| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
09-23-2009, 02:57 PM
| | Intermediate Member | |
Posts: 24
| |  Help to make a Zimbra + Samba Tutorial for Ubuntu 8.04.3 Server and Zimbra 6.0.1
Hi everbody! 
I would like (with your help) to build a tutorial for a Zimbra + Samba solution around a Ubuntu 8.04.3 Server.
Where we can get some form of automation, better. The goal is to get agility on deployment and reduce the chance of errors.
So, this is the basic scenario:
- domain will be example.com (so anybody can do a simple search/replace for your own domain)
- there will be two servers, one for Zimbra ( zimbra.example.com) and another for Samba ( samba.example.com)
- updated installations of Ubuntu 8.04.3 Server with only SSH enabled in the installation
Let´s start from the assumption that Zimbra 6.0.1 is installed on zimbra.example.com and fully operational; samba.example.com is a fresh instal of Ubuntu 8.04.3 Server with just SSH enabled on it. (01) logged on samba.example.com as user execute the following commands: Code: user@samba:~$ sudo apt-get --yes install samba-doc
user@samba:~$ sudo gunzip /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz
user@samba:~$ sudo cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema . (02) logged on zimbra.example.com as user execute the following commands: Code: user@samba:~$ sudo bash
root@zimbra:~# su - zimbra (03) now as zimbra on zimbra.example.com create the file /tmp/samba-zimbra-01.sh with the following content: Code: #!/bin/bash
clear
ldap stop
cp /opt/zimbra/openldap/etc/openldap/schema/nis.ldif /opt/zimbra/data/ldap/config/cn\=config/cn\=schema/cn\=\{10\}nis.ldif
cd /opt/zimbra/data/ldap/config/cn\=config/cn=\schema
sed -i 's/dn: cn=nis,cn=schema,cn=config/dn: cn={10}nis/' cn\=\{10\}nis.ldif
sed -i 's/cn: nis/cn: {10}nis/' cn\=\{10\}nis.ldif
chmod 600 cn\=\{10\}nis.ldif
ldap start
mkdir -p /tmp/ldap/schema
cd /tmp/ldap
scp user@samba.example.com:/home/user/samba.schema /tmp/ldap/schema
tee test.conf > /dev/null <<- 'EOF'
include /opt/zimbra/openldap/etc/openldap/schema/core.schema
include /opt/zimbra/openldap/etc/openldap/schema/cosine.schema
include /opt/zimbra/openldap/etc/openldap/schema/inetorgperson.schema
include /tmp/ldap/schema/samba.schema
EOF
/opt/zimbra/openldap/sbin/slaptest -f /tmp/ldap/test.conf -F /tmp/ldap
cd cn\=config/cn\=schema
mv cn\=\{3\}samba.ldif cn\=\{11\}samba.ldif
sed -i 's/dn: cn={3}samba/dn: cn={11}samba/' cn\=\{11\}samba.ldif
sed -i 's/cn: {3}samba/cn: {11}samba/' cn\=\{11\}samba.ldif
ldap stop
cp /tmp/ldap/cn\=config/cn\=schema/cn\=\{11\}samba.ldif /opt/zimbra/data/ldap/config/cn\=config/cn\=schema/
ldap start
tee /tmp/indexes.ldif > /dev/null <<- 'EOF'
dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcDbIndex
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: memberUid eq
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaDomainName eq
EOF
ldapmodify -f /tmp/indexes.ldif -x -H ldapi:/// -D cn=config -W
echo
echo Restart Zimbra and proceed to samba-zimbra-02.sh
echo (04) make /tmp/samba-zimbra-01.sh executable and run it Code: zimbra@zimbra:/tmp$ chmod 755 samba-zimbra-01.sh
zimbra@zimbra:/tmp$ ./samba-zimbra-01.sh (05) reboot zimbra.example.com and again as zimbra create the file /tmp/samba-zimbra-02.sh with the following content: Code: #!/bin/bash
clear
tee /tmp/posixusers.ldif > /dev/null <<- 'EOF'
dn: uid=zmposix,cn=appaccts,cn=zimbra
uid: zmposix
objectClass: zimbraAccount
objectClass: organizationalPerson
cn: zmposix
sn: zmposix
zimbraAccountStatus: active
zimbraIsSystemResource: TRUE
zimbraId: 59BC2282-98CC-11DE-9492-C023E3CEB16B
description: The zimbra posix account
userPassword: {SSHA}Vl9fH19ygnIegidjbL2T9uc91BbvDMWW
dn: uid=zmposixroot,cn=appaccts,cn=zimbra
uid: zmposixroot
objectClass: zimbraAccount
objectClass: organizationalPerson
cn: zmposixroot
sn: zmposixroot
zimbraAccountStatus: active
zimbraIsSystemResource: TRUE
zimbraId: 6ED47B38-98CC-11DE-AAC1-9F159BA35B33
description: The zimbra posix root account
userPassword: {SSHA}oeFtJS7eadaY/M3Jn05vK0lUnbDpSlln
EOF
ldapadd -f /tmp/posixusers.ldif -x -H ldapi:/// -D cn=config -W
cat > /tmp/acl.ldif <<- 'EOF'
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by * read
-
add: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by * read
dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {13}to dn.subtree="ou=people,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
EOF
ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W
zmprov mcf +zimbraAccountExtraObjectClass posixAccount
zmprov mcf +zimbraAccountExtraObjectClass sambaSamAccount
echo
echo Restart Zimbra and proceed to Part 2
echo The passwords above, for zmposix and zmposixroot were generated with the command /opt/zimbra/openldap/sbin/slappasswd -s password
For tests purposes I used zmposix and zmposixroot as respectives passwords for each user.
Up to this point, after reboot zimbra.example.com again, we have a Zimbra 6.0.1 installation that has nis and samba schemes inside and is ready to receive zimbra_posixaccount and zimbra_samba extensions. (06) Get the files /opt/zimbra/zimlets-admin-extra/zimbra_posixaccount.zip and /opt/zimbra/zimlets-admin-extra/zimbra_samba.zip from zimbra.example.com to some computer with Firefox installed; in this computer extract the zip files and edit each config_template.xml inside; you must change ldapSuffix to dc=example,dc=com and gidBase, uidBase to 10000; in zimbra_samba.zip ridBase stays at 1000 (don´t know for sure if this value is right); when modifications are done, zip the files again (just the files, without the directory); login to https://zimbra.example.com:7071/zimbraAdmin and go to Admin Extensions; deploy zimbra_posixaccount extension and then deploy zimbra_samba admin extension; reload Zimbra Admin to initialize the extensions. Attention! I lost several hours, redoing the same steps, because Internet Explorer 8 doesn´t show the extensions; this is the reason I indicated to use Firefox... 
Now I will proceed to the samba installation on samba.example.com...
I get several errors late when configuring Samba... 
As soon as I got it working I will post here.
Any contributions are welcome!
Last edited by peracchi; 09-24-2009 at 05:28 AM..
|
09-24-2009, 11:31 AM
| | |
|
09-24-2009, 11:55 AM
| | Intermediate Member | |
Posts: 24
| |
Hi ArcaneMagus!
Yes, I tried more than one time and could not get my lab envinronment up.
I just detected a simple detail (that makes all diference).
Donīt get me wrong, itīs a great work that has been done.
But instead of make little corrections here and there I would like (with help of community) to make a fresh new tutorial, automated where possible, to help any newbie like me to get a Zimbra + Samba envinronment up as quick as possible with minor adjustments. And focused on Ubuntu 8.04.3 LTS Server.
Sorry for my poor english, can I get myself clear? |
09-25-2009, 12:32 PM
| | Intermediate Member | |
Posts: 24
| |  Zimbra Integration with Samba in Ubuntu 8.04.3 LTS Server
Hi everbody!
Almost there... 
In the step: of the tutorials I am following I get the error: Code: New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user root: Insufficient access
unknown
ldapsam_add_sam_account: failed to modify/add user with uid = root (dn = uid=root,ou=people,dc=example,dc=com)
Failed to add entry for user root.
Failed to modify password entry for user root The base tutorials are: UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki
UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - Zimbra :: Wiki
Zimbra Integration With Samba - Ubuntu Based (Similar To AD And Exchange) | HowtoForge - Linux Howtos and Tutorials
I reorganized my tutorial, trying to automate and get speed where possible. Zimbra 6.0.1 Integration with Samba in Ubuntu 8.04.3 LTS Server
============================================
(01) install the Ubuntu 8.04.3 LTS Server for Zimbra - zimbra.example.com
(02) install Zimbra 6.0.1
(03) at zimbra.example.com, as the zimbra user, create and execute the script /tmp/samba-zimbra.sh (content bellow); reboot the server observation: get samba.schema before execute /tmp/samba-zimbra.sh executing as root the following comands Code: apt-get --yes install samba-doc
gunzip /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz /tmp/samba-zimbra.sh Code: #!/bin/bash
clear
# get Zimbra LDAP password
ZIMBRA_LDAP_PASSWORD=`zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3`
# include NIS schema into Zimbra LDAP
ldap stop
cp /opt/zimbra/openldap/etc/openldap/schema/nis.ldif /opt/zimbra/data/ldap/config/cn\=config/cn\=schema/cn\=\{10\}nis.ldif
cd /opt/zimbra/data/ldap/config/cn\=config/cn=\schema
sed -i 's/dn: cn=nis,cn=schema,cn=config/dn: cn={10}nis/' cn\=\{10\}nis.ldif
sed -i 's/cn: nis/cn: {10}nis/' cn\=\{10\}nis.ldif
chmod 600 cn\=\{10\}nis.ldif
ldap start
# include Samba schema into Zimbra LDAP
mkdir -p /tmp/ldap/schema
cd /tmp/ldap
cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema /tmp/ldap/schema
tee test.conf > /dev/null <<- 'EOF'
include /opt/zimbra/openldap/etc/openldap/schema/core.schema
include /opt/zimbra/openldap/etc/openldap/schema/cosine.schema
include /opt/zimbra/openldap/etc/openldap/schema/inetorgperson.schema
include /tmp/ldap/schema/samba.schema
EOF
/opt/zimbra/openldap/sbin/slaptest -f /tmp/ldap/test.conf -F /tmp/ldap
cd cn\=config/cn\=schema
mv cn\=\{3\}samba.ldif cn\=\{11\}samba.ldif
sed -i 's/dn: cn={3}samba/dn: cn={11}samba/' cn\=\{11\}samba.ldif
sed -i 's/cn: {3}samba/cn: {11}samba/' cn\=\{11\}samba.ldif
ldap stop
cp /tmp/ldap/cn\=config/cn\=schema/cn\=\{11\}samba.ldif /opt/zimbra/data/ldap/config/cn\=config/cn\=schema/
ldap start
# add indexes for PAM and Samba
tee /tmp/indexes.ldif > /dev/null <<- 'EOF'
dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcDbIndex
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: memberUid eq
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaDomainName eq
EOF
ldapmodify -f /tmp/indexes.ldif -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD
# create two new users for the local posix and samba processes to use to access the information from the LDAP server
ZMPOSIX_LDAP_PASSWORD=`/opt/zimbra/openldap/sbin/slappasswd -s zmposix`
ZMPOSIXROOT_LDAP_PASSWORD=`/opt/zimbra/openldap/sbin/slappasswd -s zmposixroot`
tee /tmp/posixusers.ldif > /dev/null <<- EOF
dn: uid=zmposix,cn=appaccts,cn=zimbra
uid: zmposix
objectClass: zimbraAccount
objectClass: organizationalPerson
cn: zmposix
sn: zmposix
zimbraAccountStatus: active
zimbraIsSystemResource: TRUE
zimbraId: 59BC2282-98CC-11DE-9492-C023E3CEB16B
description: The zimbra posix account
userPassword: $ZMPOSIX_LDAP_PASSWORD
dn: uid=zmposixroot,cn=appaccts,cn=zimbra
uid: zmposixroot
objectClass: zimbraAccount
objectClass: organizationalPerson
cn: zmposixroot
sn: zmposixroot
zimbraAccountStatus: active
zimbraIsSystemResource: TRUE
zimbraId: 6ED47B38-98CC-11DE-AAC1-9F159BA35B33
description: The zimbra posix root account
userPassword: $ZMPOSIXROOT_LDAP_PASSWORD
EOF
ldapadd -f /tmp/posixusers.ldif -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD
# adjust the LDAP acls so that these new users can read the data necessary from the LDAP server
tee /tmp/acl.ldif > /dev/null <<- 'EOF'
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by * read
-
add: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by * read
dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {13}to dn.subtree="ou=people,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
EOF
ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD
# run the following zmprov commands as user zimbra
zmprov mcf +zimbraAccountExtraObjectClass posixAccount
zmprov mcf +zimbraAccountExtraObjectClass sambaSamAccount
echo
echo Proceed to "Installing zimbra_posixaccount and zimbra_samba extensions for Zimbra Admin"
echo (04) deploy zimbra_posixaccount and zimbra_samba extensions for Zimbra Admin (content of config_template.xml for zimbra_posixaccount.zip and zimbra_samba.zip bellow) config_template.xml for zimbra_posixaccount.zip Code: <zimletConfig name="zimbra_posixaccount" version="4">
<global>
<property name="loginShells">/bin/bash,/bin/sh,/bin/false</property>
<property name="homePath">/home/%u</property>
<property name="gidBase">20000</property>
<property name="uidBase">10000</property>
<property name="ldapSuffix">dc=example,dc=com</property>
<property name="ldapGroupSuffix">ou=groups</property>
</global>
</zimletConfig> config_template.xml for zimbra_samba.zip Code: <zimletConfig name="zimbra_samba" version="6">
<global>
<property name="gidBase">20000</property>
<property name="uidBase">10000</property>
<property name="ridBase">1000</property>
<property name="ldapSuffix">dc=example,dc=com</property>
<property name="ldapGroupSuffix">ou=groups</property>
<property name="ldapMachineSuffix">ou=machines</property>
</global>
</zimletConfig> (05) install the Ubuntu 8.04.3 LTS Server for Samba - samba.example.com
(06) install and configure Samba Code: sudo apt-get --yes install samba smbclient libnss-ldap
(answers to dialogs)
ldap://zimbra.example.com/
dc=example,dc=com
3
Yes
Yes
uid=zmposixroot,cn=appaccts,cn=zimbra
zmposixroot
uid=zmposix,cn=appaccts,cn=zimbra
zmposix
sudo /etc/init.d/samba stop
sudo tee /etc/nsswitch.conf > /dev/null <<- 'EOF'
passwd: files ldap
group: files ldap
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
EOF
sudo tee /etc/samba/smb.conf > /dev/null <<- 'EOF'
[global]
workgroup = EXAMPLE
netbios name = samba
os level = 33
preferred master = yes
enable privileges = yes
server string = %h server (Samba, Ubuntu)
wins support =yes
dns proxy = no
name resolve order = wins bcast hosts
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
ldap passwd sync = yes
passdb backend = ldapsam:ldap://zimbra.example.com/
ldap admin dn = "uid=zmposixroot,cn=appaccts,cn=zimbra"
ldap suffix = dc=example,dc=com
ldap group suffix = ou=groups
ldap user suffix = ou=people
ldap machine suffix = ou=machines
obey pam restrictions = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
domain logons = yes
logon path = \\samba.example.com\%U\profile
logon home = \\samba.example.com\%U
logon script = logon.cmd
add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --quiet --gecos "machine account" --force-badname %u
socket options = TCP_NODELAY
domain master = yes
local master = yes
[homes]
comment = Home Directories
browseable =yes
read only = No
valid users = %S
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = yes
locking = no
[profiles]
comment = Users profiles
path = /var/lib/samba/profiles
read only = No
[profdata]
comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes
[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
EOF
sudo smbpasswd -w zmposixroot
sudo tee /etc/pam.d/common-account > /dev/null <<- 'EOF'
account sufficient pam_unix.so
account sufficient pam_ldap.so
EOF
sudo tee /etc/pam.d/common-auth > /dev/null <<- 'EOF'
auth sufficient pam_ldap.so
auth sufficient pam_unix.so
EOF
sudo tee /etc/pam.d/common-password > /dev/null <<- 'EOF'
password sufficient pam_unix.so
password sufficient pam_ldap.so
EOF
sudo tee /etc/pam.d/common-session > /dev/null <<- 'EOF'
session required pam_mkhomedir.so skel=/etc/skel umask=0077
session sufficient pam_unix.so
session sufficient pam_ldap.so
EOF
sudo /etc/init.d/samba start Then create posix/samba groups in Zimbra Admin, create Zimbra users in Zimbra Admin and confirm the connection of samba.example.com with zimbra.example.com LDAP using "getent group" and "getent passwd" on samba.example.com.
Until here, all fine...
Then the error mentioned in the beggining of the post.   |
09-26-2009, 07:48 AM
| | Intermediate Member | |
Posts: 24
| | 
Hi everbody!
I think that the error could be related to the fact that, by default, user root canīt direct login in Ubuntu. Until now, I was doing everything related to user root using sudo.
So I redone everything, but just after install Ubuntu I have done: Again, at I get the error Code: root@samba:~# smbpasswd -a root
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user root: Insufficient access
unknown
ldapsam_add_sam_account: failed to modify/add user with uid = root (dn = uid=root,ou=people,dc=centermastersul,dc=com,dc=br)
Failed to add entry for user root.
Failed to modify password entry for user root
root@samba:~# Before follow the instructions, in Zimbra LDAP uid=root,ou=people,dc=example,dc=com had the following values: Code: zimbraId: d9cefdae-faf3-4ef1-8c80-a580b059de4b
uid: root
zimbraAliasTargetId: 10f53e81-fbb8-44d7-9565-d3b1856b7b56
zimbraCreateTimestamp: 25/9/2009 20:50:31
objectClass: zimbraAlias After, the values are: Code: uid: root
sambaSID: S-1-5-21-3672448431-1616787927-2682189938-1000
displayName: root
sambaNTPassword: 329153F560EB329C0E1DEEA55E88A1E9
sambaPasswordHistory: 0000000000000000000000000000000000000000000000000000000000000000
sambaPwdLastSet: 1253969764
sambaAcctFlags: [U ]
objectClass: sambaSamAccount
objectClass: account So, besides the error, user root is included into Zimbra LDAP...
Then, Quote: |
Next, create Domain Admins group using Zimbra Admin UI, on Samba tab select Special Windows group type Domain Admins.
| and Quote:
Then you need to grant privileges to this group. Run the following command as root on your Samba server.
net rpc rights grant "EXAMPLE\Domain Admins" SeAddUsersPrivilege SeMachineAccountPrivilege SePrintOperatorPrivilege
Code: root@samba:~# net rpc rights grant "EXAMPLE\Domain Admins" SeAddUsersPrivilege SeMachineAccountPrivilege SePrintOperatorPrivilege
Password:
Successfully granted rights. | I have created a user toaddmachines in Zimbra and put him into Domain Admins group.
In Zimbra LDAP: Code: sambaDomainName: EXAMPLE
displayName: To A. Machines
givenName: To
zimbraPrefLocale: en_US
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
objectClass: posixAccount
objectClass: sambaSamAccount
zimbraPrefTimeZoneId: America/Sao_Paulo
zimbraId: f267b258-fff6-420f-be40-3c25f9b5b68e
zimbraMailStatus: enabled
zimbraMailDeliveryAddress: toaddmachines@example.com
uid: toaddmachines
mail: toaddmachines@example.com
uidNumber: 10004
zimbraAccountStatus: active
cn: To A. Machines
initials: A
zimbraMailTransport: lmtp:zimbra.example.com:7025
loginShell: /bin/bash
zimbraMailHost: zimbra.example.com
gidNumber: 20002
zimbraPasswordModifiedTime: 26/9/2009 13:10:37
sambaSID: S-1-5-21-3672448431-1616787927-2682189938-21008
homeDirectory: /home/toaddmachines
sn: Machines
zimbraCreateTimestamp: 26/9/2009 13:10:37
sambaNTPassword: b5f896430ef9d7c7a8894b30fce8487a
userPassword: {SSHA}PyStxG5X7384aqZJhf953sXY5rJh+Jwz and Code: gidNumber: 20004
sambaSID: S-1-5-21-3672448431-1616787927-2682189938-512
sambaGroupType: 2
displayName: Domain Admins
description: Domain Admins
cn: Domain Admins
memberUid: 10004
objectClass: posixGroup
objectClass: sambaGroupMapping But when I try to add a Windows XP machine to domain I get an error on Windows XP saying that "The user password must be changed before first login" (or something like that).
I logged toaddmachines in Zimbra, go to "Preferences" and clicked on "Change Password".
When I tried to add the Windows XP again I get now the error "Login failed: user unknow or incorrect password".
On samba.example.com I get: Code: root@samba:~# smbclient -U toaddmachines //samba.example.com/toaddmachines
Password:
session setup failed: NT_STATUS_LOGON_FAILURE and Code: root@samba:~# smbclient -U toaddmachines //samba.example.com/toaddmachines
Password:
session setup failed: NT_STATUS_PASSWORD_MUST_CHANGE I get the NT_STATUS_LOGON_FAILURE when I use the actual password and NT_STATUS_PASSWORD_MUST_CHANGE when I use the previous password...
Any ideas?
I could not add the Windows XP machine to the domain... |
09-26-2009, 09:21 PM
| | Intermediate Member | |
Posts: 24
| | Need help here...
I repeat everything, now using Ubuntu 8.04.3 LTS Server 32-bit.
Still canīt make Zimbra and Samba work together.
I read the base tutorials and howtos several times.
Someone here had sucess making Zimbra 6.0.1 and Samba work together using Ubuntu 8.04.3 LTS Server? |
09-27-2009, 07:19 PM
| | Intermediate Member | |
Posts: 24
| |
Anyone achieve sucess with Zimbra 6.0.1 and Ubuntu 8.04.3 LTS Server?
As I want to use Zimbra 6.0.1 I will try with another distro... |
09-28-2009, 05:58 AM
| | |
I have succesfully setup 6.0.1 + samba on Ubuntu 8.04.3 LTS by using the guide from Zimbra (with some modifications though). At which step are you stuck? |
09-28-2009, 06:23 AM
| | |
Quote:
Originally Posted by peracchi  | How did the create the user "toaddmachines", by command line?
Edit:
When you change the password for the user inside the zimbra webmail it does not change the password for the samba account. | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
