HP StoreAll Storage User Manual

Page 65

Advertising
background image

sh /opt/likewise/bin/gen_ldap-lwtools.sh ldap-conf.conf -n

If the configuration looks correct, run the command with added security by removing all temporary
files:

sh /opt/likewise/bin/gen_ldap-lwtools.sh ldap-conf.conf -rm

If you need to run the script over SSL/TLS, provide certificate details in the command as follows:

sh /opt/likewise/bin/gen_ldap-lwtools.sh ldap-conf.conf --cacert

certfile

Update the template on the remote LDAP server

The StoreAll LDAP client ships with three configuration templates, which are very similar except
for a few schema related attributes.

Table 2 Configuration templates that ship with the StoreAll LDAP client

Corresponding template

Supported OpenLDAP server schema

customized-schema-template.conf

Customized or special schema

posix-schema-template.conf

POSIX

samba-schema-template.conf

Samba

Pick the schema your server supports. If your server supports both Posix and Samba schemas, pick
the schema most appropriate for your environment. Choose any one of the three supported schema
templates to proceed.

IMPORTANT:

Make a copy of the template appropriate for your schema.

The following example shows the shipped Samba schema template being copied
(samba-schema-template.conf) to ldap-conf.conf:

cp samba-schema-template.conf ldap-conf.conf

Customized template. If the OpenLDAP server has a customized or a special schema, you must
provide information to help map between the standard schema attribute and class names to the
new names that are extant on the OpenLDAP server. This situation is not a common one. Use this
template only if your OpenLDAP server has overridden the standardized Posix or Samba schema
with customized extensions. Provide values (equivalent names) for all virtual attributes in the
configuration. For example:

mandatory; virtual; uid; your-schema-equivalent-of-uid
optional; virtual; homeDirectory; your-schema-equivalent-of-homeDirectory

POSIX template. Enter the required attributes for POSIX templates. Also remove or comment out
the following virtual attributes:

# mandatory; virtual; SID;sambaSID
# mandatory; virtual; PrimaryGroupSID;sambaPrimaryGroupSID
# mandatory; virtual; sambaGroupMapping;sambaGroupMapping

Samba template. Enter the required attributes for Samba templates. You can use the default values
specified in the “Map (mandatory) variables” and “Map (Optional) variables” sections of the
template.

Using LDAP as the primary authentication method

65

Advertising
Popular Brands
Popular manuals