This article was first written in October 2004 for the BeezNest technical website (http://glasnost.beeznest.org/articles/179).
- install package ifenslave-2.6 
- make sure the real NICs kernel modules are loaded automatically
- edit /etc/network/interfaces to look like this:
iface bond0 inet static address 10.31.1.5 netmask 255.255.255.0 network 10.31.1.0 gateway 10.31.1.254 up /sbin/ifenslave bond0 eth0 eth1 down /sbin/ifenslave -d bond0 eth0 eth1
- comment or borrow the lines referring to your real NICs in the same file
- add the following lines to your /etc/modprobe.d/arch/i386:
alias bond0 bonding options bonding mode=1 miimon=100 downdelay=200 updelay=200
 see HOWTO Setup Bonding Ethernet on Debian with a 2.4 kernel for 2.4.x kernels
This article was first written in October 2004 for the BeezNest technical website (http://glasnost.beeznest.org/articles/180).
Starting from Debian Sarge, the Samba version which ship with Debian is 3.0.x. This is the first real version to support well being a PDC while using LDAP as backend.
Here is how to use Samba as PDC with LDAP backend for authentication on Debian.
Install the following packages, which are all part of Samba
- samba: The server itself
- samba-doc: The documentation (very complete)
- smbclient: FTP-like client for SMB/CiFS
- swat: Samba Web Administration Tool (web interface to configure Samba and access the full documentation through a browser, if installed)
Aside, we will install LDAP
- slapd: the server itself
Some companies provide useful tools to help in the setting up of a Samba server with LDAP as PDC:
- smbldap-tools: IDEALX tools for Samba use to ease installation and migration when using together with LDAP
Configure the Name Service Switch to use LDAP
Install package libnss-ldap and configure it according to the LDAP configuration .
Edit /etc/nsswitch.conf by adding a mention ldap to the end of the three following lines: passwd:, group:, shadow: and a mention wins to the end of the line hosts:.
Configure PAM to also use LDAP
Install package libpam-ldap and configure it according to the LDAP configuration.
Edit /etc/pam.d/common-account and add the following line before the existing second line:
account sufficient pam_ldap.so account required pam_unix.so
Edit /etc/pam.d/common-auth and add the following line before the existing second line:
auth sufficient pam_ldap.so auth required pam_unix.so nullok_secure
Edit /etc/pam.d/common-password and add the following line before the existing second line:
password sufficient pam_ldap.so password required pam_unix.so nullok obscure min=4 max=8 md5
Set the LDAP password in Samba
Samba stores its passwords in /var/lib/samba/secrets.tdb, and also stores there the LDAP admin password to use to connect to OpenLDAP. To set/change the password:
smbpasswd -w MySecretPassword
where MySecretPassword is LDAP’s admin password.
WARNING: with that configuration, it asks twice to type password to authenticate anyone! TODO
Add the Samba schema to OpenLDAP’s list of schemas
An example that you can copy “as is” (well, you just need to unzip it first) is available in /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz in /etc/ldap/schemas and edit /etc/ldap/slapd.conf to use it.
Configure /etc/ldap/ldap.conf and /etc/ldap/slapd.conf.
Tools to manage it afterwards
LDAP Account Manager (LAM) (web-based frontend to Samba accounts for machines, users and groups in LDAP) or phpLDAPadmin (which is not specific for managing Samba, but can also manage addressbooks, UNIX authentication, …).
Create your machines in the Domain
To be continued…
 it will configure /etc/libnss-ldap.conf