The SAMBA-LDAP-PDC Howto

Revision : 1.24

To do so, use the following command (assuming ’secret’ is the ldap admin dn password, see
your /etc/openldap/slapd.conf configuration file to be sure) :
[root@pdc-srv samba]# smbpasswd -w secret
Setting stored password for "cn=Manager,dc=IDEALX,dc=ORG" in secrets.tdb
Samba will store this datas in /etc/samba/secrets.tbd.
Note that this ldap admin dn may be another account than Root DN : you should use another
ldap account who should have permissions to write any sambaAccount and some posixAccount
attrs (see ?? on page ??). In this HOWTO, we’re using the Root DN.
Then, you should create your ’Administrator’ user :
[root@pdc-srv samba]# smbldap-useradd.pl -a -m -g 200 administrator
adding new entry "uid=administrator,ou=Users,dc=IDEALX,dc=ORG"
modifying entry "uid=administrator,ou=Users,dc=IDEALX,dc=ORG"
modifying entry "uid=administrator,ou=Users,dc=IDEALX,dc=ORG"

[root@pdc-srv samba]# smbldap-passwd.pl administrator
Changing password for administrator
New password :
Retype new password :
all authentication tokens updated successfully

In fact, any user placed in the ”Domain Admins” group will be granted Windows admin
rights.

6.4

Testing

To validate your Samba configuration, use testparm who should return ’Loaded services file
OK.’ without any warnings nor unknow parameter. See man testparm for more info.

page 18/56