Benutzer-Werkzeuge

Webseiten-Werkzeuge


2009_samba_config

openSUSE 11 Installation unter VMware

Für Installation: NAT-Netzwerk, 512 MB Ram
Textbasiert, minimaler Server
4GB HDD: 500MB swap, Rest ext3 /
Systemstart: grup vom MBR, vga=788, umbenannt in server4eduction
Passwort: open23
Software: 
  + mc, openldap2 openldap2-client, nss_ldap, pam_ldap, perl-ldap, perl-ldap-ssl, samba
  - Novell appamor
Installation läuft...
Nach erstem Start: Beendet und Backup des VMware Image erstellt (~1,20GB)
# hostname s4e
# domainname d4e.at
# vi /etc/hosts (Zeile ändern mit 127.0.0.1 s4e localhost localhost.d4e.at
# yast repositories (CD/DVD Eintrag löschen)
# wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Jcode-2.07-1.1.i586.rpm
# wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-Map-0.112-1.1.i586.rpm
# wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-Map8-0.12-221.1.i586.rpm
# wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/i586/perl-Unicode-String-2.09-12.1.i586.rpm
# wget http://download.opensuse.org/repositories/home:/octo47:/smbldap-tools/openSUSE_11.0/noarch/perl-Unicode-MapUTF8-1.11-5.1.noarch.rpm
# wget http://download.opensuse.org/repositories/home:/octo47:/samba30/openSUSE_11.0/noarch/smbldap-tools-0.9.5-2.1.noarch.rpm
# cd /etc/samba/
# mv smb.conf smb.conf.OLD
Datei: /etc/samba/smb.conf:
# # Primary Domain Controller smb.conf
# # Global parameters
[global]
unix charset = LOCALE
workgroup = D4E.AT
netbios name = s4e
passdb backend =ldapsam:"ldap://localhost"
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = logon.bat
logon path = \\s4e\profiles\%u
logon drive = N:
domain logons = Yes
domain master = Yes
wins support = Yes
# peformance optimization all users stored in ldap
ldapsam:trusted = yes
ldap suffix = dc=d4e,dc=at
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=People,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=sambaadmin,dc=d4e,dc=at
idmap backend = ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = root
printing = cups

[homes]
 comment = Home Directories
 valid users = %S
 browseable = yes
 writable = yes
 create mask = 0600
 directory mask = 0700
[netlogon]
 comment = Network Logon Service
 path = /etc/samba/netlogon
 writeable = yes
 browseable = yes
 read only = no
[profiles]
 path = /etc/samba/profiles
 writeable = yes
 browseable = no
 read only = no
 create mode = 0777
 directory mode = 0777
# mkdir netlogon 
# mkdir profiles
# cd /etc/openldap
# mv slapd.conf slapd.conf.OLD
# mv lapd.conf lapd.conf.OLD
/etc/openldap/slapd.conf:
#slapd.conf Master Openldap2.3
#path: /etc/openldap/slapd.conf
include     /etc/openldap/schema/core.schema
include     /etc/openldap/schema/cosine.schema
include     /etc/openldap/schema/inetorgperson.schema
include     /etc/openldap/schema/nis.schema
include     /etc/openldap/schema/samba3.schema
modulepath /usr/lib/openldap/modules/
# moduleload back_bdb.la
pidfile     /var/run/slapd/slapd.pid
argsfile    /var/run/slapd/slapd.args
# Samba Primary Database d4e.at
database    bdb
suffix      "dc=d4e,dc=at"
directory   /var/lib/ldap
rootdn      "cn=Manager,dc=d4e,dc=at"
rootpw      {SSHA}9GOPn+cirSJwVwtXEzcmWO/zrjBodQhX
index entryCSN eq
index entryUUID eq
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
      by self write
      by dn="cn=sambaadmin,dc=d4e,dc=at" write
      by * auth
access to *
      by dn="cn=sambaadmin,dc=d4e,dc=at" write
      by * read
# Indices to maintain
index objectClass             eq
index cn                      pres,sub,eq
index sn                      pres,sub,eq
index uid                     pres,sub,eq
index displayName             pres,sub,eq
index uidNumber               eq
index gidNumber               eq
index memberUID               eq
index sambaSID                eq
index sambaPrimaryGroupSID    eq
index sambaDomainName         eq
index default                 sub
/etc/openldap/ldap.conf:
#/etc/ldap.conf
# LDAP Master
host    localhost
base    dc=d4e,dc=at
binddn  cn=Manager,dc=d4e,dc=at
bindpw  {SSHA}9GOPn+cirSJwVwtXEzcmWO/zrjBodQhX
bind_policy soft 
pam_password exop
nss_base_passwd ou=People,ou=Users,dc=d4e,dc=at?one
nss_base_shadow ou=People,ou=Users,dc=d4e,dc=at?one
nss_base_passwd ou=Computers,ou=Users,dc=d4e,dc=at?one
nss_base_shadow ou=Computers,ou=Users,dc=d4e,dc=at?one
nss_base_group  ou=Groups,dc=d4e,dc=at?one
ssl     no
2009_samba_config.txt · Zuletzt geändert: 2008/07/17 09:46 (Externe Bearbeitung)