# Readme for gamba-ldap.0.0.1
# Copyleft 2005 Maurizio Omissoni, ome GmbH Zürich
# Under GPL vers. 2 licence (see www.gnu.org)
This realize a samba PDC, LDAP controlled with a minimum of effort.
It is tested for SuSE 9.X but feel free to test it on other distributions
as well (see later the differences). In the moment, security is not been
considered very much.
Features:
-creates samba 3 pdc controlled by ldap
-creates administrator, demo and probe users (you decide the passwords)
-creates home,public and apps shares automaticcally
-creates logon scripts for administrator, demo and probe that maps
the shared and home directories
-creates default profile for administrator, demo and probe (change it to your flavour)
-installs jxplorer, LAM and webmin for easy administration
-activates dnsmasq, dhcpd, nfs, ldap and samba at boottime
PASSWORDS: (change $ADMINPW, $USERPW and $LDAPMan in gamba-ldap.0.0.X)
APPL. userID PASSWORD
________________________________________
unix root rootpw (you decided while linux installation)
samba administrator $ADMINPW
LDAP $LDAPMan $ADMINPW
LAM $LDAPMan $ADMINPW
webmin root rootpw (you decided while linux installation)
jxplorer $LDAPMan $ADMINPW
demo $USERPW
probe $USERPW
________________________________________
Procceed like this:
#####################################################################################
1) install SuSE 9.X with the selection file user9X.sel, so all the
necessary software is installed. user9X.sel is downloadeble at
the gamba site in sourceforge.
Other distribution (not testet yet!!) without the selection-file
system should install nss_ldap, pam_ldap, php4_ldap,java jre,
openldap 2.x.x, samba 3, dhcpd, apache with php4/5, phplib, openssl
AND have different /etc/pam.d files (don't know yet, sorry)
#####################################################################################
2) get root and execute
mkdir /root/gamba-ldap
#####################################################################################
3) extract the tarball with
tar xzvf gamba-ldap.0.0.X.tgz -C /root/gamba-ldap
#####################################################################################
4) make an online update with yast (YOU)
#####################################################################################
5) adapt the first 30 lines of gamba-ldap script to your flavour
#####################################################################################
6) go to /root/gamba-ldap and start gamba-ldap with
./gamba-ldap.0.0.X
if you changed ip-number and/or hostname, yast will start.
ignore eventual error messages, it should work anyway .
it lasts some minutes as it installs webmin and creates many things
#####################################################################################
7) rebooting the server is a good idea
#####################################################################################
8) test the server with the following commands in the bash (# is the prompt):
TEST 1
# getent passwd
result: the list of users (administrator, demo and probe must be included)
TEST 2
# id administrator
result:
uid=0(root) gid=512(Domain Admins) groups=0(root)
TEST 3
# pdbedit -Lv demo
result (more or less..):
Unix username: probe
NT username: probe
Account Flags: [U ]
User SID: S-1-5-21-1168738068-138058009-3288471035-3004
Primary Group SID: S-1-5-21-1168738068-138058009-3288471035-513
Full Name: System User
Home Directory: \\cop92\homes
HomeDir Drive: M:
Logon Script: probe.bat
Profile Path: \\cop92\profiles\probe
Domain: QUI.LA
Account desc: System User
Workstations:
Munged dial:
Logon time: 0
Logoff time: Fri, 13 Dec 1901 21:45:51 GMT
Kickoff time: Fri, 13 Dec 1901 21:45:51 GMT
Password last set: Wed, 19 Jan 2005 13:42:36 GMT
Password can change: Wed, 19 Jan 2005 13:42:36 GMT
Password must change: Fri, 13 Dec 1901 21:45:51 GMT
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
TEST 4 (if password is admin else change this)
# net rpc join -U Administrator%admin
result:
Joined domain QUI.LA (or the domain you decided)
TEST 5 (use your netbios-name, my one is cop92)
# smbclient -L cop92 -U%
result (with your parameters) :
Domain=[QUI.LA] OS=[Unix] Server=[Samba 3.0.9-2.1-SUSE]
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
public Disk
apps Disk
IPC$ IPC IPC Service ("Samba 3.0.9-2.1-SUSE & LDAP on SuSE 9.X, Hostname: cop92")
ADMIN$ IPC IPC Service ("Samba 3.0.9-2.1-SUSE & LDAP on SuSE 9.X, Hostname: cop92")
Domain=[QUI.LA] OS=[Unix] Server=[Samba 3.0.9-2.1-SUSE]
Server Comment
--------- -------
COP92 Samba 3.0.9-2.1-SUSE & LDAP on SuSE 9.X, Hostnam
Workgroup Master
--------- -------
QUI.LA COP92
TEST 6 (use your password for users and your netbios-name)
# smbclient //cop92/probe -U probe%user
result:
Domain=[QUI.LA] OS=[Unix] Server=[Samba 3.0.9-2.1-SUSE]
smb: \>
quit with 'quit'
So, if these tests passed well, you are ready to bind the machines
#####################################################################################
9) Bind the Windows 9X/2000/XP hosts to the domain and try it with the
users: administrator, demo and probe
#####################################################################################
10) Administration with browser and webmin:
https://<ip-number>:10000
Administration with browser and LAM:
http://<ip-number>/lam
Administration with jxplorer (install java first)
windows: jxplorer.bat
unix: jxplorer.sh
voila, you have a working samba pdc with ldap.
admin with lam, jxplorer (needs java) and webmin.
Java 4 Windows is in the apps share.
in the /root/gamba-ldap directory you find also 3 scripts: smbstart,
smbrestart and smbstop to use in SuSE cause there is required to
use both smbd and nmbd, so this is a little more confortable way.
Have a lot of fun
Maurizio Omissoni
Download Latest Version
gamba.0.0.9.tar.gz (24.3 kB)
