Arief Yudhawarman

Masih belajar buat blog

Instalasi Zimbra+Samba PDC Untuk Menggantikan Windows Active Directory+MS Exchange Server

with 11 comments

Prolog

Artikel ini menjelaskan bagaimana mengkonfigurasi ZCS (Zimbra Collaboration Server) dan Samba sebagai Server PDC (Primary Domain Controller) yang menggunakan LDAP (Lightweight Directory Access Protocol) sebagai database user terpusat untuk autentikasi user Linux maupun Windows. Fungsi ini dicapai dengan mengkonfigurasi Zimbra LDAP yang bekerja sebagai database user terpusat untuk PAM (Pluggable Authentication Modules), NSS (Name Service Switch), dan Samba ldapsam password backend. Server Linux menggunakan CentOS 5.4 yang sudah diinstal mengikuti panduan Instalasi Server Linux CLI dengan CentOS 5.4.


Proses integrasi ini akan memudahkan para Admin dalam mengelola account-account Zimbra Mail Server dan Samba PDC/Active Directory karena bisa langsung terintegrasi. Jika diterapkan pada lingkungan perusahaan atau lembaga atau instansi yang selama ini menggunakan Windows Server, panduan ini bisa digunakan untuk menyiapkan Linux server menggantikan Windows Active Directory Server dan Microsoft Exchange Server.


Persiapan

Panduan ini menggunakan Zimbra Mail Server 6.0.12 32 bit yang diinstall pada CentOS 5.4 (VirtualBox).

Konfigurasi Domain & Hostname :

  • Domain : centos.org
  • Hostname : vbox-server.centos.org
  • Zimbra(*) : server.centos.org

(*)Ini adalah nama server zimbra yang akan diinstal di server linux.

Konfigurasi IP:

  • IP Address: 192.168.87.103
  • Gateway : 192.168.87.97

DNS sudah dikonfigurasi mengikuti manual Konfigurasi DNS dengan Bind

Keperluan

Pre Instalasi Zimbra

  1. Pastikan service dns sudah berjalan.
    [root@vbox-server ~]# /etc/init.d/named status
    number of zones: 9
    debug level: 0
    xfers running: 0
    xfers deferred: 0
    soa queries in progress: 0
    query logging is OFF
    recursive clients: 0/1000
    tcp clients: 0/100
    server is up and running
    named (pid  1485) is running...

  2. Tidak ada service sendmail yang berjalan. Jalankan perintah di bawah sebagai user root untuk mematikan service sendmail.
    [root@vbox-server ~]# /etc/init.d/sendmail stop
    Shutting down sendmail:                                    [  OK  ]
    [root@vbox-server ~]# cd /etc/init.d
    [root@vbox-server init.d]# chkconfig --del sendmail

  3. Tidak ada service httpd yang berjalan di tcp port 80. Jalankan perintah di bawah sebagai user root untuk mematikan service httpd.
    [root@vbox-server ~]# etc/init.d/httpd stop
    Stopping httpd: 
                                                               [  OK  ]
    [root@vbox-server ~]# cd /etc/init.d
    [root@vbox-server init.d]# chkconfig --del httpd

    Jika masih memerlukan service httpd, edit file /etc/httpd/conf/httpd.conf dan ubah port default 80 ke port lain.

  4. Masukkan DVD CentOS 5.4, mount DVD dan instal systat.

    mkdir /media/CentOS mount /dev/dvd /media/CentOS yum --disablerepo=\* --enablerepo=c5-media install sysstat


Instalasi Zimbra

  1. Extract file zcs-6.0.12_GA_2883.RHEL5.20110306010832.tgz (asumsi file source ada di direktori /usr/local/src).

    cd /usr/local/src tar zxf zcs-6.0.12_GA_2883.RHEL5.20110306010832.tgz

  2. Setup zimbra. Perintah yang harus diisi ditampilkan dalam huruf tebal.

    cd zcs-6.0.12_GA_2883.RHEL5.20110306010832 ./install.sh --platform-override

    Operations logged to /tmp/install.log.32084
    Checking for existing installation...
        zimbra-ldap...NOT FOUND
        zimbra-logger...NOT FOUND
        zimbra-mta...NOT FOUND
        zimbra-snmp...NOT FOUND
        zimbra-store...NOT FOUND
        zimbra-apache...NOT FOUND
        zimbra-spell...NOT FOUND
        zimbra-convertd...NOT FOUND
        zimbra-memcached...NOT FOUND
        zimbra-proxy...NOT FOUND
        zimbra-archiving...NOT FOUND
        zimbra-cluster...NOT FOUND
        zimbra-core...NOT FOUND
    
    PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
    ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
    FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
    THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
    THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
    AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
    
    License Terms for the Zimbra Collaboration Suite:
      http://www.zimbra.com/license/zimbra_public_eula_2.1.html
    
    Do you agree with the terms of the software license agreement? [N] Y
    
    Checking for prerequisites...
         FOUND: NPTL
         FOUND: sudo-1.6.9p17-5
         FOUND: libidn-0.6.5-1.1
         FOUND: gmp-4.1.4-10
         FOUND: /usr/lib/libstdc++.so.6
    Checking for suggested prerequisites...
        FOUND: perl-5.8.8
        FOUND: sysstat
    Prerequisite check complete.
    
    Checking for installable packages
    
    Found zimbra-core
    Found zimbra-ldap
    Found zimbra-logger
    Found zimbra-mta
    Found zimbra-snmp
    Found zimbra-store
    Found zimbra-apache
    Found zimbra-spell
    Found zimbra-memcached
    Found zimbra-proxy
    
    Select the packages to install
    
    Install zimbra-ldap [Y]
    
    Install zimbra-logger [Y]
    
    Install zimbra-mta [Y]
    
    Install zimbra-snmp [Y]
    
    Install zimbra-store [Y]
    
    Install zimbra-apache [Y]
    
    Install zimbra-spell [Y]
    
    Install zimbra-memcached [N]
    
    Install zimbra-proxy [N]
    Checking required space for zimbra-core
    checking space for zimbra-store
    
    Installing:
        zimbra-core
        zimbra-ldap
        zimbra-logger
        zimbra-mta
        zimbra-snmp
        zimbra-store
        zimbra-apache
        zimbra-spell
    
    You appear to be installing packages on a platform different
    than the platform for which they were built.
    
    This platform is CentOS5
    Packages found: RHEL5
    This may or may not work.
    
    Using packages for a platform in which they were not designed for
    may result in an installation that is NOT usable. Your support
    options may be limited if you choose to continue.
    
    Install anyway? [N] Y
    
    The system will be modified.  Continue? [N] Y
    
    Removing /opt/zimbra
    Removing zimbra crontab entry...done.
    done.
    Cleaning up zimbra init scripts...done.
    Cleaning up /etc/ld.so.conf...done.
    Cleaning up /etc/prelink.conf...done.
    Cleaning up /etc/security/limits.conf...done.
    
    Finished removing Zimbra Collaboration Suite.
    
    Installing packages
    
        zimbra-core......zimbra-core-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-ldap......zimbra-ldap-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-logger......zimbra-logger-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-mta......zimbra-mta-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-snmp......zimbra-snmp-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-store......zimbra-store-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-apache......zimbra-apache-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
        zimbra-spell......zimbra-spell-6.0.12_GA_2883.RHEL5-20110306010832.i386.rpm...done
    Operations logged to /tmp/zmsetup.02082013-150930.log
    Installing LDAP configuration database...done.
    


    Berikutnya zimbra akan meresolve hostname server yakni vbox-server.centos.org karena ini tidak ada di dns maka zimbra akan menanyakan nama hostname yang bisa diresolve (isi dengan nama server zimbra server.centos.org). Setelah itu zimbra akan menanyakan alamat MX. Karena tidak ada MX record untuk server.centos.org maka isikan dengan nama domain centos.org.

    Setting defaults...No results returned for A lookup of vbox-server.centos.org
    Checked nameservers:
    	192.168.87.103
    
    DNS ERROR resolving vbox-server.centos.org
    It is suggested that the hostname be resolveable via DNS
    Change hostname [Yes]
    Please enter the logical hostname for this host [vbox-server.centos.org] server.centos.org
    
    	Interface: 192.168.87.103
    	Interface: 127.0.0.1
    
    DNS ERROR - none of the MX records for server.centos.org
    resolve to this host
    Change domain name? [Yes]
    Create domain: [server.centos.org] centos.org
    	MX: mail.centos.org (192.168.87.103)
    
    	Interface: 192.168.87.103
    	Interface: 127.0.0.1
    done.
    Checking for port conflicts
    


    Selanjutnya adalah setup password untuk admin zimbra, mematikan version update checks dan spell check server, apply config, modifikasi sistem dan seterusnya sampai zimbra restart.

    Main menu
    
       1) Common Configuration:
       2) zimbra-ldap:                             Enabled
       3) zimbra-store:                            Enabled
            +Create Admin User:                    yes
            +Admin user to create:                 admin@centos.org
    ******* +Admin Password                        UNSET
            +Enable automated spam training:       yes
            +Spam training user:                   spam.cu_ulydp@centos.org
            +Non-spam(Ham) training user:          ham.l4vdnhgf7b@centos.org
            +Global Documents Account:             wiki@centos.org
            +SMTP host:                            server.centos.org
            +Web server HTTP port:                 80
            +Web server HTTPS port:                443
            +Web server mode:                      http
            +IMAP server port:                     143
            +IMAP server SSL port:                 993
            +POP server port:                      110
            +POP server SSL port:                  995
            +Use spell check server:               yes
            +Spell server URL:                     http://server.centos.org:7780/aspell.php
            +Configure for use with mail proxy:    FALSE
            +Configure for use with web proxy:     FALSE
            +Enable version update checks:         TRUE
            +Enable version update notifications:  TRUE
            +Version update notification email:    admin@vbox-server.centos.org
            +Version update source email:          admin@vbox-server.centos.org
    
       4) zimbra-mta:                              Enabled
       5) zimbra-snmp:                             Enabled
       6) zimbra-logger:                           Enabled
       7) zimbra-spell:                            Enabled
       8) Default Class of Service Configuration:
       r) Start servers after configuration        yes
       s) Save config to file
       x) Expand menu
       q) Quit
    
    Address unconfigured (**) items  (? - help) 3
    
    Store configuration
    
       1) Status:                                  Enabled
       2) Create Admin User:                       yes
       3) Admin user to create:                    admin@centos.org
    ** 4) Admin Password                           UNSET
       5) Enable automated spam training:          yes
       6) Spam training user:                      spam.cu_ulydp@centos.org
       7) Non-spam(Ham) training user:             ham.l4vdnhgf7b@centos.org
       8) Global Documents Account:                wiki@centos.org
       9) SMTP host:                               server.centos.org
      10) Web server HTTP port:                    80
      11) Web server HTTPS port:                   443
      12) Web server mode:                         http
      13) IMAP server port:                        143
      14) IMAP server SSL port:                    993
      15) POP server port:                         110
      16) POP server SSL port:                     995
      17) Use spell check server:                  yes
      18) Spell server URL:                        http://server.centos.org:7780/aspell.php
      19) Configure for use with mail proxy:       FALSE
      20) Configure for use with web proxy:        FALSE
      21) Enable version update checks:            TRUE
      22) Enable version update notifications:     TRUE
      23) Version update notification email:       admin@vbox-server.centos.org
      24) Version update source email:             admin@vbox-server.centos.org
    
    Select, or 'r' for previous menu [r] 4
    
    Password for admin@centos.org (min 6 characters): [k3pGD2HJrE] password
    
    Store configuration
    
       1) Status:                                  Enabled
       2) Create Admin User:                       yes
       3) Admin user to create:                    admin@centos.org
       4) Admin Password                           set
       5) Enable automated spam training:          yes
       6) Spam training user:                      spam.cu_ulydp@centos.org
       7) Non-spam(Ham) training user:             ham.l4vdnhgf7b@centos.org
       8) Global Documents Account:                wiki@centos.org
       9) SMTP host:                               server.centos.org
      10) Web server HTTP port:                    80
      11) Web server HTTPS port:                   443
      12) Web server mode:                         http
      13) IMAP server port:                        143
      14) IMAP server SSL port:                    993
      15) POP server port:                         110
      16) POP server SSL port:                     995
      17) Use spell check server:                  yes
      18) Spell server URL:                        http://server.centos.org:7780/aspell.php
      19) Configure for use with mail proxy:       FALSE
      20) Configure for use with web proxy:        FALSE
      21) Enable version update checks:            TRUE
      22) Enable version update notifications:     TRUE
      23) Version update notification email:       admin@vbox-server.centos.org
      24) Version update source email:             admin@vbox-server.centos.org
    
    Select, or 'r' for previous menu [r] 21
    
    Store configuration
    
       1) Status:                                  Enabled
       2) Create Admin User:                       yes
       3) Admin user to create:                    admin@centos.org
       4) Admin Password                           set
       5) Enable automated spam training:          yes
       6) Spam training user:                      spam.cu_ulydp@centos.org
       7) Non-spam(Ham) training user:             ham.l4vdnhgf7b@centos.org
       8) Global Documents Account:                wiki@centos.org
       9) SMTP host:                               server.centos.org
      10) Web server HTTP port:                    80
      11) Web server HTTPS port:                   443
      12) Web server mode:                         http
      13) IMAP server port:                        143
      14) IMAP server SSL port:                    993
      15) POP server port:                         110
      16) POP server SSL port:                     995
      17) Use spell check server:                  yes
      18) Spell server URL:                        http://server.centos.org:7780/aspell.php
      19) Configure for use with mail proxy:       FALSE
      20) Configure for use with web proxy:        FALSE
      21) Enable version update checks:            FALSE
    
    Select, or 'r' for previous menu [r] 17
    
    Store configuration
    
       1) Status:                                  Enabled
       2) Create Admin User:                       yes
       3) Admin user to create:                    admin@centos.org
       4) Admin Password                           set
       5) Enable automated spam training:          yes
       6) Spam training user:                      spam.cu_ulydp@centos.org
       7) Non-spam(Ham) training user:             ham.l4vdnhgf7b@centos.org
       8) Global Documents Account:                wiki@centos.org
       9) SMTP host:                               server.centos.org
      10) Web server HTTP port:                    80
      11) Web server HTTPS port:                   443
      12) Web server mode:                         http
      13) IMAP server port:                        143
      14) IMAP server SSL port:                    993
      15) POP server port:                         110
      16) POP server SSL port:                     995
      17) Use spell check server:                  no
      18) Configure for use with mail proxy:       FALSE
      19) Configure for use with web proxy:        FALSE
      20) Enable version update checks:            FALSE
    
    Select, or 'r' for previous menu [r] r
    
    Main menu
    
       1) Common Configuration:
       2) zimbra-ldap:                             Enabled
       3) zimbra-store:                            Enabled
       4) zimbra-mta:                              Enabled
       5) zimbra-snmp:                             Enabled
       6) zimbra-logger:                           Enabled
       7) zimbra-spell:                            Enabled
       8) Default Class of Service Configuration:
       r) Start servers after configuration        yes
       s) Save config to file
       x) Expand menu
       q) Quit
    
    *** CONFIGURATION COMPLETE - press 'a' to apply
    Select from menu, or press 'a' to apply config (? - help) a
    Save configuration data to a file? [Yes]
    Save config in file: [/opt/zimbra/config.6154]
    Saving config in /opt/zimbra/config.6154...done.
    The system will be modified - continue? [No] Yes
    Operations logged to /tmp/zmsetup.02082013-150930.log
    Setting local config values...done.
    Setting up CA...done.
    Deploying CA to /opt/zimbra/conf/ca ...done.
    Creating SSL certificate...done.
    Installing mailboxd SSL certificates...done.
    Initializing ldap...done.
    Setting replication password...done.
    Setting Postfix password...done.
    Setting amavis password...done.
    Setting nginx password...done.
    Creating server entry for server.centos.org...done.
    Saving CA in ldap ...done.
    Saving SSL Certificate in ldap ...done.
    Setting service ports on server.centos.org...done.
    Adding server.centos.org to zimbraMailHostPool in default COS...done.
    Installing webclient skins...
    	sand...done.
    	beach...done.
    	zmail...done.
    	bones...done.
    	bare...done.
    	waves...done.
    	sky...done.
    	yahoo...done.
    	hotrod...done.
    	lake...done.
    	twilight...done.
    	oasis...done.
    	steel...done.
    	pebble...done.
    	lemongrass...done.
    	tree...done.
    	lavender...done.
    	smoke...done.
    Finished installing webclient skins.
    Setting zimbraFeatureIMEnabled=FALSE...done.
    Setting zimbraFeatureTasksEnabled=TRUE...done.
    Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
    Setting zimbraFeatureNotebookEnabled=TRUE...done.
    Setting MTA auth host...done.
    Setting TimeZone Preference...done.
    Initializing mta config...done.
    Setting services on server.centos.org...done.
    Creating domain centos.org...done.
    Setting default domain name...done.
    Creating domain centos.org...already exists.
    Creating admin account admin@centos.org...done.
    Creating root alias...done.
    Creating postmaster alias...done.
    Creating user wiki@centos.org...done.
    Creating user spam.cu_ulydp@centos.org...done.
    Creating user ham.l4vdnhgf7b@centos.org...done.
    Setting spam training accounts...done.
    Initializing store sql database...done.
    Setting zimbraSmtpHostname for server.centos.org...done.
    Configuring SNMP...done.
    Checking for default IM conference room...not present.
    Initializing default IM conference room...done.
    Setting up syslog.conf...done.
    
    You have the option of notifying Zimbra of your installation.
    This helps us to track the uptake of the Zimbra Collaboration Suite.
    The only information that will be transmitted is:
    	The VERSION of zcs installed (6.0.12_GA_2883_CentOS5)
    	The ADMIN EMAIL ADDRESS created (admin@centos.org)
    
    Notify Zimbra of your installation? [Yes] No
    Notification skipped
    Starting servers...done.
    Installing common zimlets...
    	com_zimbra_ymemoticons...done.
    	com_zimbra_date...done.
    	com_zimbra_url...done.
    	com_zimbra_cert_manager...done.
    	com_zimbra_bulkprovision...done.
    	com_zimbra_email...done.
    	com_zimbra_adminversioncheck...done.
    	com_zimbra_phone...done.
    	com_zimbra_dnd...done.
    Finished installing common zimlets.
    Initializing Documents...done.
    Restarting mailboxd...done.
    Setting up zimbra crontab...done.
    
    Moving /tmp/zmsetup.02082013-150930.log to /opt/zimbra/log
    
    Configuration complete - press return to exit
    

  3. Cek apakah zimbra telah running.

    su - zimbra zmcontrol status

    Host server.centos.org
    	antispam                Running
    	antivirus               Running
    	ldap                    Running
    	logger                  Running
    	mailbox                 Running
    	mta                     Running
    	snmp                    Running
    	spell                   Running
    	stats                   Running

  4. Selanjutnya adalah tuning zimbra. Kita akan matikan service yang tidak begitu perlu: snmp, spell dan logger.

    zmprov ms server.centos.org -zimbraServiceEnabled snmp zmprov ms server.centos.org -zimbraServiceEnabled spell zmprov ms server.centos.org -zimbraServiceEnabled logger zmcontrol restart

    Host server.centos.org
    	Stopping stats...Done.
    	Stopping mta...Done.
    	Stopping spell...Done.
    	Stopping snmp...Done.
    	Stopping archiving...Done.
    	Stopping antivirus...Done.
    	Stopping antispam...Done.
    	Stopping imapproxy...Done.
    	Stopping memcached...Done.
    	Stopping mailbox...Done.
    	Stopping logger...Done.
    	Stopping ldap...Done.
    Host server.centos.org
    	Starting ldap...Done.
    	Starting mailbox...Done.
    	Starting antispam...Done.
    	Starting antivirus...Done.
    	Starting mta...Done.
    	Starting stats...Done.
    
    [zimbra@vbox-server ~]$ zmcontrol status
    Host server.centos.org
    	antispam                Running
    	antivirus               Running
    	ldap                    Running
    	mailbox                 Running
    	mta                     Running
    	stats                   Running


Konfigurasi Zimbra LDAP

Yang dilakukan dalam proses ini adalah:

  • Menambahkan NIS Schema kedalam Zimbra LDAP
  • Menambahkan Samba Schema kedalam Zimbra LDAP
  • Menambahkan Indeks kedalam LDAP Schema
  • Restart Service Zimbra
  • Menambahkan 2 user (zmposix dan zmposixroot) dengan default password
  • Mengubah ACL LDAP
  • Menambahkan Admin Extension Zimbra Posfix Account dan Zimbra Samba Extension

Berikut langkah-langkahnya:

  1. Buat direktori /tmp/zcs-samba.

    mkdir /tmp/zcs-samba

  2. Extract file zcs-samba.zip. Simpan filenya ke /tmp/zcs-samba kecuali zcs-samba-auto.sh simpan di /tmp.

    cp zcs-samba-auto.sh /tmp cp samba-schema.tar.gz /tmp/zcs-samba cp posixusers.ldif /tmp/zcs-samba cp indexes.ldif /tmp/zcs-samba chown -R zimbra. /tmp/zcs-samba

  3. Edit file /tmp/zcs-samba-auto.sh. Ganti variable PASSWORD, gidBase dan uidBase, home directory, serta samba schema jika perlu.
    ..
    # PARAMETER
    # Change this password
    PASSWD="password"
    # GID & UID
    gidBase=12000
    uidBase=11000
    # change this default home path
    homePath='/home/%u'
    # samba schema (sesuaikan file schema sesuai dengan versi samba yang diinstal)
    # Jika pakai samba hasil instalasi centos 5.4
    SMBSCHEMA='/usr/share/doc/samba-3.0.33/LDAP/samba.schema'
    # Jika pakai samba hasil instalasi dari versi 3.4.8
    # SMBSCHEMA='/usr/share/doc/samba-doc-3.4.8/LDAP/samba.schema'
    ...

  4. Ubah format file /tmp/zcs-samba-auto.sh menjadi unix dan set file mode ke 755.

    cd /tmp dos2unix zcs-samba-auto.sh chmod 755 zcs-samba-auto.sh

  5. Eksekusi !
    [root@vbox-server tmp]# su - zimbra
    [zimbra@vbox-server ~]$ cd /tmp
    [zimbra@vbox-server tmp]$ ./zcs-samba-auto.sh
    
    ==> Getting Zimbra parameter...
    Domain : centos.org
    Hostname : vbox-server.centos.org
    Zimbra LDAP Password : U0Csv8Ve
    LDAP Prefix : dc=centos,dc=org
    ZMPOSIX_LDAP_PASSWORD : password
    ZMPOSIXROOT_LDAP_PASSWORD : password
    
    ==> Configuring NIS Schema...
    Killing slapd with pid 2870 done.
    Started slapd: pid 24536
    
    ==> Configuring Samba Schema...
    ./
    ./cn=config.ldif
    ./test.conf
    ./schema/
    ./schema/samba.schema
    ./cn=config/
    ./cn=config/olcDatabase={-1}frontend.ldif
    ./cn=config/olcDatabase={0}config.ldif
    ./cn=config/cn=schema/
    ./cn=config/cn=schema/cn={11}samba.ldif
    ./cn=config/cn=schema/cn={1}cosine.ldif
    ./cn=config/cn=schema/cn={2}inetorgperson.ldif
    ./cn=config/cn=schema/cn={0}core.ldif
    ./cn=config/cn=schema.ldif
    Killing slapd with pid 24536 done.
    Started slapd: pid 24622
    
    ==> Add indexes for PAM & Samba...
    modifying entry "olcDatabase={2}hdb,cn=config"
    
    ==> Create user for local posix and Samba...
    adding new entry "uid=zmposix,cn=appaccts,cn=zimbra"
    
    adding new entry "uid=zmposixroot,cn=appaccts,cn=zimbra"
    
    ==> Adjust LDAP ACL...
    modifying entry "olcDatabase={2}hdb,cn=config"
    
    modifying entry "olcDatabase={2}hdb,cn=config"
    
    ==> Configuring posixAccount and sambaSamAccount...
    
    Deleting root alias.....
    
    Proceed to Installing zimbra_posixaccount and zimbra_samba extensions for Zimbra Admin
    
    [] INFO: Deploying on server.centos.org
    [] INFO: Deploy initiated.  Check the server's mailbox.log for the status.
    [] INFO: Deploying on server.centos.org
    [] INFO: Deploy initiated.  Check the server's mailbox.log for the status.
    [] INFO: Configure zimlet on server.centos.org
    [] INFO: Configure initiated.  (check the servers mailbox.log for the status)
    [] INFO: Configure zimlet on server.centos.org
    [] INFO: Configure initiated.  (check the servers mailbox.log for the status)
    
    Zimbra LDAP configuration has been setup successfully...


Konfigurasi Samba Server untuk menggunakan Zimbra LDAP sebagai Centralized Database dan Primary Domain Controller

Edit file konfigurasi samba /etc/samba/smb.conf. Simpan file konfigurasi sebelumnya menjadi /etc/samba/smb.conf.default. Ganti beberapa parameter di bawah ini sesuai dengan kebutuhan anda.

  • workgroup = …
  • netbios name = …
  • passdb backend = ldapsam:ldap://Nama_Server_Zimbra/
  • logon home = \\IP_Address_Server_Samba\%U

Isi file /etc/samba/smb.conf

[global]
  workgroup = DOMAIN4
  netbios name = Server
  os level = 33
  preferred master = yes
  enable privileges = yes
  server string = %h Server (SAMBA)
  wins support =yes
  dns proxy = no
  name resolve order = wins bcast hosts
  log file = /var/log/samba/log.%m
  log level = 3
  max log size = 1000
  syslog only = no
  syslog = 0
  panic action = /usr/share/samba/panic-action %d
  security = user
  encrypt passwords = true
  ldap passwd sync = yes
  passdb backend = ldapsam:ldap://server.centos.org/
  ldap admin dn = "cn=config"
  ldap suffix = dc=centos,dc=org
  ldap group suffix = ou=groups
  ldap user suffix = ou=people
  ldap machine suffix = ou=machines
  obey pam restrictions = no
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
  domain logons = yes
  # logon path di bawah ini untuk roaming profile
  # logon path = \\192.168.87.103\%U\profile
  logon path =
  ldap ssl = no
  logon drive = P:
  logon home = \\192.168.87.103\%U
  logon script = logon.cmd
  add user script = /usr/sbin/useradd "%u" -n -g users
  add group script = /usr/sbin/groupadd "%g"
  add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
  delete user script = /usr/sbin/userdel "%u"
  delete user from group script = /usr/sbin/userdel "%u" "%g"
  delete group script = /usr/sbin/groupdel "%g"
  socket options = TCP_NODELAY
  domain master = yes
  local master = yes
[homes]
  comment = Home Directories
  browseable =no
  read only = No
  valid users = %S
[netlogon]
  comment = Network Logon Service
  path = /var/lib/samba/netlogon
  guest ok = yes
  locking = no
[profiles]
  comment = Users profiles
  path = /var/lib/samba/profiles
  read only = No
  store dos attributes = Yes
  create mask = 0600
  directory mask = 0700
  browseable = no
  guest ok = no
  printable = no
[profdata]
  comment = Profile Data Share
  path = /var/lib/samba/profdata
  read only = No
  profile acls = Yes
[printers]
  comment = All Printers
  browseable = no
  path = /tmp
  printable = yes
  public = no
  writable = no
  create mode = 0700
[print$]
  comment = Printer Drivers
  path = /var/lib/samba/printers
  browseable = yes
  read only = yes
  guest ok = no


Konfigurasi Server Linux untuk menggunakan Zimbra LDAP sebagai Centralized Database

  1. Sebagai user root lihat resources yang digunakan untuk autentikasi sistem dengan perintah autconfig –test.
    [root@vbox-server ~]# authconfig --test
    caching is enabled
    nss_files is always enabled
    nss_compat is disabled
    nss_db is disabled
    nss_hesiod is disabled
     hesiod LHS = ""
     hesiod RHS = ""
    nss_ldap is enabled
     LDAP+TLS is disabled
     LDAP server = "ldap://127.0.0.1/"
     LDAP base DN = "dc=example,dc=com"
    nss_nis is disabled
     NIS server = ""
     NIS domain = ""
    nss_nisplus is disabled
    nss_winbind is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
     SMB security = "user"
     SMB realm = ""
     Winbind template shell = "/bin/false"
     SMB idmap uid = "16777216-33554431"
     SMB idmap gid = "16777216-33554431"
    nss_wins is disabled
    pam_unix is always enabled
     shadow passwords are enabled
     password hashing algorithm is md5
    pam_krb5 is disabled
     krb5 realm = "EXAMPLE.COM"
     krb5 realm via dns is disabled
     krb5 kdc = "kerberos.example.com:88"
     krb5 kdc via dns is disabled
     krb5 admin server = "kerberos.example.com:749"
    pam_ldap is enabled
    
     LDAP+TLS is disabled
     LDAP server = "ldap://127.0.0.1/"
     LDAP base DN = "dc=example,dc=com"
    pam_pkcs11 is disabled
    
     use only smartcard for login is disabled
     smartcard module = "coolkey"
     smartcard removal action = "Ignore"
    pam_smb_auth is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
    pam_winbind is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
     SMB security = "user"
     SMB realm = ""
    pam_cracklib is enabled (try_first_pass retry=3)
    pam_passwdqc is disabled ()
    pam_access is disabled ()
    pam_mkhomedir is disabled ()
    Always authorize local users is disabled ()
    Authenticate system accounts against network services is disabled
    
    In most cases the following command will do the job (although some manual editing will still be needed):

  2. Bakup dahulu file /etc/nsswitch.conf dan /etc/pam.d/system-auth-ac.

    cp /etc/nsswitch.conf /etc/nsswitch.conf.default cp /etc/pam.d/system-auth-ac /etc/pam.d/system-auth-ac.default

  3. Sebelum menjalankan perintah authconfig sebagai user root untuk rekonfigurasi sumber autentikasi sistem dapatkan dahulu password zimbra ldap.

    sudo -u zimbra /opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password zimbra_ldap_password = U0Csv8Ve

    Perintah authconfig akan memodifikasi file /etc/nsswitch.conf dan /etc/pam.d/system-auth-ac untuk menggunakan resource LDAP sebagai autentikasi.


    authconfig --enableldap --enableldapauth --disablenis --enablecache --ldapserver=server.centos.org --ldapbasedn=dc=centos,dc=org --updateall Stopping nscd: [ OK ] Starting nscd:

  4. Lihat kembali resources yang digunakan untuk autentikasi sistem dengan perintah autconfig–test.
    [root@vbox-server ~]# authconfig --test
    caching is enabled
    nss_files is always enabled
    nss_compat is disabled
    nss_db is disabled
    nss_hesiod is disabled
     hesiod LHS = ""
     hesiod RHS = ""
    nss_ldap is enabled
     LDAP+TLS is disabled
     LDAP server = "ldap://server.centos.org/"
     LDAP base DN = "dc=centos,dc=org"
    nss_nis is disabled
     NIS server = ""
     NIS domain = ""
    nss_nisplus is disabled
    nss_winbind is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
     SMB security = "user"
     SMB realm = ""
     Winbind template shell = "/bin/false"
     SMB idmap uid = "16777216-33554431"
     SMB idmap gid = "16777216-33554431"
    nss_wins is disabled
    pam_unix is always enabled
     shadow passwords are enabled
     password hashing algorithm is md5
    pam_krb5 is disabled
     krb5 realm = "EXAMPLE.COM"
     krb5 realm via dns is disabled
     krb5 kdc = "kerberos.example.com:88"
     krb5 kdc via dns is disabled
     krb5 admin server = "kerberos.example.com:749"
    pam_ldap is enabled
    
     LDAP+TLS is disabled
     LDAP server = "ldap://server.centos.org/"
     LDAP base DN = "dc=centos,dc=org"
    pam_pkcs11 is disabled
    
     use only smartcard for login is disabled
     smartcard module = "coolkey"
     smartcard removal action = "Ignore"
    pam_smb_auth is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
    pam_winbind is disabled
     SMB workgroup = "DOMAIN4"
     SMB servers = ""
     SMB security = "user"
     SMB realm = ""
    pam_cracklib is enabled (try_first_pass retry=3)
    pam_passwdqc is disabled ()
    pam_access is disabled ()
    pam_mkhomedir is disabled ()
    Always authorize local users is disabled ()
    Authenticate system accounts against network services is disabled

  5. Selanjutnya edit file /etc/ldap.conf secara manual, gunakan password zimbra ldap yang telah diperoleh dari langkah sebelumnya. Bagian yang musti diubah di file /etc/ldap.conf ditandai dengan cetak tebal.
    binddn cn=config
    bindpw U0Csv8Ve
    uri ldap://server.centos.org/
    base dc=centos,dc=org
    ssl no
    tls_cacertdir /etc/openldap/cacerts
    pam_password md5
    bind_policy soft
    timelimit 120
    bind_timelimit 120

  6. Setup koneksi samba ke Zimbra LDAP menggunakan password root dalam hal ini menggunakan password zimbra ldap.

    PASSLDAP=`sudo -u zimbra /opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` smbpasswd -w $PASSLDAP

    Selain itu tambahkan user root ke dalam file lokal smbpasswd. Password sama seperti yang digunakan user root untuk login ke server.


    smbpasswd -a root


    Start samba dan lihat status samba yang sedang running.

    [root@vbox-server ~]# /etc/init.d/smb start
    Starting SMB services:                                     [  OK  ]
    Starting NMB services:                                     [  OK  ]
    
    [root@vbox-server ~]# /etc/init.d/smb status
    smbd dead but pid file exists
    nmbd (pid  7184) is running...
    
    [root@vbox-server ~]# tail /var/log/samba/log.smbd 
    [2013/02/12 09:28:26, 3] smbd/sec_ctx.c:push_sec_ctx(208)
      push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
    [2013/02/12 09:28:26, 3] smbd/uid.c:push_conn_ctx(358)
      push_conn_ctx(0) : conn_ctx_stack_ndx = 0
    [2013/02/12 09:28:26, 3] smbd/sec_ctx.c:set_sec_ctx(241)
      setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
    [2013/02/12 09:28:26, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
      pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
    [2013/02/12 09:28:26, 0] smbd/server.c:main(1059)
      ERROR: failed to setup guest info.

    Hm, rupanya samba masih error? Jangan kuatir masalah ini akan solve sebentar lagi🙂.

Menambahkan user & group linux dan samba menggunakan utility ldapadd

Dalam tahapan ini kita tidak menggunakan Zimbra Admin User Interface untuk mmenambahkan user & group linux dan samba melainkan menggunakan ldapadd.

  • Dapatkan Samba SID (Security IDentifier).


    [root@vbox-server ~]# /usr/bin/net GETLOCALSID |cut -f6 -d' ' S-1-5-21-1508648254-3288735373-2858972520

    Atau jika menggunakan nama domain


    [root@vbox-server ~]# /usr/bin/net GETLOCALSID DOMAIN4|cut -f6 -d' ' S-1-5-21-1508648254-3288735373-2858972520

    Catatan: Samba SID ini bilangan unik.

  • Buat file ldif (Lightweight Directory Interchange Format) dengan vi atau nano. Kita namakan filenya sambaDomainName.ldif dan simpan di folder /tmp. Edit bagian yang bercetak tebal.
    dn: sambaDomainName=DOMAIN4,dc=centos,dc=org
    sambaDomainName: DOMAIN4
    sambaSID: S-1-5-21-1508648254-3288735373-2858972520
    sambaAlgorithmicRidBase: 1000
    objectClass: sambaDomain
    sambaNextUserRid: 1000
    sambaMinPwdLength: 5
    sambaLogonToChgPwd: 0
    sambaMaxPwdAge: -1
    sambaLockoutDuration: 30
    sambaLockoutObservationWindow: 30
    sambaLockoutThreshold: 0
    sambaForceLogoff: -1
    sambaRefuseMachinePwdChange: 0
    sambaMinPwdAge: 0
    sambaPwdHistoryLength: 0
    sambaNextRid: 1252

    Selanjutnya tambahkan data ldif ke Zimbra LDAP dengan perintah ldapadd. Untuk ini login sebagai user zimbra.


    su - zimbra PASSLDAP=`zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` ldapadd -v -H ldap://server.centos.org/ -x -w $PASSLDAP -c -D "uid=zimbra,cn=admins,cn=zimbra" -f /tmp/sambaDomainName.ldif ldap_initialize( ldap://server.centos.org:389/??base ) add sambaDomainName: DOMAIN4 add sambaSID: S-1-5-21-1508648254-3288735373-2858972520 add sambaAlgorithmicRidBase: 1000 add objectClass: sambaDomain add sambaNextUserRid: 1000 add sambaMinPwdLength: 5 add sambaLogonToChgPwd: 0 add sambaMaxPwdAge: -1 add sambaLockoutDuration: 30 add sambaLockoutObservationWindow: 30 add sambaLockoutThreshold: 0 add sambaForceLogoff: -1 add sambaRefuseMachinePwdChange: 0 add sambaMinPwdAge: 0 add sambaPwdHistoryLength: 0 add sambaNextRid: 1252 adding new entry "sambaDomainName=DOMAIN4,dc=centos,dc=org" modify complete

  • Berikutnya berturut-turut buat file groups.ldif, machines.ldif, DomainAdmins.ldif, dan DomainUsers.ldif. Simpan ketiganya di folder /tmp. Edit bagian yang bercetak tebal. SambaSID berturut-turut untuk Domain Admins dan Domain Users adalah SambaSID-512 dan SambaSID-513.

    /tmp/groups.ldif

    dn: ou=groups,dc=centos,dc=org
    cn: groups
    objectClass: organizationalRole
    ou: groups


    /tmp/machines.ldif

    dn: ou=machines,dc=centos,dc=org
    cn: machines
    objectClass: organizationalRole
    ou: machines


    /tmp/DomainAdmins.ldif

    dn: cn=Domain Admins,ou=groups,dc=centos,dc=org
    cn: Domain Admins
    description: Domain Admins
    gidNumber: 12001
    memberUid: 1
    objectClass: posixGroup
    objectClass: sambaGroupMapping
    sambaGroupType: 2
    sambaSID: S-1-5-21-1508648254-3288735373-2858972520-512


    /tmp/DomainUsers.ldif

    dn: cn=Domain Users,ou=groups,dc=centos,dc=org
    cn: Domain Users
    description: Domain Users
    displayName: Domain Users
    gidNumber: 12002
    memberUid: 2
    objectClass: posixGroup
    objectClass: sambaGroupMapping
    sambaGroupType: 2
    sambaSID: S-1-5-21-1508648254-3288735373-2858972520-513


    Selanjutnya tambahkan ke-4 data ldif tersebut ke Zimbra LDAP dengan perintah ldapadd.


    PASSLDAP=`zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` ldapadd -v -H ldap://server.centos.org/ -x -w $PASSLDAP -c -D "uid=zimbra,cn=admins,cn=zimbra" -f /tmp/groups.ldif ldap_initialize( ldap://server.centos.org:389/??base ) add cn: groups add objectClass: organizationalRole add ou: groups adding new entry "ou=groups,dc=centos,dc=org" modify complete


    PASSLDAP=`zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` ldapadd -v -H ldap://server.centos.org/ -x -w $PASSLDAP -c -D "uid=zimbra,cn=admins,cn=zimbra" -f /tmp/machines.ldif ldap_initialize( ldap://server.centos.org:389/??base ) add cn: machines add objectClass: organizationalRole add ou: machines adding new entry "ou=machines,dc=centos,dc=org" modify complete

    PASSLDAP=`zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'`
    ldapadd -v -H ldap://server.centos.org/ -x -w $PASSLDAP -c -D "uid=zimbra,cn=admins,cn=zimbra" -f  /tmp/DomainAdmins.ldif
    
    ldap_initialize( ldap://server.centos.org:389/??base )
    add cn:
    	Domain Admins
    add description:
    	Domain Admins
    add gidNumber:
    	12001
    add memberUid:
    	1
    add objectClass:
    	posixGroup
    	sambaGroupMapping
    add sambaGroupType:
    	2
    add sambaSID:
    	S-1-5-21-1508648254-3288735373-2858972520-512
    adding new entry "cn=Domain Admins,ou=groups,dc=centos,dc=org"
    modify complete

    PASSLDAP=`zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'`
    ldapadd -v -H ldap://server.centos.org/ -x -w $PASSLDAP -c -D "uid=zimbra,cn=admins,cn=zimbra" -f  /tmp/DomainUsers.ldif
    
    ldap_initialize( ldap://server.centos.org:389/??base )
    add cn:
    	Domain Users
    add description:
    	Domain Users
    add displayName:
    	Domain Users
    add gidNumber:
    	12002
    add memberUid:
    	2
    add objectClass:
    	posixGroup
    	sambaGroupMapping
    add sambaGroupType:
    	2
    add sambaSID:
    	S-1-5-21-1508648254-3288735373-2858972520-513
    adding new entry "cn=Domain Users,ou=groups,dc=centos,dc=org"
    modify complete

  • Restart samba.
    [root@vbox-server ~]# /etc/init.d/smb restart
    Shutting down SMB services:                                [FAILED]
    Shutting down NMB services:                                [  OK  ]
    Starting SMB services:                                     [  OK  ]
    Starting NMB services:                                     [  OK  ]
    
    [root@vbox-server ~]# /etc/init.d/smb status
    smbd (pid  9531) is running...
    nmbd (pid  9534) is running...

    Setelah itu jalankan perintah di bawah menggunakan hak akses root untuk memberi kewenangan pada group Domain Admins. Gunakan password root dan ganti nama domain centos.org dengan yang sesuai:


    net rpc rights grant "centos.org\Domain Admins" SeAddUsersPrivilege SeMachineAccountPrivilege SePrintOperatorPrivilege Password: Successfully granted rights.

  • Update Profile User admin
    Jalankan perintah berikut untuk memodifikasi membership dan profile account admin yang pernah dibuat sebelumnya saat Zimbra belum digabungkan dengan Samba. Sesuaikan nama domain. User admin diberi uidNumber 11000 dan gidNumber 12001. SambaSID-nya adalah angka SambaSID domain, dalam hal ini DOMAIN4, dikombinasikan dengan (uidNumber*2)+1000.


    whoami root /usr/bin/net GETLOCALSID |cut -f6 -d' ' S-1-5-21-1508648254-3288735373-2858972520 su - zimbra zmprov ma admin@centos.org +objectClass posixAccount uidNumber 11000 gidNumber 12001 homeDirectory /home/admin loginShell /bin/false zmprov ma admin@centos.org +objectClass sambaSamAccount sambaDomainName DOMAIN4 sambaSID "S-1-5-21-1508648254-3288735373-2858972520-23000" sambaAcctFlags [UX]

  • Test dengan getent dan pdbedit
    [root@vbox-server ~]# getent passwd|tail
    named:x:25:25:Named:/var/named:/sbin/nologin
    sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
    rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
    nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
    haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
    avahi-autoipd:x:100:104:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
    xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
    zimbra:x:500:500::/opt/zimbra:/bin/bash
    postfix:x:501:501::/opt/zimbra/postfix:/bin/bash
    admin:*:11000:12001:admin:/home/admin:/bin/false
    
    [root@vbox-server ~]# getent group|tail
    rpcuser:x:29:
    nfsnobody:x:65534:
    haldaemon:x:68:
    avahi-autoipd:x:104:
    xfs:x:43:
    zimbra:x:500:
    postfix:x:501:zimbra
    postdrop:x:502:
    Domain Admins:*:12001:1
    Domain Users:*:12002:2
    
    [root@vbox-server ~]# pdbedit -Lv admin
    
    smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMAIN4))]
    smbldap_open_connection: connection opened
    ldap_connect_system: successful connection to the LDAP server
    smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMAIN4))]
    smbldap_open_connection: connection opened
    ldap_connect_system: successful connection to the LDAP server
    init_sam_from_ldap: Entry found for user: admin
    Unix username:        admin
    NT username:          admin
    Account Flags:        [UX         ]
    User SID:             S-1-5-21-1508648254-3288735373-2858972520-23000
    init_group_from_ldap: Entry found for group: 12001
    init_group_from_ldap: Entry found for group: 12001
    Primary Group SID:    S-1-5-21-1508648254-3288735373-2858972520-512
    Full Name:            admin
    Home Directory:       \\192.168.87.103\admin
    HomeDir Drive:        P:
    Logon Script:         logon.cmd
    Profile Path:         
    Domain:               DOMAIN4
    Account desc:         Administrative Account
    Workstations:         
    Munged dial:          
    Logon time:           0
    Logoff time:          never
    Kickoff time:         never
    Password last set:    0
    Password can change:  0
    Password must change: 0
    Last bad password   : 0
    Bad password count  : 0
    Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Instalasi zimbraSambaPassword

Ini diperlukan apabila kita menginginkan password samba terintegrasi dengan password user zimbra. Secara default apabila user mengganti password melalui webmail zimbra ini tidak akan mengubah password samba (baca: password untuk logon domain).

  • Download zimbraSambaPassword.zip
  • Extract zimbraSambaPassword.zip
  • Ikuti petunjuk di README.txt
[root@vbox-server ~]# cd /tmp
[root@vbox-server tmp]# unzip zimbraSambaPassword.zip
[root@vbox-server tmp]# ls
install.sh  mkntpwd.tar.gz  README.txt  sambapassword.jar

[root@vbox-server tmp]# chmod 755 install.sh 
[root@vbox-server tmp]# ./install.sh 
ERROR: Unknown option 
./install.sh -[hiu]

-h|--help             Usage
-i|--install          Install extension
-u|--uninstall        Uninstall extension

[root@vbox-server tmp]# ./install.sh -i
Checking for existing installation...

Shutting down Zimbra
Host server.centos.org
	Stopping stats...Done.
	Stopping mta...Done.
	Stopping spell...Done.
	Stopping snmp...Done.
	Stopping archiving...Done.
	Stopping antivirus...Done.
	Stopping antispam...Done.
	Stopping imapproxy...Done.
	Stopping memcached...Done.
	Stopping mailbox...Done.
	Stopping logger...Done.
	Stopping ldap...Done.

Installing zimbraSambaPassword extension

Installing mkntpwd binary
gcc  -O2 -DMPU8086        -c -o getopt.o getopt.c
gcc  -O2 -DMPU8086        -c -o md4.o md4.c
md4.c: In function ‘mdfour’:
md4.c:144: warning: incompatible implicit declaration of built-in function ‘memcpy’
gcc  -O2 -DMPU8086        -c -o mkntpwd.o mkntpwd.c
mkntpwd.c: In function ‘main’:
mkntpwd.c:37: warning: return type of ‘main’ is not ‘int’
gcc  -O2 -DMPU8086        -c -o smbdes.o smbdes.c
gcc  -O2 -DMPU8086       -o mkntpwd getopt.o        md4.o           mkntpwd.o       smbdes.o

Starting up Zimbra
Host server.centos.org
	Starting ldap...Done.
	Starting mailbox...Done.
	Starting antispam...Done.
	Starting antivirus...Done.
	Starting mta...Done.
	Starting stats...Done.

Registering zimbraSambaPassword extension

Screenshot

zimbra-0

zimbra-1

zimbra-2

zimbra-2-1-1

zimbra-2-1-2

zimbra-2-2-1

zimbra-2-2-2

zimbra-3

zimbra-4

Referensi:

  1. Kumpulan Artikel & Tutorial Mengenai Zimbra Mail Server
  2. UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI
  3. SAMBA LDAP Accounts
  4. Well-known security identifiers in Windows operating systems
  5. LDAP for Rocket Scientists

 
Last update: 2014-08-24 20:00 +07:00
 
Reason for update:

  • Update script zcs-samba-auto.sh

Written by awarmanf

February 19, 2013 at 9:41 am

Posted in Linux

Tagged with , ,

11 Responses

Subscribe to comments with RSS.

  1. Terimakasih banyak atas postingan yang sangat membantu saya dan mungkim yang lain,

    Btw saya mau nanya soal problem yang saya dapatkan pada saat membuka zimbra admin interface

    Warning! Failed to create ou=groups,dc=ubuntu,dc=local for Posix groups!

    mungkin ada saran dan masukan pada masalah saya.

    TKS

    johny

    May 7, 2013 at 7:16 pm

  2. This design is wicked! You definitely know how to keep a reader
    amused. Between your wit and your videos, I was almost moved to start my own blog
    (well, almost…HaHa!) Excellent job. I really loved what you
    had to say, and more than that, how you presented it. Too cool!

    fashion wanita

    June 16, 2013 at 3:10 pm

  3. Excellent blog right here! Additionally your website loads up very fast!

    What web host are you using? Can I get your affiliate
    link in your host? I wish my web site loaded up as quickly as yours lol

    sekolah pilot

    June 20, 2013 at 10:15 pm

  4. […] Instalasi ZCS-6.0.16 Untuk langkah ini bisa baca panduan: Instalasi Zimbra+Samba PDC Untuk Menggantikan Windows Active Directory+MS Exchange Server. […]

  5. Any idea if this will work on CentOS 6.5?

    tim

    February 14, 2014 at 4:13 pm

  6. […] Berbeda dengan instalasi Zimbra + Samba PDC seperti di versi sebelumnya yakni versi 6 untuk instalasi Zimbra 7.2.5 dengan samba PDC menggunakan teknik tersendiri. Teknik ini diperoleh penulis setelah beberapa kali mencoba. Pada prinsipnya instalasi ini mirip seperti di Instalasi Zimbra+Samba PDC Untuk Menggantikan Windows Active Directory+MS Exchange Server. […]

  7. […] Berbeda dengan instalasi Zimbra + Samba PDC seperti di versi sebelumnya yakni versi 6 untuk instalasi Zimbra 7.2.5 dengan samba PDC menggunakan teknik tersendiri. Teknik ini diperoleh penulis setelah beberapa kali mencoba. Pada prinsipnya instalasi ini mirip seperti di Instalasi Zimbra+Samba PDC Untuk Menggantikan Windows Active Directory+MS Exchange Server. […]

  8. […] Instalasi Zimbra 6.0.12 + Samba 3.4.8 PDC di CentOS 5.4 […]

  9. […] dari awal, pembaca bisa mencari referensi di internet atau menggunakan referensi penulis tulis Instalasi Zimbra+Samba PDC Untuk Menggantikan Windows Active Directory+MS Exchange Server Konfigurasi di Server Mail Untuk contoh ini email dari dan ke yudi@server.org akan dibackup. […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: