Chapter 4 System Configuration
© 2017 Harmonic Inc. All rights reserved. 132 Harmonic MediaGrid Release 4.1
Joining a Harmonic MediaGrid Cluster to a Lightweight Directory Access Protocol
(LDAP) Domain
4. Create a Samba machine account with the hostname of the ContentBridge. You will need to
provide the password for the user. For example, for a High Bandwidth ContentBridge with
hostname
hbcb205:
[root@eng-ldap ~]# /var/lib/samba/sbin/smbldap-useradd -w -i hbcb205
5. Check if the account is created. For example, for a High Bandwidth ContentBridge with
hostname
hbcb205:
[root@eng-ldap ~]# /var/lib/samba/sbin/smbldap-usershow hbcb205$
NOTE: Configuring different ContentBridges in a Harmonic MediaGrid cluster with different directory
access authentication protocols (for example, ADS, LDAP, and OpenDirectory) is not supported. The
following set of steps will reset the authentication mechanism for all ContentBridges in the cluster.
Configuring Samba Settings on the High Bandwidth ContentBridge
1. Connect a monitor and keyboard to the High Bandwidth ContentBridge.
2. Log on to the High Bandwidth ContentBridge using the following user name and password:
User name: ovnuser
Password: OVN@SvCaUsa
3. Stop smb service. For example, for a High Bandwidth ContentBridge with hostname
hbcb205:
[root@hbcb205 ~]# service smb stop
4. Update the following configuration file:
/opt/omclb/conf/smb.conf
Note the following settings:
security = DOMAIN
workgroup = <domain_name>
password server = <ldap_FQDN>
add user script = /opt/omutils/bin/omadduser %u
a. Replace
domain_name with the LDAP domain using the distinguished name of the search
base in the LDAP server configuration, which is the name that uniquely identifies an entry
in the directory.
b. Replace
ldap_FQDN with the Fully Qualified Domain Name of the LDAP server.
5. Copy
/opt/omclb/conf/smb.conf to /etc/samba/smb.conf.
Joining the High Bandwidth ContentBridge to the LDAP Domain
1. Make sure you are logged in to the High Bandwidth ContentBridge, and then enter the
following command:
net rpc join -U<ldap_admin>%<ldap_admin_password> -S <ldap_FQDN>
The following example shows the expected result:
Joined domain SNV-ENG.
[root@hbcb205 ~]#
2. Remove any “CB” entries that provide access to individual users from the /etc/gateway.conf
and /etc/passwd files.
a. Open
/etc/gateway.conf and delete entries for individual users beginning with “CB.”
b. Open
/etc/passwd and delete entries for the same individual users (the entries do not
contain “CB” in this file).
3. Restart the gateway service. For example, for a High Bandwidth ContentBridge with hostname
hbcb205:
To Next Page
Loading...
