PDC Samba LDAP CentOS 6.2


References:
http://www.server-world.info/en/note?os=CentOS_6&p=ldap&f=1
http://www.server-world.info/en/note?os=CentOS_6&p=ldap&f=2
http://www.server-world.info/en/note?os=CentOS_6&p=samba&f=4

Very good tutorials on references link above, im just practice them..

Skenario:

IP Address Server: 192.168.10.6

I. Install OpenLDAP
# yum -y install openldap-servers openldap-clients
# vi /etc/sysconfig/ldap
Line 12: uncomment and change

 
# vi /etc/openldap/slapd.conf
Create new

 
# rm -rf /etc/openldap/slapd.d/*
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d

 

# vi /etc/openldap/slapd.d/cn=config/olcDatabase\={0}config.ldif
Line 4: change:

 
# vi /etc/openldap/slapd.d/cn=config/olcDatabase\={1}monitor.ldif
Create new:

 
# chown -R ldap. /etc/openldap/slapd.d
# chmod -R 700 /etc/openldap/slapd.d
# service slapd start
# chkconfig slapd on
 
 
II. Initial Configuration
# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/core.ldif

 
# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif

 
# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif

 
# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif

 
# slappasswd

 
# mkdir /tmp/setldap ; cd /tmp/setldap
# vi backend.ldif
Create new:

 
# ldapadd -Y EXTERNAL -H ldapi:/// -f backend.ldif

 
# vi frontend.ldif
Create new:

 
# ldapadd -x -D cn=Manager,dc=tahubachem,dc=local -W -f frontend.ldif

 
III. Add Existing local Users to LDAP Directory
# vi ldapuser.sh

 
# sh ldapuser.sh
# ldapadd -x -D cn=Manager,dc=tahubachem,dc=local -W -f ldapuser.ldif
Enter LDAP Password:

 
IV. Add existing local groups to LDAP directory.
# vi ldapgroup.sh

 
# sh ldapgroup.sh
# ldapadd -x -D cn=Manager,dc=tahubachem,dc=local -W -f ldapgroup.ldif
Enter LDAP Password:

 
 
V. Configuration for LDAP client
# yum -y install openldap-clients nss-pam-ldapd
# vi /etc/openldap/ldap.conf

 
# vi /etc/nslcd.conf
Line 131: specify URI, Suffix

 
# vi /etc/pam_ldap.conf
Line 17: make it comment

 
Line 20: specify Suffix

 
Add at the last line

 
# vi /etc/pam.d/system-auth
add highlight parameter line 8,14,19,26,28

 
# vi /etc/nsswitch.conf
Line 33: add:

 
Line 57: change:

 
Line 61: change:

 
# vi /etc/sysconfig/authconfig
Line 18: change:

 
# chkconfig nslcd on
# shutdown -r now

 
VI. Change OpenLDAP settings
# mkdir /tmp/setsamba
# cd /tmp/setsamba

-Install samba from centos default repo, check the samba version then do wget
# yum -y install samba
# wget http://mirror.centos.org/centos/6.3/os/x86_64/Packages/samba-3.5.10-125.el6.x86_64.rpm
# rpm2cpio samba-3.5.10-125.el6.x86_64.rpm | cpio -id
# cp ./etc/openldap/schema/samba.schema /etc/openldap/schema/
# vi schema_convert.conf
Create new:

 
# mkdir /tmp/setsamba/ldif_output
# slapcat -f schema_convert.conf -F /tmp/setsamba/ldif_output -n0 -s "cn={12}samba,cn=schema,cn=config" > ./cn=samba.ldif
# vi cn=samba.ldif
Line 1,3: change ( remove “{12}” )

 
Remove these lines below ( placed at the bottom )

 
# ldapadd -Y EXTERNAL -H ldapi:/// -f cn=samba.ldif

 
# vi samba_indexes.ldif
Create new

 
# ldapmodify -Y EXTERNAL -H ldapi:/// -f samba_indexes.ldif

 
# service slapd restart

 
VII. Change Samba settings. This Samba PDC server need to be a LDAP Client.
# yum --enablerepo=epel -y install smbldap-tools
# mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
# cp /usr/share/doc/smbldap-tools-*/smb.conf /etc/samba/smb.conf
# vi /etc/samba/smb.conf

 
# mkdir /datasamba
# mkdir /datasamba/public
# mkdir /datasamba/private
# mkdir /home/netlogon
# service smb restart
# service nmb restart
# chkconfig smb on
# chkconfig nmb on
# smbpasswd -W

 
# perl /usr/share/doc/smbldap-tools-*/configure.pl

 
# smbldap-populate