Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

Configuracin de Servidor OpenLDAP

Simn Castellanos Chaurn <scastellanos@emacs.com.ve> Paso 1: Instalacin de paquetes Para la instalacin inicial de OpenLDAP se requrieren los si uientes paquetes! Para el servidor P s slapd l ldap"utils l li#ldap$ l li#d#%.$ d d#%.$"util l li#nss"d# l li#d#d"ldap"perl mi rationtools m l li#nss"ldap l li#pam"ldap li#pam"crac&li# Para el cliente P l li#nss"ldap l li#pam"ldap l li#pam"crac&li# l li#ldap$ nscd Paso 2: Configuracion de la instalacin 2.1. Configuracin de Slapd 'nter (ou D)S domain name * emacs.com 'nter (ou name o+ or ani,ation * emacs.com Admin pass-ord* admin Allo- LDAPv$ protocol* )o

www.emacs.com.ve

Pagina 1 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

2.2 Configuracion de Li!nss ldap .ost LDAP server * /$0.1.1./ /2$./34./11./ D) * dc*emacs5dc*com 6ersion de LDAP a utili,ar * 7 Data#ase require lo in in8 * )o 9a&e con+i uration reada#le:-ritea#le #( o-ner onl( 8 * ;es

2." Configuracion de Li!pa# ldap LDAP Server host * orinoco.emacs.com.ve < veri+icar :etc:hosts= D) * dc*emacs5dc*com 6ersion de LDAP a utili,ar * 7 9a&e local root Data#ase admin* ;es Data#ase require lo in in8 * )o >oot lo in account * cn*9ana er5dc*emacs5dc*com >oot lo in pass-ord * admin Local cr(pt to use -hen chan in pass-ords * ?cr(pt@ Paso ": A$ustes de per#isos % arc&ivos del siste#a LDAP ".1. Colocar per#isos de los arc&ivos A :etc:init.d:slapd stop A adduser ""s(stem "" roup ldap A vi :etc:de+ault:sdapd <asi nar los parametros SLAPDBCS'> ( SLAPDBD>OCP a EldapE= A cho-n "> ldap!ldap :var:li#:ldap A ch rp ldap :etc:ldap:sldapd.con+ A chmod 13%1 :etc:ldap:slapd.con+ A :etc:init.d:slapd start A ps "auF+- G rep ldap ".2. 'odificar el arc&ivo (etc(ldap(sldap.conf Se de#en a re ar o modi+icar los si uientes parametros

www.emacs.com.ve

Pagina 2 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

include :etc:ldap:slapd.access.con+ schemachec& on pid+ile :var:run:sldapd.pid lo level $H3 modulepath :usr:li#:ldap moduleload #ac&B#d# #ac&end #d# chec&point H/$ 71 data#ase #d# su++iF Edc*emacs5 dc*comE rootdn Ecn*9ana er5dc*emacs5dc*comE rootp- ?cr(pt@IIIII director( E:var:li#:ldapE pass-ord"hash ?cr(pt@ pass-ord"cr(pt"salt"+ormat EJ/JK.4sE Alastmod on Areplo +ile :var:li#:ldap:replo

Para la clave de 9ana er es necesario eLecutar el si uiente comando! A sldappass-d "v "s admin "h ?C>;PM@

Paso ): Creacin de arc&ivos LDI*. 'n necesario modi+icar los parametros del archivo :etc:mi rateBcommon.ph de la si uiente manera! JD'NACLMB9AOLBDO9AO)* Eemacs.comEP JD'NACLMBQAS' * Edc*emacs5dc*comEP JD'NACLMB9AOLB.OSM* Eorinoco.emacs.com.veEP J'IM')D'DBSC.'9A */P A continuacin ha( que crear el o#Leto que a su ve, contendr el resto de los datos en el directorio. Denere un archivo #ase.ldi+ del si uiente modo! www.emacs.com.ve Pagina 3 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

(usr(s&are(#igrationtools(#igrate+!ase.pl , !ase.ldif Se utili,ar ldapadd para insertar los datos necesarios. Las opciones utili,adas con este mandato son las si uientes! "F "R "D #inddn "h an+itrin "+ +ichero autenticacin simple solicitar clave de acceso )om#re Distin uido <dn= a utili,ar Servidor LDAP a acceder +ichero a utili,ar

Cna ve, entendido lo anterior5 se procede a insertar la in+ormacin enerada en el directorio utili,ando lo si uiente! ldapadd - . D /cn0'anager1 dc0e#acs1 dc0co#/ f !ase.ldif Cna ve, hecho lo anterior5 se podr comen,ar a po#lar el directorio con datos. Lo primero ser importar los rupos ( usuarios eFistentes en el sistema. >ealice la importacin de usuarios utili,ando los uiones correspondientes del si uiente modo! :usr:share:mi rationtools:mi rateB roup.pl :etc: roup roup.ldi+ :usr:share:mi rationtools:mi rateBpass-d.pl :etc:pass-d pass-d.ldi+ Lo anterior crear los +icheros roup.ldi+ ( pass-d.ldi+5 los cuales incluirn la in+ormacin de los rupos ( cuentas en el sistema5 inclu(endo las claves de acceso. Los datos se podrn insertar en el directorio LDAP utili,ando lo si uiente! ldapadd "F "R "D Scn*9ana er5 dc*emacs5 dc*comS "+ roup.ldi+ ldapadd "F "R "D Scn*9ana er5 dc*emacs5 dc*comS "+ pass-d.ldi+ Para los hosts de la red es! :usr:share:mi rationtools:mi rateBhosts.pl :etc:hosts hosts.ldi+ ldapadd "F "R "D Scn*9ana er5 dc*emacs5 dc*comS "+ hosts.ldi+

www.emacs.com.ve

Pagina 4 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

Paso 2: Co#pro!aciones. Antes de con+i urar el sistema para utili,ar LDAP para autenticar5 es conveniente veri+icar que todo +unciona correctamente. 'l si uiente mandato veri+ica que directorios disponi#les eFisten en el servidor /$0.1.1./. ldapsearc& & 123.4.4.1 - ! // s !ase /5o!$ectclass067/ na#ingConte-ts Lo anterior de#e devolver una salida similar a lo si uiente! A eFtended LDON A A LDAPv7 A #ase <> -ith scope #ase A +ilter! <o#Lectclass*T= A requestin ! namin ConteFts A A dn! namin ConteFts! dc*su"red"local5dc*com A search result search! $ result: 4 Success A num>esponses! $ A num'ntries! / 'l si uiente mandato de#e devolver toda la in+ormacin de todo el directorio solicitado <dc*emacs5dc*com=. ldapsearch "F "# Sdc*emacs5dc*comS S<o#Lectclass*T=S Otro eLemplo es reali,ar una #Usqueda especV+ica para un usuario en particular. Suponiendo que en el sistema se tiene un usuario denominado +ulano5 puede eLecutarse lo si uiente! ldapsearc& - ! /uid0fulano1ou0People1dc0e#acs1dc0co#/

www.emacs.com.ve

Pagina de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

Paso 8: Paquete P&pldapad#in. A apt" et install apache <en caso de no tenterlo instalado= A apt" et install phpldapadmin And use the +ollo-in to ans-er the questions Authentication t(pe! session Con+i ure -e#server! apache5 apache"ssl >estart! (es 6eri+icar aplicacion en ! http!::/$0.1.1./:phpldapadmin Paso 3: Configuracin de cliente OpenLDAP. 0./." 9odi+icar el archivo :etc:nss-itch.con+ pass-d roup shadohosts compat ldap compat ldap compat ldap +iles dns

Pro#ar con el comando! +in er EscastellanosE 0.$" 9odi+icar el archivo :etc:pam.d:common"account Aaccount account account required required su++icient pamBuniF.so pamBuniF.so tr(B+irstBpass pamBldap.so

0.7" 9odi+icar el archivo :etc:pam.d:common"auth Aauth required auth required auth su++icient pamBuniF.so nullo&Bsecure pamBuniF.so nullo&Bsecure useB+irstBpass pamBldap.so

0.%" 9odi+icar el archivo :etc:pam.d:common"pass-ord Apass-ord required pamBuniF.so nullo& o#scure min*% maF*4 mdH pass-ord required pamBuniF.so nullo& o#scure min*% maF*4 mdH useB+irstBpass www.emacs.com.ve Pagina ! de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

pass-ord su++icient pamBldap.so 3.2. 'odificar el arc&ivo (etc(ldap(ldap.conf .OSM orinoco.emacs.com /2$./34./11./ QAS' dc*emacs5dc*com port 742

3.8. 'odificar el arc&ivo (etc(pa#+ldap.conf host orinoco.emacs.com #ase dc*emacs5dc*com ldapBversion 7 root#inddn cn*mana er5dc*emacs5dc*ve port 742 3.2. 'odificar el arc&ivo (etc(li!nss ldap.conf host orinoco.emacs.com #ase dc*emacs5dc*com ldapBversion 7 root#inddn cn*mana er5dc*emacs5dc*ve port 742

Paso 9: Pro!ar autenticacin OpenLDAP. : su scastellanos Sin directorio5 entrando .O9'*: scastellanos@orinoco.emacsc.comJ pass-d 'nter lo in <LDAP= pass-ord! )e- pass-ord! >e"enter ne- pass-ord! Otra prue!a: Aapt" et install li#pam"dot+ile Jpamtest pass-d scastellanos Jpamtest ssh scastellanos www.emacs.com.ve Pagina 7 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

Integracin de Sa#!a con OpenLDAP

Simn Castellanos Chaurn <scastellanos@emacs.com.ve> Paso 1: Instalacin % configuracin del paquete Sa#!a A apt" et install sam#a sam#a"doc sm#client sm#+s 1.1. La configuracion de la instalacin es la siguiente: Domain )ame! '9ACS Cse Pass-ord 'ncr(ption! ;es 9odi+( sm#.con+ to use RO)S settin s via D.CP! )o .o- to run Sam#a! daemons Create pass-ord data#ase! ;es 1.2. A$ustando configuracion de LDAP LDAP necesita tra#aLar con el esquema de Sam#a5 ( por eso se de#e hacer lo si uiente! A cd :usr:share:doc:sam#a"doc:eFamples:LDAP A un,ip sam#a.schema. , A cp sam#a.schema :etc:ldap:schema: Ahora ha( que a re ar la si uiente line en el archivo :etc:ldap:slapd.con+ despues de los otros includes! include :etc:ldap:schema:sam#a.schema

; reinicie slapd! A :etc:init.d:slapd restart 1.". Configuracin de Sa#!a A#rir el :etc:sam#a:sm#.con+ ( #uscar la linea! passd# #ac&end * td#sam uest 'sto de#e ser reempla,ado por las si uientes lineas! passd# #ac&end * ldapsam!ldap!::orinoco.emacs.com ldap su++iF * dc*emacs5dc*com www.emacs.com.ve Pagina " de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

ldap admin dn * cn*mana er5dc*emacs5dc*com ldap delete dn * no ldap machine su++iF * ou*machines ldap user su++iF * ou*people ldap roup su++iF * ou* roups A Sam#a como PDC domain lo ons * (es A allo- user privile es ena#le privile es * (es 'Lecutar testpar# to para veri+icar que la con+i uracion de SA9QA no ten a errores. Colocar la clave Root del Samba root LDAP password like so: J sm#pass-d "- pass-ord >estart Sam#a! J:etc:init.d:sam#a restart Paso 1: Autenticacin de .indo;s Puede utili,ar WiItart para escri#ir el lo on script Crear la carpera netlo on compartida5 ( tener el rupo admins acceso de escritura a este J m&dir :data:sam#a:netlo on J ch rp admins :data:sam#a:netlo on Agregar lo siguiente al s#!.conf: A put this in the main section lo on script * lo on.#at A share +or the lo on scripts Xnetlo onY comment * )et-or& lo on service path * :data:sam#a:netlo on -rite list * E@adminsE uest o& * ;es

www.emacs.com.ve

Pagina # de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

P lo on script +or nomisH$.net setconsole<ShideS= P delete all mapped drives CS' T :delete P s(nc time Jtimeserver * EZZde#ianE Settime Jtimeserver ON O)D>OCP<E)O9OSH$ZDomain AdminsE= use n! ZZde#ianZnetlo on ')DON P add more drive mappin s here P map homedirector( use u! @.O9'DO> Por de+ecto los atri#utos sam#aL9Pass-ord ( sam#a)MPass-ord son accsi#les para otodos los usuarios <even anon(mous ones=. Si ud no esta con+orme5 puede colocar restriccion en el acceso para el usuario Emana erE ( el usuario que es duse[o de el o#Leto5 para ello ha( que editar el archivo :etc:ldap:slapd.con+ ( colocar! access to attrs*userPass-ord #( dn*Ecn*mana er5dc*emacs5dc*comE -rite #( anon(mous auth #( sel+ -rite #( T none to access to attrs*userPass-ord5sam#aL9Pass-ord5sam#a)MPass-ord #( dn*Ecn*mana er5dc*emacs5dc*comE -rite #( anon(mous auth #( sel+ -rite #( T none Paso ": Pro!ar el SA'<A

www.emacs.com.ve

Pagina 1$ de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

A re ar ELinuF userE <to local +lat +iles=! : adduser no create &o#e antonio Xe. . pass-ord! /$7%H3Y Add the ESam#a userE <to LDAP=! : s#!pass;d a antonio ""> output! )e- S9Q pass-ord! a#cde >et(pe ne- S9Q pass-ord! a#cde LDAP search E<\<uid*antonio=<o#Lectclass*sam#aAccount==E returned 1 entries. Added user antonio : getent pass;d = grep antonio : ldapsearc& ! >ou0People1dc0e#acs1dc0co#> LLL D >cn0#anager1dc0e#acs1dc0co#> . >5uid0antonio7> client? s#!client L ((ldap Pass-ord! Anon(mous lo in success+ul Domain*X'9ACSY OS*XCniFY Server*XSam#a $.$.7a"/$ +or De#ianY Sharename M(pe Comment """"""""" """" """"""" tmp Dis& antonio Dis& OPCJ OPC OPC Service <(ello- server <Sam#a $.$.7a"/$5 LDAP"Mest== AD9O)J Dis& OPC Service <(ello- server <Sam#a $.$.7a"/$5 LDAP"Mest== client? s#!client ((ldap(t#p added inter+ace ip*/2$./34./11./ #cast*/2$./34./11.$HH nmas&*$HH.$HH.$HH.1 Pass-ord! Anon(mous lo in success+ul Domain*X'9ACSY OS*XCniFY Server*XSam#a $.$.7a"/$ +or De#ianY sm#! Z> client? s#!client ((ldap(antonio added inter+ace ip*/2$./34./11./ #cast*/2$./34./11.$HH nmas&*$HH.$HH.$HH.1 Pass-ord! Anon(mous lo in success+ul Domain*X'9ACSY OS*XCniFY Server*XSam#a $.$.7a"/$ +or De#ianY tree connect +ailed! )MBSMAMCSBR>O)DBPASSRO>D www.emacs.com.ve Pagina 11 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

client? s#!client ((ldap(antonio @ antonio added inter+ace ip*/2$./34./11./ #cast*/2$./34./11.$HH nmas&*$HH.$HH.$HH.1 Pass-ord! a#cde Domain*X'9ACSY OS*XCniFY Server*XSam#a $.$.7a"/$ +or De#ianY sm#! Z>

# # # # # # # # # # # # # # # # # #

Sample configuration file for the Samba suite for Debian GNU/Linux. This is the main Samba configuration file. You should read the smb.conf !" manual page in order to understand the options listed here. Samba has a huge number of configurable options most of #hich are not sho#n in this example $n% line #hich starts #ith a & semi'colon" or a # hash" is a comment and is ignored. (n this example #e #ill use a # for commentar% and a & for parts of the config file that %ou ma% #ish to enable N)T*+ ,hene-er %ou modif% this file %ou should run the command .testparm. to chec/ that %ou ha-e not man% an% basic s%ntactic errors.

#00000000000000000000000 Global Settings 00000000000000000000000 # 1 1global2 ## 3ro#sing/(dentification ### # # 4hange this to the #or/group/NT'domain name %our Samba ser-er #ill part of workgroup = EMACS w # Netbios Name netbios name = ORINOCO n # ser-er string is the e5ui-alent of the NT Description field ser-er string 0 Samba'LD$6 # ,indo#s (nternet Name Ser-ing Support Section+ # ,(NS Support ' Tells the N73D component of Samba to enable its ,(NS Ser-er #ins support 0 no # ,(NS Ser-er ' Tells the N73D components of Samba to be a ,(NS 4lient # Note+ Samba can be either a ,(NS Ser-er8 or a ,(NS 4lient8 but N)T both

www.emacs.com.ve

Pagina 12 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

& #ins ser-er 0 #.x.%.9

# This #ill pre-ent nmbd to search for Net3()S names through DNS. dns prox% 0 no # ,hat naming ser-ice and in #hat order should #e use to resol-e host names # to (6 addresses name resol-e order 0 lmhosts host #ins bcast #### Debugging/$ccounting #### # # This tells Samba to use a separate log file for each machine # that connects log file 0 /-ar/log/samba/log.:m # 6ut a capping on the si9e of the log files max log si9e 0 <=== in ;b".

# (f %ou #ant Samba to onl% log through s%slog then set the follo#ing # parameter to >%es>. s%slog onl% 0 no # ,e #ant Samba to log a minimum amount of information to s%slog. *-er%thing # should go to /-ar/log/samba/log.?smbd8nmbd@ instead. (f %ou #ant to log # through s%slog %ou should set the follo#ing parameter to something higher. s%slog 0 = # Do something sensible #hen Samba crashes+ mail the admin a bac/trace panic action 0 /usr/share/samba/panic'action :d ####### Authentication ####### # # # # # .securit% 0 user. is al#a%s a good idea. This #ill re5uire a Unix account in this ser-er for e-er% user accessing the ser-er. See /usr/share/doc/samba'doc/htmldocs/Ser-erT%pe.html in the samba'doc pac/age for details. security = user s

# You ma% #ish to use pass#ord encr%ption. See the section on # >encr%pt pass#ords> in the smb.conf !" manpage before enabling. encr%pt pass#ords 0 true # (f %ou are using encr%pted pass#ords8 Samba #ill need to /no# #hat # pass#ord database t%pe %ou are using. passdb backend = p dapsam! dap!""#$%&'&'&#

obe% pam restrictions 0 %es

www.emacs.com.ve

Pagina 13 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

#guest o/ 0 %es #in-alid users 0 root # This boolean parameter controls #hether Samba attempts to s%nc the Unix # pass#ord #ith the S73 pass#ord #hen the encr%pted S73 pass#ord in the # passdb is changed. unix pass#ord s%nc 0 %es # Aor Unix pass#ord s%nc to #or/ on a Debian GNU/Linux s%stem8 the follo#ing # parameters must be set than/s to $ugustin Luton BalutonCh%brigenics.frD for # sending the correct chat script for the pass#d program in Debian 6otato". pass#d program 0 /usr/sbin/smbldap'pass#d 'o :u pass#d chat 0 E*nterFsne#FsUN(GFspass#ord+E :nFn EHet%peFsne#FsUN(GFspass#ord+E :nFn . E # This boolean controls #hether 6$7 #ill be used for pass#ord changes # #hen re5uested b% an S73 client instead of the program listed in # >pass#d program>. The default is >no>. pam pass#ord change 0 no ###### CON(I)*RACION +E ,+A- ###### # ldap admin dn 0 cn0manager8dc0emacs8dc0com ldap delete dn 0no ldap ldap ldap ldap l suffix 0 dc0emacs8dc0com user suffix 0 ou0people group suffix 0 ou0groups machine suffix 0 ou0machines

###### CON(I)*RACION +E +OMINIO ###### # os le-el 0 I= preferred master 0 %es domain master 0 %es oca master = yes domain ogons = yes d admin users 0 administrator8acastillo &enable pri-ileges 0 %es & logon path 0 FF:LFprofilesF:u logon dri-e 0 J+ logon home 0 FF:LFF:uF.profile logon script 0 template shell 0/bin/bash add user script 0 /usr/sbin/smbldap'useradd.pl '# :u a

www.emacs.com.ve

Pagina 14 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba G

########## 6rinting ########## # # (f %ou #ant to automaticall% load %our printer list rather # than setting them up indi-iduall% then %ou>ll need this & load printers 0 %es # lpr ng" printing. You ma% #ish to o-erride the location of the # printcap file & printing 0 bsd & printcap name 0 /etc/printcap # 4U6S printing. See also the cupsaddsmb I" manpage in the # cups%s'client pac/age. & printing 0 cups & printcap name 0 cups # ,hen using 1printK28 root is implicitl% a >printer admin>8 but %ou can # also gi-e this right to other users to add dri-ers and set printer # properties & printer admin 0 Cntadmin ######## Aile sharing ######## # # Name mangling options & preser-e case 0 %es & short preser-e case 0 %es ############ 7isc ############ # # Using the follo#ing line enables %ou to customise %our configuration # on a per machine basis. The :m gets replaced #ith the netbios name # of the machine that is connecting & include 0 /home/samba/etc/smb.conf.:m # # # # # 7ost people #ill find that this option gi-es better performance. See smb.conf !" and /usr/share/doc/samba'doc/htmldocs/speed.html for details You ma% #ant to add the follo#ing on a Linux s%stem+ S)LH4M3UA0I<NO S)LSND3UA0I<NO soc/et options 0 T46LN)D*L$Y

# The follo#ing parameter is useful onl% if %ou ha-e the linpopup pac/age # installed. The samba maintainer and the linpopup maintainer are # #or/ing to ease installation and configuration of linpopup and samba. & message command 0 /bin/sh 'c >/usr/bin/linpopup .:f. .:m. :s& rm :s> P # Domain 7aster specifies Samba to be the Domain 7aster 3ro#ser. (f this # machine #ill be configured as a 3D4 a secondar% logon ser-er"8 %ou

www.emacs.com.ve

Pagina 1 de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

# must set this to >no>& other#ise8 the default beha-ior is recommended. & domain master 0 auto # Some defaults for #inbind ma/e sure %ou>re not using the ranges # for something else." idmap uid 0 <===='O==== idmap gid 0 <===='O==== template shell 0 /bin/bash #00000000000000000000000 Share Definitions 00000000000000000000000 # 1homes2 comment 0 Jome Directories bro#seable 0 no # 3% default8 the home directories are exported read'onl%. 4hange next # parameter to >%es> if %ou #ant to be able to #rite to them. #ritable 0 %es # Aile creation mas/ is set to =Q== for securit% reasons. (f %ou #ant to # create files #ith group0r# permissions8 set next parameter to =QQ!. create mas/ 0 =Q== # Director% creation mas/ is set to =Q== for securit% reasons. (f %ou #ant to # create dirs. #ith group0r# permissions8 set next parameter to =QQ!. director% mas/ 0 =Q== # Un'comment the follo#ing and create the netlogon director% for Domain Logons # %ou need to configure Samba to act as a domain controller too." .net ogon/ . comment 0 Net#or/ Logon Ser-ice path 0 /home/samba/netlogon guest o/ 0 %es #ritable 0 no share modes 0 no #rite list 0 administrator8acastillo .pro0i es/ . comment 0 6erfiles de usuarios path 0 /home/samba/profiles #riteable 0 %es bro#seable 0 no create mas/ 0 =R== director% mas/ 0 =Q== guest o/ 0 %es

1printers2 comment 0 $ll 6rinters

www.emacs.com.ve

Pagina 1! de 17

Curso de Implementacion de Servicio de Directorio LDAP Guia Rapida de LDAP y Samba

bro#seable 0 no path 0 /tmp printable 0 %es public 0 no #ritable 0 no create mode 0 =Q== # ,indo#s clients loo/ for this share name as a source of do#nloadable # printer dri-ers 1printK2 comment 0 6rinter Dri-ers path 0 /-ar/lib/samba/printers bro#seable 0 %es read onl% 0 %es guest o/ 0 no # Uncomment to allo# remote administration of ,indo#s print dri-ers. # Heplace >ntadmin> #ith the name of the group %our admin users are # members of. & #rite list 0 root8 Cntadmin # $ sample share for sharing %our 4D'H)7 #ith others. &1cdrom2 & comment 0 Samba ser-er>s 4D'H)7 & #ritable 0 no & loc/ing 0 no & path 0 /cdrom & public 0 %es # The next t#o parameters sho# ho# to auto'mount a 4D'H)7 #hen the # cdrom share is accesed. Aor this to #or/ /etc/fstab must contain # an entr% li/e this+ # # /de-/scd= /cdrom isoNRR= defaults8noauto8ro8user = = # # The 4D'H)7 gets unmounted automaticall% after the connection to the # # (f %ou don>t #ant to use auto'mounting/unmounting ma/e sure the 4D # is mounted on /cdrom # & preexec 0 /bin/mount /cdrom & postexec 0 /bin/umount /cdrom

www.emacs.com.ve

Pagina 17 de 17