The SAMBA-LDAP-PDC Howto

92
93

Revision : 1.24

cn: Backup Operators
description: Windows Domain Members can bypass file security to back up files

94
95
96
97
98
99
100

dn: cn=Replicator,ou=Groups,dc=IDEALX,dc=ORG
description: Supports file replication in a domain
objectClass: posixGroup
gidNumber: 228
cn: Replicator
description: Windows Domain Supports file replication in a domain

22.3

/etc/ldap.conf

Here’s an complete sample /etc/ldap.conf used in this HOWTO.
1
2
3
4

# $Id: ldap-conf.tex,v 1.3 2002/06/06 05:31:00 olem Exp $
# $Source: /cvs/public/samba/samba-ldap-howto/ldap-conf.tex,v $
#
# /etc/ldap.conf for using local LDAP server for authentification

5
6
7

# Your LDAP server. Must be resolvable without using LDAP.
host 127.0.0.1

8
9
10

# The distinguished name of the search base.
base dc=IDEALX,dc=org

11
12
13
14
15

# RFC2307bis naming contexts
nss_base_passwd
dc=IDEALX,dc=org?sub
nss_base_shadow
dc=IDEALX,dc=org?sub
nss_base_group
ou=Groups,dc=IDEALX,dc=org?one

16
17
18

ssl no
pam_password md5

19
20

# - The End

22.4

smb.conf

Here’s an sample /etc/samba/smb.conf used in this HOWTO.
1
2
3
4
5
6
7
8

[global]
workgroup = IDEALX-NT
netbios name = PDC-SRV
server string = SAMBA-LDAP PDC Server
encrypt passwords = Yes
passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
unix password sync = Yes

9
10
11
12

log file = /var/log/samba/%m.log
log level = 5 ; remember to lower the log level in real life :-)
max log size = 0

13
14
15

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

16
17
18
19
20

domain logons = Yes
os level = 80
preferred master = False
domain master = True

page 55/56