Administrator Guide
53
If you are using external LDAP server, you should create Samba schema for it
first. In case you’re using the Appliance itself to act as LDAP server, this schema
will be created automatically after you enable LDAP server function of the
Appliance (please see
“Configuring LDAP server”
below).
Schema files for various LDAP servers may be found here:
http://samba.org/ftp/unpacked/samba_3_0/examples/LDAP/
However, the only approved (in given case) LDAP server is
OpenLDAP
( http://www.openldap.org/ ). Samba schema for OpenLDAP can be found in
Samba distribution ( http://samba.org/ ) or here:
http://samba.org/ftp/unpacked/samba_3_0/examples/LDAP/samba.schema
Initial tree should be created on LDAP server as follows:
dn: o=organization
objectClass: organization
o: organization
dn: ou=users,o=organization
objectClass: organizationalUnit
ou: users
dn: ou=groups,o=organization
objectClass: organizationalUnit
ou: groups
dn: ou=idmap,o=organization
objectClass: organizationalUnit
ou: idmap
Superuser account should be created as follows:
cn=ldapadmin,o=organization
Manage Users and Groups with ApplianceView (Local Mode)
If the Appliance maintains User and Group information, users and groups must be
added, modified, and deleted through ApplianceView.