configuration-templates
/samba/4/standalone/smb.conf.ldap |
@@ -10,6 +10,7 @@ |
## ## |
## Requirements: ## |
## * Samba 4.x ## |
## * smbldap-tools ## |
## ## |
## File placement layout: ## |
## / ## |
@@ -31,6 +32,7 @@ |
# Configuration for LDAP authentication backend. |
# The setup assumes that all samba entries are children of the "samba" |
# organizational unit. |
server role = classic primary domain controller |
passdb backend = ldapsam:ldap://example.com |
ldap suffix = ou=samba,dc=example,dc=com |
ldap admin dn = cn=admin,dc=example,dc=com |
@@ -39,4 +41,14 @@ |
ldap group suffix = ou=Groups |
ldap machine suffix = ou=Computers |
ldap idmap suffix = ou=Idmap |
ldap password sync = yes |
ldap password sync = yes |
# Scripts - requires smbldap-tools to be installed. |
add user script = /usr/sbin/smbldap-useradd -m '%u' -t 1 |
rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' |
delete user script = /usr/sbin/smbldap-userdel '%u' |
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' |
add group script = /usr/sbin/smbldap-groupadd -p '%g' |
delete group script = /usr/sbin/smbldap-groupdel '%g' |
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' |
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' |
add machine script = /usr/sbin/smbldap-useradd -w '%u' -t 1 |