[K12OSN] Re: lessons learned on smb/ldap setup in centos4 (Robert Moskowitz)
Matt Oquist
moquist at majen.net
Tue Aug 1 18:18:54 UTC 2006
> Date: Mon, 31 Jul 2006 12:16:04 -0400
> From: "Robert Moskowitz" <rgm at htt-consult.com>
> Subject: Re: [K12OSN] lessons learned on smb/ldap setup in centos4
>
> After a long detour stepping my way into Linux (like first moving DNS
> and Mail from NT server to Linux), I am back at converting my NT domain
> to Linux.
>
> I am committed to Centos, which is now at 4.3 and very soon at 4.4.
>
> So I see that Centos is still not listed as a supported platform, but
> then RedHat Enterprise is not listed either....
> Is the script mods listed below still apply (months later and newer
> versions)?
Just use the 'fc5' option, and when it complains about not being able
to install something, find that package manually and install it. Then
re-run the script and everything should be fine.
I *believe* it's only one package that you'll have to find manually;
once you figure out which on it is shoot me an email -- or, better
yet, add a note to the wiki on a CentOSNotes page.
> > Then I did the CPAN Bundle::install thing
This shouldn't be necessary; there are RPMs available for all the
required packages.
> > Next, I ran the script(make all) and noted all the rpms it could not
> > find.
> I ASSuME that if I am missing some, getting them (I use yemex and have
> DAG repos included) and restarting causes no harm.
Precisely.
> > I then Went to the DAG (weirs) Site
> > http://dag.wieers.com/packages/ And downloaded any packages that the
> > script said that were missing and
> > dependencies that the rpms called for. Once all the packages were
> > installed and the script completed successfully, I rebooted.
> > At this point ldap seemed to consistantly fail. Go into the
> > /etc/openldap/ldap.conf and delete the TLS entry. Then I start ldap,
That's odd and interesting...I don't believe this happened at the
Gould NELS, where CentOS was used during the Samba/LDAP session.
> > 4. Originally setting the file server up on a different network. I just
> > couldn't seem to figure out how to combat that, soooo I reloaded on the
> > network that it was going to be on and that cured many little issues.
> This is a 'real' concern with me. I am replacing an NT domain PDC, and
> I do not want to play with names.
It's changing IP addresses that threw Mark off, I believe, and that
makes sense. The IP address is in several Samba/LDAP config files, so
if you change the system IP address you have several files to hunt
down and modify.
> So I have set up a separate network where I can install, the IP
> addresses are changed slightly, I hope this will not be a problem? I
> have my host.conf going to my hosts file before bind, and I have my
> server setup in the hosts file....
If you use hostnames instead of IP addresses when you run the
configuration portion of the smbldap-installer, then you should be
fine as long as those hosts are set in /etc/hosts.
Would you mind adding this to the smbldap-installer documentation
wiki? (Linked from http://majen.net/smbldap/) It would be great if
other people knew how to do this.
> If I have to set up a whole dummy DNS, I can, I have done it for things
> like unlocking PAP2 boxes...
This should only be necessary for the master/slave LDAP servers
themselves.
You may need to change /etc/exports yourself later if you change your
IP address scheme, but using the smbldap-installer to help set up your
export of /home is completely optional, anyway.
> > 5. Paying attention to were the smbldap tools are located and adjusting
> > the script and or tools location to make it work.
> Would like to know more on this one.
The smbldap-installer tries to figure out where the smbldap-tools
scripts get installed (the are usually not in $PATH on RH-based
systems) and use them there. If they show up in a location that the
script can't find, see distro_data.pm and add another entry with the
correct path to @smbldap_tools_path, and then (please!) email me about
it.
> Should I just proceed? There was a comment early in the install about
> being back-leveled and to do some update or other, but it scrollled off
> the screen.
My preference is always to use the package management system to
install everything, but if you got your dependencies this way, it's
probably fine. :)
Beware of samba-3.0.23, which causes people problems on FC5; you may
automatically get it when you update your system.
--matt
--
Open Source Software Engineering Consultant
http://majen.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/k12osn/attachments/20060801/4d7cadd5/attachment.sig>
More information about the K12OSN
mailing list