Hello everyone,

I was searching the net to do a Samba PDC using LDAP and I found one great howto along with a awesome script.

So you install a minimal centos 4.0 system, then do the following.



then download smbldap-tools.tgz file from here to /home
http://www.majen.net/smbldap/

for the current version (as of 2005.04.13)

answer a few questions (basic) , it adds everything to ldap and configures samba , starts up everything, once it finished, you have a fully working CentOS 4.0 samba pdc with ldap.

to add a user manualy go to (for this example user1)


then download from ms http://support.microsoft.com/default.aspx?kbid=173673 , and use usrmgr.exe and srvmgr.exe to manage this domain controller (add delete users etc...)

note : you might wish to take a look at you /etc/samba/smb.conf file
I did the following :
uncomented delete user script
uncomented delete group script

and disabled roaming profiles (cause I have wireless here and even 70MB takes a lot of time to transfer at a max of 500~ kbyte/s
UPDATE
to disable roaming profiles under smbldap-installer/templates
edit smbldap.conf
and change the following
userSmbHome=
userProfile=

Once I find out how to install IDEALIX IMC , I will post that to, its a web based management tool , for managing samba domain controllers, from the screenshots I think it rocks.

Sincerely
Robert B

ps.: reading the entire documentation won't hurt. http://www.majen.net/smbldap/Samba-LDAP_sm...taller-1_2.html

Backup Domain Controller (BDC) for the Primary Domain Controller (PDC)


Once again you install a minimal CentOS 4.x system, full update it with.



http://www.majen.net/smbldap/ go to this webpage to download THE EXACT SAME version of smbldap-tools you used to install the PDC, THE EXACT SAME NUMBERS!!!. And user the SAME domain names and passwords.




You already know which tools to use as described just above in the PDC setup guide. Will skip a few steps so that I can stop repeating myself and go into the real thing.

The first thing you must do is change on this BDC the following in
/etc/samba/smb.conf


Don't forget to change the Share Definitions in your smb.conf file on the BDC as well to suit your needs.

Now you do the following on the BDC server , make sure samba is started up (/etc/init.d/smb start)


you will be asked for the same password you use to join your windows clients to the samba domain.

the using Midnight Commander's or just mc ssh link or some other means whatever you like (easy is mc , then you select left and chose ssh and type in ip of server pdc, it looks like norton commander), copy from the pdc server /var/lib/ldap directory to bdc server /var/lib/ldap.

Berore the copy takes place make sure you stop the ldap server (/etc/init.d/ldap stop) on the bdc.

After the copy finished make sure that all files under /var/lib/ldap are owned by user ldap group ldap


now you'll configure the slave ldap server on the bdc server like this
/etc/openldap/ldap.conf


you can use whatever ip you like, I'm only writing down the modifications you have to make, leave the rest alone.

/etc/openldap/slapd.conf



instead of yourdomainname you type your real domain name you used for the pdc, and instead of that ip you type the ip of the pdc.

now you can start this ldap server on the bdc server

/etc/init.d/ldap start

On the PDC server you do the following modifications to your ldap config

/etc/openldap/ldap.conf



/etc/openldap/slapd.conf



now restart ldap here as well



now you can try adding a user to you pdc server, via usrmgr.exe from windows or directly with smbldap-tools, then look into /var/lib/ldap/replica directory and you can see what happened in those log files, if you go to bdc server, and type the following.



it must returnt the exact same id as the pdc server does.

Amongs other things you should also copy over the /var/lib/samba directory from the samba pdc to the samba bdc , so if the pdc is dead for some reason clients loging into the network will run their startup script.

You can have as many bdc servers as you want , in fact you can even have them in different subnets, just make sure that you specify the following in the PDC config (ONLY WITH DIFFERENT SUBNETS)

/etc/samba/smb.conf



for the first parameter the foreign subnets are first, and your local subnet is last, for second parameter
your local subnet is first foreign subnet is last.

Sincerely
Robert B