samba ldap howto.pdf
Vista previa de texto
The SAMBA-LDAP-PDC Howto
Revision : 1.24
112
113
114
115
116
117
118
119
120
##
## The smbPasswordEntry objectclass has been depreciated in favor of the
## sambaAccount objectclass
##
#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME ’smbPasswordEntry’ SUP top AUXILIARY
#
DESC ’Samba smbpasswd entry’
#
MUST ( uid $ uidNumber )
#
MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))
121
122
123
124
125
126
127
128
objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME ’sambaAccount’ SUP top STRUCTURAL
DESC ’Samba Account’
MUST ( uid $ rid )
MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
description $ userWorkstations $ primaryGroupID $ domain ))
129
130
131
132
133
134
135
##
## Used for Winbind experimentation
##
objectclass ( 1.3.6.1.4.1.7165.1.2.2.3 NAME ’uidPool’ SUP top AUXILIARY
DESC ’Pool for allocating UNIX uids’
MUST ( uidNumber $ cn ) )
136
137
138
139
objectclass ( 1.3.6.1.4.1.7165.1.2.2.4 NAME ’gidPool’ SUP top AUXILIARY
DESC ’Pool for allocating UNIX gids’
MUST ( gidNumber $ cn ) )
22.2
base.ldif
Here’s a LDIF output of initial entries for the OpenLDAP server. Most of the groups are not
of any usage (excepting being groups, which is afterall enought to be usable :-).
In this HOWTO, we used the ’Domain Users’ group to be the default group all Samba users
belong. The user ’nobody’ is member of the ’Guests’ group.
1
2
3
dn: dc=IDEALX,dc=ORG
objectClass: domain
dc: IDEALX
4
5
6
7
8
9
dn: ou=Groups,dc=IDEALX,dc=ORG
objectClass: top
objectClass: organizationalUnit
ou: Groups
description: System Groups
10
11
12
13
14
15
dn: ou=Users,dc=IDEALX,dc=ORG
objectClass: top
objectClass: organizationalUnit
ou: Users
description: Users of the Organization
16
17
18
19
20
21
dn: ou=Computers,dc=IDEALX,dc=ORG
objectClass: top
objectClass: organizationalUnit
ou: Computers
description: Windows Domain Computers
22
23
24
25
dn: cn=Domain Admins,ou=Groups,dc=IDEALX,dc=ORG
objectClass: posixGroup
gidNumber: 200
page 53/56