IMPORTANT:Samba users must be created in a container at or below the Base Context for Samba Users that you specified when you installed Samba. By default, the base context is the container where the eDirectory admin user object resides. If you need to change the context, see the instructions in Section B.2.4, Changing the LDAP Suffix.
The eDirectory users must also be assigned a Samba-compliant password policy, such as the Samba Default Password Policy provided in OES. A password policy can be assigned to individual users containers, or partitions. It is generally easier to assign the policy at the container level. For more information, see the online help for the iManager Passwords task.
Step 3 below instructs you on how to assign the default Samba policy to User object containers. However, you also have two other options:
If you want to create a new policy, go to Section 11.2.3, Creating a New Samba-Qualified Password Policy.
If you want to modify an existing policy, go to Section 11.2.4, Modifying an Existing Password Policy for Samba.
If you create your own policy or modify an existing policy, be sure to select the appropriate policy in place of the Samba Default Password Policy in Step 3.
User objects that don’t meet these requirements cannot be enabled for Samba access.
In your browser, enter the iManager URL (http://IP_address_or_DNS_name/iManager.html) and log in as the eDirectory Admin user or equivalent.
In the Roles and Tasks view, select Directory Administration > Create Object > Organizational Unit and create the OU object at the correct context for your Samba users.
To assign the default Samba Password Policy to the new container, select Passwords > Password Policies > Samba Default Password Policy.
On the Password Policy page, click the Policy Assignment tab.
Browse to and select the container object you created for your Samba users, then click OK > OK.
Continue with Section 7.1.2, Creating eDirectory Users in iManager.
IMPORTANT:If you want to create home directories for your users as part of the user-creation process, you must create an NSS volume or an NCP volume for the directories before completing the following procedure. For more information, see Managing NSS Volumes
in the OES 11 SP3: NSS File System Administration Guide for Linux or Creating NCP Volumes on Linux File Systems
in the OES 11 SP3: NCP Server for Linux Administration Guide.
In iManager’s Roles and Tasks view, select Users > Create User.
HINT:To see whether a User object already exists, click the View Objects icon. Click the Search tab. Set the Type to User, and click Search. All currently defined User objects are listed.
For Username, specify the corresponding Windows user account name. You must also specify the user’s last name in the Last Name field. Specifying the first name is optional.
For Context, be sure to select the container you created for your Samba users in Section 7.1.1, Creating an eDirectory Container for User Objects.
For Password, specify an eDirectory password that matches the Windows password for the user.
IMPORTANT:Do not select Set simple password even though the interface indicates it is required for native Windows file access. As long as the Samba Password Policy has been set on the container or partition before you create the user, a Universal Password is created by default, which makes it much easier for users to keep their passwords synchronized.
(Conditional) If you have an NSS or NCP volume available and you want the user’s home directory to be created automatically, select the Create Home Directory option.
Browse to and select the volume, then specify the path to where you want the user’s home directory to be created.
NOTE:The path you specify must already exist on the NSS or NCP volume.
Type or select any other information you want associated with the user, such as Title and Location.
Click OK.
Click Repeat Task to create another user, or click OK to finish.
After creating eDirectory users for all of your Windows workstation users that you want to have Samba access, continue with Section 7.2, Creating a Samba Group.