Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
6Activity
0 of .
Results for:
No results containing your search query
P. 1
Quick Setup OpenLDAP Samba3.x

Quick Setup OpenLDAP Samba3.x

Ratings: (0)|Views: 473|Likes:
Published by arupdutta1234
ldap in suse
ldap in suse

More info:

Published by: arupdutta1234 on Jul 06, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/11/2014

pdf

text

original

 
©Ron Terry1
OpenLDAP/Samba3 Server Quick Setup
(v3.0.7 5-4-2005)
OpenLDAP
Server Setup:
Install
:
openldap-<ver>.rpmopenldap-servers-<ver>.rpmopenldap-clients-<ver>.rpm
FEDORA
:samba-3.0.<ver>.i386.rpmsamba-common-3.0.<ver>.i386.rpmsamba-client-3.0.<ver>.i386.rpmsamba-swat-3.0.<ver>.i386.rpmsmbldap-tools-<ver>.rpm
Using apt-get:
# apt-get install 
openldap openldap-servers openldap-clients
# apt-get install 
samba samba-common samba-client samba-swat samba-winbind smbldap-tools
 
Copy
:
/usr/share/doc/samba-3.0.<ver>/LDAP/samba.schema /etc/openldap/schema/
MDK 
:samba3-common-3.0.0-<ver>mdk.i586.rpmsamba3-server-3.0.0-<ver>mdk.i586.rpmsamba3-swat-3.0.0-<ver>mdk.i586.rpm
Using urpmi:
# urpmi 
samba3-common samba3-server samba3-swat
SLES 9:
Use YaST to configure LDAP (during install or later on)
Copy
: /usr/share/doc/packages/samba/examples/LDAP/samba.schema /etc/openldap/schema
 Download:
wget http://pronetworkconsulting.com/linux/docs/schemas
 /postfix.schema
/etc/openldap/schema
Download:
wget http://pronetworkconsulting.com/linux/docs/configs/ldap/ 
 slapd.access.conf 
/etc/openldap
Server Setup:
Edit
:
/etc/openldap/slapd.conf 
 
Edit
:
database bdbsuffix <base dn># i.e. o=mydomain rootdn <root dn># i.e. cn=root,o=mydomain rootpw <root dn password>#
 slappasswd –h {md5}
<password>
FEDORA
:
Add
: include /etc/openldap/schema/samba.schema
MDK 9.x
:
Uncomment
: include /usr/share/openldap/schema/samba.schema
SLES 9:
Use YaST to configure LDAP (during install or later on)
Add:
 include /etc/openldap/schema/samba.schema
Add at end of includes:
include /etc/openldap/schema/postfix.schemainclude /etc/openldap/slapd.access.conf 
Uncomment:
TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crtTLSCertificateFile /usr/share/ssl/certs/slapd.pemTLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
 
©Ron Terry2
 
Edit:
/etc/openldap/slapd.access.conf Replace ‘mydomain’ with the name of your Base DN.
Run:
# touch /etc/openldap/slapd.access.conf # chown :ldap /etc/openldap/slapd.access.conf # chmod 640 /etc/openldap/slapd.access.con
Start Server:
# chkconfig ldap on
-insure server starts automatically
# /etc/init.d/ldap restart 
-start the LDAP service
Server and Client Setup:
Edit:
/etc/ldap.conf 
Edit
:
host <ldap server hostname or IP address>BASE <base dn># i.e. o=mydomain binddn uid=NSS,ou=LDAPadmin,<base dn> bindpw nsspassrootbinddn cn=root,<base dn>scope subnss_base_passwd <accounts dn># i.e. ou=accounts,o=mydomain nss_base_shadow <accounts dn># i.e. ou=accounts,o=mydomain nss_base_group <groups dn># i.e. ou=groups,o=mydomain ssl no (
or
start_tls) pam_passwd md5
FEDORA:
Run
authconfig 
to automatically configure /etc/ldap.conf.
 Note:
nss_base_passwd, nss_base_shadow, nss_base_group still must be edited after runningauthconfig.
SLES 9:
Use YaST to configure authentication.
 
Create:
 
/etc/ldap.secretAdd your rootdn password (in plain text) on the first line of this file.
Run:
 
#
 
chmod 0400 /etc/ldap.secret # chown root:root /etc/ldap.secret 
 
Edit:
 
/etc/openldap/ldap.conf 
 
Add at end of file
:
 
TLS_REQCERT allow
 
©Ron Terry3
NSS and PAM
Client Setup:
Install:
 
MDK 9.x
: nss_ldap-<ver>.rpm pam_ldap-<ver>.rpm
Using urpmi:
 
# urpmi 
nss_ldap pam_ldap 
NSS
:
FEDORA:
Run
authconfig 
to automatically configure /etc/nsswitch.conf.
 MDK 9.x:Edit:
/etc/nsswitch.conf 
passwd: files ldap nisplus nisshadow: files ldap nisplus nisgroup: files ldap nisplus nis
(see example config file)
SLES 9:
Use YaST to configure authentication.
 
PAM:
FEDORA:
Run
authconfig 
to automatically configure /etc/pam.d/system-auth.
 MDK 9.x:Edit:
/etc/pam.d/system-auth
Add before
 pam_unix.so
line in
auth
section:
auth sufficient /lib/security/pam_ldap.so
Add before
pam_unix.so
line in
account 
section:
account sufficient /lib/security/pam_ldap.so
Add before
pam_unix.so
line in
 password 
section:
password sufficient /lib/security/pam_ldap.so
Add before
pam_unix.so
line in
 session
section:
session sufficient /lib/security/pam_ldap.so
(see example config file)
SLES 9:
Use YaST to configure authentication.
 

Activity (6)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
connecttomeher liked this
nixmicrosoft liked this
ohahnet liked this
ads11 liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->