u Babel Com Australia FDS + Samba ● What is LDAP? ● Fedora Directory Server ● Samba ● LDAP Tools.

Slides:

Advertisements

Similar presentations

Homework 5b: Samba. Computer Center, CS, NCTU 2 Network-based File Sharing (1)  NFS (UNIX-based) mountd is responsible for mount request nfsd and nfsiod.

Advertisements

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

Samba Integrating SMB file systems with UNIX. Samba Provides a file server compatible with Windows 9x and NT.. SMB Can function in NETBIOS name browsing.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

Network Shares and Accounts Sharing Printers, Drives, Folders – Setup Windows 95/98 Windows NT (2000, XP) Linux – Users – Groups.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

Network+ Guide to Networks, Fourth Edition Chapter 8 Network Operating Systems and Windows Server 2003-Based Networking.

By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.

Presentation #36576 Presentation #36576 Oracle9i LDAP: Advanced Configuration of Directory Naming Daniel T. Liu Senior Technical consultant First American.

CIT 470: Advanced Network and System Administration

© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.

CMSC 691X – Summer 2002 Project By Pravin D’Souza.

Installing Samba Vicki Insixiengmay Jonathan Krieger.

1 COP 4343 Unix System Administration Unit 16: file server – samba.

UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.

© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.

1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Windows Interoperability Chris “CJ” Janneck CSE 398 – Sys Admin 4/19/2004.

Lecture – Single Login NIS and Winbind. NIS Network Information Service (NIS) is the traditional directory service on UNIX platforms Still widely used.

SCO Insight Connector Training. The SCO Insight Connector  Product Overview  Technical Specifications  Installation  Using the Components  Target.

LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.

Chapter 6: Windows Servers

SAMBA Integrating Linux and Window. What is Samba? Free suite of programs that enables flavors of UNIX to work with other operating systems such as OS/2.

Tero Koskinen & Juuso Rintala.  First we decided which OS we´re operating with › CentOS was the most familiar to us  Then which services we´d like to.

Windows Interoperability. What can Samba do? Allow for peaceful coexistence between Windows and Linux/UNIX systems regarding: File sharing Printer sharing.

Samba Erik Turner CSIS 4490 Linux Admin & Security Dr. Hoganson.

New SA Training Topic 8: File System Access  Our organization uses a variety of services for accessing files on remote systems  WWW  FTP  CIFS/SMB.

Windows 2000 Operating System -- Active Directory Service COSC 516 Yuan YAO 08/29/2000.

Samba Advanced System Administration Course James Lwali University computing Centre Ltd, University of Dar es salaam,

Samba version What is the Samba? Samba is a suite of programs which work together to allow clients to access to a server's filespace and printers.

Samba Server Configuration

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

Sys Admin Course NFS and SAMBA Fourie Joubert. Sys Admin Course NFS NFS is the Network File System It allows Linux systems to share a file system, or.

LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.

 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.

Windows-Linux Interconnection Campus-Booster ID : **XXXXX Copyright © SUPINFO. All rights reserved Samba.

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

Module 7: Implementing Security Using Group Policy.

LDAP (Lightweight Directory Access Protocol)

1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.

Lightweight Directory Access Protocol Objectives –This chapter will first show you how to install and use LDAP Contents –The LDAP Database Structure –Scenario.

LDAP Overview Kevin Moseley Server Team Manager Walgreen Co.

Samba4. What is Samba4? ● A replacement for Active Directory ● The centre of a windows domain: – Windows domain logon server – Windows-compatible LDAP.

Samba Server Samba is used for *share a linux FS with windows-95,98 &NT. *Share printers connected to either linux or Windows systems. *Samba is based.

Unit –III CHAP-I 1 Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Migrating to LDAP What is LDAP? Fedora Directory Server LdapImport

Using Samba Doug Maxwell November 13, 2004 – GHGLUG

Guide to Operating Systems, 5th Edition

Windows interoperability with Unix/Linux

File System Implementation

Introduction to LDAP Frank A. Kuse.

Network Administration Module 09

ACTIVE DIRECTORY ADMINISTRATION

LINUX ADMINISTRATION 1

Overview of Active Directory Domain Services

Implementation and configuration of LDAP

Active Directory Stored collection of information about objects

DHCP, DNS, Client Connection, Assignment 1 1.3

David Boyce David Darby

Windows Server Administration Fundamentals

Introduction to Active Directory Directory Services

Presentation transcript:

u Babel Com Australia FDS + Samba ● What is LDAP? ● Fedora Directory Server ● Samba ● LDAP Tools

u Babel Com Australia What is LDAP? ● Lightweight Directory Access Protocol ● Common on-wire protocol – ASN.1 ● Common export format – LDIF ● Common replication format – LDUP ● Tree structure form of objects via “DNs”

u Babel Com Australia Replication ● One or more LDAP servers can participate. ● Single-master or multi-master implementations (OpenLDAP vs FDS). ● Common on-wire replication protocol – LDUP. ● Replication between different directory types can be problematic.

u Babel Com Australia FDS ● ● 4 Way multi-master replication ● Scalable ● Extensive Documentation ● In-directory management (schema etc) – no restart needed to change schema or ACIs

u Babel Com Australia LDAP Applications ● Authentication – PAM, Samba. ● Name Space Services – NSS, Samba.

u Babel Com Australia SAMBA ● Samba is a Free Software suite that provides seamless file and print services to Windows and other CIFS/SMB clients ● SMB = Server Message Block ● CIFS = Common Internet File System ● For lots more info see

u Babel Com Australia LDAP and Samba ● Common Schema Extension – 61samba.ldif ● Integration Issues ● Linux and Windows Accounts ● Password Storage ● MD2 vs crypt/MD5/SSHA ● Windows passwords and Linux passwords stored separately ● Password sync enabled via Samba

u Babel Com Australia Human and Machine ● Human accounts under ou=People,... ● Machine accounts under ou=Computers,... ● Machine accounts have “trust” in the Samba domain – enables challenge/handshake authentication. ● Everything has a SID relative to the domain SID.

u Babel Com Australia Components ● LDAP – Fedora Directory Server ● Sun Java (Try IcedTea on Fedora 8) ● Samba or later ● smbldap-tools ● Scripts, etc

u Babel Com Australia Installing FDS ● Installation Instructions: server/install/7.1/ server/install/7.1/ ● Performance Tuning Notes: ● Installation Scripts: erverhttp://wiki.babel.com.au/edit.php?area=Linux_Projects&page=FedoraDirectoryS erver ● Post-installation setup: /opt/fedora-ds/setup/setup ● Verification: ldapsearch -x -s base -b “” “objectclass=*”

u Babel Com Australia Connect to LDAP ● FC4 and earlier: authconfig ● FC5+: authconfig-tui

u Babel Com Australia Install Samba ● Use the RPM ● Add the password for the Directory Manager user to the samba tdb database. – smbpasswd -w (your_directory_manager_password)

u Babel Com Australia smbldap-tools ● smbdlap-tools appeared in fedora-extras around Fedora Core 6 and then moved to Fedora around Fedora 7. ● Earlier versions of Fedora – find the one from dries.

u Babel Com Australia FDS Schema ● ● 61samba.ldif ● Find on net or roll your own – don't use the OpenLDAP one. ● Restart FDS

u Babel Com Australia Samba Configuration ● /etc/samba/smb.conf: ● [global] – workgroup = TESTDOMAIN – security = user – passdb backend = ldapsam:ldap://localhostldap://localhost – domain logons = yes – domain master = yes – wins support = yes

u Babel Com Australia smb.conf (2) ● add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ● delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" ● add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" ● delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" ● add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" ● delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" ● set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" ● add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"

u Babel Com Australia smb.conf (3) ● ldap admin dn = cn=Directory Manager ● ldap suffix = dc=babel,home ● ldap user suffix = ou=People ● ldap machine suffix = ou=Computers ● ldap group suffix = ou=Groups ● ldap idmap suffix = ou=Idmap ● ldap passwd sync = Yes ● ldap ssl = no ● ldap timeout = 20

u Babel Com Australia Configure smbldap-tools ● Service smb start ●.../configure.pl ● For some reason this creates a bogus LDAP entry. Remove it. – ldapsearch -x 'sambaDomainName=*' – ldapdelete...

u Babel Com Australia Populate LDAP ● Only do this on one server, even if you have a replicated environment: – /usr/sbin/smbldap-populate -e /root/LDAP/smb-populate.ldif – vi /root/LDAP/smb-populate.ldif ● Change the last entry to include: – objectClass: top – sambaAlgorithmicRidBase: 1000 – sambaNextUserRid: 1000 ● Then insert the entries using: – ldapadd -x -c -D 'cn=Directory Manager' -W -f /root/LDAP/smb-populate.ldif

u Babel Com Australia Test Samba ● testparm ● /sbin/service smb stop ● /bin/rm -f /var/log/samba/* ● /sbin/service smb start ● Samba should start without any errors in the log file, especially smbd.log

u Babel Com Australia LAM ● LDAP Account Manager ● Web Based ● Useful for managing Samba and LDAP account information ● High-Level ● Schema views