source: trunk/puppet/modules/puppet-openldap/templates/smbldap.conf.erb @ 444

Last change on this file since 444 was 444, checked in by sebas, 14 years ago

clone del trabajo este git://github.com/camptocamp/puppet-openldap.git : vamos agregando algunas funciones

File size: 7.5 KB
Line 
1
2# $Source: /opt/cvs/samba/smbldap-tools/configure.pl,v
3# smbldap-tools.conf : Q & D configuration file for smbldap-tools
4
5#  This code was developped by IDEALX (http://IDEALX.org/) and
6#  contributors (their names can be found in the CONTRIBUTORS file).
7#
8#                 Copyright (C) 2001-2002 IDEALX
9#
10#  This program is free software; you can redistribute it and/or
11#  modify it under the terms of the GNU General Public License
12#  as published by the Free Software Foundation; either version 2
13#  of the License, or (at your option) any later version.
14#
15#  This program is distributed in the hope that it will be useful,
16#  but WITHOUT ANY WARRANTY; without even the implied warranty of
17#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18#  GNU General Public License for more details.
19#
20#  You should have received a copy of the GNU General Public License
21#  along with this program; if not, write to the Free Software
22#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
23#  USA.
24
25#  Purpose :
26#       . be the configuration file for all smbldap-tools scripts
27
28##############################################################################
29#
30# General Configuration
31#
32##############################################################################
33
34# Put your own SID. To obtain this number do: "net getlocalsid".
35# If not defined, parameter is taking from "net getlocalsid" return
36SID="<%= localsid %>"
37
38# Domain name the Samba server is in charged.
39# If not defined, parameter is taking from smb.conf configuration file
40# Ex: sambaDomain="IDEALX-NT"
41sambaDomain="<%= samba_domain_name %>"
42
43##############################################################################
44#
45# LDAP Configuration
46#
47##############################################################################
48
49# Notes: to use to dual ldap servers backend for Samba, you must patch
50# Samba with the dual-head patch from IDEALX. If not using this patch
51# just use the same server for slaveLDAP and masterLDAP.
52# Those two servers declarations can also be used when you have
53# . one master LDAP server where all writing operations must be done
54# . one slave LDAP server where all reading operations must be done
55#   (typically a replication directory)
56
57# Slave LDAP server
58# Ex: slaveLDAP=127.0.0.1
59# If not defined, parameter is set to "127.0.0.1"
60# slaveLDAP=""
61
62# Slave LDAP port
63# If not defined, parameter is set to "389"
64slavePort="389"
65
66# Master LDAP server: needed for write operations
67# Ex: masterLDAP=127.0.0.1
68# If not defined, parameter is set to "127.0.0.1"
69# masterLDAP=""
70
71# Master LDAP port
72# If not defined, parameter is set to "389"
73masterPort="389"
74
75# Use TLS for LDAP
76# If set to 1, this option will use start_tls for connection
77# (you should also used the port 389)
78# If not defined, parameter is set to "1"
79ldapTLS="0"
80
81# How to verify the server's certificate (none, optional or require)
82# see "man Net::LDAP" in start_tls section for more details
83#verify="none"
84
85# CA certificate
86# see "man Net::LDAP" in start_tls section for more details
87#cafile="/etc/smbldap-tools//ca.pem"
88
89# certificate to use to connect to the ldap server
90# see "man Net::LDAP" in start_tls section for more details
91#clientcert="/etc/smbldap-tools//smbldap-tools.pem"
92
93# key certificate to use to connect to the ldap server
94# see "man Net::LDAP" in start_tls section for more details
95#clientkey="/etc/smbldap-tools//smbldap-tools.key"
96
97# LDAP Suffix
98# Ex: suffix=dc=IDEALX,dc=ORG
99suffix="<%= ldap_base %>"
100
101# Where are stored Users
102# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
103# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
104usersdn="ou=users,${suffix}"
105
106# Where are stored Computers
107# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
108# Warning: if 'suffix' is not set here, you must set the full dn for computersdn
109computersdn="ou=computers,${suffix}"
110
111# Where are stored Groups
112# Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG"
113# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
114groupsdn="ou=groups,${suffix}"
115
116# Where are stored Idmap entries (used if samba is a domain member server)
117# Ex: groupsdn="ou=Idmap,dc=IDEALX,dc=ORG"
118# Warning: if 'suffix' is not set here, you must set the full dn for idmapdn
119idmapdn="ou=idmap,${suffix}"
120
121# Where to store next uidNumber and gidNumber available for new users and groups
122# If not defined, entries are stored in sambaDomainName object.
123# Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
124# Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
125sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
126
127# Default scope Used
128scope="sub"
129
130# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
131hash_encrypt="SSHA"
132
133# if hash_encrypt is set to CRYPT, you may set a salt format.
134# default is "%s", but many systems will generate MD5 hashed
135# passwords if you use "$1$%.8s". This parameter is optional!
136crypt_salt_format="$1$%.8s"
137
138##############################################################################
139#
140# Unix Accounts Configuration
141#
142##############################################################################
143
144# Login defs
145# Default Login Shell
146# Ex: userLoginShell="/bin/bash"
147userLoginShell="/bin/bash"
148
149# Home directory
150# Ex: userHome="/home/%U"
151userHome="/home/%U"
152
153# Default mode used for user homeDirectory
154userHomeDirectoryMode="751"
155
156# Gecos
157userGecos="User"
158
159# Default User (POSIX and Samba) GID
160defaultUserGid="513"
161
162# Default Computer (Samba) GID
163defaultComputerGid="515"
164
165# Skel dir
166skeletonDir="/etc/skel"
167
168# Default password validation time (time in days) Comment the next line if
169# you don't want password to be enable for defaultMaxPasswordAge days (be
170# careful to the sambaPwdMustChange attribute's value)
171#defaultMaxPasswordAge="40000"
172
173##############################################################################
174#
175# SAMBA Configuration
176#
177##############################################################################
178
179# The UNC path to home drives location (%U username substitution)
180# Just set it to a null string if you want to use the smb.conf 'logon home'
181# directive and/or disable roaming profiles
182# Ex: userSmbHome="\\PDC-SMB3\%U"
183userSmbHome=""
184
185# The UNC path to profiles locations (%U username substitution)
186# Just set it to a null string if you want to use the smb.conf 'logon path'
187# directive and/or disable roaming profiles
188# Ex: userProfile="\\PDC-SMB3\profiles\%U"
189userProfile=""
190
191# The default Home Drive Letter mapping
192# (will be automatically mapped at logon time if home directory exist)
193# Ex: userHomeDrive="H:"
194userHomeDrive="H:"
195
196# The default user netlogon script name (%U username substitution)
197# if not used, will be automatically username.cmd
198# make sure script file is edited under dos
199# Ex: userScript="startup.cmd" # make sure script file is edited under dos
200userScript=""
201
202# Domain appended to the users "mail"-attribute
203# when smbldap-useradd -M is used
204# Ex: mailDomain="idealx.com"
205mailDomain="<%= domain %>"
206
207##############################################################################
208#
209# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
210#
211##############################################################################
212
213# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
214# prefer Crypt::SmbHash library
215with_smbpasswd="0"
216smbpasswd="/usr/bin/smbpasswd"
217
218# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
219# but prefer Crypt:: libraries
220with_slappasswd="0"
221slappasswd="/usr/sbin/slappasswd"
222
223# comment out the following line to get rid of the default banner
224# no_banner="1"
Note: See TracBrowser for help on using the repository browser.