From 3f0764c47679e2b2fe78e6fd6a94a2fd80681e64 Mon Sep 17 00:00:00 2001
From: Robin Sonnabend <robin@fsmpi.rwth-aachen.de>
Date: Mon, 15 May 2017 20:39:40 +0200
Subject: [PATCH] Configure using TLS in ad-server

---
 ad-server/templates/smb.conf.j2 | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/ad-server/templates/smb.conf.j2 b/ad-server/templates/smb.conf.j2
index 32827e1..28331af 100644
--- a/ad-server/templates/smb.conf.j2
+++ b/ad-server/templates/smb.conf.j2
@@ -14,10 +14,13 @@
 
         username map = /etc/samba/usermap.map
 
-	kdc:service ticket lifetime = {{ service_ticket_lifetime }}
-	kdc:user ticket lifetime = {{ user_ticket_lifetime }}
-	kdc:renewal lifetime = {{ renewal_lifetime }}
+        kdc:service ticket lifetime = {{ service_ticket_lifetime }}
+        kdc:user ticket lifetime = {{ user_ticket_lifetime }}
+        kdc:renewal lifetime = {{ renewal_lifetime }}
 
+        tls enabled = yes
+        tls keyfile = {{smb_tls_key}}
+        tls certfile = {{smb_tls_cert}}
 
 
 [netlogon]
-- 
GitLab