Page 4 of 6 FirstFirst ... 23456 LastLast
Results 31 to 40 of 60

Thread: [HOW TO] Ubuntu Server 9.04 PDC

  1. #31
    Join Date
    Oct 2009
    Beans
    2

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    I hope to help u!
    Thank you, mate but your config is simple file server example
    I can't auth my smb-client against my domain.

    Once again, =server= samba setup seems to be ok, since Windows XP SP3 machines works just perfect.

    Now i'm in doubt about a way of login authentication - do i have to remove all ldap stuff from my client? Switch from ldap to winbind only?
    Still didn't find anything except bunch of Linux+AD howtos and tutors

  2. #32
    Join Date
    Jun 2008
    Beans
    12

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    I am aswell having this Problem:

    Code:
    sudo smbldap-populate
    Unable to open /etc/opt/IDEALX/smbldap-tools/smbldap.conf for reading !
    Compilation failed in require at /usr/sbin/smbldap-populate line 31.
    BEGIN failed--compilation aborted at /usr/sbin/smbldap-populate line 31.
    dpkg-reconfigure slapd did not solve it, I am using Ubuntu Server 8.04 x64.

    Can I supply any further infos?

  3. #33
    Join Date
    Mar 2006
    Beans
    124

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    FYI, this worked great on Ubuntu Server 9.10 (Karmic Koala).

  4. #34
    Join Date
    Nov 2009
    Beans
    4

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    HI

    I solve the smbldap-populate problem doing this:

    slappasswd

    this command will ask for a password (twice) enter "12345" it will return an ssha hash in the following format:

    {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXX

    open /etc/ldap/slapd.conf
    and add/edit the following:

    rootdn cn=admin,dc=example,dc=local
    rootpw {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXX


    Now reboot or restart and the commands should run fine.


    from this link http://ubuntuforums.org/archive/inde...40760-p-4.html from the whoop user (thankS)!!

    and the 19 step problem with getent group setting the IP of server instead nameserver in the ldap-auth-client configuration step (this 19 step)

    So I hope this can help someone

    and GREAT GREAT tutorial!!!! thanks!!!!!!!!!!!!!!!!!!!!!

  5. #35
    Join Date
    Nov 2009
    Beans
    46

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    I am also having the problem with smnldap-populate. I'm using Ubuntu 9.10 when I run dpkg-reconfigure slapd I only get 3 yes no questions. I've tried to manually create smbldap_bind.confand smbldap.conf but still no luck. Any ideas?

  6. #36
    Join Date
    Nov 2009
    Beans
    46

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    Fixed it. Some one else mentioned manually making the files, (that didn't work for my set up). Here's what I did to get it to work

    1.Getting smbldap-tools ready

    In a terminal window with root privileges browse to the examples directory

    cd /usr/share/doc/smbldap-tools/examples/
    Then execute the following commands

    cp smbldap_bind.conf /etc/smbldap-tools/
    cp smbldap.conf.gz /etc/smbldap-tools/
    gzip -d /etc/smbldap-tools/smbldap.conf.gz


    Open up the smbldap-tools directory:

    cd /etc/smbldap-tools/
    2.Get your netSID for your domain

    net getlocalsid

    It will return something like:

    SID for domain SERVERNAME is: S-1-5-21-2899629268-4176875250-2352135513
    Copy this number

    3.Edit your smbldap.conf file

    gedit /etc/smbldap-tools/smbldap.conf
    We need to make the following changes, but you cannot just copy and paste them into the file. You need to search for them and make the adjustments.

    SID="S-1-5-21-949328747-3404738746-3052206637" ## This line must have the same SID as when you ran "net getlocalsid"
    sambaDomain="EXAMPLE"
    ldapTLS="0"
    suffix="dc=example,dc=local"
    sambaUnixIdPooldn="sambaDomainName=EXAMPLE,${suffi x}" ## Be careful with this section!!
    userHome="/home/%U" ## This is found in the UNIX section.
    userSmbHome=
    userProfile=
    userHomeDrive=
    userScript=
    mailDomain="example.local"

    4.Open the file /etc/smbldap-tools/smbldap_bind.conf file for editing:

    gedit /etc/smbldap-tools/smbldap_bind.conf
    Edit the file so the following is correct according to your setup

    slaveDN="cn=admin,dc=example,dc=local"
    slavePw="12345"
    masterDN="cn=admin,dc=example,dc=local"
    masterPw="12345"

    5.Set the correct permission for the above two files
    chmod 0644 /etc/smbldap-tools/smbldap.conf
    chmod 0600 /etc/smbldap-tools/smbldap_bind.conf
    Last edited by abishur; November 18th, 2009 at 09:09 PM. Reason: readability corrections

  7. #37
    Join Date
    Nov 2009
    Beans
    4

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    Great tutorial !
    Last edited by siate; November 18th, 2009 at 10:12 PM.

  8. #38
    Join Date
    Nov 2009
    Beans
    46

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    Quote Originally Posted by siate View Post
    Great tutorial !
    Thanks abishur because what you wrote really helped me since I had that problem. But here is the thing I followed every step of that HOW TO but I am not using that server as a PDC,in fact I want to share folders with samba in which the authentification and right access will be managed by LDAP.
    Thus,the only diffrence I have between this HOW TO and my server is the :
    #be a PDC ...
    domain logons : No
    domain master : no
    #be a wins server
    wins support : No
    wins server : 192.168.7.2
    Do you think it can work ? Am I right to do it like that ?
    Everything went "nearly" as expected but I can only connect the server with the root account and get access to the shared folders and files, the david account doesn't work and I tried to create another user to log in but it also doesn't work.How can I create users who wiil be able to connect the server ? Any ideas ?
    No problem! It's always frustrating to find a thread where the person obviously solved their problem, but didn't tell others how to do it.

    Let me make sure I'm understanding what you want. Your setup is as follows

    1. Computer A: Wins Server (and largely unimportant to the issue at hand if I understand samba and openLDAP)
    2. Computer B: LDAP Server using Samba as a means of Windows authentication

    And what you want to do is access the folders with other accounts in your LDAP directory.

    IF the above is correct, then I think I have a solution for you. Go to
    "Applications->Ubuntu Software Center"
    In the search field, type in Samba and install the first one (it just says Samba)

    This will install the samba GUI under
    "System->Administration->Samba
    If you click on the + sign at the top it will open up a dialog to add a new share (if you highlight an existing sharing and then click on the gear it will let you edit an existing share)

    The second tab in this dialog says "Access" it will display a list of both local users and LDAP users. You can either check the ones you want to access it or you can say "Allow access to everyone"

    Now, if for ANY reason you don't see your ldap users, I would say there's a problem with authentication between Samba and LDAP. If that's the case let me know and I probably know what's wrong with it.

    Edit: Oh yeah, make sure to allow SAMBA access through your firewall if you have it turned on. I forgot to do that the first time I set this up and reinstalled Linux 3 times before I realized what I was doing!

  9. #39
    Join Date
    Nov 2009
    Beans
    4

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    First thank you, I think that what you seem to understand is right (forgive me for my bad english but I'm from Tahiti -> speak french there :S).
    Everything works fine now and the "application" you made me install is really simple and useful but I'm actually in an intership/work placement/training(I work in an enterprise for a limited period in order to get a diploma in the end) and what they want me to do is to manage the right acces with LDAP(everything else is good now).
    Do you think it is possible ?
    How do i do that ?

  10. #40
    Join Date
    Nov 2009
    Beans
    46

    Re: [HOW TO] Ubuntu Server 9.04 PDC

    Ah, I see what you're saying. You want to control access DIRECTLY from LDAP. And to answer your question, that's what you are doing with the Samba application.

    Explanation:

    LDAP is a protocol for authentication and openLDAP is a program for Linux which uses the LDAP protocol. It is, for all intents and purposes, Active Directory for Linux.

    In a Windows based environment Active Directory is used to set up user account but it is not the means by which a folder or file is shared. Windows has a built in File Sharing system which does that. However! Windows CAN control access by using user names and/or groups to tell who can and cannot access a specific resource shared on the network.

    Taking that concept to Linux, openLDAP sets up users and groups. Then Samba shares folders for Windows based computers to use. In that Samba interface I had you install, the "Access" tab actually lists the users and groups you've set up in openLDAP. So when you check a name in the Samba application it is actually using openLDAP.

    Here's a step by step look at what (basically) happens
    1. Samba Shares a folder and gives a specific user in openLDAP access to it
    2. PC User attempts to access shared folder via Samba
    3. Samba checks the Access List (ACL) and confirms that the user name has permission to access the folder
    4. Samba forwarders the user name and password to openLDAP
    5. openLDAP confirms that the user has the correct user name/password combo
    6. Samba permits user to access shared folder.
    This is also how Active Directory and Windows sharing work with each other. Of course if the user doesn't have permission then Samba will reject them and if the wrong password is provided the openLDAP will reject them.

    ALL of which is to say this: You already are using openLDAP to control folder access, but NO openLDAP is not capable of directly sharing folders because the LDAP protocol is not a file sharing protocol, it is an authenticationprotocol. We must use Samba because it is the file sharing protocol, but it is authenticating folder access against openLDAP.

Page 4 of 6 FirstFirst ... 23456 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •