Manualshelf

HP CIFS Server Administrator Guide Version A.02.04.04 (5070-6710, October 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
81828384858687888990
If you choose to use the Start TLS option with port 389 set:
ldap ssl = start_tls
For detailed information on how to enable SSL on the HP CIFS Server, see “LDAP Configuration
Parameters” (page 91).
Extending the Samba Subschema into Your Directory Server
You now need to extend the Directory Server schema with the Samba subschema from the HP CIFS
Server into your Directory Server. Ensure that you have configured your LDAP directory and LDAP-UX
Client Services before extending the schema.
Set the passwd backend parameter to ldapsam:ldap://<ldap server name>.
Samba Subschema Differences Between HP CIFS Server Versions
New HP CIFS Server releases sometimes extend the attributes for use but update are backwards
compatible with older versions of LDAP schemas.
Procedures to Extend the Samba Subschema into Your Directory
Use the following steps to extend the Samba subschema /opt/samba/LDAP3/98samba3.ldif
in HP CIFS Server A.02.* into the Directory Server:
1. Run the ftp commands to get the /opt/samba/LDAP3/98samba3.ldif file from the HP
CIFS Server and place it in the Directory Server:
For example, the following commands copy /opt/samba/LDAP3/98samba3.ldif file
from the HP CIFS Server to the /var/opt/netscape/servers/sldapd-hostA.hp.com/
config/schema/98samba3.ldif file in the Directory Server, hostA.hp.com:
cd /opt/samba/LDAP3
ftp hostA.org.hp.com
user root
root passwd
cd /var/opt/netscape/servers/sldapd-hostA.hp.com/config/schema
put 98samba3.ldif
quit
2. Login to your Directory Server and restart the daemon, slapd. This is to ensure that the
sambaSamAccount subschema is recognized by the LDAP directory.
$ /var/opt/netscape/servers/slapd-<server name>/restart-slapd
For example:
$ /var/opt/netscape/servers/slapd-hostA.hp.com/restart-slapd
3. Use the following ldapsearch command to verify that you have updated the schema in the
Directory Server with the Samba subschema:
$ /opt/ldapux/bin/ldapsearch -T -b "cn=schema" -s base \
"(objectclass=*)"|grep -i samb
You need to ensure that the output displays the following sambaSamAccount objectclass
when you run the ldapsearch command:
objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount'
DESC 'Samba 3.0 Auxilary SAM Account' STRUCTURAL MUST ( uid $
sambaSID )
Migrating Your data to the Directory Server
HP recommends that all UNIX user accounts either in the /etc/passwd file or NIS database files
are migrated to the Directory Server. The LDAP-UX Integration product provides migration scripts
to accomplish the task in an automated way. These scripts are located in /opt/ldapux/migrate
88 LDAP Integration Support