sto3_openldap
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
sto3_openldap [2018/04/13 07:56] 143.169.49.101 |
sto3_openldap [2018/04/13 08:18] (current) 143.169.49.101 |
||
|---|---|---|---|
| Line 33: | Line 33: | ||
| structuralObjectClass: organizationalUnit | structuralObjectClass: organizationalUnit | ||
| </code> | </code> | ||
| - | The password for the LDAP administrator is <decrypt>U2FsdGVkX188oAhSBhTcq1PjbyaLXYgfu6B9e681TIU=</decrypt> The backend used for openLDAP is mdb. The database is in the directory /var/lib/ldap/. \\ The configuration of the ldap server can be found here -> /etc/ldap . Extra schema's have been added, for autofs and samba. I followed this excellent howtoo -> https://help.ubuntu.com/lts/serverguide/samba-ldap.html Don't forget to install the **smbldap-tools** ! These will be used to add users, groups, modify passwords, shells, etc. They act on the samba accounts as well as the unix accounts at the same time. | + | The password for the LDAP administrator is <decrypt>U2FsdGVkX188oAhSBhTcq1PjbyaLXYgfu6B9e681TIU=</decrypt> The backend used for openLDAP is **mdb**. The database is in the directory **/var/lib/ldap/**. \\ The configuration of the ldap server can be found here -> **/etc/ldap** . Extra schema's have been added, for **autofs** and **samba**. I followed this excellent howtoo -> https://help.ubuntu.com/lts/serverguide/samba-ldap.html\\ Don't forget to install the **smbldap-tools** ! These will be used to add users, groups, modify passwords, shells, etc. They act on the **samba accounts** as well as the **unix accounts** at the same time. |
| + | ===== autofs ===== | ||
| + | We will use autofs to automount the users homedir, when a user logs in. The next entries are needed to get autofs to work with openldap: | ||
| + | <code> | ||
| + | root@sto3:~# cat automounttree.ldif | ||
| + | dn: ou=adminm,dc=visielab,dc=be | ||
| + | ou: adminm | ||
| + | objectClass: top | ||
| + | objectClass: organizationalUnit | ||
| + | |||
| + | dn: ou=automount,ou=adminm,dc=visielab,dc=be | ||
| + | ou: automount | ||
| + | objectClass: top | ||
| + | objectClass: organizationalUnit | ||
| + | |||
| + | dn: ou=auto.master,ou=automount,ou=adminm,dc=visielab,dc=be | ||
| + | ou: auto.master | ||
| + | objectClass: top | ||
| + | objectClass: automountMap | ||
| + | |||
| + | |||
| + | dn: cn=/data/home,ou=auto.master,ou=automount,ou=adminm,dc=visielab,dc=be | ||
| + | cn: /data/home | ||
| + | objectClass: top | ||
| + | objectClass: automount | ||
| + | automountInformation: ldap:ou=auto.home,ou=automount,ou=adminm,dc=visielab,dc=be --timeout=60 --ghost | ||
| + | |||
| + | |||
| + | dn: ou=auto.home,ou=automount,ou=adminm,dc=visielab,dc=be | ||
| + | ou: auto.home | ||
| + | objectClass: top | ||
| + | objectClass: automountMap | ||
| + | </code> | ||
| + | |||
| + | For a user to be able to automount his homedir, the next entry is also needed , in this case for a user named **testuser2** | ||
| + | <code> | ||
| + | dn: cn=testuser2,ou=auto.home,ou=automount,ou=adminm,dc=visielab,dc=be | ||
| + | cn: testuser2 | ||
| + | objectClass: top | ||
| + | objectClass: automount | ||
| + | automountInformation: -intr sto3-visiesrv-fast:/data/home/testuser2 | ||
| + | </code> | ||
| + | sto3-visiesrv-fast is the ip address of the storage server but via the fast 10GB interface, in this case 10.0.0.10. Best to define this in the host file of the server where you want to work on. | ||
| + | |||
sto3_openldap.1523606217.txt.gz · Last modified: 2018/04/13 07:56 by 143.169.49.101
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
