidNumber
------------------------------------------------------
Note: Ensure that samba.schema file 
present is /etc/openldap/schema directory.
If not present, search samba.schema file on system 
and copy that file in /etc/openldap/schema
 
Download & install  smbldap tool from following link.
http://tinyurl.com/344ypzg
 
For any query or error you can mail us on:
 linuxtovishesh@gmail.com,also can chat on same id 
Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *