Ok in my server the ldap config is inside /etc/ and this file nss_ldap it's inside /etc/ldap/. i didn't understand why pass this but now I understand all
Thanks > > > > Hi > > Ok, and how I config nss_ldap? When I copy all database is included? > > Well, the easiest way, for Samba use, is to simply cp your ldap.conf file > for the ldap client application to nss_ldap.conf--cp ldap.conf nss_ldap.conf > (this can be a bit confusing, as openldap uses a file called ldap.conf for > configuring the ldap client as well as a file called ldap.conf for > configuring basic ldap server process. The server file is generally > contained in the directory where configuration files are kept in a > subdirectory called openldap along with files like slapd.conf and is > generally a small file witch looks something like this: > > # > # LDAP Defaults > # > > # See ldap.conf(5) for details > # This file should be world readable but not world writable. > > BASE dc=mydomain,dc=com > URI ldapi://%2fvar%2frun%2fopenldap%2fldapi ldap://192.168.64.2:389 > # TLS_CACERT /usr/local/etc/openldap/cacert.pem > > #SIZELIMIT 12 > #TIMELIMIT 15 > #DEREF never > > whereas the ldap.conf for the client is rather lengthy and contains quite a > bit of information for contacting the ldap server, how the dit should be > searched, etc.) > > And, no, nss_ldap.conf has nothing to do with the ldap server. > nss_ldap.conf can be used to contact an external ldap server, just as the > ldap.conf for the ldap client application can/ > > Sorry for the newbie questions, If any time comes to barcelona contact me, > you has a beer paid (Daniel too) :-) > > Well, now that's quite a generous offer. Much appreciated. > > > > Thanks and Best Regards > > 2011/2/20 <[email protected]> > >> >> >> Hi >> >> Thanks, this howto for me its better. I have other doubt, syncrepl needs >> to be installed or comes integrated with slapd daemon? >> >> It is all part of the openldap suite. >> >> >> >> And to transfer all shared samba folders and profile content, when it's >> the better moment? I understand when samba is down or when is up? >> >> Depends on the permissions. However, so long as ALL the files to be >> transferred belong to users in LDAP then, with nss_ldap properly configured, >> any copy that preserves permissions should be fine. >> >> >> >> Thanks and Best Regards >> >> 2011/2/20 <[email protected]> >> >>> >>> >>> Now you are on to copy your slapd.conf and ldap.conf to your new machine: >>> Ex: scp slapd.conf root@2machine:/etc/openldap >>> >>> ---------------------------HOw I can make this If slurpd is deprecated? >>> The guide >>> >>> >>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html >>> >>> not's easy to understand, not exist other howto more simple? >>> >>> Here is another guide. The first link is quite comprehensive. >>> http://www.zytrax.com/books/ldap/ch7/ >>> >>> The entire online manual is a good read. I highly recommend it. >>> >>> >>> >>> >>>>Now important I do the trick with slurpd. There are many other ways >>> but this >>> >>>>is easy. >>> >>>>Slurpd should be installed on your Master an only there. >>> >>>>So go in to the slapd.conf on your master and put a few lines in it >>> at the >>> >>>>end. >>> >>>>Be carefull all tabs must fit exact as this example: >>> >>> replica uri=ldap://IPOFYOUR2MACHINE:389 >>> binddn="cn=youradmin,dc=your,dc=ldap" >>> suffix="dc=yourc,dc=ldap" >>> bindmethod=simple >>> credentials=securepassword >>> >>> I understand the part of backup slapd only works with the service >>> stopped? >>> >>> Well Im grateful for all your time :-) >>> >>> Thanks and Best Regards >>> >>> >>> >>> 2011/2/18 <[email protected]> >>> >>>> >>>> >>>> In my hint I think your samba PDC/Ldap is cuurently working well! >>>> First of all install a second machine with the samba and ldap. >>>> Do not start samba, do not start ldap. >>>> The ldap database should be nearly empty ex:/var/lib/ldap >>>> >>>> Now copy your smb.conf to your new machine ex: scp root@2machine >>>> :/etc/samba >>>> Edit the smb.conf to your needs and adjust it to be a bdc: >>>> domain master=NO >>>> domain logons=YES >>>> Make a testparm it should succed like this: >>>> testparm >>>> Load smb config files from /etc/samba/smb.conf >>>> Processing section "[netlogon]" >>>> WARNING: The "share modes" option is deprecated >>>> Processing section "[sysvol]" >>>> WARNING: The "share modes" option is deprecated >>>> Processing section "[homes]" >>>> Processing section "[profiles]" >>>> Processing section "[alles]" >>>> Processing section "[printers]" >>>> Processing section "[print$]" >>>> Loaded services file OK. >>>> Server role: ROLE_DOMAIN_BDC <----------------------------you are a BDC >>>> Press enter to see a dump of your service definitions >>>> >>>> Yes very nice! >>>> >>>> >>>> >>>> Now you are on to copy your slapd.conf and ldap.conf to your new >>>> machine: >>>> Ex: scp slapd.conf root@2machine:/etc/openldap >>>> >>>> Now important I do the trick with slurpd. >>>> >>>> Sorry, but Slurpd is depricated and no longer available in Openldap >>>> since 2.3 >>>> http://www.openldap.org/doc/admin24/replication.html#Replacing%20Slurpd >>>> >>>> Here is nice overview of the way LDAP currently works: >>>> >>>> >>>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html >>>> >>>> Once you have sync-repl set up on the current master, and a proper >>>> slapd.conf and ldap.conf file on the new machine, start ldap, then >>>> >>>> smbpasswd -w <ldap-master-passwd> >>>> net rpc join -U<administrator> <domain name> >>>> >>>> Done. >>>> >>> >>> >>> >> >> > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
