system engineer: openldap and samba server
TRANSCRIPT
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Table of Content
1. Create Openldap server GUI .......................................................................................................................... 2
a. Changed Hostname and Assigned IP Address ........................................................................................... 2
b. Install the services packet of LDAP there are: ............................................................................................... 4
c. Go to yast for create and configure the ldap server ..................................................................................... 6
d. LDAP Client ................................................................................................................................................... 10
e. Create a sh file for configure the multi restart the services. ....................................................................... 13
2. Create Users With GUI ................................................................................................................................. 15
3. Take another client (suse) join domain with LDAP server+login (GUI) ........................................................ 18
4. Configuration Samba ................................................................................................................................... 25
a. Combine Samba with OpenLDAP ............................................................................................................ 25
b. Allowed Windows Client Join Domain ..................................................................................................... 31
Configuration file ......................................................................................................................................... 37
1. Configure openldap(slapd.conf) .................................................................................................................. 37
2. Create and Insert with *.ldif (file): .................................................................................................................... 38
4. Take another Client (SUSE) Join domain with LDAP server + Login ............................................................. 46
5. Configure SAMBA vai Configuration file ...................................................................................................... 50
A. Combid Samba with OpenLDAP by confuration file ................................................................................ 50
B. Allow Windows Client join domain + Login ............................................................................................. 57
1. Create Folders in /srv with: .......................................................................................................................... 64
A. SNA2014 .................................................................................................................................................. 66
a. SNA-A ....................................................................................................................................................... 66
b. SNA-B ....................................................................................................................................................... 66
2. Create user in OpenLDAP (file) .................................................................................................................... 66
A. Created User: ................................................................................................................................................ 67
4. Take windows Client test ................................................................................................................................. 76
-Let user in class SNA-A test ............................................................................................................................ 76
-Let user SNA2014(sopheak.ros) logon ........................................................................................................... 80
5. Install and Configure ........................................................................................................................................ 81
- Install Openfire package on Openldap server for allow user charting......................................................... 92
- Configure Openfire by remote from client ................................................................................................... 93
Let users admin login to openfire ........................................................................................................... 97
- Using Spark software for charting with each other ...................................................................................... 98
Add contact friends ............................................................................................................................... 100
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
1. Create Openldap server GUI
a. Changed Hostname and Assigned IP Address
-Go to yast lan to assigned IP and hostname
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
b. Install the services packet of LDAP there are: - Openldap2
- Openldap2-client
- Pam_ldap
- Nss_ldap
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
c. Go to yast for create and configure the ldap server
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
+To configure LDAP server by GUI
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
d. LDAP Client
+Configure the LDAP client
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
e. Create a sh file for configure the multi restart the services.
-rcsmb restart
-rcldap restart
-rcnmb restart
-rcnscd restart
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
2. Create Users With GUI
+ Go to yast => Security and Users => next tap to user and
group management
+ types Alt+S =>LDAP Server => Add…..
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
3. Take another client (suse) join domain with LDAP server+login
(GUI)
A. Assigned IP for client
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
b. Let user logon after join domain
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
4. Configuration Samba
a. Combine Samba with OpenLDAP
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
b. Allowed Windows Client Join Domain
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
+ add users to samba for allowed user logon on windows by samba
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Configuration file
1. Configure openldap(slapd.conf)
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
2. Create and Insert with *.ldif (file):
A. Domain
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
3. Configure LDAP Client File or LDAP client (GUI)
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
4. Take another Client (SUSE) Join domain with LDAP
server + Login
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
5. Configure SAMBA vai Configuration file
A. Combid Samba with OpenLDAP by confuration file
First vi /etc/samba/smb.conf
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
B. Allow Windows Client join domain + Login
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
1. Create Folders in /srv with:
A. SNA2015
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
A. SNA2014
a. SNA-A
b. SNA-B
2. Create user in OpenLDAP (file)
I can add users Samba in local but before I create users I just create the group
and then Users.
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
A. CREATED USER:
-Users Class SNA –A
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
-Users Class SNA-B
And then save the job by types Esc+:x!
B. sopheak.ros
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
And then save the job by types Esc+:x!
Add users to LDAP by command line
Add users sopheak.ros to LDAP server.
Add user to Samba
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Created and add users to each group
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
3. Make sure:
A. you and your friends: Access only SNA2015, but you can only access your owner
folder(Folder Permission)
SNA-A( -Folder Saray.RONG,Folder Phirak.PHUN)
3
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
SNA-B (Tola,Savy)
B. User: sopheak.ros : Access only SNA2014
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
4. TAKE WINDOWS CLIENT TEST
-LET USER IN CLASS SNA-A TEST
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
-LET USER SNA2014(SOPHEAK.ROS) LOGON
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
5. INSTALL AND CONFIGURE
- LDAP Admin software to create user, group, reset password, computer account on Openldap server
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Connection name = any name Host = we put the IP server host of Suse Base = the base of DN of server username = Admin ldap configure password = password DN
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Reset password for user in LDAP Admin
Create a user in LDAP admin
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
- INSTALL OPENFIRE PACKAGE ON OPENLDAP SERVER FOR ALLOW USER
CHARTING
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
- CONFIGURE OPENFIRE BY REMOTE FROM CLIENT
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Choose the user and group system to use with the server choose Directory Server
(LDAP)
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Choose one or more user from LDAP to be administrator
Let users admin login to openfire
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
This is the all user and computer account on LDAP Server
- USING SPARK SOFTWARE FOR CHARTING WITH EACH OTHER
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
The first we need to have a software Spark So this I will let user savy.vuth to logon this PC1
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
Prepared by: LENG Tola [email protected] www.itolaleng.wordpress.com
