Archive for the ‘debian’ Category

Installing smbldap-tools

March 29, 2007

If you haven’t installed LDAP yet, do so now. This will be a rather short article, where we just get smbldap-tools working. This is a collection of programs to handle Samba users (and groups) stored in an LDAP database. We will use them later when configuring Samba.

First, copy the configuration examples for smbldap-tools to your /etc directory:

zcat /usr/share/doc/smbldap-tools/examples/smbldap.conf.gz > ~/smbldap.conf
sudo cp ~/smbldap.conf /etc/smbldap-tools/
sudo cp /usr/share/doc/smbldap-tools/examples/smbldap_bind.conf /etc/smbldap-tools/
sudo chmod 0644 /etc/smbldap-tools/smbldap.conf
sudo chmod 0600 /etc/smbldap-tools/smbldap_bind.conf

Now, you should edit your new smbldap.conf to match your environment, but first we need to find the SID of the Samba server; Do this with:

sudo /etc/init.d/samba start
sudo net getlocalsid

Save it to your clipboard for now (or write it down, if you like). Then edit smbldap.conf, changing all the relevant lines. These were my changes:

SID="S-1-5-21-9999999999-587502800-999999999"
sambaDomain="GODTJOD-NT"
ldapTLS="0"
suffix="dc=godtjod,dc=net"
sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
defaultMaxPasswordAge="365"
mailDomain="godtjod.net"
no_banner="1"

(Note: You can do a search for those attributes you want to change by pressing Ctrl+w (for where).)

Edit the /etc/smbldap-tools/smbldap_bind.conf, which defines how to bind (authenticate) to the LDAP server, and add lines like:

slaveDN="cn=admin,dc=godtjod,dc=net"
slavePw="pa$$w0rd"
masterDN="cn=admin,dc=godtjod,dc=net"
masterPw="pa$$w0rd"

The default superuser call name (cn) for a Debian install of OpenLDAP is “admin”, not “manager” (which you might’ve expected from other LDAPs).
Now, pray that everything is ok and start populating the LDAP database with entries for Samba:

sudo smbldap-polulate

You will be asked for a root password, so provide a good one here. Then check everything went in:

ldapsearch -x

That’s it for now. Soon we will be starting Samba itself, so stay tuned.

(If you follow the original guide, he talks about the Administrator (uid=Administrator) account, but in my installation it was called root, and we already changed password for that so there’s no need to change it again, huh?)

Posted in debian, ldap, samba, suttung | Leave a Comment »

Slug installation, part 2

March 26, 2007

From the first part we inherited a slug (= a Linksys NSLU2) with a debian installer started. Now, the slug doesn’t have a console, so we need to access the installer through SSH:

ssh installer@192.168.1.6

Accept the new RSA key fingerprint (you may have to delete the previous key first, the RSA key is regenerated when you reflash), and type in the password “install”. You should be greeted by this screen:Debian installer start

Choose “Start menu” to be taken to the installer. Then you have to chose a mirror to download the Debian archives from. I think the list shows all servers, although we’re really only interested in those that has packages for ARM. Use the Debian mirror list to make sure the mirror you select carries packages for the ARM architecture before you continue. (I’ve had problem with ftp.sunet.se before, although when I check now I see that it actually has ARM packages. Well, maybe it was something else that didn’t work then.) The primary mirror for your country is usually a sensible choice.

Next up is choosing which modules to load for the installer. The guide I followed recommended these modules:

  • ext3-modules…
  • partman-auto
  • partman-ext3
  • scsi-core-modules…
  • usb-storage-modules…

We won’t use automatic partitioning, so I don’t know if partman-auto and partman-ext3 is really necessary, but it doesn’t hurt anyway.

Then we go for partitioning the disk. I used manual partioning and created a root partition (ext3), and a swap partition on the USB memory stick. Since we will be running LDAP on this box, I figured I need some swap for caching and doubled the minimum requirement of 128MB (to 260MB). Write your partitions to disk and format them (you didn’t choose to format them at the partition screen? then go back and do it right).
Next you are told to choose a language, but I don’t know what this choice really means. It certainly doesn’t change the language (I chose Sweden, but didn’t get Swedish). Maybe it is the time settings; At least it says “configuring the clock” next. Anyway, just chose your country and continue.

Then it is time to create users. First you create a root user (you only have to give a password for him) and then you also set up a regular (non-privileged) account.

After you’ve set up users the base system will be downloaded and installed to the USB stick. Answer any questions about these packages that may come up (it shouldn’t be too difficult). After installation the tasksel dialog appears:Tasksel dialog

The “Standard system” should be enough here, we will install the packages we need for the file server later. Now it will download and install some more packages, and this should take a while (I didn’t take time, but upwards an hour perhaps). When it is done you should see the following message: Installation finished

Choose “Continue”; You will then be disconnected from the slug. Wait a while (ten minutes?) and then log in with the login credentials for the user you created before (you could log in as root, but it is prudent not to).

And that’s it. You can start playing around with your new toy, as will do now with mine.

Posted in debian, equipment, slug, suttung | Leave a Comment »