# $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ # $Id: smbldap.conf,v 1.6 2004/02/07 16:58:52 jtournier Exp $ # # smbldap-tools.conf : Q & D configuration file for smbldap-tools # This code was developped by IDEALX (http://IDEALX.org/) and # contributors (their names can be found in the CONTRIBUTORS file). # # Copyright (C) 2001-2002 IDEALX # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, # USA. # Purpose : # . be the configuration file for all smbldap-tools scripts ############################################################################## # # General Configuration # ############################################################################## # UID and GID starting at... UID_START="10000" GID_START="10000" # Put your own SID # to obtain this number do: net getlocalsid SID="S-1-5-21-3777331929-1837441497-3139219028" ############################################################################## # # LDAP Configuration # ############################################################################## # Notes: to use to dual ldap servers backend for Samba, you must patch # Samba with the dual-head patch from IDEALX. If not using this patch # just use the same server for slaveLDAP and masterLDAP. # Those two servers declarations can also be used when you have # . one master LDAP server where all writing operations must be done # . one slave LDAP server where all reading operations must be done # (typically a replication directory) # Ex: slaveLDAP=127.0.0.1 slaveLDAP="gsr.pt" slavePort="389" # Master LDAP : needed for write operations # Ex: masterLDAP=127.0.0.1 masterLDAP="gsr.pt" masterPort="389" # Use TLS for LDAP # If set to 1, this option will use start_tls for connection # (you should also used the port 389) ldapTLS="0" # How to verify the server's certificate (none, optional or require) # see "man Net::LDAP" in start_tls section for more details verify="" # CA certificate # see "man Net::LDAP" in start_tls section for more details cafile="" # certificate to use to connect to the ldap server # see "man Net::LDAP" in start_tls section for more details clientcert="" # key certificate to use to connect to the ldap server # see "man Net::LDAP" in start_tls section for more details clientkey="" # LDAP Suffix # Ex: suffix=dc=IDEALX,dc=ORG suffix="dc=gsr,dc=pt" # Where are stored Users # Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" usersdn="ou=people,dc=gsr,dc=pt" # Where are stored Computers # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" computersdn="ou=machines,dc=gsr,dc=pt" # Where are stored Groups # Ex groupsdn="ou=Groups,dc=IDEALX,dc=ORG" groupsdn="ou=groups,dc=gsr,dc=pt" # Default scope Used scope="sub" # Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) hash_encrypt="MD5" ############################################################################## # # Unix Accounts Configuration # ############################################################################## # Login defs # Default Login Shell # Ex: userLoginShell="/bin/bash" userLoginShell="/bin/bash" # Home directory prefix (without username) # Ex: userHomePrefix="/home/" userHomePrefix="/home/samba/users" # Gecos userGecos="System User" # Default User (POSIX and Samba) GID defaultUserGid="10001" # Default Computer (Samba) GID defaultComputerGid="10001" # Skel dir skeletonDir="/etc/skel" # Default password validation time (time in days) Comment the next line if # you don't want password to be enable for defaultMaxPasswordAge days (be # careful to the sambaPwdMustChange attribute's value) defaultMaxPasswordAge="0" ############################################################################## # # SAMBA Configuration # ############################################################################## # The UNC path to home drives location without the username last extension # (will be dynamically prepended) # Ex: \\My-PDC-netbios-name\homes # Just set it to a null string if you want to use the smb.conf 'logon home' # directive and/or desabling roaming profiles userSmbHome="\\\\TODOSCSI\\" # The UNC path to profiles locations without the username last extension # (will be dynamically prepended) # Ex: \\My-PDC-netbios-name\profiles\ # Just set it to a null string if you want to use the smb.conf 'logon path' # directive and/or desabling roaming profiles userProfile="\\\\TODOSCSI\\profiles\\" # The default Home Drive Letter mapping # (will be automatically mapped at logon time if home directory exist) # Ex: q(U:) for U: userHomeDrive="H:" # The default user netlogon script name # if not used, will be automatically username.cmd # make sure script file is edited under dos userScript="" ############################################################################## # # SMBLDAP-TOOLS Configuration (default are ok for a RedHat) # ############################################################################## # Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but # prefer mkntpwd... most of the time, it's a wise choice :-) with_smbpasswd="0" smbpasswd="/usr/bin/smbpasswd" mk_ntpasswd="/usr/local/sbin/mkntpwd" |