Samba Primary Domain Controller with LDAP ( Thay the Active Directory )

Normal 0 false false false EN-US X-NONE X-NONE

Samba PDC with LDAP

Edit  /etc/hosts

[root@server ~]# vi /etc/hosts

192.168.1.1 server server.abc.com

Install those following packages below.

[root@server ~]# yum install samba samba-client openldap openldap-clients open-ldap-servers nss_ldap perl-LDAP

perl-Crypt-SmbHash-0.12-1.2.el5.rf.noarch.rpm
perl-Digest-SHA1-2.11-1.2.1.i386.rpm
perl-Jcode-2.06-1.el5.rf.i386.rpm
perl-LDAP-0.33-3.fc6.noarch.rpm
perl-Unicode-Map-0.112-1.el5.rf.i386.rpm
perl-Unicode-Map8-0.12-1.el5.rf.i386.rpm
perl-Unicode-MapUTF8-1.11-1.2.el5.rf.noarch.rpm
perl-Unicode-String-2.09-1.2.el5.rf.i386.rpm
phpldapadmin-1.1.0.7.tar.gz
smbldap-tools-0.9.5-1.noarch.rpm

[root@server smbldap]# rpm -ivh perl-Crypt-SmbHash-0.12-1.2.el5.rf.noarch.rpm
warning: perl-Crypt-SmbHash-0.12-1.2.el5.rf.noarch.rpm: Header V3 DSA signature:
NOKEY key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Crypt-SmbHash ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Digest-SHA1-2.11-1.2.1.i386.rpm
Preparing... ########################################### [100%]
1:perl-Digest-SHA1 ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Jcode-2.06-1.el5.rf.i386.rpm
warning: perl-Jcode-2.06-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY key
ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Jcode ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Unicode-Map-0.112-1.el5.rf.i386.rpm
warning: perl-Unicode-Map-0.112-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKE
Y key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Unicode-Map ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Unicode-String-2.09-1.2.el5.rf.i386.rpm
warning: perl-Unicode-String-2.09-1.2.el5.rf.i386.rpm: Header V3 DSA signature:
NOKEY key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Unicode-String ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Unicode-Map8-0.12-1.el5.rf.i386.rpm
warning: perl-Unicode-Map8-0.12-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKE
Y key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Unicode-Map8 ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh perl-Unicode-MapUTF8-1.11-1.2.el5.rf.noarch.rpm
warning: perl-Unicode-MapUTF8-1.11-1.2.el5.rf.noarch.rpm: Header V3 DSA signatur
e: NOKEY key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Unicode-MapUTF8 ########################################### [100%]
[root@server smbldap]#

[root@server smbldap]# rpm -ivh smbldap-tools-0.9.5-1.noarch.rpm
warning: smbldap-tools-0.9.5-1.noarch.rpm: Header V3 DSA signature: NOKEY key I
D 75fe0a51
Preparing... ########################################### [100%]
1:smbldap-tools ########################################### [100%]
[root@server smbldap]#

Edit slap.conf

[root@server ~]#slappasswd

[root@server ~]# vi /etc/openldap/slapd.conf

Add this line at the end of schema category.

include /etc/openldap/schema/samba.schema

database bdb
suffix "dc=abc dc=com"
rootdn "cn=root dc=abc dc=com"
rootpw {SSHA}ernicO/fWeCi5g2GFqaB/JGqZXj7Hmj3

Get the SID and copy it.

[root@server ~]# net getlocalsid
SID for domain SERVER is: S-1-5-21-1082253588-3757474382-3995049807
[root@server ~]#

Edit smbldap.conf

[root@server ~]# vi /etc/smbldap-tools/smbldap.conf

SID="S-1-5-21-1082253588-3757474382-3995049807″

sambaDomain="ABC"

#slaveLDAP="ldap.iallanis.info" #### Comment this line
#slavePort="389″ #### Comment this line too.

masterLDAP="server.abc.com"
masterPort="389″

ldapTLS="0″ # Switch this line from 1 to 0

suffix="dc=abc dc=com"

userSmbHome="\SERVER\%U"

userProfile="\SERVERprofiles\%U"

mailDomain="abc.com"

Edit smbldap_bind.conf and this file has to be looked like this.

[root@server ~]# vi /etc/smbldap-tools/smbldap_bind.conf

#slaveDN="cn=Manager dc=iallanis dc=info"
#slavePw="secret"
masterDN="cn=root dc=abc dc=com"
masterPw="root123″ #### That s the same of rootpw entry into slap.conf

[root@server ~]# cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
[root@server ~]# chown ldap.ldap /var/lib/ldap/

[root@server ~]# cp /usr/share/doc/samba-3.0.33/LDAP/samba.schema /etc/openldap/
schema/

[root@server ~]# chmod 600 /etc/smbldap-tools/smbldap_bind.conf

[root@server ~]# service ldap start
Checking configuration files for slapd: config file testing succeeded
[ OK ]
Starting slapd: [ OK ]
[root@server ~]#

[root@server ~]# chkconfig ldap on

[root@server openldap]# vi base.ldif

dn: dc=abc dc=com
objectclass: dcObject
objectclass: organization
dc: abc
o: PDC

dn: cn=root dc=abc dc=com
objectclass: organizationalRole
cn: root

Apply this configuration so-creating these rules above through this following commnand.

[root@server openldap]# ldapadd -x -W -D ‘cn=root dc=abc dc=com -f base.ldif
Enter LDAP Password:
adding new entry "dc=abc dc=com"

adding new entry "cn=root dc=abc dc=com"

[root@server openldap]#

The next step is very interesting. You either copy a smb.conf template and modify and you want or create a new from scratch.

[root@server ~]# cp /usr/share/doc/smbldap-tools-0.9.5/smb.conf /etc/samba/smb.conf

or

[root@server ~]# cd /etc/samba/
[root@server samba]# mv smb.conf smb.conf.OLD
[root@server samba]# vi smb.conf

[global]
workgroup = ABC
netbios name = SERVER
security=user
domain master = yes
domain logons = yes
ldap suffix = dc=abc dc=com
ldap admin dn = cn=root dc=abc dc=com
passdb backend = ldapsam:ldap://server.abc.com/
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Machines
passwd program = /usr/sbin/smbldap-useradd %u
unix password sync = yes
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g ‘%g ‘%u

[netlogon]
path=/home/samba/netlogon
read only=yes
browseable=no

[profiles]
path=/home/samba/profiles
read only=no
writeable=yes
guest ok=yes
create mask = 0600
create directory = 0700

[homes]
browseable=no
writeable=yes
guest ok=no

[root@server samba]# smbpasswd -W root123
Setting stored password for "cn=root dc=abc dc=com" in secrets.tdb
New SMB password:
Retype new SMB password:
[root@server samba]#

Creating the directories for profiles and netlogon.

[root@server samba]# mkdir /home/samba/{profiles netlogon} -p

Launch smbldap-populate

[root@server samba]# smbldap-populate
Populating LDAP directory for domain ABC (S-1-5-21-1082253588-3757474382-399
5049807)
(using builtin directory structure)

entry dc=abc dc=com already exist.
adding new entry: ou=Users dc=abc dc=com
adding new entry: ou=Groups dc=abc dc=com
adding new entry: ou=Computers dc=abc dc=com
adding new entry: ou=Idmap dc=abc dc=com
adding new entry: uid=root ou=Users dc=abc dc=com
adding new entry: uid=nobody ou=Users dc=abc dc=com
adding new entry: cn=Domain Admins ou=Groups dc=abc dc=com
adding new entry: cn=Domain Users ou=Groups dc=abc dc=com
adding new entry: cn=Domain Guests ou=Groups dc=abc dc=com
adding new entry: cn=Domain Computers ou=Groups dc=abc dc=com
adding new entry: cn=Administrators ou=Groups dc=abc dc=com
adding new entry: cn=Account Operators ou=Groups dc=abc dc=com
adding new entry: cn=Print Operators ou=Groups dc=abc dc=com
adding new entry: cn=Backup Operators ou=Groups dc=abc dc=com
adding new entry: cn=Replicators ou=Groups dc=abc dc=com
adding new entry: sambaDomainName=ABC dc=abc dc=com

Please provide a password for the domain root:
Changing UNIX and samba passwords for root
New password:
Retype new password:
[root@server samba]#

[root@server samba]# net groupmap list
Domain Admins (S-1-5-21-1082253588-3757474382-3995049807-512) -> 512
Domain Users (S-1-5-21-1082253588-3757474382-3995049807-513) -> 513
Domain Guests (S-1-5-21-1082253588-3757474382-3995049807-514) -> 514
Domain Computers (S-1-5-21-1082253588-3757474382-3995049807-515) -> 515
Administrators (S-1-5-32-544) -> 544
Account Operators (S-1-5-32-548) -> 548
Print Operators (S-1-5-32-550) -> 550
Backup Operators (S-1-5-32-551) -> 551
Replicators (S-1-5-32-552) -> 552
[root@server samba]#

Start smb service and make sure if it will be startedup on the boot.
[root@server samba]# service smb start

[root@server samba]# chkconfig smb on

Configuring /etc/ldap.conf and /etc/openldap/ldap.conf or you can get it running:

[root@server samba]# authconfig -enableldap -enableldapauth -ldapserver=server.abc.com -ldapbasedn=dc=abc dc=com -update

Add a user into the system

[root@server samba]# smbldap-useradd -a -m test -G "Domain Users"

[root@server samba]# smbldap-passwd test
Changing UNIX and samba passwords for test
New password:
Retype new password:

Now configure your windows into the Domain

 

 

 

 

Virus

Removal

I must say that this one was really a high quality article. Everything I read made complete sense and that is simply great.

Kelsey Johnson

sdgf@gmail.com

Way cool! Some extremely valid points! I appreciate you writing this write-up plus the rest of the site is also very good .
Looking for Best Dental clinic in Jaipur? Ekdantam Dental clinic is the best for it.
 

driversin

driversin

once of best infromative site thank you for sharing www.driversin.com

Programming Assignment Help

Programming Assignment Help

Looking  for someone write my programming ssignment  here are Expert assignment helpers  are well efficient and  capable of creating unique assignments for college or university students with Programming Assignment Help.

Information on Shrug Ransomware

amazing post

Dear Author,
Your website content is so clear & uses of images very nicely which attracts user attention. Thanks for sharing an amazing post. 

Best assignment help

Best assignment help

Students Assignment Help caters its best assignment help for the understudies. We have 3000+ very qualified scholarly essayists. Our task authors display exposition composing administrations for understudies with the best quality. They guarantee convenient conveyance of the assignments.

Online assignments for students

Online assignments for students

Students Assignment Help is the best writing service provider brand which helps students to accomplish Online assignments for students easily. We have 3000+ assignment writers from top colleges and universities around the world. Hire our professional writers by mailing us at info@studentsassignmenthelp.com

Assignment Provider Help AUS

Assignment Provider Help AUS

Good Posting...!!! I apprecited your writer effort very outstanding article write i love your writing style .

Assignment Provider Help Australia

Assignment Provider Help Australia

Many Many thanks your is good working your article sloved my all problems i really thanks ful your work

MBA Marketing Assignment Help

MBA Marketing Assignment Help

Most attractive article post i need it these information good job done

Database error

ERROR From DB mySQL

DB Error: Database query failed!
» Error No: 1062
» Error detail: Duplicate entry '11700399' for key 'PRIMARY'
» Query: INSERT INTO bd_estore_online_users (id,store_id,sid,uid,username,usertype,ip,last_updated,last_page) VALUES (NULL,'9412','kst3h5jnp7dds9tblf7ph39bu2','0','Guest','0','54.162.15.31','2018-09-21 04:02:36','/a234897/samba-primary-domain-controller-with-ldap-thay-the-active-directory.html')