Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: smbldap-tools

  1. #1
    cdenley is offline Active Member
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    6

    Default smbldap-tools

    How do I configure smbldap-tools to work with zimbra's LDAP?
    Code:
    cdenley@zimbra:~$ /usr/sbin/smbldap-useradd -w "mycomp$"
    Could not find base dn, to get next uidNumber at /usr/share/perl5/smbldap_tools.pm line 1073.
    I suspect I have the incorrect value for sambaUnixIdPooldn.

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Welcome to the forums

    What are you attempting to do ? Create a account directly into the ZCS LDAP ? If so why not use the zmprov command to provision the account ?

  3. #3
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    you need to setup smbtools-ldap config file to point to zimbra ldap.

  4. #4
    cdenley is offline Active Member
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    6

    Default

    I was trying to setup a samba PDC, but I was having problems adding machine accounts automatically when joining a domain. Does samba update the LDAP server with machine accounts regardless of what you use for "add machine script"? If I use...
    Code:
    add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --quiet --gecos "machine account" --force-badname %u
    like in this tutorial, will the machine be added to /etc/passwd, ldap, or both?

    you need to setup smbtools-ldap config file to point to zimbra ldap.
    Of course. I tried that. As I said, I don't know what the correct value for sambaUnixIdPooldn would be.

  5. #5
    cdenley is offline Active Member
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    6

    Default

    I would prefer a solution that stores the machine accounts in the ldap server without creating zimbra accounts and without creating local unix accounts.
    Last edited by cdenley; 06-11-2008 at 07:19 AM. Reason: previous post wasn't showing up before

  6. #6
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    Of course. I tried that. As I said, I don't know what the correct value for sambaUnixIdPooldn would be.
    well what have you got for that config value then?

    i've got the default:
    sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"

    works fine for me.

  7. #7
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    ldap entry contains this, if it helps:

    dn: sambaDomainName=DOMAIN,dc=company,dc=com
    sambaNextRid: 1010
    uidNumber: 1091
    sambaDomainName: DOMAIN
    sambaSID: S-1-5-21-39121234593-1462477261-24026212345
    sambaAlgorithmicRidBase: 1000
    objectClass: top
    objectClass: sambaDomain
    objectClass: sambaUnixIdPool
    gidNumber: 1000

  8. #8
    cdenley is offline Active Member
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    6

    Default

    Something else must be wrong in my configuration, then
    Code:
    cdenley@zimbra:~$ grep -v \# /etc/smbldap-tools/smbldap.conf|grep -v "^$"
    SID="[my sid]"
    sambaDomain="MYDOMAIN"
    slaveLDAP="192.168.0.7"
    slavePort="389"
    masterLDAP="192.168.0.7"
    masterPort="389"
    ldapTLS="0"
    verify="none"
    cafile="/etc/smbldap-tools/ca.pem"
    clientcert="/etc/smbldap-tools/smbldap-tools.pem"
    clientkey="/etc/smbldap-tools/smbldap-tools.key"
    suffix="dc=mycompany,dc=com"
    usersdn="ou=Users,${suffix}"
    computersdn="ou=Computers,${suffix}"
    groupsdn="ou=Groups,${suffix}"
    idmapdn="ou=Idmap,${suffix}"
    sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
    scope="sub"
    hash_encrypt="SSHA"
    crypt_salt_format="%s"
    userLoginShell="/bin/bash"
    userHome="/home/%U"
    userHomeDirectoryMode="700"
    userGecos="System User"
    defaultUserGid="513"
    defaultComputerGid="515"
    skeletonDir="/etc/skel"
    defaultMaxPasswordAge="45"
    userSmbHome="\\PDC-SRV\%U"
    userProfile="\\PDC-SRV\profiles\%U"
    userHomeDrive="H:"
    userScript="logon.bat"
    mailDomain="idealx.com"
    with_smbpasswd="0"
    smbpasswd="/usr/bin/smbpasswd"
    with_slappasswd="0"
    slappasswd="/usr/sbin/slappasswd"

  9. #9
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    and does the dn exist with populated attributes?

  10. #10
    cdenley is offline Active Member
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    6

    Default

    Samba seems to use ldap fine for authentication.
    Here is part of my smb.conf
    Code:
    passdb backend = ldapsam:ldap://192.168.0.7/
    ldap admin dn = "cn=config"
    ldap suffix = dc=mycompany,dc=com
    ldap group suffix = ou=groups
    ldap user suffix = ou=people
    ldap machine suffix = ou=machines
    /etc/smbldap-tools/smbldap_bind.conf
    Code:
    slaveDN="cn=config,dc=mycompany,dc=com"
    slavePw="mypass"
    masterDN="cn=config,dc=mycompany,dc=com"
    masterPw="mypass"
    Code:
    cdenley@zimbra:~$ grep -v \# /etc/ldap.conf|grep -v "^$"
    base dc=mycompany,dc=com
    uri ldap://192.168.0.7/
    ldap_version 3
    binddn cn=config
    bindpw mypass
    rootbinddn uid=zimbra,cn=admins,cn=zimbra
    port 389
    bind_policy soft
    nss_reconnect_tries 2
    nss_initgroups_ignoreusers backup,bin,daemon,dhcp,fetchmail,games,gnats,irc,klog,libuuid,list,lp,mail,man,news,proxy,root,sshd,sync,sys,syslog,uucp,www-data

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Webinar Tools
    By GregA in forum Webinars
    Replies: 8
    Last Post: 07-04-2009, 06:21 AM
  2. About the migration tools for the translation.
    By sshgz in forum I18N/L10N - Translations
    Replies: 7
    Last Post: 06-20-2008, 01:50 AM
  3. New Load Testing Tools?
    By tross in forum Administrators
    Replies: 3
    Last Post: 05-15-2008, 04:10 PM
  4. Lost Tools > Zimbra Server Rules entry
    By mjdl in forum Zimbra Connector for Outlook
    Replies: 4
    Last Post: 02-22-2008, 07:05 PM
  5. Tools for migrating users from 4.5 to 5.0
    By adconsulting in forum Developers
    Replies: 1
    Last Post: 01-02-2008, 07:42 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •