HP CIFS Server Administrator's Guide (5900-1282, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

100

Table 13 Global Parameters (continued)

DescriptionParameter

Specifies whether the HP CIFS Server should sync the LDAP password

with the NT and LM hashes for normal accounts on a password

change. This option can be set to one of three values:

• Yes: Update the LDAP, NT and LM passwords and update the

pwdLastSet time.

• No: Update NT and LM passwords and update the pwdLastSet

time.

• Only: Only update the LDAP password and let the LDAP server do

the rest.

The default value is No.

ldap passwd sync

When Samba is requested to write to a read-only LDAP replica, it is

redirected to talk to the read-write master server. This server then

replicates the changes back to the local server. The replication might

take some seconds, especially over slow links. Certain client activities

can become confused by the 'success' that does not immediately

change the LDAP back-end's data. This option simply causes Samba

to wait a short time and allows the LDAP server to catch up. The value

is specified in milliseconds, the maximum value is 5000 (5 seconds).

By default, ldapreplication sleep = 1000 (1 second).

ldap replication sleep

Specifies in seconds how long the HP CIFS Server waits for the LDAP

server to respond to the connect request if the LDAP server is down

or unreachable. The defualt value is 15 (in seconds).

ldap timeout

Specifies the Secure Sockets Layer (SSL) support. HP CIFS Server

A.02.03 or later supports theldap ssl = start_tls option.

Specifies Yes to enable this feature using the port number 636 to

connect to the LDAP directory server. If you choose to use Start TLS,

set it to start_tls to enable SSL using port number 389 to connect to

the LDAP directory server. To disable SSL , set it to No. By default,

this parameter is set to No.

ldap ssl

Configuring LDAP Feature Support

After installing the HP CIFS Server, the existing configuration continues to operate as currently

configured. To enable the LDAP support, you must configure the relative LDAP configuration

parameters in the /etc/opt/samba/smb.conf file by using the SWAT tool or the editor.

NOTE: HP recommends that new installation customers run the samba_setup program to set

up and configure the HP CIFS Server.

You can quickly run the samba_setup program to configure the HP CIFS Server with the LDAP

feature support as follows:

1. Run the following commands to enable the LDAP feature:

$ export PATH=$PATH:/opt/samba/bin

$ samba_setup

When running the samba_setup program, you will be asked whether you want to use LDAP

or not. Press Yes to use LDAP, and press No to disable LDAP.

92 LDAP Integration Support