© 2004-2005 Jun Futagawa <jfut at users.sourceforge.net>
SMBLDAP-TOOLS Addons require SMBLDAP-TOOLS and LDAP server.
| Required |
|---|
| LDAP Server (example: OpenLDAP) |
| Perl 5.x or later |
| Perl Net-LDAP Module |
| Perl Crypt::SmbHash Module |
| smbldap-tools-0.8.3 or later |
| Required |
|---|
| Perl Net::SSLeay |
| Perl IO::Socket::SSL |
Download a smbldap-tools-x.x.x from the SMBLDAP-TOOLS site.
# tar zxf smbldap-tools-x.x.x.tgz # chown -R root: smbldap-tools-* # cd smbldap-tools-x.x.x # yes | cp -a smbldap-* smbldap_*.pm /usr/local/sbin/ # mkdir /etc/smbldap-tools # cp smbldap*.conf configure.pl /etc/smbldap-tools/ # chmod 755 /etc/smbldap-tools # chmod 644 /etc/smbldap-tools/smbldap.conf # chmod 600 /etc/smbldap-tools/smbldap_bind.conf
# tar zxf smbldap-tools-x.x.x.tgz # chown -R root: smbldap-tools-* # cd smbldap-tools-x.x.x # yes | cp -a smbldap-* smbldap_*.pm /usr/local/sbin/ # mkdir -p /etc/opt/IDEALX/smbldap-tools # cp smbldap*.conf configure.pl /etc/opt/IDEALX/smbldap-tools # chmod 755 /etc/opt/IDEALX/smbldap-tools # chmod 644 /etc/opt/IDEALX/smbldap-toolssmbldap.conf # chmod 600 /etc/opt/IDEALX/smbldap-toolssmbldap_bind.conf
# tar zxf smbldap-tools-x.x.x.tgz # chown -R root: smbldap-tools-* # cd smbldap-tools-x.x.x # yes | cp -a smbldap-* smbldap_*.pm /usr/local/sbin/ # mkdir /etc/smbldap-tools # cp smbldap*.conf configure.pl /etc/smbldap-tools/ # chmod 755 /etc/smbldap-tools # chmod 644 /etc/smbldap-tools/smbldap.conf # chmod 600 /etc/smbldap-tools/smbldap_bind.conf
# cpan (or perl -MCPAN -e shell) # install MODULE_NAME
# cd /etc/smbldap-tools/
# ./configure.pl
Samba Config File Location [] > /dev/null
smbldap Config file Location (global parameters) [/etc/smbldap-tools/smbldap.conf] > [Enter]
smbldap Config file Location (bind parameters) [/etc/smbldap-tools/smbldap_bind.conf] > [Enter]
workgroup name [] > EXAMPLE
netbios name [] > EXAMPLE
logon drive [] > [Enter]
logon home (press the "." character if you don't want homeDirectory) [\\EXAMPLE\%U] > [Enter]
logon path (press the "." character if you don't want roaming profile) [\\EXAMPLE\profiles\%U] > [Enter]
. home directory prefix (use %U as username) [/home/%U] > [Enter]
. default users' homeDirectory mode [700] > [Enter]
. default user netlogon script (use %U as username) [] > [Enter]
default password validation time (time in days) [45] > [Enter]
. ldap suffix [ldapsuffix] > dc=example,dc=com
. ldap group suffix [ldapgroupsuffix] > ou=Groups
. ldap user suffix [ldapusersuffix] > ou=Users
. ldap machine suffix [ldapmachinesuffix] > ou=Computers
. Idmap suffix [ou=Idmap] > [Enter]
sambaUnixIdPooldn object (relative to ${suffix}) [sambaDomainName=EXAMPLE] > [Enter]
. ldap master server [127.0.0.1] > [Enter]
. ldap master port [389] > [Enter]
. ldap master bind dn [] > cn=Manager,dc=example,dc=com
. ldap master bind password [] > [input your plain secret for Master LDAP Server]
ldap slave server [127.0.0.1] > [Enter]
. ldap slave port [389] > [Enter]
. ldap slave bind dn [] > cn=Manager,dc=example,dc=com
. ldap slave bind password [] > [input your plain secret for Slave LDAP Server]
. ldap tls support (1/0) [0] >
SID for domain MYGROUP [S-1-5-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX] > [Enter]
unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) [SSHA] > [Enter]
. default user gidNumber [513] > [Enter]
. default computer gidNumber [515] > [Enter]
. default login shell [/bin/bash] > [Enter]
. default domain name to append to mail adress [] > example.com
# cd /etc/smbldap-tools/ # ./configure.pl Samba Config File Location [] > /etc/samba/smb.conf (same as above.)
The configure script bundled with smbldap-tools cannot handle all parameters.
* The configure.pl script of SMBLDAP-TOOLS 0.8.5-2 or later does not need to edit this.
# vi /etc/smbldap-tools/smbldap.conf
| Parameter | Related | Feature |
|---|---|---|
| mailDomain | smbldap-qmail-tools | If smbldap-qmail-useradd is performed without using the -m option, username@mailDomain will set to a mail address. |
SMBLDAP-TOOLS Addons is designed for the Directory Information Tree (DIT) created by smbldap-populate of SMBLDAP-TOOLS. Please excute the following command at first.
If you already have a DIT without using smbldap-populate, we recommend reconstructing it.
# smbldap-populate
smbldap-populate require a samba.schema (Samba).
# tar zxf samba-x.x.x.tgz # chown -R root: samba-* # cd samba-x.x.x # yes | cp -a examples/LDAP/samba.schema /etc/openldap/schema/
Edit /etc/openldap/slapd.conf
# Samba include /etc/openldap/schema/samba.schema
Restart ldap server
/etc/init.d/ldap restart