Setup LDAP with Openfiler

How to configure LDAP so that Windows shares will work with Openfiler.

Configure LDAP for Samba

The assumption is that LDAP is already up and running with user accounts with the posixAccount object classes.

Add samba.schema to LDAP

Copy samba.schema from /usr/share/doc/samba-3.0.10/LDAP to /etc/openldap

Add the samba.schema to slapd.conf

include         /etc/openldap/schema/samba.schema

Install smbldap-tools

Copy all the *.pl and *.pm scripts from /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools to /usr/local/sbin

Configure smbldap_config.pm for your LDAP server.

Run make in the mkntpwd directory and copy mkntpwd to /usr/local/sbin

Add sambaSamAccount to all existing users

For each user in LDAP run:

/usr/local/sbin/smbldap-usermod.pl -a <username>

This will add the sambaSamAccount class to the user.

Change each users password

Each user will need to have their password reset so that the Samba password values match the ldap password values.

For each user in LDAP run:

/usr/local/sbin/smbldap-passwd.pl <username>

(make sure ldappasswd is in your path)

Configure OpenFiler

On the Accounts -> Authentication screen:

Check Use Ldap and fill in the following fields:

  • Server
  • Base DN
  • Authenticated Base DN
  • Authenticated bind password
  • Root Bind DN
  • Root bind password

Check Login SMB server to root DN

LDAP users and groups will now show up under the Users and Group tabs

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>