How to configure LDAP so that Windows shares will work with Openfiler.
Configure LDAP for Samba
The assumption is that LDAP is already up and running with user accounts with the posixAccount object classes.
Add samba.schema to LDAP
Copy samba.schema from /usr/share/doc/samba-3.0.10/LDAP to /etc/openldap
Add the samba.schema to slapd.conf
include        /etc/openldap/schema/samba.schema
Install smbldap-tools
Copy all the *.pl and *.pm scripts from /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools to /usr/local/sbin
Configure smbldap_config.pm for your LDAP server.
Run make in the mkntpwd directory and copy mkntpwd to /usr/local/sbin
Add sambaSamAccount to all existing users
For each user in LDAP run:
/usr/local/sbin/smbldap-usermod.pl -a <username>
This will add the sambaSamAccount class to the user.
Change each users password
Each user will need to have their password reset so that the Samba password values match the ldap password values.
For each user in LDAP run:
/usr/local/sbin/smbldap-passwd.pl <username>
(make sure ldappasswd is in your path)
Configure OpenFiler
On the Accounts -> Authentication screen:
Check Use Ldap and fill in the following fields:
- Server
- Base DN
- Authenticated Base DN
- Authenticated bind password
- Root Bind DN
- Root bind password
Check Login SMB server to root DN
LDAP users and groups will now show up under the Users and Group tabs