Samba+LDAP = Not Working
I'll straight forward in this post. Has anyone here actually successfully set up Samba to use openLDAP as a backend so you can enable some of the new Samba 3.0 features? I've been reading all kinds of docs about it. Even ones that some people say were great I found to be horrible.
I read these particular docs: http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html http://samba.vernstok.nl/htmldocs/Sa...ollection.html The main problem I had with both of those pages was clarity. The first one only told you what to put in your config files(and a bad job at that), not what to change to match anyones situation. It tended to use a very odd directory structure involving an "etc2" directory. The second page that I thought should work. Used what I would call a bad example structure. Example: include schema/samba.schema ... ... ... some other stuff #end To be that makes me wonder what goes in the middle or what I should do to the default config file. What I'm asking really is does anyone have a resource that can clearly explain LDAP+Samba integration. Maybe even a basic doc on LDAP so I can become familiar with LDAP first. --tarballedtux |
Hi tarballedtux!
I just searched for another issue and found your posting... After some work, I got Samba and LDAP up and running. In my opinion, the most important thing is to go into the LDAP-structures. Managing user accounts or whatever by hand is hard work, and most tools, I found, work pretty good, as long, as I knew, what they should do. Treated as black box, I got only chaos... The best docs, I found (at least best for me ;-) were http://www.openldap.org/doc/admin21/ man slapd.conf (with lacking ACL's) man ldap.conf and some docs from a debian page. I have the links at work, so I can post them not before monday... If you are still interested. But much more importtant is a tool, that visualizes your LDAP-database content. I installed the LDAPExplorer, a set of PHP-Scripts, and could finally see, where I just wondered before ;-) Most problems, I had, were produced by misconfigured LDAP tools (Group/User base dn, correct objectclasses (sambaAccount, posicAccount AND shadowAcocunt), and so on). Nothing to extract a step-by-step advice :-( If LDAP is configured and filled well, samba needs only the few "please use ldap"-options in smb.conf to work properly. Hmmm. Long writing, not so much facts... I can only hope, it points in the right direction ;-) Good luck, Clemens von Musil P.S: If you can use a http-based tool to manage your LDAP-authentication against all security considerations, don't miss a look on webmin... |
All times are GMT -5. The time now is 11:48 AM. |