[K12OSN] Re: SMB/LDAP management with Webmin Users and Groups module (Peter Hartmann)

Matt Oquist moquist at majen.net
Sun Jul 9 22:41:02 UTC 2006 

Yes, awesome indeed. I'm very close to a drastic update to the
smbldap-installer.

* FC5 support is still suffering from the "System Messaging Bus" delay
  (timeout of some sort) at startup, which seems to be related to the
  LDAP client configuration. Anybody who runs
  http://www.majen.net/smbldap/archive/smbldap-installer-2.1.tgz and
  then debugs the problem can let me know and save me some time
  figuring this out. :)
* Automated configuration of fully-replicating PDC/BDC is almost done!
* The Ubuntu client config won't ask any questions any more. (Wish I'd
  figured this out months ago; it's not hard.)

Anyhow, I'd love to help automate a Webmin configuration for
Samba/LDAP and I'll be referring back to these notes when I get to
that (which may be a while).

I'm going to do my darndest to get the next release out before the UNH
NELS, which starts a week from tonight.

--matt

> Wow! Thanks Jim this is awesome!  I just created a test user via batch
> file.  It's funny though if I try and add a user to the ldap database
> that's already a user on the system it returns : "Duplicate username
> at line 1 : [user]"  Question: Why should the ldap database care
> what's in /etc/passwd?   This machine is going to be a stand-alone
> ldap server so it's not set to authenticate the the ldap database.
> Umm..I don't have to set it for ldap auth do I?
> 
> Thanks,
> Peter
> 
> On 8/8/05, Jim Kronebusch <jim at winonacotter.org> wrote:
> > You can add/modify/delete users and groups from the LDAP Users and
> > groups module.  Below I will show my settings for the module as
> > configured for version 2.0-alpha of the smb/ldap installer scripts.  The
> > add users via batch section is all that needs work now.  It appears to
> > leave out the Samba account options when run.  I emailed Jamie Cameron
> > to see if he can let me know how to make this work.  Anyhow with the
> > settings below I am able to login via Linux, via a OSX LDAP enabled
> > machine, and join a Windows Machine to the domain and login.  I will
> > list only fields where I have made changes from the default.  This is
> > also with the newest stable version of webmin.  Disk quotas will also be
> > able to be managed via the Webmin Disk Quota module, provided that under
> > the Disk and Network Filesystems you have enable User or Group quotas,
> > and subsequently enabled Disk Quotas under the Disk Quotas module.
> >
> > Also in discussion with Jamie Cameron I was informed that the variables
> > ${USER} and ${UID} can be used to substitute username and user id
> > respectively anywhere in the webmin module configuration.
> >
> > Here goes:
> >
> > Linux LDAP NSS library config file: /etc/ldap.conf
> > Bind to LDAP server as: cn=manager,dc=yourdomain,dc=org
> > Credentials for bind name above: On first access click Set to and enter
> > your smb/ldap password as set during script installation, after first
> > entry leave set to Don't change
> > Base for users: ou=Users,dc=yourdomain,dc=org
> > Base for groups: ou=Groups,dc=yourdomain,dc=org
> > Other objectClasses to add to new users: top inetOrgPerson
> > Full path to slappasswd program: /usr/sbin/slappasswd
> > LDAP properties for all new users: sn: ${USER}
> > Lowest UID for new users: 1000
> > Default primary group for new users: Domain Users
> > Default secondary groups for new users: Domain Users
> > Default shell for new users: /bin/bash
> > LDAP object class for Samba users: sambaSamAccount
> > Enabled Samba account by default?: Yes
> > Domain SID for Samba3: S-1-5-21-699950680-3956470712-3012135405 (Please
> > use your own sambaSID here :-)
> > LDAP properties for new Samba users:
> > sambaLogonScript: startup.bat
> > sambaProfilePath: \\YOURDOMAIN-PDC\profiles\${USER}
> > sambaHomePath: \\YOURDOMAIN-PDC\homes\${USER}
> > sambaHomeDrive: X:
> > LDAP object class for Samba groups: sambaGroupMapping
> >
> > Well I hope that helps others out to get webmin working.  For now this
> > will at least work with using the command line bulk-add scripts to add
> > the largest population, then webmin for smaller changes.  I will post
> > out if I get a fix from Jamie.  Or if anyone else tries this let me know
> > if you can get the batch import to work.
> >
> > Also I found that to get default OSX settings out you can create a
> > Library folder in /etc/skel and copy the files you want to default into
> > that folder.  Say you create a custom dock you can take Macintosh
> > HD:Users:test user:Library:Preferences:com.apple.dock.plist and move it
> > to /etc/skel/Library/Preferences/com.apple.dock.plist on the linux
> > server and all new users will receive the custom dock.
> >
> > Also since OSX and Linux use the same desktop folder and same /home by
> > default I will try to create scripts make the windows desktop point to
> > /home/user/desktop and to point My Documents to /home/user.  This should
> > make profile roaming seamless between Ops.  I think I can for the most
> > part use the scripts posted in the last couple weeks.
> >
> >
> > Jim Kronebusch
> > Cotter Tech Department
> > 507-453-5188
> > jim at winonacotter.org
--
Open Source Software Engineering Consultant
http://majen.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/k12osn/attachments/20060709/4619ffad/attachment.sig>

More information about the K12OSN mailing list