Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Samba + LDAP on RHEL Server 6.4

Posted on 2014-04-14
6
Medium Priority
?
1,095 Views
Last Modified: 2014-04-29
I am trying to set-up SAMBA with LDAP authentication on Red Hat Enterprise Linux Server release 6.4 (Santiago).
I can see the shares from another machine, but when I enter my LDAP credentials I cannot connect.
I need to set up the shares so that everyone from ldap can browse them.
Here is my smb.conf (I have altered sensitive information):

[global]
	workgroup = SERVERS
	
	interfaces = 1.1.1.2
	bind interfaces only = yes
	hosts allow = 127. 1.1.1.
        max connections = 20
        lock directory = /var/lock/samba
	
	syslog = 3 passdb:5 auth:10 winbind:2
	syslog only = yes

	security = domain
	password server = 1.1.1.1
	#security = user
	#enable privileges = yes

	#passdb backend = ldapsam:"ldap://1.1.1.1"
	#username map = /etc/samba/smbusers

	encrypt passwords = yes

	printing = bsd	
	load printers = no

[tools]
	path = /exports/development/tools
	printable = no
	force group = grp2
	write list = @grp2
	browseable = yes
	writeable = yes
	#create mask = 0774
	create mask = 0664
        #directory mask = 2775
	directory mask = 0775	

[workspace]
	path = /exports/development/workspace
        printable = no
        force group = grp
        write list = @grp
        browseable = yes
	writeable = yes
        create mask = 0774
        directory mask = 2775
[installations]
	path = /exports/installations
        browseable=yes
        writable=yes
        create mode = 0664
        directory mode = 0775

I am also using NFS eo export these folders under /exports.
Here is my ldap.conf:

TLS_CACERTDIR /etc/openldap/cacerts
URI ldap://server10.domain.com/
BASE dc=domain,dc=com

How can I set up the SAMBA shares to be able for LDAP users to connect to and browse?
0
Comment
Question by:proteus-IV
3 Comments
 

Author Comment

by:proteus-IV
ID: 40001349
I have turned on logging in the meantime and am seeing a lot of this error in the logs for all the clients trying to access the shares:

[2014/04/14 13:50:51.924967,  1] smbd/process.c:457(receive_smb_talloc)
  receive_smb_raw_talloc failed for client 192.168.1.2 read error = NT_STATUS_CONNECTION_RESET.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 1500 total points
ID: 40028569
Are you using smbldap-tools for the schema? I don't know how you'd get this to work otherwise.  And there are some changes needed on the Microsoft clients (XP or later) to have this work. I'm not at work now, so I can't reference my notes on setting this up.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40028828
Is LDAP OpenLDAP or something else?
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question