I made a LDIF directory to keep al my ldif files… not that I really intend on making a lot of them. I added rootbinddn cn=nssldap,ou=DSA,dc=enigmatic,dc=corner to my /etc/ldap.conf . I’ll admit I just added it because that was how they had it in the HOWTO… sue me. What I’m about to add are security accounts for Samba and Linux. So I then went and made a smbldap-dsa.ldif with those said mentioned accounts.

eve:~ # ldapadd -x -h localhost -D “cn=Manager,dc=enigmatic,dc=corner” -f LDIF/smbldap-dsa.ldif -W
Enter LDAP Password:
adding new entry “ou=DSA,dc=enigmatic,dc=corner”

adding new entry “cn=samba,ou=DSA,dc=enigmatic,dc=corner”

adding new entry “cn=nssldap,ou=DSA,dc=enigmatic,dc=corner”

adding new entry “cn=smbldap-tools,ou=DSA,dc=enigmatic,dc=corner”

I then set the default password for those accounts:

the Samba security account, using ‘sambasecretpwd’ password:
ldappasswd -x -h localhost -D “cn=Manager,dc=enigmatic,dc=corner” -s sambasecretpwd -W cn=samba,ou=DSA,dc=dc=enigmatic,dc=corner

● the Linux (nss_ldap) security account, using ‘nssldapsecretpwd’ password:
ldappasswd -x -h localhost -D “cn=Manager,dc=suse,dc=cac” -s nssldapsecret -W cn=nssldap,ou=DSA,dc=enigmatic,dc=corner

Not sure what is going on here BUT that last comand is not working.
Result: Internal (implementation specific) error (80)
Additional info: unable to retrieve SASL username
eve:~ #

I’ll just leave it for now since I don’t even know what a SASL username is. Let say that I check my ldap and the nssldap is in there. :-/
All of those commands on one line. I had to go back and check something because something just never looked right. Upon sone more reading I decided to create /etc/ldap.secret with a chmod 600. In that file I had the the password for Linux (nss_ldap) security account.
Almost forgot I also added this.
● The smbldap-tools security account, using ‘smbldapsecretpwd’ password:
ldappasswd -x -h localhost -D “cn=Manager,dc=enigmatic,dc=corner” -s smbldapsecret -W cn=smbldap-tools,ou=DSA,dc=enigmatic,dc=corner

As we proceed. For some reason I had to copy over smbldap_tools.pm to /usr/local/sbin otherwise I would get some funky error. After that I then defined the ‘Administrator’ user’s password :
eve:~ # smbldap-passwd Administrator
Changing password for Administrator
New password : ****** (secret)
Retype new password :

Any user placed in the “Domain Admins” group will be granted Windows admin rights for the domain, but only the Administrator account is allowed to join computers to the domain.

Well according to the HOWTO I’m ready to test my system.. YIPPPEEEEE!!!! (I hope)
Umm….. it worked BUT not completely the adding the user and user password worked fine with no problems (which I must say is FIRST). But when I try to login into the machine via ssh no luch. So I think the passdb backend has come back to haunt me.

Hey it’s about that time for me to hit the sack so later peeps.


One Response to “110160835342151604”

  1. Alexwebmaster Says:

    Hello webmaster
    I would like to share with you a link to your site
    write me here preonrelt@mail.ru

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: