HP CIFS Server 3.0k Administrator's Guide version A.02.04

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

101

102

103

104

105

106

107

108

109

110

Configuring the HP CIFS Server

You must set up and configure your HP CIFS Server to enable the LDAP feature support.

LDAP Configuration Parameters

The following is the list of new global parameters available for you to configure the HP CIFS

Server to enable the LDAP feature. These parameters are set in the /etc/opt/samba/smb.conf

file under global parameters.

[global] Any global setting defined here will be used by the HP CIFS Server with the LDAP

support.

Table 6-3 Global Parameters

DescriptionParameter

Specifies the host name of the Directory Server where you want to

store your data.

ldap server

Specifies the base of the directory tree where you want to add users

and machine accounts information. It is also used as the

Distinguished Name (DN) of the search base, which tells LDAP

where to start the search for the entry. For example, if your base DN

is "dc=org, dc=hp, dc=com", then you need to set the value of

ldapsuffix = "dc=org, dc=hp, dc=com".

ldap suffix

Specifies the base of the directory tree where you want to add users

information. If you do not specify this parameter, HP CIFS Server

uses the value of ldap suffix. For example, ldap user suffix

= "ou=People".

ldap user suffix

Specifies the base of the directory tree where you want to add groups

information. If you do not specify this parameter, HP CIFS Server

uses the value of ldap suffix instead. For example, ldap group

suffix = "ou=Groups".

ldap group suffix

Specifies the user Distinguished Name (DN) used by the HP CIFS

Server to connect to the LDAP directory server when retrieving user

account information. The ldap admin dn is used in conjunction

with the admin dn password stored in the /var/opt/samba/

private/secrets.tdb file. For example, ldap admin dn =

"cn = directory manager".

ldap admin dn

Specifies whether a delete operation in the ldapsam deletes the

complete entry or only the attributes specific to Samba. The default

value is No.

ldap delete dn

Specifies whether the HP CIFS Server should sync the LDAP

password with the NT and LM hashes for normal accounts on a

password change. This option can be set to one of three values:

• Yes: Update the LDAP, NT and LM passwords and update the

pwdLastSet time.

• No: Update NT and LM passwords and update the pwdLastSet

time.

• Only: Only update the LDAP password and let the LDAP server

do the rest.

The default value is No.

ldap passwd sync

102 LDAP Integration Support