Chris Smart wrote:> I've written a HowTo for 'Samba domain with LDAP back end' and am > looking for people to test it and tell me the stupid things I did.Thanks for posting the URL. I just did a presentation which I do not cover LDAP back ends in, and I had a question about just such a configuration, so I will pass this along to him. For reference, my presentation can be found at this URL. "Samba 3 PDC for Windows Clients and Samba 3 Book Review" http://www.lueckdatasystems.com/pub/presentations/iccm2007.pdf http://www.lueckdatasystems.com/pub/presentations/iccm2007.zip I did not get all of the dust knocked out before the presentation... but after I think two years since I had last given the presentation I definitely got my work out getting the presentation polished up as much as I did. (Scripts and config files are in the zip file.) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, I've written a HowTo for 'Samba domain with LDAP back end' and am looking for people to test it and tell me the stupid things I did. I also wanted to put the HowTo out there in case others wanted to do something similar and because I know you've got nothing better to do on your weekend than play with Linux ;) I'm by no means a Samba expert so please let me know if you have any suggestions or improvements :) It's wikified online at : "http://wiki.makethemove.net/index.php?title=LDAP-Samba" Cheers, Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGhZEUhZNk0P/rW0sRAh8BAJ95eeVcCxBYFFwzfWMdkbEjug54RwCfcjK9 ikf7ESxzLQw2NKriYXlSK9Q=SvcM -----END PGP SIGNATURE-----
Hi Chris! Although ubutu-ish, the how to seems to reunite plenty of information, specially an 'ldap primer'. I MUST ask you about the output of wbinfo -g and wbinfo -u. I just wonder if it is ever possible to get Samba as a PDC(without and windows AD as master) to report groups and users via wbinfo, thus making life with squid easier. I guess you'll need to run/setup winbindd for this task. Could you try it and report please? Thanks! Mauricio Chris Smart wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > I've written a HowTo for 'Samba domain with LDAP back end' and am > looking for people to test it and tell me the stupid things I did. > > I also wanted to put the HowTo out there in case others wanted to do > something similar and because I know you've got nothing better to do on > your weekend than play with Linux ;) > > I'm by no means a Samba expert so please let me know if you have any > suggestions or improvements :) > > It's wikified online at : > "http://wiki.makethemove.net/index.php?title=LDAP-Samba" > > Cheers, > Chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFGhZEUhZNk0P/rW0sRAh8BAJ95eeVcCxBYFFwzfWMdkbEjug54RwCfcjK9 > ikf7ESxzLQw2NKriYXlSK9Q> =SvcM > -----END PGP SIGNATURE----- >
Chris Smart wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > I've written a HowTo for 'Samba domain with LDAP back end' and am > looking for people to test it and tell me the stupid things I did. > > I also wanted to put the HowTo out there in case others wanted to do > something similar and because I know you've got nothing better to do on > your weekend than play with Linux ;) > > I'm by no means a Samba expert so please let me know if you have any > suggestions or improvements :) > > It's wikified online at : > "http://wiki.makethemove.net/index.php?title=LDAP-Samba" > > >Am still reading it... :) However, I wanted to take a moment to mention the smbldap-installer at http://majen.net/smbldap/ It rocks! I am glad to see you covering some areas not covered in many howto's. Questions that may come up in setting up a pdc may be... Folder redirection using policy files, etc. How to copy existing profiles to the roaming profiles. Giving a user permission to join the domain. (so folks aren't running around with the root password) net rpc rights grant "Domain Admins" SeMachineAccountPrivilege and possibly these as well.. SeMachineAccountPrivilege \ SeTakeOwnershipPrivilege \ SeBackupPrivilege \ SeRestorePrivilege \ SeRemoteShutdownPrivilege \ SePrintOperatorPrivilege \ SeAddUsersPrivilege \ -- This message has been scanned for viruses and dangerous content by RCRnet, and is believed to be clean.