[K12OSN] Smb-ldap admin interface and hardware recommendations (Julian Yap)

Julian Yap julian_yap at yahoo.com
Wed Feb 8 20:27:20 UTC 2006 

On Wed, 2006-02-08 at 12:37 -0500, Matt Oquist wrote:
> > From: Julian Yap <julian_yap at yahoo.com>
> > Subject: [K12OSN] Smb-ldap admin interface and hardware recommendations
> > 
> > I then tried out installing smb-ldap on Debian Linux (sarge) using
> > OpenLDAP and Samba.  To start of with, I only found 1 site which
> > actually had instructions for installing OpenLDAP on Debian.  After 2
> > days of trying to get it to work, I gave up.  There's more I could say
> > but I won't.
> 
> Hi Julian,
> 
> Did you try the Smbldap Installer from http://majen.net/smbldap/?
> It has Ubuntu support, but I've never tested it on Debian.  It should
> make the installation process quite easy, and if it doesn't already
> work for Debian it should be pretty easy to get it to.

Matt, I didn't try it mainly because I didn't have an understanding of
how it smb-ldap worked.  LDAP was all new to me and I wasn't confident
using and putting in place a solution I wasn't familiar with.

I pretty much gave myself a crash course in the RH423 Red Hat Enterprise
Directory Services and Authentication course
(https://www.redhat.com/training/architect/courses/rh423.html).

Revisiting the Smbldap Installer it's a different story and it's an
excellent tool.  Personally, I would still install and configure things
manually.

> It sounds like you've settled on CentOS, but if you try Debian again
> for any reason and you try the Smbldap Installer, please let me know
> how it goes.

Yeah, I'm pretty much settled on CentOS at this point.

If I have the time, I'll try your script on Debian...  But then the
recollection of headaches and frustration might settle in. :P  Debian
tries to be a 'pure' Linux.  For example, instead of doing an install of
a package called 'openldap', you're installing a package called 'slapd'.

Debian also tries to 'purify' all packages.

Here's an example I ran into.

To add the Samba schema file to OpenLDAP in Debian:
Run:
cp /usr/share/doc/samba-doc/examples/examples/LDAP/samba.schema.gz /etc/ldap/schema/
  cd /etc/ldap/schema/
  gunzip samba.schema.gz
  chown slapd.slapd samba.schema
  chmod 440 samba.schema

Add to /etc/ldap/slapd.conf:
  include /etc/ldap/schema/samba.schema

To do the same thing under Redhat/CentOS:
  cp /usr/share/doc/samba-3.0.10/LDAP/samba.schema /etc/openldap/schema/

Add to /etc/openldap/slapd.conf
  include         /etc/openldap/schema/samba.schema

So then you've got to also ask yourself, who at Debian decided that
OpenLDAP was king and put their configuration files in /etc/ldap and
not /etc/openldap?  It's just frustrations like that.

> I agree with you that the administration interfaces available for
> OpenLDAP are not mature, and it's my personal hope that Samba4 is
> going to fill this gap soon by providing an integrated Samba/LDAP
> solution with [more] robust and mature administration tools.

I agree, Samba4 will be great.  But I doubt they'd provide web/GUI admin
tools or make it a priority when it does come out.

Is there a Samba4 roadmap or timeline?  I couldn't find one.

- Julian

More information about the K12OSN mailing list