Put the matlab license info in a file called license.dat. This file should then be placed in the $MATLAB_HOME/bin/win32 or $MATLAB_HOME/bin/win64 directory.
Archive for May, 2007
Everything is finally working, but it’s not ideal. I basically got here by following the instructions on this page. I created a new user and here is the info from ldap:
# mkh, people, gray.uchicago.edu dn: uid=mkh,ou=people,dc=gray,dc=uchicago,dc=edu uid: mkh cn: Me Help givenName: Me sn: Help objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount loginShell: /bin/tcsh mail: mkh@frodo.uchicago.edu uidNumber: 2001 gidNumber: 200 homeDirectory: /users/mkh sambaSID: S-1-5-5004 userPassword:: e2NyeXB0fSQxJFVaZllIVk1ZJGJmZWo1SHB1RVVidHFrRDVraE9JTC8= sambaNTPassword: 880AAD1DE8956477793C417928DE4C25 sambaLMPassword: CC348B8E03291947AAD3B435B51404EE sambaAcctFlags: [U ]
Working down the list, everything is as it was before messing with samba until get to the objectClass: sambaSamAccount line. This object needed to be added for samba to work. This object also requires the sambaSID field. The sambaSID if found by using the same three fields (S-1-5) as the SambaDomainName. The fourth field is found by mulitplying the uidNumber (2001) by 2 (=4002) and adding 1000 to it (=5002).
Even though only sambaSID is required, samba won’t work without the other fields: sambaNTPassword, sambaLMPassword and sambaAcctFlags. I actually never added sambaAcctFlags, it just showed up after I added something else. It is interesting to note though, that originally sambaAcctFlags came up with this value [DU ]. The first ‘D’ meant to disable the samba account. So, even though I had everything set up correctly, it didn’t work because the account was disabled. After I changed it and got rid of the D, everything worked fine.
sambaNTPassword and sambaLMPassword are created by running the mkntpwd command. The source for this command was found in /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools/mkntpwd. I ran make in this directory to create the executable. I then linked it to /usr/local/bin.
Now the problem is that LDAP uses the userPassword field to connect, but samba uses the sambaNTPassword. So, if a user changes their password, it’s not going to change the sambaNTPassword and that will not allow the user to use samba to mount the other disks. This is bad. But I think we can work with this. I just have to turn off password changing everywhere and set up a webpage to do this.
Each user needs to have the SambaSamAccount objectClass added and the sambaSID. Here is the ldif file I used to do this:
[root@gray openldap]# more addsamba.ldif dn: uid=mheintz,ou=people,dc=gray,dc=uchicago,dc=edu changetype: modify add: objectClass objectClass: sambaSAMAccount - changetype: modify add: sambaSID sambaSID: S-1-5-5000
Note that the sambaSID is the same first three fields (S-1-5) as the sambaDomainName sambaSID. The last field is found by multiplying the uid by 2 and adding 1000.
The ldapsearch command can simply be used as ldapsearch -x to see everything in the database. The -x means to use simple authentication instead of SASL authentication. When this command is used though, user passwords (even encrypted ones) will not be shown in the output. To see the userpassword field, use:
ldapsearch -x -D “cn=Manager,dc=gray,dc=uchicago,dc=edu” -W
and enter the password.
Things are still not working, but I have learned this. In smb.conf, the line:
ldap admin dn = cn=Manager,dc=gray,dc=uchicago,dc=edu
will work, as long as the password set in secrets.tdb (done with smbpasswd -p password) is the same as the encrypted one in slapd.conf.
My latest idea is to set samba up as my primary domain controller and then use LDAP for authentication. I’m not sure if this is a good idea or not, but I decided that I wanted to try it.
First things, according to some websites I’ve read, I need to install smbldap-tools. I couldn’t find an rpm for this, but then found that they were included with the samba rpm. Location: /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools. Then, to install them, I need to do the following:
copy the perl scripts to /usr/local/sbin
smbpasswd -w secret to set up ldap admin password in secrets.tdb. (I did this and didn’t use secret)
I need to do something else, but I’m not exactly sure what it is. I’ll add on when I figure it out.
Ok, this is just wrong. I don’t need a primary domain controller. All I want to be able to do is have the windows logons use the linux ldap server for access. And, have the linux samba server use the same ldap server for authentication. A PDC brings up profiles and all that other crap I don’t want to deal with. So, I’m going back to just trying to figure out how to get samba to use the ldap server for authentication.