1. Console Tools
There are a number of console tools for LDAP and Samba control:
Your are free to use them in interactive way or write some scripts. Some operations e.g. import of users can be done much more faster with their help than in any GUI tool. Names tell enough about their functioinality.
This tool is quite good for LDAP+Samba combination but works also fine without Samba. It can be installed from repos.
$sudo apt-get install ldap-account-manager
It will install Apache2 and some other stuff as dependency.
Additionaly you can buy LAM Pro with additional features.
3. LAM Setup
First of all install and setup LDAP and Samba as described here . Then you can login to LAM by opening URL http://your_server_address_or_name/lam
First of all you should setup the configuration:
To acess Control Panel you need the password, by default it's 'lam' (without quotes):
Then you can check your settings on 'Genaral' page:
Here you can set LDAP server address, enable TLS encryption. 'Tree suffix' must be the same as 'Base DN' option in LDAP configuration.
Choose your language if you want.
LAM Daemon options. Keep them as-is for now.
Set LDAP super admin account. For example: cn=admin,dc=ldap
Don't forget to set your account types according to slapd.conf
I've set user accounts to: ou=People,dc=ldap
Set user groups for domain: ou=group,dc=ldap
Then set group for computers: ou=computer,dc=ldap
And finally set Samba domain: dc=ldap
Then we can try to login ....
If you want to manage a number of LDAP-servers you can create profile for each. Whant I advise NOT to do is to rename profiles. Everything became broken after I tried to.
Now we can take some controll:
LAM is writted with active AJAX usage and your settings are applied immediately without additional buttonpressing.
There is also Utility to test configurations.
NB: Configuration updates are applied with small delays. If you experience problems you may also restart slapd and samba services.
3. LAM in comparison to GOsa2
Comparing to GOsa2 LAM has the followin benefits:
- It's more close to that is called 'unix-way' as splitted to utitities for each operatioins
- LAM doesn't wase your LDAP-catalog with own data
But GOsa2 has better integration.
This article was originally translated from: http://nixclub.pro/node/28 [RU]