To configure your SoftNAS Instance as an LDAP Client, allowing you to integrate LDAP Users, you can do so via the UI by navigating to and expanding Identity and Access Control, under Settings, in the Storage Administration pane. For those familiar with command line configuration, and/or pre-existing configurations they wish to apply quickly, LDAP client configurations can be added through Samba.
This article walks the client through LDAP Client configuration via SAMBA.
Samba LDAP schema
The following steps must be performed on the LDAP server:
Create conversion file schema_convert.conf somewhere with content(make sure the paths exist):
include /etc/openldap/schema/core.schema include /etc/openldap/schema/collective.schema include /etc/openldap/schema/corba.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/samba.schema
Create a temporary directory labeled /tmp/ldap_schemas and run conversion with said directory as the target:
# dn for search request if LDAP server doesn't allow anonymous search
# password for search dn
In /etc/nsswitch.conf add ldap at the end of passwd, group and shadow options. It should look like this:
passwd: compat winbind ldap
group: compat winbind ldap
shadow: compat ldap
The following steps must be performed on the SoftNAS host:
Replace the [global]section with the below data in /etc/samba/smb.conf and replace passdb backend, ldap suufix, ldap, user suffix, ldap group suffix, ldap admin dn with their respective actual values (ldap admin dn should have rights to edit users dn's):