Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
2009_samba_config [2008/07/17 09:46] |
2009_samba_config [2008/07/17 09:46] (aktuell) |
||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | === openSUSE 11 Installation unter VMware === | ||
+ | Für Installation: NAT-Netzwerk, 512 MB Ram | ||
+ | |||
+ | Textbasiert, minimaler Server | ||
+ | 4GB HDD: 500MB swap, Rest ext3 / | ||
+ | Systemstart: grup vom MBR, vga=788, umbenannt in server4eduction | ||
+ | Passwort: open23 | ||
+ | Software: | ||
+ | + mc, openldap2 openldap2-client, nss_ldap, pam_ldap, perl-ldap, perl-ldap-ssl, samba | ||
+ | - Novell appamor | ||
+ | |||
+ | Installation läuft... | ||
+ | |||
+ | Nach erstem Start: Beendet und Backup des VMware Image erstellt (~1,20GB) | ||
+ | |||
+ | <file> | ||
+ | # hostname s4e | ||
+ | # domainname d4e.at | ||
+ | # vi /etc/hosts (Zeile ändern mit 127.0.0.1 s4e localhost localhost.d4e.at | ||
+ | # yast repositories (CD/DVD Eintrag löschen) | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Jcode-2.07-1.1.i586.rpm | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-Map-0.112-1.1.i586.rpm | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-Map8-0.12-221.1.i586.rpm | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-String-2.09-12.1.i586.rpm | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/noarch/perl-Unicode-MapUTF8-1.11-5.1.noarch.rpm | ||
+ | # wget http://download.opensuse.org/repositories/home:/octo47:/samba30/openSUSE_11.0/noarch/smbldap-tools-0.9.5-2.1.noarch.rpm | ||
+ | # cd /etc/samba/ | ||
+ | # mv smb.conf smb.conf.OLD | ||
+ | </file> | ||
+ | |||
+ | > Datei: /etc/samba/smb.conf: | ||
+ | <file> | ||
+ | # # Primary Domain Controller smb.conf | ||
+ | # # Global parameters | ||
+ | [global] | ||
+ | unix charset = LOCALE | ||
+ | workgroup = D4E.AT | ||
+ | netbios name = s4e | ||
+ | passdb backend =ldapsam:"ldap://localhost" | ||
+ | username map = /etc/samba/smbusers | ||
+ | log level = 1 | ||
+ | syslog = 0 | ||
+ | log file = /var/log/samba/%m | ||
+ | max log size = 0 | ||
+ | name resolve order = wins bcast hosts | ||
+ | time server = Yes | ||
+ | printcap name = CUPS | ||
+ | add user script = /usr/sbin/smbldap-useradd -m '%u' | ||
+ | delete user script = /usr/sbin/smbldap-userdel '%u' | ||
+ | add group script = /usr/sbin/smbldap-groupadd -p '%g' | ||
+ | delete group script = /usr/sbin/smbldap-groupdel '%g' | ||
+ | add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u' | ||
+ | delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u' | ||
+ | set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' | ||
+ | add machine script = /usr/sbin/smbldap-useradd -w '%u' | ||
+ | logon script = logon.bat | ||
+ | logon path = \\s4e\profiles\%u | ||
+ | logon drive = N: | ||
+ | domain logons = Yes | ||
+ | domain master = Yes | ||
+ | wins support = Yes | ||
+ | # peformance optimization all users stored in ldap | ||
+ | ldapsam:trusted = yes | ||
+ | ldap suffix = dc=d4e,dc=at | ||
+ | ldap machine suffix = ou=Computers,ou=Users | ||
+ | ldap user suffix = ou=People,ou=Users | ||
+ | ldap group suffix = ou=Groups | ||
+ | ldap idmap suffix = ou=Idmap | ||
+ | ldap admin dn = cn=sambaadmin,dc=d4e,dc=at | ||
+ | idmap backend = ldap://127.0.0.1 | ||
+ | idmap uid = 10000-20000 | ||
+ | idmap gid = 10000-20000 | ||
+ | printer admin = root | ||
+ | printing = cups | ||
+ | |||
+ | [homes] | ||
+ | comment = Home Directories | ||
+ | valid users = %S | ||
+ | browseable = yes | ||
+ | writable = yes | ||
+ | create mask = 0600 | ||
+ | directory mask = 0700 | ||
+ | [netlogon] | ||
+ | comment = Network Logon Service | ||
+ | path = /etc/samba/netlogon | ||
+ | writeable = yes | ||
+ | browseable = yes | ||
+ | read only = no | ||
+ | [profiles] | ||
+ | path = /etc/samba/profiles | ||
+ | writeable = yes | ||
+ | browseable = no | ||
+ | read only = no | ||
+ | create mode = 0777 | ||
+ | directory mode = 0777 | ||
+ | </file> | ||
+ | |||
+ | <file> | ||
+ | # mkdir netlogon | ||
+ | # mkdir profiles | ||
+ | # cd /etc/openldap | ||
+ | # mv slapd.conf slapd.conf.OLD | ||
+ | # mv lapd.conf lapd.conf.OLD | ||
+ | </file> | ||
+ | |||
+ | > /etc/openldap/slapd.conf: | ||
+ | <file> | ||
+ | #slapd.conf Master Openldap2.3 | ||
+ | #path: /etc/openldap/slapd.conf | ||
+ | include /etc/openldap/schema/core.schema | ||
+ | include /etc/openldap/schema/cosine.schema | ||
+ | include /etc/openldap/schema/inetorgperson.schema | ||
+ | include /etc/openldap/schema/nis.schema | ||
+ | include /etc/openldap/schema/samba3.schema | ||
+ | modulepath /usr/lib/openldap/modules/ | ||
+ | # moduleload back_bdb.la | ||
+ | pidfile /var/run/slapd/slapd.pid | ||
+ | argsfile /var/run/slapd/slapd.args | ||
+ | # Samba Primary Database d4e.at | ||
+ | database bdb | ||
+ | suffix "dc=d4e,dc=at" | ||
+ | directory /var/lib/ldap | ||
+ | rootdn "cn=Manager,dc=d4e,dc=at" | ||
+ | rootpw {SSHA}9GOPn+cirSJwVwtXEzcmWO/zrjBodQhX | ||
+ | index entryCSN eq | ||
+ | index entryUUID eq | ||
+ | access to attrs=userPassword,sambaLMPassword,sambaNTPassword | ||
+ | by self write | ||
+ | by dn="cn=sambaadmin,dc=d4e,dc=at" write | ||
+ | by * auth | ||
+ | access to * | ||
+ | by dn="cn=sambaadmin,dc=d4e,dc=at" write | ||
+ | by * read | ||
+ | # Indices to maintain | ||
+ | index objectClass eq | ||
+ | index cn pres,sub,eq | ||
+ | index sn pres,sub,eq | ||
+ | index uid pres,sub,eq | ||
+ | index displayName pres,sub,eq | ||
+ | index uidNumber eq | ||
+ | index gidNumber eq | ||
+ | index memberUID eq | ||
+ | index sambaSID eq | ||
+ | index sambaPrimaryGroupSID eq | ||
+ | index sambaDomainName eq | ||
+ | index default sub | ||
+ | </file> | ||
+ | |||
+ | > /etc/openldap/ldap.conf: | ||
+ | <file> | ||
+ | #/etc/ldap.conf | ||
+ | # LDAP Master | ||
+ | host localhost | ||
+ | base dc=d4e,dc=at | ||
+ | binddn cn=Manager,dc=d4e,dc=at | ||
+ | bindpw {SSHA}9GOPn+cirSJwVwtXEzcmWO/zrjBodQhX | ||
+ | bind_policy soft | ||
+ | pam_password exop | ||
+ | nss_base_passwd ou=People,ou=Users,dc=d4e,dc=at?one | ||
+ | nss_base_shadow ou=People,ou=Users,dc=d4e,dc=at?one | ||
+ | nss_base_passwd ou=Computers,ou=Users,dc=d4e,dc=at?one | ||
+ | nss_base_shadow ou=Computers,ou=Users,dc=d4e,dc=at?one | ||
+ | nss_base_group ou=Groups,dc=d4e,dc=at?one | ||
+ | ssl no | ||
+ | </file> |