Fedora :: Configuring Directory Server 389 Samba LDAP Tools
Feb 5, 2010
I've been busy with configuring Samba with the 389-Directory Server (former Fedora Directory Server) for the past weeks and I almost have everything working. The last thing (I hope) that I haven working are the smbldap-tools which I'd like to use for adding computers and users to the domain. The part where I'm stuck is with the security certificates. I don know how to get the client certificates out of my installation.
My smbldap.conf file contains this:
Code:
# $Source: $
# $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $
#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools
# Purpose :
# . be the configuration file for all smbldap-tools scripts .....
I used the setupssl2.sh script to setup ssl for my 389-ds, which seemed to have worked fine. I however simply have no clou how to get client certificates out of this.
View 1 Replies
ADVERTISEMENT
Jan 18, 2010
how to make a new Ubuntu 9.10 box use our LDAP/Samba server for user authentication. Our Red Hat and Windows machines all use it just fine. I've been trying to use the auth-client-config and libnss-ldap packages for this purpose, but I must be missing something. I'm pretty green with LDAP, so this is my first time diving in... Is there a good How-To or step-by-step read on this? All of my searches lead me to setting up Ubuntu as the server, and that isn't what I want. I've also tried the steps listed in [URL] for the LDAP Authentication section.
View 1 Replies
View Related
Mar 13, 2010
i have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
View 3 Replies
View Related
Aug 2, 2011
when i m configuring ldap server on linux 6.0 for my college project with the script below :- problem is that DB_config.example is not available under /usr/share/doc/openldap-servers-2.4.23/
[ for query without SSL ]
# ldapme
# vim /etc/auto.master
[code]....
View 6 Replies
View Related
Sep 23, 2010
I'm having some trouble getting samba to work properly. I'm following this tutorial [URL] when I run
Code: sudo smbclient -L localhost I receive the following: Code: Enter root's password: Anonymous login successful Domain=[SAMBA] OS=[Unix] Server=[Samba 3.4.7]
tree connect failed: NT_STATUS_END_OF_FILE I'm lost!
View 3 Replies
View Related
Jan 29, 2010
i want to configure an Open LDAP server in Ubuntu....and also want it to connect to its clients, i have two machines for testing,one for client & one for server, i followed the tutorials on ubuntu documentation,but did not succeed in making either the client or the server,
View 2 Replies
View Related
May 12, 2009
I am trying to set up to serve Linux kernels and filesystems disklessly, and find the startup and test procedure a bit tedious.Can anyone point to a tool or tools to allow me to see what is going on with my DHCP/TFTP/PXE setup, which I'm trying to get working? Ideally, I'd like a tool that can do something like grab an IP from a DHCP/BOOTP server, tell me all about all that it found, and then if it was told to download a file, it could do that and tell me about how that went, and so on. Between the information reported by the tool and the droppings left in logfiles on the server side, I would hope to simplify the configuration process, as well as let me experiment with various options, etc. Even a PXE client tool that I can use to exercise my tftp PXE server configuration from a shell commandline would be extremely useful.If no such tool already exists, would anyone else find something like this useful?
View 3 Replies
View Related
Mar 16, 2010
I have installed fedora-ds-1.0.4-1.FC6.x86_64.opt.rpm on RHEL 5 Enterprise, which I use for Oracle BIEE. Now I need to install the FDS in another RHEL 5 and mirror only the FDS.
configure the mirroring part for the Fedora Directory Server.
View 3 Replies
View Related
Jan 13, 2011
I would like to request the software which can ensure the confidentiality of the files which stored in samba server.
View 1 Replies
View Related
Sep 26, 2010
I have configured ldap on Debian5 and samba on another machine, all servers are running ok, but when i try to add users, it gives me an errror that "unknown user"
View 4 Replies
View Related
Jul 25, 2010
Install and configure Samba as a primary domain controller with LDAP on Linux.i setup it step by step following article without error until step 10.i want to join windows client when press user name and password for domain then display message:The following error occurred attempting to join the domain BIGTIME:
The network path was not found.
View 3 Replies
View Related
Apr 22, 2009
I would like to setup LDAP (openldap) with Samba. I would like to know what should I setup first? Should I setup LDAP before Samba or Samba before LDAP?
View 1 Replies
View Related
Jun 17, 2011
I've been testing a PDC with samba and LDAP these days with the following unsolved issue. 1. I can add the client PC (Windows XP SP3) with the Domain Admin user (Manager) from the client PC, but when i try to add a user I get this message "The trust relationship between this workstation and primary domain failed", so as it can be added later I ignored this message and choose 'close' and reboot the PC. 2. Since the login screen is showed, the message 'Duplicate name exists on the network' appears. So I try to log on with a valid domain username and password after pressing ctrl+alt+del and get the error message: "System cannot log you on because domain rmprb is not available"
[Code]...
View 1 Replies
View Related
Sep 8, 2009
I installed CentOS 5.2 and then run yum update. I configured this server as LDAP/Samba primary domain controller. LDAP seems to be OK and for testing I am able to create users with:smbldap-tools useradd -am usernameI can ssh into the server as root and also as a Linux user which was locally created in the server. But ssh into the server as LDAP user fails (from a Fedora 11 machine) with "Permission denied, please try again", prompting again for password.Some data:
# rpm -qa | grep ldap
python-ldap-2.2.0-2.1
php-ldap-5.1.6-23.2.el5_3
[code]....
View 1 Replies
View Related
May 5, 2010
I'm trying to set up a Samba share that's available over the network to a group of users in our institution. Our infrastructure is based on Novell Netware (slowly migrating to OES), and thus our authentication is managed by eDirectory. All our other shares are managed by Netware, but this one lives on a standalone Ubuntu server.
I've succeeded in setting up the share, and users can access it without a problem. The trouble is that currently it only works by treating all users as guest users and giving them the same privileges over the share. Is it possible to get Samba to authenticate users against eDirectory via LDAP? Would I have to get Ubuntu to authenticate against eDirectory, then Samba against Ubuntu, or can Samba do it directly? I've not really worked with LDAP before so I'm unsure where to start.
View 2 Replies
View Related
Jun 9, 2011
I've tried to followed exactly the steps in:
[URL]
on how to setup Samba PDC w/ LDAP backend. I've reach far up to page two of the tutorial. However I'm stucked in the middle of the part of page two:
[URL]
in the part of the Start the LDAP Samba installation up and I should type the :
#useradd user1
#smbldap-useradd -a -G 'Domain Users' -m -s /bin/bash -d /home/user2 -F "" -P user1
I get this error:
Error looking for next uid in sambaDomainName=sambaDomain,dc=DOMAINNAME:No such object at /usr/lob/perl5/vendor_perl/5.8.8/smbldap_tools.pm line 1194.why does this appear, Is there any configurations missing?
View 1 Replies
View Related
Jan 11, 2011
How to authenticate Samba server with another LDAP Server.
- I would like to set up samba server(CentOS5 samba version 3.0.33)for sharing directory. WindowXP client will can access to samba if username and password match with username and password of another existing LDAP server.
- I only know URL and DN of LDAP server and can not modify anything on LDAP Server.
- Can I config at samba server for requirement above.
View 2 Replies
View Related
Oct 24, 2010
Making a Samba Server with LDAP authentication. Will post as I go along. Found these sources, anything/hiccups I should know before jumping in? Figure would follow the official documentation then check the others for comparative errors.
https://help.ubuntu.com/10.04/server...ap-server.html
https://help.ubuntu.com/10.04/server...amba-ldap.html
http://tuxnetworks.blogspot.com/2010...cid-short.html
Also Do other computers that want access to server also need samba installed (or just client)?
The server is 10.04 and my proposed client is 10.10, does this create problems?
Do I need to use ACL? I see them only in certain places.
Using xfce after Ubuntu install, not sure if this matters.
View 9 Replies
View Related
Jul 28, 2010
I just tried to build my own samba/ldap server on opensuse 11.3 and i am continuously getting an invalid credentials error when doing the smbpasswd -a command. Below are my smb and ldap files.
smb.conf
# Primary Domain Controller smb.conf
# Global parameters
[global]
unix charset = utf8
workgroup = MERCDOMAIN
netbios name = mercserver
passdb backend =ldapsam:"ldap://mercserver.mercdomain.com"
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
#name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = logon.bat
logon path = \mercserverprofiles\%u
logon drive = H:
domain logons = Yes
domain master = Yes
wins support = Yes
# peformance optimization all users stored in ldap
ldapsam:trusted = yes
ldap suffix = dc=mercdomain,dc=com
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=People,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=mercserver,dc=com
ldap ssl = off
idmap backend = ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = root
printing = cups
# = Share Definitions =
[homes]
comment = Home Directories
valid users = %S
browseable = yes
writable = yes
create mask = 0600
directory mask = 0700
[sysvol]
path = /home/data/samba/sysvol
read only = no
[netlogon]
comment = Network Logon Service
path = /home/data/samba/sysvol/vavai.net/scripts
writeable = yes
browseable = yes
read only = no
[profiles]
path = /home/data/samba/profiles
writeable = yes
browseable = no
read only = no
create mode = 0777
directory mode = 0777
[Documents]
comment = share to test samba
path = /home/data/documents
writeable = yes
browseable = yes
read only = no
valid users = "@Domain Users"
slapd.conf
UW PICO 5.04 File: /etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba3.schema
modulepath /usr/lib/openldap/modules/
# moduleload back_bdb.la
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
# Samba Primary Database mercdomain.com
database bdb
suffix "dc=mercdomain,dc=com"
directory /var/lib/ldap
rootdn "cn=Manager,dc=mercdomain,dc=com"
rootpw merc84
index entryCSN eq
index entryUUID eq
#access to attrs=userPassword,sambaLMPassword,sambaNTPassword
# by self write
# by dn="cn=Manager,dc=mercdomain,dc=com" write
# by * auth
#access to *
# by dn="cn=Manager,dc=mercdomain,dc=com" write
# by * read
# Indices to maintain
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
ldap.conf
UW PICO 5.04 File: ldap.conf # LDAP Master
host mercserver.mercdomain.com
base dc=mercdomain,dc=com
binddn cn=Manager,dc=mercdomain,dc=com
bindpw merc84
bind_policy soft
pam_password exop
nss_base_passwd ou=People,ou=Users,dc=mercdomain,dc=com?one
nss_base_shadow ou=People,ou=Users,dc=mercdomain,dc=com?one
nss_base_passwd ou=Computers,ou=Users,dc=mercdomain,dc=com?one
nss_base_shadow ou=Computers,ou=Users,dc=mercdomain,dc=com?one
nss_base_group ou=Groups,dc=mercdomain,dc=com?one
ssl no
View 1 Replies
View Related
Feb 24, 2009
I'm trying to setup a Samba network share with a Fedora Directory Server backend. This will be used primarily for Windows users to authenticate before accessing the share. I am using Fedora Core 10 and have all of the latest updates installed. When I try to connect from a Windows machine, I am prompted for a username and password. I enter the username and password of the account I created in Fedora Directory Server in OU=People. The credentials are rejected. At the same time in the log file I see this:
[2009/02/24 16:50:16, 3] auth/auth_sam.c:check_sam_security(282)
check_sam_security: Couldn't find user 'Administrator' in passdb.
[2009/02/24 16:50:16, 2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password: Authentication for user [Administrator] -> [Administrator] FAILED with error NT_STATUS_NO_SUCH_USER
Administrator is the user I created in Fedora Directory Server. If I perform an ldapsearch it will find the user as uid: Administrator so I know it is able to be looked up in FDS. But I'm guessing that's not the problem.
[Code]...
View 4 Replies
View Related
Nov 12, 2010
I have Centos ( and Postfix+ldap+dovecot ) TLS works with Postfix and LDAP. When I open evolution mail client I can browse ldap tree and search for users, send-receive mails ...all fine
View 3 Replies
View Related
Mar 16, 2009
I did useradd -g users ldaptest and tried logging in remotely but the client always says no such user. what do I have to do to update the users that LDAP sees?
View 2 Replies
View Related
Oct 28, 2010
Does winbindd must run on linux box client on network with samba ldap server configured as PDC.
View 5 Replies
View Related
Apr 21, 2010
I setup openldap and samba on 9.10. The ubuntu desktop client gets authenticated successfully with the server.
But when I do a passwd on the client, only the ldap passwd is getting changed but not in the samba and the unix user account.
My smb.conf
Code:
passdb backend = ldapsam:ldap://192.168.3.100
ldap suffix = dc=example,dc=local
ldap user suffix = ou=People
ldap group suffix = ou=Groups
[Code]....
View 4 Replies
View Related
Jun 24, 2011
I`am just trying to connect Samba with ldap to make it simpler for the users to log in. We have already attached squid, so by that we thought it would be easy to do the same with samba. I think we did something wrong with the ldap config for the os with is btw:
Quote:
SUSE Linux Enterprise Server 11 (x86_64)
VERSION = 11
PATCHLEVEL = 1
We added
Quote:
ldap admin dn = cn=xxx,o=xxx
[Code]...
View 1 Replies
View Related
Dec 8, 2009
I've setup my samba pdc with ldap, and I can see my shared files (public), which i think is an indication that my samba is working. But I can't seems to get my win2k8 machine to join my domain.
My domain admin is : root system admin: root password for both domain admin and system admin are the same The message that I get from Win2k8 when I try to join a domain is "The specified computer account could not be found. Contact an administrator to verify the account is in the domain. If the account has been deleted unjoin, reboot, and rejoin the domain"
[Code]...
View 2 Replies
View Related
Oct 12, 2010
We have a bunch of directories created for apps on server that were configured to a local group account (for ex: oracle). We have enabled AD using winbind after 6 months after these servers have been in use. So how can we tie the local oracle group account with the one in our AD tree.the test useris configured in the oracle group in AD and the test users primary group is oracle
View 1 Replies
View Related
Mar 24, 2010
I've installed Directory Server (LDAP). The setup has been done according to the tutorials online. Able to access the interface as well. So far so good. The issue I have is with permissions. I can assign file permissions to a user created in the Directory Server ( user not created on the local server). But the same can't be done for a group - alteast the way I currently see it. How could i assign file system rights to a group created in the directory server.
View 5 Replies
View Related
Nov 19, 2010
(This was posted at the end of another thread, where it probably didn't belong, so reposting here)I have Active Directory set up on one machine (and I can't really adjust the settings very much) and Ubuntu Server 10.04, which I would like to use as a client.I followed the directions at https://help.ubuntu.com/community/LD...Authentication, but when I get to
Code:
getent passwd
I don't see anything from the LDAP, and ssh'ing into the box from an LDAP/AD username certainly doesn't work.
In addition, I've attempted to use Webmin's LDAP Configuration module to configure it. I can connect to the server and can browse it with the LDAP browser with my settings, but the Webmin package doesn't recognize the users (which are organized in one of four Organizational Units (OUs) within the OU that I have as my Search Base) as users,
View 1 Replies
View Related
May 9, 2011
My slapd.conf file
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
# Do not enable referrals until AFTER you have a working directory
code....
View 19 Replies
View Related
