[K12OSN] smbldap and webmin on Debian

Jim Kronebusch jim at winonacotter.org
Fri Nov 9 05:17:04 UTC 2007 

On Wed, 7 Nov 2007 21:54:08 -0500, Rob Owens wrote
> On Wed, Nov 07, 2007 at 09:03:04PM +0200, Asmo Koskinen wrote:
> > Rob Owens kirjoitti:
> > >I think I must be missing some important settings in the "LDAP users and
> > >groups" module configuration.
> > 
> > No, I'm not using, but my last post include this link - did you not read it?
> > 
> > "15. Configure LDAP Users and Groups Webmin Module on ldap server for 
> > administration (unecessary lines omitted, leave at default)"
> > 
> > "16. Configure LDAP Client Webmin Module on ldap server"
> > 
> > http://www.1-cs.com/ubuntu_ldap_howto.txt
> >
> 
> Thanks, I got it working.  I had to tweak some things to my specific setup 
> ("Users" instead of "people" and things like that).  I also have to customize 
> it to get some of my samba stuff in there.  Basically I need to get webmin to 
> behave exactly as the smbldap-useradd command does.
> 
> I came across this post by Jim K and I'll be reviewing it over the next few 
> days.  http://www.redhat.com/archives/k12osn/2006-July/msg00049.html  It looks 
> like it's got some useful info regarding the samba settings.
> 
> -Rob

Hey Rob, yeah, read the old post, that will help you with samba crap along with webmin
and LDAP.  The new howto is more for LDAP only and management with webmin.  I love the
samba/ldap installer for samba/ldap installations.  But if I don't have to muddy crap
with samba, I won't.  So that is why I came up with this howto without samba.  And since
there is no ldap installer I wanted as simple of instructions as possible for server
setup, client setup, use with nfs homes, and gui management.  Mostly I make these and
post them to a list so in the future when I forget how I did something I just google my
name, howto, and my problem and I find my old instructions.  Sort of primitive but I
suck at maintaining documentation :-)

And like you I need a gui for co-workers, secretary, you name it to be able to manage
users without my help in a simple way.  I command line 90% of the time, but gui
management is always handy and still a necessity for others.

Craig, I hear you with knowing how things work.  I don't know how much you've messed
with the LDAP module in webmin, but it doesn't make a ton of sense in relation to how
LDAP samba works.  Some of the syntax is crazy.  And unless things are just right, the
entire module breaks.  I had to contact Jamie Cameron (the guy that wrote the module) to
find out about the $USER variable that is unknown and not in the documentation that
makes the use of the module and mass user creation possible.  I could get every other
management module working, but Webmin LDAP was a bugger.  I had LDAP running in a day, 4
other management tools running in an hour....a week and a half later, webmin ldap users
and groups.  I feel anyones pain with that module :-)

Anyhow Rob, if you follow that post you should find my old instructions about how to
configure Webmin LDAP to work with the Samba/LDAP installer and it works great, but way
different that the ubuntu ldap howto.  When I put that together things were broken to
where it didn't create the Samba accounts properly, but that has since been fixed, and
even though I don't actively use the directions.  I've had others report they used my
instructions with the smb/ldap installer and webmin and it works perfectly.

So chin up, you should be able to get it working.  Quick note why I worked so hard
getting webmin's module to work, every other management app I tried to use was missing a
key feature.  Webmin's is the only one that had every feature I needed, I just couldn't
get it working.

Other good news, I saw in the UDS Boston notes they were finally discussing expansion of
the Gnome users and groups module to include options for ldap management and possibly
others such as NIS,etc.  This would be a huge step forward.  This would mean that you
could possibly go into the default user/group manager in the OS, check a box for central
authentication, then fill in LDAP authentication and credentials, and use the default OS
management tools for bulk addition/deletion and modification.  When this happens, these
discussions will be a thing of the past......awesome.

Good luck Rob, I hope you get it working, you'll love it when you do.  New year at
school, import csv of students not returning, get coffee, import csv with new students,
get donut, return with your work done and a full stomach kick back and smile.  And with
about 2 minutes of work all your students can connect from Appletalk, Samba, FTP, login
to a thin client and any other workstation, mobile profiles, and get email.  You can't
beat that.

Jim

-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.

More information about the K12OSN mailing list