[K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server

Jim Kronebusch jim at winonacotter.org
Tue Oct 9 19:34:44 UTC 2007


On Tue, 09 Oct 2007 07:10:28 -1000, R. Scott Belford wrote
> Aloha Y'all
> 
> Has anyone had documented success authenticating Edubuntu 7.04 ltsp
> clients off of a smbldap server?  If so, would you share it.  I have
> scoured and searched, and I have found various pieces of good
> information linked below.  No two how-tos are the same, and I am left
> with a few questions

I assume you simply want your users on the clients to come from LDAP, correct?  If so
there is no need to configure anything in the client tree (/opt/ltsp/i386) as all your
users are merely logging into the server.  So all you have to do is get the server to
authenticate to LDAP and your done.

> http://www.1-cs.com/ubuntu_ldap_howto.txt

I composed the above howto for building a LDAP server from scratch in Ubuntu and how to
authenticate FAT clients with NFS homes and a thin client system to it.  This isn't
specifically written to work with the SMBLDAP installer, but I assume it would work.  As
long as you already have a running LDAP server the only steps you should need to deal
with to authenticate are 8-12.  In this case your server is the LDAP "client".  

I did not need SMB support as this system has gone all Linux and NFS is used for all
file shares if needed.  So I did not use the packaged SMB/LDAP installer.  I am sure
David Trask has a specific howto for that.  

The howto I wrote assumes you will have a local user on the server with the uid of 1000
and no conflicting user ID in the LDAP server.  The configs are designed to look at
local files first then LDAP, that way if things go bad you can always log in with your
local user and make changes on both the thin clients and the server.  I also found that
my Edubuntu server ran much smoother if I added all the default system groups into the
LDAP server and assigned groups by default the same way the system would to a local
user.  Step 4 handles creation of an ldif to import all the default groups into your
LDAP system.

Also step 15-16 tell you how to use Webmin to manage your users in LDAP.  I have not
wrote this to address the SMB stuff as I didn't need it, but you can reference how I
used that to assign new users to all those groups.  I think there is a howto on
configuring Webmin to work with SMB/LDAP.

Hope that helps,
Jim

-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.




More information about the K12OSN mailing list