Samba e OpenLDAP: creare un controller di dominio con Debian Lenny: differenze tra le versioni

Vai alla navigazione Vai alla ricerca
Riga 402: Riga 402:
'''/etc/smbldap-tools/smbldap.conf''':
'''/etc/smbldap-tools/smbldap.conf''':
<pre>
<pre>
#
# Purpose :
# . be the configuration file for all smbldap-tools scripts
##############################################################################
##############################################################################
##
##
Riga 410: Riga 407:
# ##############################################################################
# ##############################################################################
# Put your own SID. To obtain this number do: "net getlocalsid".
# Put your own SID. To obtain this number do: "net getlocalsid".
# If not defined, parameter is taking from "net getlocalsid" return
SID="S-1-5-21-125945932-740595490-3132273231"
SID="S-1-5-21-125945932-740595490-3132273231"
# Domain name the Samba server is in charged.
# Domain name the Samba server is in charged.
# If not defined, parameter is taking from smb.conf configuration file
sambaDomain="DOMINIO"
sambaDomain="DOMINIO"
realm="DOMINIO.LOCAL"
##############################################################################
##############################################################################
#
#
Riga 421: Riga 419:
##############################################################################
##############################################################################
# Slave LDAP server
# Slave LDAP server
# If not defined, parameter is set to "127.0.0.1"
slaveLDAP="127.0.0.1"
slaveLDAP="127.0.0.1"
# Slave LDAP port
# Slave LDAP port
# If not defined, parameter is set to "389"
slavePort="389"
slavePort="389"
# Master LDAP server: needed for write operations
# Master LDAP server: needed for write operations
# If not defined, parameter is set to "127.0.0.1"
masterLDAP="127.0.0.1"
masterLDAP="127.0.0.1"
# Master LDAP port
# Master LDAP port
# If not defined, parameter is set to "389"
masterPort="389"
masterPort="389"
# Use TLS for LDAP
# Use TLS for LDAP
# If set to 1, this option will use start_tls for connection
# If set to 1, this option will use start_tls for connection
# (you should also used the port 389)
ldapTLS="1"
# If not defined, parameter is set to "1"
 
ldapTLS="0"
# How to verify the server's certificate (none, optional or require)
# How to verify the server's certificate (none, optional or require)
verify="require"
verify="require"
# CA certificate
# CA certificate
cafile="/etc/smbldap-tools/ca.pem"
cafile="/etc/ldap/ssl/cacert.pem"
# certificate to use to connect to the ldap server
# certificate to use to connect to the ldap server
clientcert="/etc/smbldap-tools/smbldap-tools.pem"
clientcert="/etc/ldap/ssl/servercrt.pem"
# key certificate to use to connect to the ldap server
# key certificate to use to connect to the ldap server
clientkey="/etc/smbldap-tools/smbldap-tools.key"
clientkey="/etc/ldap/ssl/serverkey.pem"
 
# LDAP Suffix
# LDAP Suffix
suffix="dc=dominio,dc=local"
suffix="dc=dominio,dc=local"
# Where are stored Users
# Where are stored Users
# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
usersdn="ou=Users,${suffix}"
usersdn="ou=Users,${suffix}"
# Where are stored Computers
# Where are stored Computers
# Warning: if 'suffix' is not set here, you must set the full dn for computersdn
computersdn="ou=Computers,${suffix}"
computersdn="ou=Computers,${suffix}"
# Where are stored Groups
# Where are stored Groups
# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
groupsdn="ou=Groups,${suffix}"
groupsdn="ou=Groups,${suffix}"
# Where are stored Idmap entries (used if samba is a domain member server)
# Where are stored Idmap entries (used if samba is a domain member server)
# Warning: if 'suffix' is not set here, you must set the full dn for idmapdn
idmapdn="ou=Idmap,${suffix}"
#idmapdn="ou=Idmap,${suffix}"
# Where to store next uidNumber and gidNumber available for new users and groups
# Where to store next uidNumber and gidNumber available for new users and groups
# If not defined, entries are stored in sambaDomainName object.
sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
# Default scope Used
# Default scope Used
scope="sub"
scope="sub"
# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
hash_encrypt="MD5"
hash_encrypt="MD5"
Riga 470: Riga 463:
# passwords if you use "$1$%.8s". This parameter is optional!
# passwords if you use "$1$%.8s". This parameter is optional!
crypt_salt_format="%s"
crypt_salt_format="%s"
##############################################################################
##############################################################################
#
#

Menu di navigazione