1. The document describes how to set up an OpenLDAP server and Samba domain controller with a GUI. It includes steps to install LDAP services, create the LDAP server, add users, and join clients to the domain.
2. Configuration files are also used to combine Samba and OpenLDAP to allow Windows clients to join the domain. Folders are shared and permissions are set for domain user groups.
3. The Openfire chat software is installed on the LDAP server and configured to use LDAP for user authentication, allowing domain users to chat.
2. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Table of Content
1. Create Openldap server GUI..........................................................................................................................2
a. Changed Hostname and Assigned IP Address ...........................................................................................2
b. Install the services packet of LDAP there are: ...............................................................................................4
c. Go to yast for create and configure the ldap server.....................................................................................6
d. LDAP Client...................................................................................................................................................10
e. Create a sh file for configure the multi restart the services. .......................................................................13
2. Create Users With GUI.................................................................................................................................15
3. Take another client (suse) join domain with LDAP server+login (GUI)........................................................18
4. Configuration Samba ...................................................................................................................................25
a. Combine Samba with OpenLDAP ............................................................................................................25
b. Allowed Windows Client Join Domain.....................................................................................................31
Configuration file .........................................................................................................................................37
1. Configure openldap(slapd.conf) ..................................................................................................................37
2. Create and Insert with *.ldif (file):....................................................................................................................38
4. Take another Client (SUSE) Join domain with LDAP server + Login.............................................................46
5. Configure SAMBA vai Configuration file ......................................................................................................50
A. Combid Samba with OpenLDAP by confuration file................................................................................50
B. Allow Windows Client join domain + Login .............................................................................................57
1. Create Folders in /srv with: ..........................................................................................................................64
A. SNA2014 ..................................................................................................................................................66
a. SNA-A.......................................................................................................................................................66
b. SNA-B.......................................................................................................................................................66
2. Create user in OpenLDAP (file) ....................................................................................................................66
A. Created User:................................................................................................................................................67
4. Take windows Client test.................................................................................................................................76
-Let user in class SNA-A test ............................................................................................................................76
-Let user SNA2014(sopheak.ros) logon ...........................................................................................................80
5. Install and Configure........................................................................................................................................81
- Install Openfire package on Openldap server for allow user charting.........................................................92
- Configure Openfire by remote from client ...................................................................................................93
Let users admin login to openfire...........................................................................................................97
- Using Spark software for charting with each other......................................................................................98
Add contact friends...............................................................................................................................100
3. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
1. Create Openldap server GUI
a. Changed Hostname and Assigned IP Address
-Go to yast lan to assigned IP and hostname
4. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
5. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
b. Install the services packet of LDAP there are:
- Openldap2
- Openldap2-client
- Pam_ldap
- Nss_ldap
6. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
7. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
c. Go to yast for create and configure the ldap server
8. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
+To configure LDAP server by GUI
9. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
10. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
11. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
d. LDAP Client
+Configure the LDAP client
12. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
13. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
14. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
e. Create a sh file for configure the multi restart the services.
-rcsmb restart
-rcldap restart
-rcnmb restart
-rcnscd restart
15. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
16. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
2. Create Users With GUI
+ Go to yast => Security and Users => next tap to user and
group management
+ types Alt+S =>LDAP Server => Add…..
17. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
18. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
19. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
3. Take another client (suse) join domain with LDAP server+login
(GUI)
A. Assigned IP for client
20. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
21. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
22. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
23. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
24. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
25. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
b. Let user logon after join domain
26. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
4. Configuration Samba
a. Combine Samba with OpenLDAP
27. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
28. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
29. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
30. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
31. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
32. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
b. Allowed Windows Client Join Domain
33. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
34. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
35. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
36. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
37. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
+ add users to samba for allowed user logon on windows by samba
39. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
2. Create and Insert with *.ldif (file):
A. Domain
40. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
OU.
41. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
42. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
43. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
3. Configure LDAP Client File or LDAP client (GUI)
44. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
45. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
46. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
47. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
4. Take another Client (SUSE) Join domain with LDAP
server + Login
48. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
49. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
50. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Let user logon
51. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
5. Configure SAMBA vai Configuration file
A. Combid Samba with OpenLDAP by confuration file
First vi /etc/samba/smb.conf
52. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
53. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
54. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Combine samba with ldap by GUI
55. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
56. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
57. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
58. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
B. Allow Windows Client join domain + Login
59. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
60. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
61. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
62. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
63. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Let User logon
64. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
65. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
1. Create Folders in /srv with:
A. SNA2015
66. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
c. SNA-B
67. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
A. SNA2014
a. SNA-A
b. SNA-B
2. Create user in OpenLDAP (file)
I can add users Samba in local but before I create users I just create the group
and then Users.
68. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
A. CREATED USER:
-Users Class SNA –A
69. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
70. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
-Users Class SNA-B
And then save the job by types Esc+:x!
B. sopheak.ros
71. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
And then save the job by types Esc+:x!
Add users to LDAP by command line
Add users sopheak.ros to LDAP server.
Add user to Samba
72. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Created and add users to each group
73. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
3. Make sure:
A. you and your friends: Access only SNA2015, but you can only access your owner
folder(Folder Permission)
SNA-A( -Folder Saray.RONG,Folder Phirak.PHUN)
3
74. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
75. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
76. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
SNA-B (Tola,Savy)
B. User: sopheak.ros : Access only SNA2014
77. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
4. TAKE WINDOWS CLIENT TEST
-LET USER IN CLASS SNA-A TEST
78. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
79. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
80. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
81. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
-LET USER SNA2014(SOPHEAK.ROS) LOGON
82. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
5. INSTALL AND CONFIGURE
- LDAP Admin software to create user, group, reset password, computer account on Openldap server
83. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
84. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
85. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Connection name = any name
Host = we put the IP server host of Suse
Base = the base of DN of server
username = Admin ldap configure
password = password DN
86. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Then test connection.
87. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Reset password for user in LDAP Admin
Create a user in LDAP admin
88. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
89. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
90. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Create the Computer Account
91. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Create Organization Unit (OU)
92. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Last Result
93. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
- INSTALL OPENFIRE PACKAGE ON OPENLDAP SERVER FOR ALLOW USER
CHARTING
94. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
- CONFIGURE OPENFIRE BY REMOTE FROM CLIENT
95. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
96. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
97. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Choose the user and group system to use with the server choose Directory Server
(LDAP)
98. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
Choose one or more user from LDAP to be administrator
Let users admin login to openfire
99. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
This is the all user and computer account on LDAP Server
- USING SPARK SOFTWARE FOR CHARTING WITH EACH OTHER
100. Prepared by: LENG Tola
Tolaleng.sna@gmail.com www.itolaleng.wordpress.com
The first we need to have a software Spark
So this I will let user savy.vuth to logon this PC1