Configuration of pdb_nds in Samba server for NDS authentication
pdb_nds is a back-end LDAP authentication method for Samba server. This back-end module provides authentication to the users to the Novell eDirectory™ server (NDS).
The eDirectory server can be configured in /etc/samba/smb.conf as follows to allow Samba server to contact eDirectory for user authentication:
passdb backend = NDS_ldapsam:ldaps://192.168.1.5:636
If you have configured users in multiple NDS servers, the configuration is as follows:
passdb backend = NDS_ldapsam:"ldaps://192.168.1.5:636 ldaps://192.168.1.6:636 ldaps://192.168.1.7:636"
With this confguration the NDS users can access the file shares from the Samba server.
A typical /etc/samba/smb.conf file will look like:
#ident $Id: smb.conf,v 1.30 2005/02/21 01:14:03 lukeh Exp $ # # Samba configuration file for Domain Services for Windows # [global] workgroup = TUKS printing = cups printcap name = cups printcap cache time = 750 cups options = raw map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: usershare allow guests = Yes netbios name = DSFW-TUKS realm = tuks.com auth methods = guest winbind server string = Novell Open Enterprise Server security = ads encrypt passwords = Yes socket options = TCP_NODELAY local master = Yes os level = 64 domain master = Yes preferred master = Yes domain logons = Yes idmap uid = 1-4294967295 idmap gid = 1-4294967295 pid directory = /var/run/samba use kerberos keytab = Yes winbind use default domain = Yes winbind nss info = rfc2307 dce funnel directory = /var/opt/novell/xad/rpc nt acl support = No load printers = No passdb backend = NDS_ldapsam:ldaps://192.168.1.5:636 wins support = No