0% found this document useful (0 votes)

8 views8 pages

samba_ldap

The document provides a comprehensive guide on installing and configuring Samba and OpenLDAP, including steps for setting up user groups and shared folders. It details commands for installing necessary packages, configuring LDAP settings, and modifying Samba configuration files. Additionally, it includes instructions for adding users and groups, as well as creating shared directories with appropriate permissions.

Uploaded by

6204576707rup

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

8 views8 pages

samba_ldap

Uploaded by

6204576707rup

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 8

Installing Samba.........................................................................................................................................2
Configure OpenLdap..................................................................................................................................2
Configure Samba........................................................................................................................................3
Configure smbldap Tools...........................................................................................................................7
Adding User Groups and Shared Folders..................................................................................................9
Installing Samba

Setting Rpmforge repository ..

rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

rpm -ivh http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

yum repolist

yum install openldap-servers nss_ldap samba httpd openssl mod_ssl mysql mysql-server php php-xml
php-ldap php-mysql php-pdo php-cli php-common smbldap-tools
perl-LDAP perl-Crypt-SmbHash smbldap-tools perl-Digest-SHA1 perl-Unicode-MapUTF8 openldap-
clients

Configure OpenLdap
mv -f /etc/openldap/slapd.conf /etc/openldap/slapd.conf.dist

Generate a master password to set up ldap

slappasswd
New password:
Re-enter new password:
{SSHA}et/Lp4/V1wigdaP0pfeQtQIpT1PPJY8+

Copy this ssha encrypted password we will use it in the configuretion

vi /etc/openldap/slapd.conf

include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema

allow bind_v2

pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args

access to
attrs=userPassword,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange
by self write
by anonymous auth
by * none

access to *
by self write
by * read

database bdb
suffix "dc=sceh,dc=net"
rootdn "cn=Manager,dc=sceh,dc=net"
rootpw {SSHA}et/Lp4/V1wigdaP0pfeQtQIpT1PPJY8+
password-hash {SSHA}
directory /var/lib/ldap

index cn,sn,uid,displayName pres,sub,eq

index uidNumber,gidNumber eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index objectClass pres,eq
index default sub

cp /usr/share/doc/samba-3.*/LDAP/samba.schema /etc/openldap/schema/
cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown ldap:ldap /var/lib/ldap/DB_CONFIG
chmod 600 /var/lib/ldap/DB_CONFIG

vi init.ldif

dn: dc=sceh,dc=net
objectclass: dcObject
objectclass: organization
o: sceh
dc: sceh

vi root.ldif
dn: cn=root,dc=sceh,dc=net
objectclass: organizationalRole
cn: root

slapadd -l /etc/openldap/init.ldif
chown -R ldap:ldap /var/lib/ldap
chmod 600 /var/lib/ldap/*
slapcat

service ldap start

chkconfig ldap on
Configure Samba
mv /etc/samba/smb.conf /etc/samba/smb.conf.dist

vi /etc/samba/smb.conf

[global]

dos charset = 850

unix charset = ISO8859- 1
workgroup = SCEH
netbios name = SAMBA1
obey pam restrictions = Yes
password server = 192.168.1.55
passdb backend = ldapsam:ldap://127.0.0.1/
username map = /etc/samba/smbusers
log level = 2
log file = /var/log/samba/%m.log
unix extensions = No
add user script = /usr/sbin/smbldap-useradd -m %u
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p %g
delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %g %u
delete user from group script = /usr/sbin/smbldap-groupmod -x %g %u
set primary group script = /usr/sbin/smbldap-usermod -g %g %u
add machine script = /usr/sbin/smbldap-useradd -w %u
# logon script = logon.bat
logon path = \\%N\%U\profile
logon home = \\%N\%U
logon drive = Z:
domain logons = Yes
os level = 65
smb ports = 139
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE
SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = Yes
domain master = Yes
ldap admin dn = cn=Manager,dc=sceh,dc=net
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
# wins support = Yes
ldap suffix = dc=sceh,dc=net
ldap ssl = no
idmap backend = ldap://127.0.0.1/
idmap uid = 15000-20000
idmap gid = 15000-20000
recycle:touch = Yes
recycle:versions = Yes
recycle:maxsize = 0
recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
recycle:excludedir = /tmp|/temp|/cache
recycle:noversions = *.doc|*.xls|*.ppt
recycle:repository = .Recycle/%U
recycle:keeptree = Yes
inherit acls = Yes
hosts allow = 192.168.1.
ea support = Yes
map acl inherit = Yes
store dos attributes = Yes
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
dos filemode = Yes
vfs objects = recycle
posix locking = no
nt acl support = yes

[homes]
comment = Home Directories
path = /home/%u
valid users = %S
writeable = yes
read only = No
browseable = No

[netlogon]
comment = Network Logon service
path = /home/netlogon
guest ok = Yes
browseable = no
read only = Yes

Configure smbldap Tools

cp /usr/share/doc/smbldap-tools-0.9.5/smbldap.conf /etc/smbldap-tools/smbldap.conf

net getlocalsid

vi /etc/smbldap-tools/smbldap.conf
# General Configuration

SID="S-1-5-21-2670368159-1018889019-89649393"
sambaDomain="SCEH"
# LDAP Configuration

slaveLDAP="127.0.0.1"
slavePort="389"
masterLDAP="127.0.0.1"
masterPort="389"
ldapTLS="0"
ldapSSL="0"
verify="require"
cafile="/etc/smbldap-tools/ca.pem"
clientcert="/etc/smbldap-tools/smbldap-tools.iallanis.info.pem"
clientkey="/etc/smbldap-tools/smbldap-tools.iallanis.info.key"
suffix="dc=sceh,dc=net"
usersdn="ou=Users,${suffix}"
computersdn="ou=Computers,${suffix}"
groupsdn="ou=Groups,${suffix}"
idmapdn="ou=Idmap,${suffix}"
sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format="%s"

# Unix Accounts Configuration

userLoginShell="/bin/bash"
userHome="/home/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="10950"

# SAMBA Configuration
userSmbHome=""
userProfile=""
userHomeDrive=""
userScript=""
mailDomain="sceh.net"

vi /etc/smbldap-tools/smbldap_bind.conf
slaveDN="cn=Manager,dc=sceh,dc=net"
slavePw="p4mail1server"
masterDN="cn=Manager,dc=sceh,dc=net"
masterPw="p4mail1server"

chmod 644 /etc/smbldap-tools/smbldap.conf

chmod 600 /etc/smbldap-tools/smbldap_bind.conf

authconfig-tui
[*] Use MD5 Passwords
[*] Use Shadow Passwords
[*] Use LDAP
[*] Use LDAP Authentication
[ ] Local authorization is sufficient

vi /etc/pam.d/system-auth

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

auth required pam_env.so

auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password sufficient pam_ldap.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session optional pam_ldap.so

vi /etc/nsswitch.conf

passwd: files ldap

shadow: files ldap
group: files ldap

hosts: files dns

bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus

testparm -v
smbpasswd -w p4mail1server
smbldap-populate

/etc/init.d/smb start
chkconfig smb on

Adding User Groups and Shared Folders

smbldap-useradd -a -G 'Domain Users' -m -s /bin/bash -d /home/user -F "" -P user
net groupmap list
If you want to add a group to LDAP/Samba, say for controlling which users can write/read files on a
share, and have it determine that by groups:
smbldap-groupadd -a account
add users to the group..
smbldap-groupmod -m nitin,test accounts

Now create shared directory for accounts group

mkdir /data/accounts
chown root.accounts /data/accounts
chmod 771 /data/accounts

Now add this in the samba configuration..

vi /etc/samba/smb.conf
[accounts]

comment = Account Department

path = /data/accounts
valid users = +accounts
admin users = nitin
write list = +accounts
read only = No
force create mode = 760
directory mask = 0750
force directory mode = 0750

RAILWAY SYSTEM PROJECT
No ratings yet
RAILWAY SYSTEM PROJECT
21 pages
CC - 753 All Practical
No ratings yet
CC - 753 All Practical
113 pages
ESTUDO DE CASO
No ratings yet
ESTUDO DE CASO
75 pages
ISO 230-2-2006-03 Test Code For Machine Tools-Part 2 Determination of Accuracy and Repeatability of Positioning Numerically Controlled Axes
100% (1)
ISO 230-2-2006-03 Test Code For Machine Tools-Part 2 Determination of Accuracy and Repeatability of Positioning Numerically Controlled Axes
39 pages
LLM-and-Gen-AI-Data-Security-Best-Practices-2025-v1.0
No ratings yet
LLM-and-Gen-AI-Data-Security-Best-Practices-2025-v1.0
62 pages
Lecture 12 DFA With Output 29052023 112044pm
No ratings yet
Lecture 12 DFA With Output 29052023 112044pm
42 pages
Smartcities 06 00027
No ratings yet
Smartcities 06 00027
28 pages
Chapter - 2 - Week 4-11 Feb
No ratings yet
Chapter - 2 - Week 4-11 Feb
45 pages
Smbldap-Tools User Manual (Release: 0.9.3) : J Er Ome Tournier Revision: 1.7, Generated April 22, 2008
No ratings yet
Smbldap-Tools User Manual (Release: 0.9.3) : J Er Ome Tournier Revision: 1.7, Generated April 22, 2008
30 pages
Health-Data-Security-and-Privacy-in-Indian-Healthcare (3)
No ratings yet
Health-Data-Security-and-Privacy-in-Indian-Healthcare (3)
10 pages
A Self-Organizing Deep Network Architecture Designed Based On LSTM Network Via Elitism-Driven Roulette-Wheel Selection For Time-Series Forecasting
No ratings yet
A Self-Organizing Deep Network Architecture Designed Based On LSTM Network Via Elitism-Driven Roulette-Wheel Selection For Time-Series Forecasting
17 pages
comandos parte2
No ratings yet
comandos parte2
5 pages
Configuracion Anterior Samba
No ratings yet
Configuracion Anterior Samba
6 pages
M710 Label Printer Brochure 2pgDIGITAL
No ratings yet
M710 Label Printer Brochure 2pgDIGITAL
17 pages
Hướng dẫn cấu hình Primary Domain Controller with Samba
No ratings yet
Hướng dẫn cấu hình Primary Domain Controller with Samba
17 pages
Algorithm Design Techniques - 1556432967209
No ratings yet
Algorithm Design Techniques - 1556432967209
8 pages
SAMBA
No ratings yet
SAMBA
6 pages
Late Babasaheb Phadtare Polytechnic,: A Microproject ON
No ratings yet
Late Babasaheb Phadtare Polytechnic,: A Microproject ON
5 pages
Samba LDAP PDC Complete Tutorial
No ratings yet
Samba LDAP PDC Complete Tutorial
11 pages
BNC 2120
No ratings yet
BNC 2120
11 pages
OpenLDAP Commands
No ratings yet
OpenLDAP Commands
11 pages
DX Diag
No ratings yet
DX Diag
10 pages
CD /etc/yum - Repos.d/ Wget Yum Install VLC
No ratings yet
CD /etc/yum - Repos.d/ Wget Yum Install VLC
3 pages
Fisiere Modificate Ldap Client
No ratings yet
Fisiere Modificate Ldap Client
8 pages
Transforming Traditional Teaching Laboratories For Effective Remote Delivery-A Review
No ratings yet
Transforming Traditional Teaching Laboratories For Effective Remote Delivery-A Review
9 pages
InterShip Report Gurukrupa Auto
No ratings yet
InterShip Report Gurukrupa Auto
25 pages
8 Clean Architecture Patterns Practices Principles m8 Slides
No ratings yet
8 Clean Architecture Patterns Practices Principles m8 Slides
22 pages
Squid Auth Ad
No ratings yet
Squid Auth Ad
6 pages
Artificial Intelligence Based Mobile Robot
No ratings yet
Artificial Intelligence Based Mobile Robot
19 pages
LDAP Server Configuration RHEL7
No ratings yet
LDAP Server Configuration RHEL7
4 pages
How To Create Charts in Excel - 105042
No ratings yet
How To Create Charts in Excel - 105042
11 pages
Ldap Server Configuration
No ratings yet
Ldap Server Configuration
20 pages
Ad Samba
No ratings yet
Ad Samba
8 pages
Configuring Samba server
No ratings yet
Configuring Samba server
4 pages
AFT Arrow
No ratings yet
AFT Arrow
2 pages
Samba4 Configuration: (Root@dc1 ) # CD /opt
No ratings yet
Samba4 Configuration: (Root@dc1 ) # CD /opt
9 pages
Question Paper Code: X10303
No ratings yet
Question Paper Code: X10303
3 pages
Setting Up Samba Primary Domain Controller On Centos 7: Installation
No ratings yet
Setting Up Samba Primary Domain Controller On Centos 7: Installation
15 pages
Etc Samba SMB - Conf
No ratings yet
Etc Samba SMB - Conf
5 pages
Ldap Documentation 2021.8
No ratings yet
Ldap Documentation 2021.8
7 pages
BSD Guides: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X
No ratings yet
BSD Guides: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X
9 pages
Samba Ldap Howto 1
No ratings yet
Samba Ldap Howto 1
56 pages
Pressman CH 3 Prescriptive Process Models
No ratings yet
Pressman CH 3 Prescriptive Process Models
45 pages
Linuxdays 2005, Samba Tutorial: Alain Knaff
No ratings yet
Linuxdays 2005, Samba Tutorial: Alain Knaff
45 pages
Authenticating Windows To OpenLDAP Server On Ubuntu 9
No ratings yet
Authenticating Windows To OpenLDAP Server On Ubuntu 9
17 pages
Oracle Installation Steps On Linux (Centos Version)
No ratings yet
Oracle Installation Steps On Linux (Centos Version)
31 pages
Build A Samba PDC With LDAP Backend - BSD Guides
No ratings yet
Build A Samba PDC With LDAP Backend - BSD Guides
11 pages
LINUX Admin Quick Reference
100% (1)
LINUX Admin Quick Reference
5 pages
Samba Server Installation and Configuration in CentOS 6.3
No ratings yet
Samba Server Installation and Configuration in CentOS 6.3
7 pages
ID card 25 Nov 2024
No ratings yet
ID card 25 Nov 2024
1 page
Redhat Linux Enterprise
No ratings yet
Redhat Linux Enterprise
13 pages
Local Print: If - Events.Interface - Table
No ratings yet
Local Print: If - Events.Interface - Table
3 pages
Unit VI Mediated Communication and Its Impact Personal Relationships
No ratings yet
Unit VI Mediated Communication and Its Impact Personal Relationships
16 pages
Ldap With Replication
No ratings yet
Ldap With Replication
12 pages
FreeBSD 11 Active Directory Member Server - SAMBA - Ninja
No ratings yet
FreeBSD 11 Active Directory Member Server - SAMBA - Ninja
1 page
LDAP
No ratings yet
LDAP
5 pages
Script Ultimate Rhcsa Training
No ratings yet
Script Ultimate Rhcsa Training
4 pages
DSP QB Updated - New
No ratings yet
DSP QB Updated - New
7 pages
SapRouter Install in Linux
No ratings yet
SapRouter Install in Linux
8 pages
Ldap Authentication Config
No ratings yet
Ldap Authentication Config
10 pages
LDAP Tutorial
No ratings yet
LDAP Tutorial
28 pages
Configuring LDAP Client: Solaris 9
No ratings yet
Configuring LDAP Client: Solaris 9
6 pages
TP Ldap
No ratings yet
TP Ldap
3 pages
LINUX Admin Quick Reference
No ratings yet
LINUX Admin Quick Reference
5 pages
LDAP Configuration For RHEL 6 Server and Ubuntu 12.04 Client
No ratings yet
LDAP Configuration For RHEL 6 Server and Ubuntu 12.04 Client
4 pages
Java Project Details
No ratings yet
Java Project Details
9 pages
Linux Quick Reference
100% (1)
Linux Quick Reference
6 pages
Computer Software
No ratings yet
Computer Software
13 pages
RHCSA
75% (4)
RHCSA
6 pages
Openldap + Samba Domain Controller: Preface
No ratings yet
Openldap + Samba Domain Controller: Preface
12 pages
Samba+Postfix With Ldap Server
No ratings yet
Samba+Postfix With Ldap Server
11 pages
Review of Related Literature Management Information System
No ratings yet
Review of Related Literature Management Information System
3 pages
Linux Server Installation Configuration Manual
No ratings yet
Linux Server Installation Configuration Manual
32 pages
How To Set Up Open Ldap On Ubuntu 11
No ratings yet
How To Set Up Open Ldap On Ubuntu 11
4 pages
Step by Step OpenLDAP Server Configuration On CentOS 7
No ratings yet
Step by Step OpenLDAP Server Configuration On CentOS 7
5 pages
Configuring A Squid Server To Authenticate Off Active Directory
No ratings yet
Configuring A Squid Server To Authenticate Off Active Directory
6 pages
Open LDAP Server Linux
No ratings yet
Open LDAP Server Linux
4 pages
LINUX Admin Quick Reference: Files
No ratings yet
LINUX Admin Quick Reference: Files
5 pages
Ceph Cookbook: Over 100 effective recipes to help you design, implement, and manage the software-defined and massively scalable Ceph storage system
From Everand
Ceph Cookbook: Over 100 effective recipes to help you design, implement, and manage the software-defined and massively scalable Ceph storage system
Karan Singh
4/5 (1)
Learning Informatica PowerCenter 9.x
From Everand
Learning Informatica PowerCenter 9.x
Rahul Malewar
3/5 (4)
Bash Command Line Pro Tips
From Everand
Bash Command Line Pro Tips
Jason Cannon
4.5/5 (8)
Kubernetes Made Easy
From Everand
Kubernetes Made Easy
Pankaj Joshi
No ratings yet
The Mac Terminal Reference and Scripting Primer
From Everand
The Mac Terminal Reference and Scripting Primer
Jay Docherty
4.5/5 (3)
Quick Configuration of Openldap and Kerberos In Linux and Authenicating Linux to Active Directory
From Everand
Quick Configuration of Openldap and Kerberos In Linux and Authenicating Linux to Active Directory
Dr. Hidaia Mahmood Alassouli
No ratings yet
LPIC-1 Primer
From Everand
LPIC-1 Primer
John Greene
4.5/5 (3)
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hedaya Alasooly
No ratings yet
DRBD-Cookbook: How to create your own cluster solution, without SAN or NAS!
From Everand
DRBD-Cookbook: How to create your own cluster solution, without SAN or NAS!
Joerg Christian Seubert
No ratings yet
Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hidaia Mahmood Alassouli
No ratings yet
SAS Programming Guidelines Interview Questions You'll Most Likely Be Asked
From Everand
SAS Programming Guidelines Interview Questions You'll Most Likely Be Asked
Vibrant Publishers
No ratings yet

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

samba_ldap

Uploaded by

samba_ldap

Uploaded by

Table of Contents

Setting Rpmforge repository ..

rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

Generate a master password to set up ldap

Copy this ssha encrypted password we will use it in the configuretion

index cn,sn,uid,displayName pres,sub,eq

service ldap start

dos charset = 850

Configure smbldap Tools

# Unix Accounts Configuration

chmod 644 /etc/smbldap-tools/smbldap.conf

auth required pam_env.so

passwd: files ldap

hosts: files dns

Adding User Groups and Shared Folders

Now create shared directory for accounts group

Now add this in the samba configuration..

comment = Account Department

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.