Previous Tutorial :
- Tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Part 1, Installing Base System & Configuring Samba
- Tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Part 2, Configuring OpenLDAP
- Tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Part 3, Configuring smbldap-tools & LDAP Account Manager
- Tutorial : Samba PDC + OpenLDAP on openSUSE 11.1 – Part 4, Configuring Dynamic DHCP & DNS Server
- Check Samba configuration with the following command:
[code language=’cpp’]
testparm
[/code]
It should be display the following response :Load smb config files from /etc/samba/smb.conf
Processing section “[homes]”
Processing section “[printers]”
Processing section “[netlogon]”
Processing section “[profiles]”
Processing section “[share]”
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitionsIf you find any error message, try to look at the Samba configuration as we have setup on first tutorial.
- Give the proper permission for user profile folder. Adjust the folder to be match with your Samba profiles (see /etc/samba/smb.conf on profiles folder share) :
[code language=’cpp’]
chmod 1777 /data/samba/profiles
[/code] - Test whether Samba has been setup successfully or no.
[code language=’cpp’]
smbclient -L localhost -N
[/code]
Just press ENTER if Samba asking for user name and password. You should have the following response (the result may vary , depends on your Samba and your network configuration) :added interface ip=192.168.1.254 bcast=192.168.1.255 nmask=255.255.255.0
Anonymous login successful
Domain=[VAVAI.NET] OS=[Unix] Server=[Samba 3.0.12-5-SUSE]
Sharename Type Comment
——— —- ——-
profiles Disk Roaming Profiles
share Disk share
IPC$ IPC IPC Service (Samba 3.0.12-5-SUSE)
ADMIN$ IPC IPC Service (Samba 3.0.12-5-SUSE)
Anonymous login successful
Domain=[VAVAI.NET] OS=[Unix] Server=[Samba 3.0.12-5-SUSE]
Server Comment
——— ——-
SERVER Samba 3.0.12-5-SUSE
Workgroup Master
——— ——-
VAVAI.NET SERVERIf you find the following error :
Error connecting to 127.0.0.1 (Connection refused)
Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)Change the ”/etc/hosts” as follows:
[code language=’cpp’]
# IP-Address Full-Qualified-Hostname Short-Hostname
#
127.0.0.1 localhost server.vavai.net
127.0.0.2 server.vavai.net server
192.168.1.254 server.vavai.net server vavai.net
[/code]
Reboot your computer and then try “smbclient -L localhost -N” again.
SETUP OPENLDAP
- Edit ”/etc/nsswitch.conf” and change or add the following code :
[code language=’cpp’]
passwd: files ldap
group: files ldap
[/code] - Check account and LDAP data. You must see minimum 2 account : Admin and nobody:
[code language=’cpp’]
getent passwd
[/code]
Response:
+::0:0:::
Admin:x:998:512:Netbios Domain Administrator:/home/Admin:/bin/false
nobody:x:999:514:nobody:/dev/null:/bin/false
- If you find the above respon, continue with setting up PAM
[code language=’cpp’]
pam-config -a –mkhomedir –mkhomedir-skel=/etc/skel –mkhomedir-umask=0022
[/code] - Edit ”/etc/pam.d/common-session” and change the following line:
[code language=’cpp’]
session optional pam_mkhomedir.so umask=0022 skel=/etc/skel
[/code]
to:
[code language=’cpp’]
session required pam_mkhomedir.so umask=0022 skel=/etc/skel
[/code] - Run all service and configure them to be activated on boot
[code language=’cpp’]
service named restart
service dhcpd restart
service ldap restart
service smb restart
service nmb restart
service mysql restart
service apache2 restart
chkconfig named on
chkconfig dhcpd on
chkconfig smb on
chkconfig nmb on
chkconfig ldap on
chkconfig mysql on
chkconfig apache2 on
[/code]
CLIENT SETUP
[code language=’cpp’]
smbldap-useradd -a -m username
smbldap-passwd username
[/code]Note: Computer name should be added automatically on join domain but if account have not added automatically, do the following command to add computer account :
[code language=’cpp’]
smbldap-useradd -w computername$
[/code]
- Open regedit, START | RUN | REGEDIT
- FInd regedit entry HKLM (HKEY_LOCAL MACHINE) – SYSTEM – CurrentControlSet – Service – Netlogon – Parameters
- Click on right windows and choose New – DWORD value, with variable name : requiresignorseal, value : 0
- If you found an existing entry and it’s value is 1, change the value with 0
- Close regedit
- Right click on ”’My Computer”’, choose ”’Properties”’
- Choose ”’Computer Name”’ tab
- Click ”’Change”’
- Set Domain & computer name
- Use root with root password if Windows ask for Administrator privilege
Next Tutorial : Tutorial Samba PDC + OpenLDAP on openSUSE Part 6, Problem Solving
I have the nobody account but I do not see the “admin” account when running the following:
Response:
+::0:0:::
Admin:x:998:512:Netbios Domain Administrator:/home/Admin:/bin/false
nobody:x:999:514:nobody:/dev/null:/bin/false
I have the nobody account but I do not see the “admin” account when running the following:
Response:
+::0:0:::
Admin:x:998:512:Netbios Domain Administrator:/home/Admin:/bin/false
nobody:x:999:514:nobody:/dev/null:/bin/false
When running testparm, I received the following message about printer admin being deprecated:
Load smb config files from /etc/samba/smb.conf
WARNING: The “printer admin” option is deprecated
Processing section “[homes]”
Processing section “[sysvol]”
Processing section “[netlogon]”
Processing section “[profiles]”
Processing section “[Documents]”
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions