Setting Up CIFS Server (Samba) in an LDAP Environment Setting up CIFS Server (Samba) in an LDAP Environment Don McCall Hewlett-Packard WTEC E0300 Printed in: U.S.A.
Setting Up CIFS Server (Samba) in an LDAP Environment Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
Setting Up CIFS Server (Samba) in an LDAP Environment Contents Setting up CIFS Server (Samba) in an LDAP Environment........................................ 1 Legal Notices.......................................................................................................... 1 Legal Notices.......................................................................................................... 2 Introduction................................................................................................
Setting Up CIFS Server (Samba) in an LDAP Environment 4
Setting Up CIFS Server (Samba) in an LDAP Environment Introduction CIFS Server A.01.11 and later offer the ability to store and access CIFS Server user information in an LDAP directory store; specifically the Netscape Directory Server product shipped with HP-UX 11.0 and later.
Setting Up CIFS Server (Samba) in an LDAP Environment Part one: Setting up a simple Netscape DS server. Install Netscape Directory Server V6 for HP-UX: J4258CA You can obtain this free software from http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4258CA Configure your Netscape Directory Server login as root. cd /var/opt/netscape/servers/setup .
Setting Up CIFS Server (Samba) in an LDAP Environment [slapd-rkm-nt]: starting up server … and a number of informational messages, and finally startup: server started successfully Press any key to continue… This will set the user and group that the Netscape DS server runs as User=www Group=other Directory Server network port=389 Directory Server identifier=[your hostname] Administrator id=admin Password=
Setting Up CIFS Server (Samba) in an LDAP Environment Part two: Setting up ldapux client. Install J4269AA LDAP-UX Integration product on the server you will be using CIFS Server on. This needs to be version B.03.20 or greater (only this version and later contains the ldap-ux sdk needed by CIFS Server) You can obtain this from http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4269 AA Configure you ldapux client: Login as root. cd /opt/ldpaux/config .
Setting Up CIFS Server (Samba) in an LDAP Environment -will extend the schema on this server for the posixAccount objectclass and attributes necessary to store all of your info, like passwd,group,hosts,services, etc… -will cause your base dn for user and group searches to be your suffix. -will start your ldapux client daemon. NOTE: at this point the ldapux daemon is running, but no one is using it yet – your pam.conf file will have to be changed (see /etc/pam.conf.ldap as an example) and your nsswitch.
Setting Up CIFS Server (Samba) in an LDAP Environment Part Three: Extending the schema for CIFS Server Install a version of CIFS Server with LDAP enabled Download the free CIFS Server version A.01.11.01 or later from http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8725AA Extend the schema with the sambaAccount subschema cd /opt/samba/LDAP ftp yournetscapeds-server user root password xxxxx cd /var/opt/netscape/servers/slapd-/config/schema bin put 98samba.
Setting Up CIFS Server (Samba) in an LDAP Environment Verify the schema update # /opt/ldapux/bin/ldapsearch -h rkm-nt -p 389 -b "cn=schema" "(objectclass=*)" | grep -i sambaAccount (substituting YOUR ldap server name for ‘rkm-nt’) You should get something like this back: objectClasses: ( 1.3.1.5.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIA Part four: Modifying smbldap tools and configuration files. Modifying the smb.conf file Edit your smb.
Setting Up CIFS Server (Samba) in an LDAP Environment To customize the names for your CIFS Server groups: Replace the following texts with the names YOU are using in your LDAP directory: _USERS_ _GROUPS_ _COMPUTERS_ (For instance, _USERS_ = People, _GROUPS_= Group, _COMPUTERS_= Computers To customize for your posix and CIFS Server variables (these variables are used when creating a new CIFS Server user for defaults): $_userLoginShell = q( _USERLOGINSHELL_) (for instance /usr/bin/sh) $_userHomePrefix= q(_
Setting Up CIFS Server (Samba) in an LDAP Environment Save your ldap credentials for the user that will be modifying the ldap directory for CIFS Server: smbpasswd -w Adding your CIFS Server users to the LDAP directory NOW populate your netscape directory with your CIFS Server users: If you already have an smbpasswd file, you can import this into your ldap directory as follows: cat /var/opt/samba/private/smbpasswd | /opt/samba/LDAP/import_smbpasswd.
Setting Up CIFS Server (Samba) in an LDAP Environment homeDrive: U: smbHome: \\cai\homes profilePath: \\cai\profiles\ddmc scriptPath: ddmc.
Setting Up CIFS Server (Samba) in an LDAP Environment Recommended Reading CIFS Server HP Part number B8725-90061. You can also view the contents of this book online at HP CIFS Server 2.2h Administrator’s Guide, http://docs.hp.com/hpux/onlinedocs/B8725-90061.html There is also terse but useful information on the various perl scripts and their usage in the README file in the directory /opt/samba/LDAP and /opt/samba/LDAP/smbldap-tools.
Setting Up CIFS Server (Samba) in an LDAP Environment 16
