默认的Samba服务器支持本地系统用户(smbpasswd添加后)访问Samba资源,不支持OpenLDAP服务器账号访问Samba共享资源
目的:配置完后,OpenLDAP每新增一个用户,就自动支持Samba,就可以用这个账号直接访问Samba,不需要存在于本地用户
1:拷贝samba.schema
cp /usr/share/doc/samba-3.6.23/LDAP/samba.schema /etc/openldap/schema/
2:配置vim /etc/openldap/slapd.conf
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221143945839-2059930602.png)
3:配置Samba的配置文件vim /etc/samba/smb.conf
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144038011-950621390.png)
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144101932-896805727.png)
可用testparm /etc/samba/smb.conf测试文件是否有语法错误
这里的
ldap group suffix = "cn=group"
ldap user suffix = "ou=people"
ldap user suffix = "ou=people"
对应
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221145028667-110022813.png)
4:将openLDAP的密码给samba
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144155714-1482926034.png)
smbpasswd -w lile LDAP的root面
若没有这一句,会报错
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144155714-1482926034.png)
5:重启服务
service smb restart
service slapd restart
6:等Samba支持了LDAP验证之后,在这里会多出
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144251104-1246266912.png)
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144343370-2007038402.png)
7:没有进行Samba配置之前,添加一个用户没有Samba那些属性的
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144438682-304585657.png)
配置完后:
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144539636-267207399.png)
8:测试,在图形界面新增一个用户test13,在windos去访问或smbclient -L //IP -U user
![](https://images2015.cnblogs.com/blog/746846/201612/746846-20161221144724401-949152495.png)