OpenLDAP+SAMBA

openldap + samba directory authentication

I was asked checkout the best alternative to our Window$ AD directory services. I explained that we could do it with openldap + samba but I never did it before giving the free advice!

So, I started to explore this killer combination to beat the best + most widely used authentication + directory services. I knew that this would continue to contribute to my dark circles under the eyes but no go!!

As usual, I went to the modern queen of knowledge ie., Google to try my luck. After tremendous exploration, in-depth research, trial and errors I took week+ time to have a working configuration of openldap+samba DC!!

I followed a cool blog site step by step, of-course with some errors which lead to refer other sites as well.

Main Blog: [Sharing with thanks a million to author]
http://siddou.hd.free.fr/2013/06/install-sambaopenldap-on-debian-7-wheezy/

Optional: [Handy sites if you are in trouble]
http://stackoverflow.com/questions/13921030/phpldapadmin-does-not-work-for-an-unknown-reason

http://stackoverflow.com/questions/20673186/getting-error-for-setting-password-feild-when-creating-generic-user-account-phpl

I had challenges in adding Windows 7 workstations as domain members. After multiple attempts and meddling with registry settings, I was able to add it to the domain. I did not face any issues while adding Windows XP [Still love it as its the only Window$ OS with less craps].

To add Windows 7 as a member, please follow below steps.

Open regedit.exe add the following registry settings:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
“DNSNameResolutionRequired”=dword:00000000
“DomainCompatibilityMode”=dword:00000001

Check the following settings:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters”RequireSignOrSeal”=dword:00000001
“RequireStrongKey”=dword:00000001

Restart 🙂 Window$ and now it can be added to the domain without issues.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s