This document contains a couple of notes I have taken on the subject
of integrating Kolab with Samba and PAM, it will serve to complete a howto
in the near-term future.

Links:

- An introduction to perl-ldap
http://www.linuxjournal.com/article.php?sid=7086

- LDAP Multiple Domain
http://www.yolinux.com/TUTORIALS/LinuxTutorialLDAP-LDIF-example1.html

- Using OpenLDAP for User Authentication
http://linsec.ca/bin/view/Main/OpenLDAPAuth

- Samba-3 by Example (chapter 6 is excellent)
http://www.samba.org/samba/docs/man/Samba-Guide/

- Password Sync
http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#passwd_sync

- The Official Samba-3 HOWTO and Reference Guide (chapter 10)
http://docs.biostat.wustl.edu/samba/docs/htmldocs/howto/index.html

Pre-requisites:
# libldap2
# openldap
# openldap-clients
# openldap-migration
# openldap-servers
# nss_ldap
# pam_ldap

To see if it works:
[root@ldap]# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

Modify:
/etc/ldap.conf (nss_ldap)
/etc/ldap.secret (nss_ldap)
/etc/openldap/ldap.conf (openldap)
/etc/openldap/ldapserver (openldap)
/etc/nsswitch.conf (glibc)
/etc/pam.d/system-auth (pam)
/etc/samba/smb.conf (samba-common)

To see if it works:
[root@ldap]# getent hosts
[root@ldap]# getent group
[root@ldap]# getent passwd
[root@ldap]# getent shadow

For Samba: pdbedit -P "min password length" -C 1
           Kolab can accept any password, so you have to change
           the default password length to 1, otherwise the user
           can have his password rejected and not know about it

You can have the home directory auto-created by using:

/etc/pam.d/system-auth
session     required      pam_mkhomedir.so skel=/etc/skel umask=022

/etc/samba/smb/conf
obey pam restrictions = yes

Then, in Kolab, you can use the following command:
smbclient \\\\server\\homes -c "exit" -U <user>%<passwd>

The home directory will automatically be created!


sambaPwdMustChange: 2147483647 is date +%s -d "Mon Jan 18 22:15:00 EDT 2038"


We need to chmod 755 /usr/sbin/mkntpwd, or change it to group kolab
