Beruflich Dokumente
Kultur Dokumente
## ##
## Samba + Potfix With Centeral Ldap Server ##
## ##
## ##
###################################################
# Global parameters
[global]
workgroup = dgqa
netbios name = dgqa-pdc
enable privileges = yes
hosts allow = 192.168.0. 127.
log level = 256
interfaces = 192.168.0.19
username map = /etc/samba/smbusers
# admin users = admin
server string = Samba Server %v
security = user
encrypt passwords = Yes
# min passwd length = 3
obey pam restrictions = No
#unix password sync = Yes
#passwd program = /usr/local/sbin/smbldap-passwd -u %u
#passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new passwo
rd*" %n\n"
ldap passwd sync = Yes
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
logon script = logon.bat
logon drive = H:
logon home =
logon path =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
# passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com"
# ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=Manager,dc=keenable,dc=com
ldap suffix = o=dgqa.org,o=hosting,dc=keenable,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
# ldap ssl = start tls
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
[homes]
comment = Home directory
writeable = yes
valid users = %S
read only = No
create mask = 0644
directory mask = 0775
browseable = yes
[netlogon]
path = /home/samba/netlogon/
browseable = No
read only = yes
[profiles]
path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
force user = %U
# next line allows administrator to access all profiles
valid users = %U @"Domain Admins"
[printers]
comment = Network Printers
printer admin = @"Print Operators"
guest ok = yes
printable = yes
path = /home/samba/spool/
browseable = No
read only = Yes
printable = Yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
[print$]
path = /home/samba/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
[public]
comment = Repertoire public
path = /home/samba/public
browseable = Yes
guest ok = Yes
read only = No
directory mask = 0775
create mask = 0664
creat schema
cp authlib.schema /etc/openldap/schema/
=> cp authlib.schema mail.schema
=> cp authlib.schema samba.schema
C:- vi /etc/openldap/slapd.conf
add Schema for Mail and SAMBA after line 9 and make Schema in /etc/openldap/sche
ma/
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/mail.schema
{ Till The Time you have not configured SAMBA and Postfix Mail Server You Can Co
mment
Thease Lines }
***Change in Line 68 69 70***
database ldbm
suffix "dc=keenable,dc=com"
rootdn "cn=Manager,dc=keenable,dc=com"
change in line 75 run slappasswd in terminal as a root and give password redhat
and paste the string here and uncomment this line :-
rootpw {SSHA}QT/PxTSbX5q29SfEhVYYal9qTJBpn3Op
D:- Make ldap COnfig file's
touch base.ldif
touch base1.ldif
touch domain.ldif
dn: o=dgqa.org, o=hosting, dc=keenable, dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
dc: keenable
o: fostering.org
F:- Set SMB Password For root user, Don't forget it as you'll need it when
you start adding Windows
smbpassword -a root
Select Next and change here in server tab and base dn tab
ldap://127.0.01/
o=fostering,o=hosting,dc=keenable,dc=com
2:- go to
cd /etc/postfix
3:- cp main cf m ain.cf.orig
4:- {a}Edit main.cf and change parameters
vi main.cf
myhostname = postfix.keenable.com
mydomain = fosteringlinux.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 172.16.0.0/16, 127.0.0.0/8 { according to your network ip addressin
g }
home_mailbox = Maildir/
readme_directory = /usr/share/doc/postfix-2.3.4-documentation/readme
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
virtual_alias_maps = ldap:/etc/postfix/ldap/alias.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /home/virtual
#virtual_mailbox_domains = ldap:/etc/postfix/ldap/domain.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = ldap:/etc/postfix/ldap/mailbox.cf
virtual_minimum_uid = 1001
virtual_transport = virtual
virtual_uid_maps = static:1001
#Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = ldap:/etc/postfix/ldap/mailbox.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his disk
space quota, please try again later.
virtual_overquota_bounce = yes
{b} Now Edit Master.cf
cp master.cf master.cf.orig
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd -v {
add -v here By-Default it is not there}
cp authldaprc to authldaprc.orig
vi authldaprc
LDAP_URI ldap://ldap.keenable.com, { Remove s from url }
LDAP_BASEDN o=hosting,dc=fosteringlinux,c=com
#LDAP_BINDDN cn=admin, o=example, c=com { Comment This Line }
LDAP_MAIL mail
LDAP_HOMEDIR 'home/virtual'
LDAP_MAILDIR mailbox
LDAP_CLEARPW Password
#LDAP_CRYPTPW userPassword { Comment This Line }
LDAP_UID
LDAP_GID