Samba Password: Difference between revisions
No edit summary |
Linuxprophet (talk | contribs) m (I have made some punctuation and spelling changes.) |
||
Line 1: | Line 1: | ||
This zimlet allows you to change the password of your Samba-PDC setup.<br/> | This zimlet allows you to change the password of your Samba-PDC setup.<br/> | ||
The idea is that you have Zimbra authenticating | The idea is that you have Zimbra authenticating against the Samba-LDAP backend, so you can have Single-Sign-On. | ||
'''Requirements''' | '''Requirements''' | ||
For this to work you need to install a perl-cgi script that | For this to work you need to install a perl-cgi script that I developed in a web server. This script has some requirements to: | ||
* You need to install the Samba::LDAP module, you can take my | * You need to install the Samba::LDAP module, you can take my RPMs from [http://www.it-linux.cl/pbruna/?p=6] | ||
* You need to install smbldap-tools in the server where the cgi script is, and configure the files in /etc/smbldap-tools properly | * You need to install smbldap-tools in the server where the cgi script is, and configure the files in /etc/smbldap-tools properly | ||
* The user who runs the web server ( | * The user who runs the web server (Zimbra) needs to have read rights in the /etc/smbldap-tools files. | ||
'''The web Server''' | '''The web Server''' | ||
I am using the Apache server that comes with Zimbra, I recommend this. You need to edit the httpd.conf of this Apache to let it execute the script. At the end of the /opt/zimbra/conf/httpd.conf file add: | |||
ScriptAlias /cgi-bin/ "/opt/zimbra/httpd-2.0.54/cgi-bin/" | ScriptAlias /cgi-bin/ "/opt/zimbra/httpd-2.0.54/cgi-bin/" | ||
Line 24: | Line 24: | ||
If you want more security you can modify the ''Allow from'' options. | If you want more security you can modify the ''Allow from'' options. | ||
Then copy the cgi script to the /opt/zimbra/httpd-2.0.54/cgi-bin directory, changes its owners to | Then copy the cgi script to the /opt/zimbra/httpd-2.0.54/cgi-bin directory, changes its owners to Zimbra, and add the execute permission. | ||
You need to configure the cgi, at the firs lines you need to declare your LDAP_HOST and your USER BASE. Run the cgi (perl sambapass.pl) to see if all the modules are ok. | You need to configure the cgi, at the firs lines you need to declare your LDAP_HOST and your USER BASE. Run the cgi (perl sambapass.pl) to see if all the modules are ok. | ||
Line 43: | Line 43: | ||
You can get it from here: http://www.it-linux.cl/pbruna/?p=7 | You can get it from here: http://www.it-linux.cl/pbruna/?p=7 | ||
Let me know if you have any | Let me know if you have any doubts |
Revision as of 16:21, 3 August 2007
This zimlet allows you to change the password of your Samba-PDC setup.
The idea is that you have Zimbra authenticating against the Samba-LDAP backend, so you can have Single-Sign-On.
Requirements
For this to work you need to install a perl-cgi script that I developed in a web server. This script has some requirements to:
* You need to install the Samba::LDAP module, you can take my RPMs from [1] * You need to install smbldap-tools in the server where the cgi script is, and configure the files in /etc/smbldap-tools properly * The user who runs the web server (Zimbra) needs to have read rights in the /etc/smbldap-tools files.
The web Server
I am using the Apache server that comes with Zimbra, I recommend this. You need to edit the httpd.conf of this Apache to let it execute the script. At the end of the /opt/zimbra/conf/httpd.conf file add:
ScriptAlias /cgi-bin/ "/opt/zimbra/httpd-2.0.54/cgi-bin/" <Directory "/opt/zimbra/httpd-2.0.54/cgi-bin"> AllowOverride None Options ExecCGI Order allow,deny Allow from all </Directory>
If you want more security you can modify the Allow from options.
Then copy the cgi script to the /opt/zimbra/httpd-2.0.54/cgi-bin directory, changes its owners to Zimbra, and add the execute permission.
You need to configure the cgi, at the firs lines you need to declare your LDAP_HOST and your USER BASE. Run the cgi (perl sambapass.pl) to see if all the modules are ok.
restart Apache: zmapachectl stop; zmapachectl start
Allow the Proxy Server
zmprov mc default zimbraProxyAllowedDomains "yourdomain"
Deploy the Zimlet
This is easy: zmzimlet deploy com_zimbra_samba.zip and restart tomcat: /opt/zimbra/bin/tomcat restart
Download
You can get it from here: http://www.it-linux.cl/pbruna/?p=7
Let me know if you have any doubts