Debian GNU/Linux 6.0 Squeeze - Samba Server - Samba PDC #1 - Configure Domain Controler : Serv...

file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.htm

(4) Configure Virtual Hostings 11 SUSE Linux Enterprise Server (5) Configure SSL Server World Introductions Histories Links Contact us (6) Configure WebDAV (7) Install SpeedyCGI Debian 6.0 SSL Certificates Create (8) Enable suEXEC LVM Management GetEnable proxy_http (9) Debian 6.0 Volumes (1) Physical Install(2) Volume Groups Debian (10) Basic Auth + LDAP Initial (3) analyzer Volumes Settings (11) Log Logical - Visitors (1) - Admin User (12) Log analyzer - AWstats Clamav SetAnti-Virus (2) Mail - SquirrelMail (13) Web Set Command Alias (3) Mail - RoundCube (14) Web Networking (4) Services (5) Update System (6) Configure vim (7) Configure sudo NTP Server SSH Server (1) Password Authentication (2) Keys Authentication (3) SFTP DNS Server (1) Install BIND (2) Set Zones (3) Check working (4) Set CNAME (5) Config as a Slave Server DHCP Server Virtualization KVM (1) Install KVM (2) Create virtual machine #1 (3) Create virtual machine #2 (4) Create virtual machine #3 (5) Operations NFS Server NIS Server (1) Configure NIS Server

4982 / 4079885

1 de 15

31/07/2011 12:40

Samba PDC #1 .pflogsumm (8) Log Analyzer .FileZilla (5) Vsftpd over TLS/SSL (6) ProFTPD over TLS/SSL (7) Pure-FTPd over TLS/SSL MAIL Server (1) Install/Configure Postfix (2) Install/Configure Dovecot (3) Configure Client (4) Configure SSL (5) Virtual Domains (6) Run with Clamav .ClamSMTP (7) Log Analyzer .AWstats Samba Server (1) Create Fully Accessed Directory (2) Create Limited Directory (3) Install SWAT (4) Samba PDC #1 .htm (2) Configure NIS Client LDAP Server (1) Configure LDAP Server (2) Configure LDAP Client WEB Server Database (1) Install MySQL (2) Operate from Web Browser FTP Server (1) Install Vsftpd (2) Install ProFTPD (3) Install Pure-FTPd (4) FTP Client .SquidClamav (3) Run with SquidGuard 2 de 15 31/07/2011 12:40 .Debian GNU/Linux 6... file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.0 Squeeze .Configure Domain Controler : Serv.Config server (5) Samba PDC #2 .MailGraph (9) Log Analyzer .Samba Server .Config client (6) Samba BDC Proxy Server (1) Install Squid (2) Run with Clamav .

.Configure Domain Controler : Serv.. root@master:~# aptitude -y install samba-doc root@master:~# cp /usr/share/doc/samba-doc/examples/LDAP/samba.Debian GNU/Linux 6.htm (4) Configure as a Reverse Proxy Desktop Env (1) Configure Desktop Environment (2) Install VNC Server Others Other OS Samba PDC#1 . [1] Chane OpenLDAP server's settings. LDAP Server is required to be running on your LAN and also the server you'd like to build as a PDC need to be a LDAP Client.gz /etc/ldap/schema/ root@master:~# 3 de 15 31/07/2011 12:40 .schema.0 Squeeze .Samba Server . file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.Samba PDC #1 .Configure Domain Controler 2011/03/12 Build Primary Domain Controller with Samba + OpenLDAP.

schema include /etc/ldap/schema/inetorgperson.gz root@master:~# vi schema_convert.Samba Server .Debian GNU/Linux 6.3: change ( remove "{12}" ) dn: cn=samba.schema include /etc/ldap/schema/ppolicy.cn=config objectClass: olcSchemaConfig 4 de 15 31/07/2011 12:40 .schema root@master:~# mkdir -p .schema include /etc/ldap/schema/java.schema include /etc/ldap/schema/openldap./tmp/ldif_output root@master:~# slapcat -f schema_convert.Configure Domain Controler : Serv.schema include /etc/ldap/schema/collective.conf # create new include /etc/ldap/schema/core.0 Squeeze .schema include /etc/ldap/schema/dyngroup..conf -F .ldif root@master:~# vi .schema include /etc/ldap/schema/corba.schema include /etc/ldap/schema/misc.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/samba.schema.cn=schema.cn=schema.schema include /etc/ldap/schema/duaconf. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note../tmp/ldif_output -n0 -s "cn={12}samba./tmp/cn=samba.htm gzip -d /etc/ldap/schema/samba.schema include /etc/ldap/schema/nis.cn=config" > ./tmp/cn=samba.ldif # line 1.Samba PDC #1 .

.pres.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0.Samba Server .cn=peercred./tmp/cn=samba.Configure Domain Controler : Serv.Debian GNU/Linux 6.cn=config changetype: modify add: olcDbIndex olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq olcDbIndex: loginShell eq olcDbIndex: uid eq. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.0 Squeeze .pres olcDbIndex: sambaSID eq olcDbIndex: sambaPrimaryGroupSID eq 5 de 15 31/07/2011 12:40 .cn=external.cn=auth SASL SSF: 0 adding new entry "cn=samba.sub olcDbIndex: uniqueMember eq..htm cn: samba # remove these lines below ( placed at the bottom ) structuralObjectClass: olcSchemaConfig entryUUID: bd8a7a82-3cb8-102f-8d5f-070b4e5d16f8 creatorsName: cn=config createTimestamp: 20100815125953Z entryCSN: 20100815125953.pres.198505Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20100815125953Z root@master:~# ldapadd -Y EXTERNAL -H ldapi:/// -f .ldif # create new dn: olcDatabase={1}hdb.sub olcDbIndex: memberUid eq.cn=config" root@master:~# vi samba_indexes.cn=schema.Samba PDC #1 .

Configure Domain Controler : Serv.conf # line 3: change workgroup name to any one you like 6 de 15 31/07/2011 12:40 .conf /etc/samba/smb.htm olcDbIndex: sambaGroupType eq olcDbIndex: sambaSIDList eq olcDbIndex: sambaDomainName eq olcDbIndex: default sub root@master:~# ldapmodify -Y EXTERNAL -H ldapi:/// -f samba_indexes..cn=config" root@master:~# /etc/init.d/slapd restart Stopping OpenLDAP: slapd.cn=external.conf /etc/samba/smb. Samba PDC is also a LDAP Client.bak root@lan:~# cp /usr/share/doc/smbldap-tools/examples/smb. Starting OpenLDAP: slapd.conf.Debian GNU/Linux 6.cn=auth SASL SSF: 0 modifying entry "olcDatabase={1}hdb. root@lan:~# aptitude -y install smbldap-tools root@lan:~# mv /etc/samba/smb..conf root@lan:~# vi /etc/samba/smb. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.Samba PDC #1 .ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0.cn=peercred.Samba Server . [2] Change Samba's settings.0 Squeeze .

100/ # line 48: change LDAP admin DN (LDAP server's one) ldap admin dn = cn=admin.Debian GNU/Linux 6.Samba PDC #1 .dc=server.0.Samba Server ..0.htm workgroup = ServerWorld # line 12: make it comment # min passwd length = 3 # line 22: change ldap passwd sync = yes # line 33.0 Squeeze .. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.dc=world # line 50: change LDAP suffix (LDAP server's one) 7 de 15 31/07/2011 12:40 .34: change Dos charset = CP932 Unix charset = UTF-8 # line 47: specify ldap server passdb backend = ldapsam: ldap://10.Configure Domain Controler : Serv.

.d/samba restart Stopping Samba daemons: nmbd smbd.dc=server.tdb New SMB password: 8 de 15 31/07/2011 12:40 .0 Squeeze .htm ldap suffix = dc=server.Debian GNU/Linux 6.Configure Domain Controler : Serv. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.dc=world" in secrets. Starting Samba daemons: nmbd smbd. no SSL set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' admin users = domainadm ldap ssl = no root@lan:~# mkdir /home/netlogon root@lan:~# /etc/init. root@lan:~# smbpasswd -W # add LDAP admin's password Setting stored password for "cn=admin..Samba Server .dc=world ldap group suffix = ou= groups ldap user suffix = ou= people # line 60: uncomment delete group script = /usr/sbin/smbldap-groupdel "%g" # line 64: add (specify admin user).Samba PDC #1 .

pl..Debian GNU/Linux 6.pl $# is no longer supported at /usr/share/doc/smbldap-tools/configure. check . enter the full directory path.gz root@lan:~# perl /usr/share/doc/smbldap-tools/configure. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.Samba Server .Configure Domain Controler : Serv.pl line 314. empty value can be set with the "." character -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=Looking for configuration files. Smbldap-tools Configuration Directory Path [/etc/smbldap-tools/] > # Enter -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Let's start configuring the smbldap-tools scripts . If you need to change this.. you can leave the configuration using the Crtl-c key combination .htm # LDAP admin password Retype new SMB password: root@lan:~# gzip -d /usr/share/doc/smbldap-tools/configure..Samba PDC #1 . if your samba controller is up and running. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=smbldap-tools script configuration -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Before starting. ..0 Squeeze .. then press enter to continue.conf] > # Enter The default directory in which the smbldap configuration files are stored is shown. 9 de 15 31/07/2011 12:40 . if the domain SID is defined (you can get it with the 'net getlocalsid') .. Samba Configuration File Path [/etc/samba/smb.

# input a period . (use %U as username) Ex:'\\PDC-SRV\%U' logon home (press the ".Samba PDC #1 .Configure Domain Controler : Serv.htm . Ex:'\\PDC-SRV\profiles\%U' logon path (press the ".. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note." character if you don't want homeDirectory) [\\PDC-SRV\%U] > . logon path: directory where roaming profiles are stored. logon home: home directory location (for Win95/98 or NT Workstation)." character if you don't want roaming profile) [\\PDC-SRV\profiles\%U] > . Ex: 'H:' logon drive [H:] > # Enter .Samba Server .0 Squeeze .. default users' homeDirectory mode [700] > # Enter . # input a period . logon drive: local path to which the home directory will be connected (for NT Workstations). netbios name: netbios name of the samba controler netbios name [PDC-SRV] > # Enter . workgroup name: name of the domain Samba act as a PDC workgroup name [ServerWorld] > # Enter . home directory prefix (use %U as username) [/home/%U] > # Enter .bat] > # Enter default password validation time (time in days) [45] > # Enter 10 de 15 31/07/2011 12:40 . default user netlogon script (use %U as username) [logon.Debian GNU/Linux 6.

ldap master port [389] > # Enter .Samba Server .. file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note. ldap slave server: IP adress or DNS name of the slave ldap server: can also be the master one ldap slave server [10.htm . ldap master bind dn [cn=admin.Configure Domain Controler : Serv.dc=world] > # Enter .0. ldap user suffix [ou=people] > # Enter . ldap master bind password [] > # LDAP admin password . sambaUnixIdPooldn: object where you want to store the next uidNumber and gidNumber available for new users and groups sambaUnixIdPooldn object (relative to ) [sambaDomainName=ServerWorld] > # Enter . ldap machine suffix [ou=Computers] > # Enter .dc=world] > # Enter ..100] > # Enter .dc=server.0 Squeeze .Debian GNU/Linux 6.0.Samba PDC #1 .100] > # specify LDAP slave's IP (Enter with empy if none) 11 de 15 31/07/2011 12:40 . ldap master server: IP adress or DNS name of the master (writable) ldap server ldap master server [10.0. ldap group suffix [ou=groups] > # Enter .0. ldap suffix [dc=server. Idmap suffix [ou=Idmap] > # Enter .

0 Squeeze .. default domain name to append to mail adress [] > # Enter 12 de 15 31/07/2011 12:40 .dc=server. default skeleton directory [/etc/skel] > # Enter . file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note. ldap tls support (1/0) [0] > # Enter . SSHA. MD5.Samba PDC #1 . ldap slave port [389] > # Enter . ldap slave bind dn [cn=admin. SID for domain SERVERWORLD: SID of the domain (can be obtained with 'net getlocalsid PDC-SRV') SID for domain SERVERWORLD [S-1-5-21-2752024775-1437179205-4226352253] > # Enter . ldap slave bind password [] > # Input if there is. SMD5.Debian GNU/Linux 6.dc=world] > # Enter .Samba Server . default login shell [/bin/bash] > # Enter . SHA) [SSHA] > MD5 # MD5 . default user gidNumber [513] > # Enter . default computer gidNumber [515] > # Enter . if not input the same one with master .Configure Domain Controler : Serv.htm . unix password encryption: encryption used for unix passwords unix password encryption (CRYPT..

entry ou=people.dc=server.dc=world adding new entry: cn=Domain Admins.dc=world adding new entry: uid=root.dc=world adding new entry: cn=Domain Guests.ou=groups.ou=groups.pl line 314.dc=server. adding new entry: ou=Computers.htm -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Use of uninitialized value $# in concatenation (.dc=world entry sambaDomainName=ServerWorld.dc=world already exist. <STDIN> line 33. Updating it.dc=world adding new entry: cn=Print Operators.dc=world adding new entry: ou=Idmap. Please provide a password for the domain root: Changing UNIX and samba passwords for root New password: # set root password 13 de 15 31/07/2011 12:40 .dc=server.dc=server.conf done.dc=world already exist.dc=world adding new entry: cn=Domain Computers.dc=server.dc=world adding new entry: cn=Replicators.dc=server.ou=groups.dc=world adding new entry: cn=Account Operators.old writing new configuration file: /etc/smbldap-tools/smbldap.dc=world adding new entry: cn=Domain Users.dc=world adding new entry: cn=Administrators.dc=server.Samba PDC #1 ..conf.0 Squeeze .dc=world adding new entry: cn=Backup Operators.conf. entry ou=groups.dc=server.Configure Domain Controler : Serv.dc=world already exist.conf->/etc/smbldap-tools/smbldap_bind...ou=groups. /etc/smbldap-tools/smbldap_bind.conf done.dc=server.ou=groups.dc=server.ou=groups.ou=groups. backup old configuration files: /etc/smbldap-tools/smbldap.Debian GNU/Linux 6.old /etc/smbldap-tools/smbldap_bind.dc=server. root@lan:~# smbldap-populate Populating LDAP directory for domain ServerWorld (S-1-5-21-2752024775-1437179205-4226352253) (using builtin directory structure) entry dc=server.ou=groups.dc=server.dc=world adding new entry: uid=nobody.) or string at /usr/share/doc/smbldap-tools/configure.ou=groups.Samba Server . file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.dc=server.dc=server.dc=server.ou=people.conf->/etc/smbldap-tools/smbldap.dc=server.dc=world already exist..ou=people.

.Debian GNU/Linux 6.conf root@lan:~# smbldap-groupadd -a domainadm root@lan:~# smbldap-useradd -am -g domainadm domainadm root@lan:~# smbldap-passwd domainadm Changing UNIX and samba passwords for domainadm New password: Retype new password: root@lan:~# su . file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.htm Retype new password: # add admin user that is define in smb..Samba Server .Samba PDC #1 .Configure Domain Controler : Serv.0 Squeeze .domainadm # try to switch to added user domainadm@lan:/$ # done Samba Server Fully accessed dir Limited dir Install SWAT Samba PDC#1 Samba PDC#2 Samba BDC 14 de 15 31/07/2011 12:40 .

Configure Domain Controler : Serv.htm Copyright © 2007-2011 Server World All Rights Reserved.Debian GNU/Linux 6.0 Squeeze ..Samba Server .Samba PDC #1 . file:///C:/Users/usuari1/Documents/curs2011-2012/ldap/note.. 15 de 15 31/07/2011 12:40 .

Sign up to vote on this title
UsefulNot useful