LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Samba+LDAP = Not Working (https://www.linuxquestions.org/questions/linux-software-2/samba-ldap-%3D-not-working-91419/)

tarballedtux 09-10-2003 06:44 PM

Samba+LDAP = Not Working
 
I'll straight forward in this post. Has anyone here actually successfully set up Samba to use openLDAP as a backend so you can enable some of the new Samba 3.0 features? I've been reading all kinds of docs about it. Even ones that some people say were great I found to be horrible.

I read these particular docs:

http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html
http://samba.vernstok.nl/htmldocs/Sa...ollection.html

The main problem I had with both of those pages was clarity. The first one only told you what to put in your config files(and a bad job at that), not what to change to match anyones situation. It tended to use a very odd directory structure involving an "etc2" directory.

The second page that I thought should work. Used what I would call a bad example structure. Example:

include schema/samba.schema
...
...
...
some other stuff
#end


To be that makes me wonder what goes in the middle or what I should do to the default config file.



What I'm asking really is does anyone have a resource that can clearly explain LDAP+Samba integration. Maybe even a basic doc on LDAP so I can become familiar with LDAP first.


--tarballedtux

Clemente 09-19-2003 05:40 AM

Hi tarballedtux!

I just searched for another issue and found your posting...

After some work, I got Samba and LDAP up and running. In my opinion, the most important thing is to go into the LDAP-structures. Managing user accounts or whatever by hand is hard work, and most tools, I found, work pretty good, as long, as I knew, what they should do. Treated as black box, I got only chaos...

The best docs, I found (at least best for me ;-) were
http://www.openldap.org/doc/admin21/
man slapd.conf (with lacking ACL's)
man ldap.conf
and some docs from a debian page. I have the links at work, so I can post them not before monday... If you are still interested.

But much more importtant is a tool, that visualizes your LDAP-database content. I installed the LDAPExplorer, a set of PHP-Scripts, and could finally see, where I just wondered before ;-)

Most problems, I had, were produced by misconfigured LDAP tools (Group/User base dn, correct objectclasses (sambaAccount, posicAccount AND shadowAcocunt), and so on). Nothing to extract a step-by-step advice :-(

If LDAP is configured and filled well, samba needs only the few "please use ldap"-options in smb.conf to work properly.

Hmmm. Long writing, not so much facts...
I can only hope, it points in the right direction ;-)

Good luck,
Clemens von Musil

P.S: If you can use a http-based tool to manage your LDAP-authentication against all security considerations, don't miss a look on webmin...


All times are GMT -5. The time now is 11:48 AM.