I have configured my Samba to work with LDAP.
My question is:
How do I have to add users??? Should I use smbpasswd command or I have
to create an LDIF entry for each user that I have to add??
If I have to create an entry for each user, how do I get the
sambaLMPassword, SambaPrimaryGroupSID,userPassword,sambaSID and
sambaNTPassword, because in the ?samba-how to? I see that this values
are encrypted.
Here is what I have done,
I have configure my smb.conf like this:
[global]
workgroup = NOVA
server string = %h server (Samba %v) PDC
interfaces = 192.168.1.0/255.255.255.0
bind interfaces only = Yes
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://localhost
unix password sync = Yes
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
logon script = netlogon.bat
logon drive = H:
logon home = \\%h\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap suffix = "o=NOVA"
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = "cn=Admin,o=NOVA"
ldap ssl = off
ldap filter = (uid=%u)
panic action = /usr/share/samba/panic-action %d
# invalid users = root
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba
browseable = No
[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No
[recurso1]
comment = Recurso 1
path = /home/samba/recurso1
read only = No
browseable = No
And then I have added the structure od my LDAP using this LDIF entry:
# Organizacion para Samba Base
dn: o=NOVA
objectclass: dcObject
objectclass: organization
dc: NOVA
o: Red NOVA
description: Ejemplo de Red Samba-3 LDAP
# Organizational Role for Directory Management
dn: cn=Manager,o=NOVA
objectclass: organizationalRole
cn: Manager
description: Directory Manager
# Setting up container for users
dn: ou=People,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: People
# Setting up admin handle for People OU
dn: cn=manager,ou=People,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for groups
dn: ou=Groups,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Groups
# Setting up admin handle for Groups OU
dn: cn=manager,ou=Groups,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for computers
dn: ou=Computers,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Computers
# Setting up admin handle for Computers OU
dn: cn=manager,ou=Computers,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
Hos do I have to add users????
Thanks..
**********************************
Ing. Christian Arguello C.
Web: www.novadevices.com
Tel?fono: (593-2) 225-7711 ext. 116
Celular: 099729119
Av. Brasil N45-08 y Condor, Quito Ecuador
**********************************
Check out idealx.org (I think its .org) they have a great Webmin module
for Samba 3.0.1 and the latest schema. If using the older schema, try
directory_administrator. Idealx also has smbldap tools for command line
additions, deletions etc.
Norm
-----Original Message-----
From: samba-bounces+ndressler=dinmar.com@lists.samba.org
[mailto:samba-bounces+ndressler=dinmar.com@lists.samba.org]On Behalf Of
Christian Arguello
Sent: Tuesday, February 03, 2004 6:16 PM
To: samba@lists.samba.org
Subject: [Samba] Samba 3.0.1 and LDAP
I have configured my Samba to work with LDAP.
My question is:
How do I have to add users??? Should I use smbpasswd command or I have
to create an LDIF entry for each user that I have to add??
If I have to create an entry for each user, how do I get the
sambaLMPassword, SambaPrimaryGroupSID,userPassword,sambaSID and
sambaNTPassword, because in the ?samba-how to? I see that this values
are encrypted.
Here is what I have done,
I have configure my smb.conf like this:
[global]
workgroup = NOVA
server string = %h server (Samba %v) PDC
interfaces = 192.168.1.0/255.255.255.0
bind interfaces only = Yes
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://localhost
unix password sync = Yes
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
logon script = netlogon.bat
logon drive = H:
logon home = \\%h\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap suffix = "o=NOVA"
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = "cn=Admin,o=NOVA"
ldap ssl = off
ldap filter = (uid=%u)
panic action = /usr/share/samba/panic-action %d
# invalid users = root
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba
browseable = No
[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No
[recurso1]
comment = Recurso 1
path = /home/samba/recurso1
read only = No
browseable = No
And then I have added the structure od my LDAP using this LDIF entry:
# Organizacion para Samba Base
dn: o=NOVA
objectclass: dcObject
objectclass: organization
dc: NOVA
o: Red NOVA
description: Ejemplo de Red Samba-3 LDAP
# Organizational Role for Directory Management
dn: cn=Manager,o=NOVA
objectclass: organizationalRole
cn: Manager
description: Directory Manager
# Setting up container for users
dn: ou=People,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: People
# Setting up admin handle for People OU
dn: cn=manager,ou=People,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for groups
dn: ou=Groups,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Groups
# Setting up admin handle for Groups OU
dn: cn=manager,ou=Groups,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
# Setting up container for computers
dn: ou=Computers,o=NOVA
objectclass: top
objectclass: organizationalUnit
ou: Computers
# Setting up admin handle for Computers OU
dn: cn=manager,ou=Computers,o=NOVA
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913
Hos do I have to add users????
Thanks..
**********************************
Ing. Christian Arguello C.
Web: www.novadevices.com
Tel?fono: (593-2) 225-7711 ext. 116
Celular: 099729119
Av. Brasil N45-08 y Condor, Quito Ecuador
**********************************
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
samba.idealx.org Look for the smbldap tools there, nice scripts. --- Christian Arguello <carguello@novadevices.com> wrote:> I have configured my Samba to work with LDAP. > > My question is: > > How do I have to add users??? Should I use smbpasswd > command or I have > to create an LDIF entry for each user that I have to > add?? > > If I have to create an entry for each user, how do I > get the > sambaLMPassword, > SambaPrimaryGroupSID,userPassword,sambaSID and > sambaNTPassword, because in the “samba-how to” I see > that this values > are encrypted. > > Here is what I have done, > > I have configure my smb.conf like this: > > > [global] > workgroup = NOVA > server string = %h server (Samba %v) PDC > interfaces = 192.168.1.0/255.255.255.0 > bind interfaces only = Yes > obey pam restrictions = Yes > passdb backend = ldapsam:ldap://localhost > unix password sync = Yes > log file = /var/log/samba/log.%m > max log size = 1000 > socket options = TCP_NODELAY IPTOS_LOWDELAY > SO_RCVBUF=8192 > SO_SNDBUF=8192 > logon script = netlogon.bat > logon drive = H: > logon home = \\%h\%U > domain logons = Yes > os level = 64 > preferred master = Yes > domain master = Yes > dns proxy = No > wins support = Yes > ldap suffix = "o=NOVA" > ldap machine suffix = ou=Computers > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap admin dn = "cn=Admin,o=NOVA" > ldap ssl = off > ldap filter = (uid=%u) > panic action = /usr/share/samba/panic-action > %d > # invalid users = root > > [homes] > comment = Home Directories > read only = No > create mask = 0700 > directory mask = 0700 > browseable = No > > [netlogon] > comment = Network Logon Service > path = /home/samba > browseable = No > > [printers] > comment = All Printers > path = /tmp > create mask = 0700 > printable = Yes > browseable = No > > [recurso1] > comment = Recurso 1 > path = /home/samba/recurso1 > read only = No > browseable = No > > And then I have added the structure od my LDAP using > this LDIF entry: > # Organizacion para Samba Base > dn: o=NOVA > objectclass: dcObject > objectclass: organization > dc: NOVA > o: Red NOVA > description: Ejemplo de Red Samba-3 LDAP > > # Organizational Role for Directory Management > dn: cn=Manager,o=NOVA > objectclass: organizationalRole > cn: Manager > description: Directory Manager > > # Setting up container for users > dn: ou=People,o=NOVA > objectclass: top > objectclass: organizationalUnit > ou: People > > # Setting up admin handle for People OU > dn: cn=manager,ou=People,o=NOVA > cn: admin > objectclass: top > objectclass: organizationalRole > objectclass: simpleSecurityObject > userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913 > > # Setting up container for groups > dn: ou=Groups,o=NOVA > objectclass: top > objectclass: organizationalUnit > ou: Groups > > # Setting up admin handle for Groups OU > dn: cn=manager,ou=Groups,o=NOVA > cn: admin > objectclass: top > objectclass: organizationalRole > objectclass: simpleSecurityObject > userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913 > > # Setting up container for computers > dn: ou=Computers,o=NOVA > objectclass: top > objectclass: organizationalUnit > ou: Computers > > # Setting up admin handle for Computers OU > dn: cn=manager,ou=Computers,o=NOVA > cn: admin > objectclass: top > objectclass: organizationalRole > objectclass: simpleSecurityObject > userPassword: {SSHA}b+Gszh0xlAwTHIMFYNCBOd5Ck9b4Q913 > > Hos do I have to add users???? > > > Thanks.. > > > > ********************************** > Ing. Christian Arguello C. > Web: www.novadevices.com > Telèfono: (593-2) 225-7711 ext. 116 > Celular: 099729119 > Av. Brasil N45-08 y Condor, Quito Ecuador > ********************************** > > -- > To unsubscribe from this list go to the following > URL and read the > instructions:http://lists.samba.org/mailman/listinfo/samba ====Terry __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/