Wiki

User Tools

Site Tools

Trace:
ldap:samba

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

ldap:samba [2016/11/11 14:37] – created peterldap:samba [2019/11/30 13:44] (current) – removed peter
Line 1: Line 1:
-====== LDAP - Samba ====== 
- 
-Configuring the PDC based on LDAP (Minor Part option omitted): 
- 
-<file bash smb.conf> 
-[global] 
-   workgroup = EXAMPLE 
- 
-   security = user 
-   encrypt passwords = yes 
- 
-   obey pam restrictions = yes 
-  
-   local master = yes 
-   os level = 33 
-   domain master = yes  
-   preferred master = yes 
-   domain logons = yes 
- 
-   passdb backend = ldapsam:"ldapi:// ldaps://ldap2.example.com" 
-   idmap backend = ldapsam:"ldapi:// ldaps://ldap2.example.com" 
-   ldap admin dn = uid=samba,ou=System,dc=example,dc=com 
-   ldap suffix = dc=example,dc=com 
-   ldap machine suffix = ou=Hosts 
-   ldap user suffix = ou=People 
-   ldap group suffix = ou=Group 
-   ldap idmap suffix = ou=Idmap 
- 
-   ldap passwd sync = only 
-   ldap delete dn = yes 
- 
-;   ldapsam:trusted = yes 
-;   ldapsam:editposix = yes 
- 
-;   add user script = /usr/sbin/smbldap-useradd '%u' 
-   delete user script = /usr/sbin/smbldap-userdel '%u' 
-;   add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' 
-;   delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' 
-;   set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' 
-;   add group script = /usr/sbin/smbldap-groupadd '%g' && /usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}' 
-;   delete group script = /usr/sbin/smbldap-userdel '%g' 
-   add machine script = /usr/sbin/smbldap-useradd -W -d /dev/null -g Machines -c 'Machine Account' -s /bin/false '%u' 
-   # for renaming machines 
-#   rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' 
-</file> 
- 
- 
-Selected options from /etc/smbldap-tools/smbldap.conf 
- 
-<file bash /etc/smbldap-tools/smbldap.conf> 
-slaveLDAP="127.0.0.1" 
-slavePort="389" 
-masterLDAP="127.0.0.1" 
-masterPort="389" 
-ldapTLS="0" 
-verify="none" 
- 
-suffix="dc=example,dc=com" 
-usersdn="ou=Users,${suffix}" 
-computersdn="ou=Machines,${suffix}" 
-groupsdn="ou=Groups,${suffix}" 
-idmapdn="ou=Idmap,${suffix}" 
-sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}" 
- 
-scope="sub" 
-hash_encrypt="SSHA" 
-crypt_salt_format="%s" 
-</file> 
  
ldap/samba.1478875073.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki