smb.conf.j2 1022 Bytes
Newer Older
Hinrikus Wolf's avatar
Hinrikus Wolf committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

# Global parameters
[global]
        workgroup = {{ smb_domain }}
        realm = {{ REALM }}
        netbios name = {{ ansible_hostname }}
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
        idmap config uid : range = 10000-20000
        idmap config gid : range = 10000-20000
        template shell = /bin/bash
        template homedir = /home/%U
        registry shares = no

        username map = /etc/samba/usermap.map

17
18
19
        kdc:service ticket lifetime = {{ service_ticket_lifetime }}
        kdc:user ticket lifetime = {{ user_ticket_lifetime }}
        kdc:renewal lifetime = {{ renewal_lifetime }}
20

21
        tls enabled = yes
22
23
        tls cafile = {{smb_tls_chain}}
        #tls cafile = /etc/ssl/certs/rwth_chain.pem
24
25
        tls keyfile = {{smb_tls_key}}
        tls certfile = {{smb_tls_cert}}
26
27


Hinrikus Wolf's avatar
Hinrikus Wolf committed
28
29
30
31
32
33
34
35
36
[netlogon]
        path = /var/lib/samba/sysvol/{{ domain }}/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No