Hi guys My network map is simple, ldap inside samba server centralizes all uses inside the LAN included mail. My question is to reduce the use of net it's a good idea to create other ldap server inside mail server? And finally which's the best relation between ldap.samba server and a future ldap mail server, master.master o master slave?
Thanks And Best Regards 2011/2/25 Gaiseric Vandal <gaiseric.van...@gmail.com> > I don't understand your question. What does mail have to do with Samba? > Does your mail server use LDAP authentication? Or do you want to use the > LDAp server as an central address book for your mail clients. Either way, > your LDAP server should be able to support attributes for both e-mail and > samba requirements. > > > > > > On 02/24/2011 11:42 AM, marcos gonzalez wrote: > >> Hi >> >> Im not sure if it's in this list but configuring ldap Im with a doubt.I >> would like to distribute openldap conexions between mail server and samba >> server. Which's the better form, master-master or master-slave? I >> understand using PDC and BDC the relationship is master-slave, but >> between >> mail and samba? >> >> Thanks& Best Regards >> >> 2011/2/21 marcos gonzalez<marcos.gonzalez.c...@gmail.com> >> >> >> >>> Ok in my server the ldap config is inside /etc/ and this file nss_ldap >>> it's >>> inside /etc/ldap/. i didn't understand why pass this but now I understand >>> all >>> >>> Thanks >>> >>> >>> >>> >>>> >>>> Hi >>>> >>>> Ok, and how I config nss_ldap? When I copy all database is included? >>>> >>>> Well, the easiest way, for Samba use, is to simply cp your ldap.conf >>>> file >>>> for the ldap client application to nss_ldap.conf--cp ldap.conf >>>> nss_ldap.conf >>>> (this can be a bit confusing, as openldap uses a file called ldap.conf >>>> for >>>> configuring the ldap client as well as a file called ldap.conf for >>>> configuring basic ldap server process. The server file is generally >>>> contained in the directory where configuration files are kept in a >>>> subdirectory called openldap along with files like slapd.conf and is >>>> generally a small file witch looks something like this: >>>> >>>> # >>>> # LDAP Defaults >>>> # >>>> >>>> # See ldap.conf(5) for details >>>> # This file should be world readable but not world writable. >>>> >>>> BASE dc=mydomain,dc=com >>>> URI ldapi://%2fvar%2frun%2fopenldap%2fldapi ldap://192.168.64.2:389 >>>> # TLS_CACERT /usr/local/etc/openldap/cacert.pem >>>> >>>> #SIZELIMIT 12 >>>> #TIMELIMIT 15 >>>> #DEREF never >>>> >>>> whereas the ldap.conf for the client is rather lengthy and contains >>>> quite >>>> a bit of information for contacting the ldap server, how the dit should >>>> be >>>> searched, etc.) >>>> >>>> And, no, nss_ldap.conf has nothing to do with the ldap server. >>>> nss_ldap.conf can be used to contact an external ldap server, just as >>>> the >>>> ldap.conf for the ldap client application can/ >>>> >>>> Sorry for the newbie questions, If any time comes to barcelona contact >>>> me, >>>> you has a beer paid (Daniel too) :-) >>>> >>>> Well, now that's quite a generous offer. Much appreciated. >>>> >>>> >>>> >>>> Thanks and Best Regards >>>> >>>> 2011/2/20<t...@tms3.com> >>>> >>>> >>>> >>>>> >>>>> Hi >>>>> >>>>> Thanks, this howto for me its better. I have other doubt, syncrepl >>>>> needs >>>>> to be installed or comes integrated with slapd daemon? >>>>> >>>>> It is all part of the openldap suite. >>>>> >>>>> >>>>> >>>>> And to transfer all shared samba folders and profile content, when it's >>>>> the better moment? I understand when samba is down or when is up? >>>>> >>>>> Depends on the permissions. However, so long as ALL the files to be >>>>> transferred belong to users in LDAP then, with nss_ldap properly >>>>> configured, >>>>> any copy that preserves permissions should be fine. >>>>> >>>>> >>>>> >>>>> Thanks and Best Regards >>>>> >>>>> 2011/2/20<t...@tms3.com> >>>>> >>>>> >>>>> >>>>>> >>>>>> Now you are on to copy your slapd.conf and ldap.conf to your new >>>>>> machine: >>>>>> Ex: scp slapd.conf root@2machine:/etc/openldap >>>>>> >>>>>> ---------------------------HOw I can make this If slurpd is >>>>>> deprecated? >>>>>> The guide >>>>>> >>>>>> >>>>>> >>>>>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html >>>>>> >>>>>> not's easy to understand, not exist other howto more simple? >>>>>> >>>>>> Here is another guide. The first link is quite comprehensive. >>>>>> http://www.zytrax.com/books/ldap/ch7/ >>>>>> >>>>>> The entire online manual is a good read. I highly recommend it. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> Now important I do the trick with slurpd. There are many other ways >>>>>>>>>> >>>>>>>>>> >>>>>>>>> but this >>>>>> >>>>>> >>>>>>> is easy. >>>>>>>>>> Slurpd should be installed on your Master an only there. >>>>>>>>>> So go in to the slapd.conf on your master and put a few lines in >>>>>>>>>> it >>>>>>>>>> >>>>>>>>>> >>>>>>>>> at the >>>>>> >>>>>> >>>>>>> end. >>>>>>>>>> Be carefull all tabs must fit exact as this example: >>>>>>>>>> >>>>>>>>>> >>>>>>>>> replica uri=ldap://IPOFYOUR2MACHINE:389 >>>>>> binddn="cn=youradmin,dc=your,dc=ldap" >>>>>> suffix="dc=yourc,dc=ldap" >>>>>> bindmethod=simple >>>>>> credentials=securepassword >>>>>> >>>>>> I understand the part of backup slapd only works with the service >>>>>> stopped? >>>>>> >>>>>> Well Im grateful for all your time :-) >>>>>> >>>>>> Thanks and Best Regards >>>>>> >>>>>> >>>>>> >>>>>> 2011/2/18<t...@tms3.com> >>>>>> >>>>>> >>>>>> >>>>>>> >>>>>>> In my hint I think your samba PDC/Ldap is cuurently working well! >>>>>>> First of all install a second machine with the samba and ldap. >>>>>>> Do not start samba, do not start ldap. >>>>>>> The ldap database should be nearly empty ex:/var/lib/ldap >>>>>>> >>>>>>> Now copy your smb.conf to your new machine ex: scp root@2machine >>>>>>> :/etc/samba >>>>>>> Edit the smb.conf to your needs and adjust it to be a bdc: >>>>>>> domain master=NO >>>>>>> domain logons=YES >>>>>>> Make a testparm it should succed like this: >>>>>>> testparm >>>>>>> Load smb config files from /etc/samba/smb.conf >>>>>>> Processing section "[netlogon]" >>>>>>> WARNING: The "share modes" option is deprecated >>>>>>> Processing section "[sysvol]" >>>>>>> WARNING: The "share modes" option is deprecated >>>>>>> Processing section "[homes]" >>>>>>> Processing section "[profiles]" >>>>>>> Processing section "[alles]" >>>>>>> Processing section "[printers]" >>>>>>> Processing section "[print$]" >>>>>>> Loaded services file OK. >>>>>>> Server role: ROLE_DOMAIN_BDC<----------------------------you are a >>>>>>> BDC >>>>>>> Press enter to see a dump of your service definitions >>>>>>> >>>>>>> Yes very nice! >>>>>>> >>>>>>> >>>>>>> >>>>>>> Now you are on to copy your slapd.conf and ldap.conf to your new >>>>>>> machine: >>>>>>> Ex: scp slapd.conf root@2machine:/etc/openldap >>>>>>> >>>>>>> Now important I do the trick with slurpd. >>>>>>> >>>>>>> Sorry, but Slurpd is depricated and no longer available in Openldap >>>>>>> since 2.3 >>>>>>> >>>>>>> http://www.openldap.org/doc/admin24/replication.html#Replacing%20Slurpd >>>>>>> >>>>>>> Here is nice overview of the way LDAP currently works: >>>>>>> >>>>>>> >>>>>>> >>>>>>> http://blog.suretecsystems.com/archives/129-Replacing-Slurpd-using-OpenLDAP-2.4.html >>>>>>> >>>>>>> Once you have sync-repl set up on the current master, and a proper >>>>>>> slapd.conf and ldap.conf file on the new machine, start ldap, then >>>>>>> >>>>>>> smbpasswd -w<ldap-master-passwd> >>>>>>> net rpc join -U<administrator> <domain name> >>>>>>> >>>>>>> Done. >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >>> >> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
