6.4. Questions and AnswersThere is much rumor and misinformation regarding the use of MS Windows networking protocols. These questions are just a few of those frequently asked. F.A.Q.
Example 6.3.1. LDAP Master Server Configuration File /etc/openldap/slapd.confinclude /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args database bdb suffix "dc=abmas,dc=biz" rootdn "cn=Manager,dc=abmas,dc=biz" # rootpw = not24get rootpw {SSHA}86kTavd9Dw3FAz6qzWTrCOKX/c0Qe+UV replica host=lapdc.abmas.biz:389 suffix="dc=abmas,dc=biz" binddn="cn=updateuser,dc=abmas,dc=biz" bindmethod=simple credentials=not24get access to attrs=sambaLMPassword,sambaNTPassword by dn="cn=sambaadmin,dc=abmas,dc=biz" write by * none replogfile /var/lib/ldap/replogfile directory /var/lib/ldap # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub Example 6.3.2. LDAP Slave Configuration File /etc/openldap/slapd.confinclude /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args database bdb suffix "dc=abmas,dc=biz" rootdn "cn=Manager,dc=abmas,dc=biz" # rootpw = not24get rootpw {SSHA}86kTavd9Dw3FAz6qzWTrCOKX/c0Qe+UV access to * by dn=cn=updateuser,dc=abmas,dc=biz write by * read updatedn cn=updateuser,dc=abmas,dc=biz updateref ldap://massive.abmas.biz directory /var/lib/ldap # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub Example 6.3.3. Primary Domain Controller smb.conf File Part A# Global parameters [global] unix charset = LOCALE workgroup = MEGANET2 passdb backend = ldapsam : ldap : //massive.abmas.biz username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 0 smb ports = 139 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS add user script = /opt /IDEALX/sbin /smbldapuseradd m '%u ' delete user script = /opt /IDEALX/sbin /smbldapuserdel '%u ' add group script = /opt /IDEALX/sbin /smbldapgroupadd p '%g ' delete group script = /opt /IDEALX/sbin /smbldapgroupdel '%g ' add user to group script = /opt /IDEALX/sbin /smbldapgroupmod m '%g' '%u' delete user from group script = /opt /IDEALX/sbin /smbldapgroupmod x '%g ' '%u ' set primary group script = /opt /IDEALX/sbin /smbldapusermod g '%g ' '%u ' add machine script = /opt /IDEALX/sbin /smbldapuseradd w '%u ' shutdown script = /var /lib/samba/scripts /shutdown.sh abort shutdown script = /sbin /shutdown c logon script = scripts \ logon.bat logon path = \\%L\ profiles \%U logon drive = X: domain logons = Yes domain master = Yes wins support = Yes ldap suffix = dc=abmas, dc=biz ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=sambaadmin, dc=abmas, dc=biz idmap backend = ldap : //massive.abmas.biz idmap uid = 1000020000 idmap gid = 1000020000 printer admin = root printing = cups Example 6.3.4. Primary Domain Controller smb.conf File Part B[IPC$] path = /tmp [accounts] comment = Accounting Files path = /data/accounts read only = No [service] comment = Financial Services Files path = /data /service read only = No [pidata] comment = Property Insurance Files path = /data /pidata read only = No [homes] comment = Home Directories valid users = %S read only = No browseable = No [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = Yes printable = Yes browseable = No Example 6.3.5. Primary Domain Controller smb.conf File Part C[apps] comment = Application Files path = /apps admin users = bjones read only = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon admin users = root, Administrator guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [profdata] comment = Profile Data Share path = /var/lib/samba/profdata read only = No profile acls = Yes [print$] comment = Printer Drivers path = /var /lib/samba/drivers write list = root admin users = root, Administrator Example 6.3.6. Backup Domain Controller smb.conf File Part A# \# Global parameters [global] unix charset = LOCALE workgroup = MEGANET2 netbios name = BLDG1 passdb backend = ldapsam : ldap : //lapdc.abmas.biz username map = /etc/samba/smbusers log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 name resolve order = wins bcast hosts printcap name = CUPS show add printer wizard = No logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes os level = 63 domain master = No wins server = 192.168.2.1 ldap suffix = dc=abmas, dc=biz ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=sambaadmin, dc=abmas, dc=biz utmp = Yes idmap backend = ldap : //massive.abmas.biz idmap uid = 10000 20000 idmap gid = 10000 20000 printing = cups [accounts] comment = Accounting Files path = /data/accounts read only = No [service] comment = Financial Services Files path = /data/service read only = No Example 6.3.7. Backup Domain Controller smb.conf File Part B[pidata] comment = Property Insurance Files path = /data /pidata read only = No [homes] comment = Home Directories valid users = %S read only = No browseable = No [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = Yes printable = Yes browseable = No [apps] comment = Application Files path = /apps admin users = bjones read only = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [profdata] comment = Profile Data Share path = /var/lib/samba/profdata read only = No profile acls = Yes |