Configure /etc/samba/smb.conf for LDAP
For LDAP authentication, Client’s /etc/samba/smb.conf could be configured as the following steps:
1. modify the ldap/ldaps address appended in the passdb line, for example(port:636):
passdb backend = ldapsam:ldaps://192.168.123.33:636
Note, 192.168.123.33 is the LDAP server running OpenLDAP with the ssl on. Here the original “passwd backend” is set as “smbpasswd”, if use LDAP, the term “smbpasswd” should be removed.
2. add the following lines to the “smb.conf”:
ldap suffix = “dc=plasmon,dc=sit”
ldap ssl = on
ldap timeout = 100
In the client, issue the “smbpasswd -W”, “-W” means setting stored password for “cn=root,dc=plasmon,dc=sit” in secretdb,This step could not be ignored before other machines want to enjoy this Client’s samba service. and then, the file/directory is able to accessed by samba. For better description, just assume the following test environment.
LDAP server: 192.168.123.33
Samba Server(the “Client” in this article): 192.168.123.68
Other machine access Samba server: 192.168.123.32
Run the LDAP service in .33, and modify the smb.conf in .68, then issue “smbpasswd -W” in .68.
In .32, access the share in .68 by executing:
# mount -t smbfs -o username=phillip //192.168.123.68/test /mnt
The //192.168.123.68/test should be mounted to local “.mnt” successfully. But I found this mount process seems to take a few seconds(about 40s-50s). I think it is caused by the LDAP server was built on a virtual machine.