###################################################

## ##
## Samba + Potfix With Centeral Ldap Server ##
## ##
## ##
###################################################

-::: Install Samba Server :::-

Hint:- Configuration Files Location = /etc/samba/

Main configuration file = /etc/samba/smb.conf

A:- Install SAMBA server related rpms and SMBLDAP-TOOLS rpm

B:- Keep Backup of orignal configuration file

cp /etc/samba/smb.conf /etc/samb/smb.conf-orig
C:- make following changes in your smb.conf
vi /etc/samba/smb.conf

# Global parameters
[global]
workgroup = dgqa
netbios name = dgqa-pdc
enable privileges = yes
hosts allow = 192.168.0. 127.
log level = 256
interfaces = 192.168.0.19
username map = /etc/samba/smbusers
# admin users = admin
server string = Samba Server %v
security = user
encrypt passwords = Yes
# min passwd length = 3
obey pam restrictions = No
#unix password sync = Yes
#passwd program = /usr/local/sbin/smbldap-passwd -u %u
#passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new passwo
rd*" %n\n"
ldap passwd sync = Yes
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 # mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
logon script = logon.bat
logon drive = H:
logon home =
logon path =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
# passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com"
# ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=Manager,dc=keenable,dc=com
ldap suffix = o=dgqa.org,o=hosting,dc=keenable,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
# ldap ssl = start tls
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

[homes]
comment = Home directory
writeable = yes
valid users = %S
read only = No
create mask = 0644
directory mask = 0775
browseable = yes
[netlogon]
path = /home/samba/netlogon/
browseable = No
read only = yes
[profiles]
path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
 force user = %U
# next line allows administrator to access all profiles
valid users = %U @"Domain Admins"
[printers]
comment = Network Printers
printer admin = @"Print Operators"
guest ok = yes
printable = yes
path = /home/samba/spool/
browseable = No
read only = Yes
printable = Yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
[print$]
path = /home/samba/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
[public]
comment = Repertoire public
path = /home/samba/public
browseable = Yes
guest ok = Yes
read only = No
directory mask = 0775
create mask = 0664

D:- Service smb restart

chkconfig smb on

-::: Install Central LDAP Server :::-

Hint:- Configuration Files Location = /etc/openldap/

Main configuration file = /etc/openldap/slapd.conf

A:- Install openldap server related rpms

B:- Keep Backup of orignal configuration file
 cp /etc/openldap/slapd.conf /etc/openldap/slapd.conf-orig

creat schema

rpm -ql |courier-authlib schema

=> /usr/share/doc/courier-authlib.0.58/authlib.schema
=> cd /usr/share/doc/courier-authlib.0.58/authlib.schema

cp authlib.schema /etc/openldap/schema/
=> cp authlib.schema mail.schema
=> cp authlib.schema samba.schema
C:- vi /etc/openldap/slapd.conf
add Schema for Mail and SAMBA after line 9 and make Schema in /etc/openldap/sche
ma/
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/mail.schema
{ Till The Time you have not configured SAMBA and Postfix Mail Server You Can Co
mment
Thease Lines }
***Change in Line 68 69 70***
database ldbm
suffix "dc=keenable,dc=com"
rootdn "cn=Manager,dc=keenable,dc=com"

change in line 75 run slappasswd in terminal as a root and give password redhat
and paste the string here and uncomment this line :-
rootpw {SSHA}QT/PxTSbX5q29SfEhVYYal9qTJBpn3Op
D:- Make ldap COnfig file's
touch base.ldif

dn: dc=keenable, dc=com

objectClass: top
objectClass: dcObject
objectClass: domain
dc: keenable

touch base1.ldif

dn: cn=Manager, dc=keenable, dc=com

objectClass: top
objectClass: organizationalRole
cn: Manager
dn: o=hosting, dc=keenable, dc=com
objectClass: top
objectClass: organization
o: hosting

touch domain.ldif
dn: o=dgqa.org, o=hosting, dc=keenable, dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
dc: keenable
o: fostering.org

E:- service ldap restart

F:- chkconfig ldap on

Add Your Base Files to Ldap

ldapadd -x -h localhost -D "cn=Manager,dc=keenable,dc=com" -f base.ldif

ldapadd -x -h localhost -D "cn=Manager,dc=keenable,dc=com" -f base1.ldif

ldapadd -x -h localhost -D "cn=Manager,dc=keenable,dc=com" -f domain.ldif

-:::Configuring SAMBA for LDAP Support :::-

A:- Intall smbldap-tools rpm From cd or Download it

run command
smbpasswd -w redhat

B:- run command and copy output

net getlocalsid
S-1-5-21-301026631-4003654561-4133428690 { you will get this kind of string }

C:- Install CPAN Modules Given Below

Bundle::CPAN
Net::LDAP
Unicode::MapUTF8
Crypt::SmbHash
Convert::BER
D:- run command
smbpopulate -a root
{ If command does not completed So Here it may requires some cpan modules
Install Required Modules from cpan site which it says }

E:- Run LDAP Search

ldapsearch -x -h localhost -b "dc=keenable,dc=com"

F:- Set SMB Password For root user, Don't forget it as you'll need it when
you start adding Windows
smbpassword -a root

G:- restart samba and ldap service

H:- Run Authconfig
Select Use Ldap , Cash Information ,

Select Next and change here in server tab and base dn tab
ldap://127.0.01/
o=fostering,o=hosting,dc=keenable,dc=com

service nscd restart

chkconfig nscd on

-:::Install Postfix Mail Server :::-

1:- Download URL -http://postfix.wl0.org/ftp/official/2.2/SRPMS/postfix-2.2.11
-1.src.rpm
2:- change to any user & make rpm related build directories
3:- run thease commands with login as user
mkdir rpm
mkdir rpm/SOURCES
mkdir rpm/SPECS
mkdir rpm/BUILD
mkdir rpm/SRPMS
mkdir rpm/RPMS
mkdir rpm/RPMS/i386
echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

install source rpm

rpm -ivh postfix2.src.rpm
cd /home/username/rpm/SPECS
cd ../SPECS
vi postfix.spec
(Make changed on following line like this--line 86 & 89)
%define with_mysql_redhat 1
%define with_sasl 2
rpmbuild -ba postfix.spec
it will make postfix rpms to RPMS directory
then logout through user & login through root & go to RPMS directory & r
un Command
rpm -Uivh postfix-2.2.11-1.rhel4.i386.rpm

###################################Install Postfix Mail Server Basic ###########

#############################################
1:-Set postfix as default MTA
run
system-switch-mail
choose postfix and close.

2:- go to
cd /etc/postfix
3:- cp main cf m ain.cf.orig
4:- {a}Edit main.cf and change parameters
vi main.cf
myhostname = postfix.keenable.com
mydomain = fosteringlinux.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 172.16.0.0/16, 127.0.0.0/8 { according to your network ip addressin
g }
home_mailbox = Maildir/
readme_directory = /usr/share/doc/postfix-2.3.4-documentation/readme
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
virtual_alias_maps = ldap:/etc/postfix/ldap/alias.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /home/virtual

#virtual_mailbox_domains = ldap:/etc/postfix/ldap/domain.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = ldap:/etc/postfix/ldap/mailbox.cf
virtual_minimum_uid = 1001
virtual_transport = virtual
virtual_uid_maps = static:1001
#Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = ldap:/etc/postfix/ldap/mailbox.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his disk
space quota, please try again later.
virtual_overquota_bounce = yes
{b} Now Edit Master.cf

cp master.cf master.cf.orig
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd -v {
add -v here By-Default it is not there}

5:- create a user virtual

groupadd -g 1001 virtual
useradd -g virtual -u 1001 virtual
change the permission 777 to /home/virtual
chmod -R 777 /home/virtual/
chown virtual /home/virtual

################################################ Install Courier-Imap #######

###############################################

A:- Installation 0f Courier-imap

Become a normal user & download these softwares:
Download Courier-imap:
courier-imap-4.1.1.tar.bz2
untar courierimap
tar -jxvf courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3
vi courier-imap.spec (make 44 & 46 line like this to remove fam support
)
BuildPreReq: rpm >= 3.0.5 /usr/bin/sed openldap2 openldap2-devel
%else
BuildPreReq: rpm >= 4.0.2 sed openldap-devel openldap-servers
%endif
copy this spec to SPECS directotry
 cp courier-imap.spec /home/manoj/rpm/SPECS/
copy courier-imap bz2 file to SOURCES directory.
cp courier-imap-4.1.3.tar.bz2 /home/manoj/rpm/SOURCES
cd /home/manoj/rpm/SPECS/
rpmbuild -ba courier-imap.spec
now become root & go to RPMS & install all related rpms through root:
rpm -ivh courier-imap-4.1.3-1.4AS.i386.rpm

B:- Installation 0f Courier-authlib

Download Courier-authlib:
courier-authlib-0.58.tar.bz2
now again become normal user
Run this command:
rpmbuild -ta courier-authlib-0.58.tar.bz2
become root & go to this directory
cd /home/manoj/rpm/RPMS/i386
rpm -ivh courier-authlib-0.58-1.4AS.i386.rpm
rpm -ivh courier-authlib-devel-0.58-1.4AS.i386.rpm
rpm -ivh courier-authlib-mysql-0.58-1.4AS.i386.rpm

C:- Now Go to /etc/authlib

cp authdemonrc to authdemonrc.orig
Edit authdemonrc
vi authdemonrc
authmodulelist="authldap"

cp authldaprc to authldaprc.orig
vi authldaprc
LDAP_URI ldap://ldap.keenable.com, { Remove s from url }
LDAP_BASEDN o=hosting,dc=fosteringlinux,c=com
#LDAP_BINDDN cn=admin, o=example, c=com { Comment This Line }
LDAP_MAIL mail
LDAP_HOMEDIR 'home/virtual'
LDAP_MAILDIR mailbox
LDAP_CLEARPW Password
#LDAP_CRYPTPW userPassword { Comment This Line }
LDAP_UID
LDAP_GID

D:- Service courier-imap start

chkconfig courier-imap on
Service courier-authlib start
chkconfig courier-authlib on
Test pop Server .........
telnet localhost 110
user manoj@keenable.com
pass password
you should get "OK " Response
list { this command will display all mails in your inbox

Test IMAP Server .........

telnet localhost 143
. login manoj@keenable.com password
you should get "OK " Response
list { this command will display all mails in your inbox