[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ldap

To: members@xxxxxxxxxxxxxxxxxx
Subject: Re: ldap
From: Adam Williams <awilliam@xxxxxxxxxxxxx>
Date: Thu, 28 Sep 2000 01:22:27 GMT
In-Reply-To: <39D29214.BD460B13@net-link.net>
References: <39D000AF.7B164F3C@net-link.net> <20000926.2162100@estate1.whitemice.org> <39D29214.BD460B13@net-link.net>

>>>putting a valuable secret in the smb.conf file which is world 
readable.
>>Not
>>>good.  The windows machine just keeps telling me my password is
>>incorrect.
>>>(yeah right) and if I change my smbpassword with the smbpasswd command
>>it
>>>tells me
>>>Unknown parameter encountered: "password program"
>>>Ignoring unknown parameter "password program"
>>One important note is that to use LDAP you ***MUST*** use the HEAD 
branch
>>checked out via CVS.  The 2.0.x branch LDAP support is broken.  Also
>>"HEAD" is a moving target, expecially now, as the TNG reference
>>implementation is dead and features are bieng back ported at a blinding
>>rate.  The recommended approach is the get the HEAD branch from October
>>15, 1999.  Get that working.  Then checkout the "new" code and test.
>>This all assumes LDAP v2 (OpenLDAP 1.2.x),  LDAP v3 (OpenLDAP 2.x, just
>>released in Beta) requires more elbow grease as the perl script mongers
>>(I love those guys) haven't hammered out some of the schema diffrences.
>[root@netsrv /root]# rpm -qa | grep ldap
>openldap-1.2.9-6
>nss_ldap-105-1
>[root@netsrv /root]# rpm -qa | grep samba
>samba-2.0.6-9
>samba-client-2.0.6-9
>samba-common-2.0.6-9
>Does this mean I will have to recompile both ldap and samba or just get 
the
>HEAD branch of samba and use my current ldap.  I assume I should rpm -e 
my
>samba packages before trying to compile samba.

You do not need to recompile openLDAP (and trust me, you don't want to).  
Your
version is sufficient, but you will need to install openldap-devel.  You 
will
need to build Samba HEAD.  Fortunately building samba is easy.  

My recommended solution is:

1. Get LDAP installed and working (a lot easier with RH7).
2. Install Samba 2.0.x ang get that working but use the
"interfaces = 192.168.3.6/24" parameter to tell that Samba 
to ONLY listen to the primary ethernet interface.
3. Get Samba HEAD 10-15-1999.  If you have trouble with the
cvs server dropping you I can send you a tar ball.
4. Compile with "./configure --prefix={somewhere} --with-ldap"
5. Create a virtual interface "ifconfig eth0:1 192.168.3.7"
6. Install Samba head and use the "interfaces=192.168.3.7/24"
to make Samba head listen on the virtual interface.
7. Go about setting up Samba LDAP,  play with HEAD till you
get it working (Meanwhile 2.0.x still continues running
undistrubed).
8. Make the HEAD the domain master and the password server to
the 2.0.x server.  This way you get the advantage of LDAP
PDC and the stability of file/print services (from the 2.0.x
server).

This is much easier than it sounds.  HEAD 10-15-1999 is quite
stable, but I like to play it safe and keep 2.0.x around.

Samba 2.2.x I'm told has a tenative release date of Q1-2001
and will incorporate the LDAP code.

Follow-Ups:
- Re: ldap
  - From: Dirk H Bartley

References:
- Re: ldap
  - From: Dirk H Bartley

Prev by Date: Re: KLUG Meeting Notes - 09/26/2000
Next by Date: Re: abiword problem
Prev by thread: Re: ldap
Next by thread: Re: ldap
Index(es):
- Date
- Thread