6.4 Samba

Samban avulla jaetaan linux:in resursseja Windows-verkossa. Tässä kappaleessa konfiguroidaan samba toimimaan LDAP:in kanssa.

  1. Asenna samba komennolla apt-get install samba

  2. Muokkaa tiedosto /etc/samba/smb.conf seuraavaan muotoon:

    [global]
    workgroup = TEST.LOCAL
    netbios name = TESTSERVER
    passdb backend = ldapsam:ldap://localhost
    username map = /etc/samba/smbusers
    add user script = /usr/sbin/smbldap-useradd -m '%u'
    delete user script = /usr/sbin/smbldap-userdel '%u'
    add group script = /usr/sbin/smbldap-groupadd -p '%g'
    delete group script = /usr/sbin/smbldap-groupdel '%g'
    add user to group script = \
    /usr/sbin/smbldap-groupmod -m '%g' '%u'
    delete user from group script = \
    /usr/sbin/smbldap-groupmod -x '%g' '%u'
    set primary group script = \
    /usr/sbin/smbldap-usermod -g '%g' '%u'
    add machine script = /usr/sbin/smbldap-useradd -w '%u'
    logon path = \\%L\profiles\%U
    logon drive = H:
    logon home = \\%L\%U
    domain logons = Yes
    os level = 35
    preferred master = Yes
    domain master = Yes
    ldap suffix = dc=test,dc=local
    ldap machine suffix = ou=Computers
    ldap user suffix = ou=Users
    ldap group suffix = ou=Groups
    ldap admin dn = cn=manager,dc=test,dc=local
    ldap ssl = no
    ldap passwd sync = Yes
    log file = /var/log/samba/%m.log
    loglevel = 0
    encrypt passwords = true
    socket options = IPTOS_LOWDELAY TCP_NODELAY \ 
    SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE
    
    # vain 192.168.1.0 -verkolle sallittu
    allow hosts = 192.168.1.
    
    # ei roottille lupaa
    invalid users = root
    
    # vain LAN-verkkokortille
    interfaces = eth0 192.168.1.0/24
    
    ######## Share Definitions ########
    
    # necessary share for domain controller
    
    [netlogon]
    comment = Network Logon Service
    path = /home/ldap/samba/netlogon
    guest ok = yes
    
    # share for storing user profiles
    
    [profiles]
    path = /home/ldap/samba/profiles
    writable = yes
    browseable = no
    create mode = 0664
    create mode = 0755
    guest ok = yes
    
    # user homes
    
    [homes]
    comment = Home Directories
    browseable = yes
    writable = yes
    valid users = %S
    create mode = 0664
    directory mode = 0775
    browseable = No
    

  3. mkdir -p /home/ldap/samba/profiles

  4. mkdir -p /home/ldap/samba/netlogon

  5. chmod 1757 /home/ldap/samba/profiles

  6. Käynnistä samba uudelleen komennolla /etc/init.d/samba restart

  7. Tallenna LDAP Managerin salasana sambaan komennolla

    smbpasswd -w 8765

(Mukaillen Lemaire, 2005) [4]



Lauri Laukkarinen 2006-03-23