|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
--- smbldap.conf
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
+++ smbldap.conf
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
452e2b7 |
@@ -33,12 +33,12 @@
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Put your own SID. To obtain this number do: "net getlocalsid".
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# If not defined, parameter is taking from "net getlocalsid" return
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
fe34639 |
-SID="S-1-5-21-2252255531-4061614174-2474224977"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
fe34639 |
+#SID="S-1-5-21-2252255531-4061614174-2474224977"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Domain name the Samba server is in charged.
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# If not defined, parameter is taking from smb.conf configuration file
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Ex: sambaDomain="IDEALX-NT"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
fe34639 |
-sambaDomain="DOMSMB"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
fe34639 |
+#sambaDomain="DOMSMB"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
##############################################################################
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
#
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
@@ -76,15 +76,15 @@ verify="require"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# CA certificate
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# see "man Net::LDAP" in start_tls section for more details
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
-cafile="/etc/smbldap-tools/ca.pem"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
+cafile="/etc/pki/tls/certs/ldapserverca.pem"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# certificate to use to connect to the ldap server
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# see "man Net::LDAP" in start_tls section for more details
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
2485da4 |
-clientcert="/etc/smbldap-tools/smbldap-tools.example.com.pem"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
+clientcert="/etc/pki/tls/certs/ldapclient.pem"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# key certificate to use to connect to the ldap server
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# see "man Net::LDAP" in start_tls section for more details
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
2485da4 |
-clientkey="/etc/smbldap-tools/smbldap-tools.example.com.key"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
+clientkey="/etc/pki/tls/certs/ldapclientkey.pem"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# LDAP Suffix
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Ex: suffix=dc=IDEALX,dc=ORG
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
@@ -93,7 +93,7 @@ suffix="dc=example,dc=com"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Where are stored Users
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
-usersdn="ou=Users,${suffix}"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
+usersdn="ou=People,${suffix}"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Where are stored Computers
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
@@ -103,7 +103,7 @@ computersdn="ou=Computers,${suffix}"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Where are stored Groups
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
-groupsdn="ou=Groups,${suffix}"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
+groupsdn="ou=Group,${suffix}"
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
6b65005 |
# Where are stored Idmap entries (used if samba is a domain member server)
|
|
![](https://seccdn.libravatar.org/avatar/b1ea9b9c6af4f6c514e29d99c9ca5df476b457dd240b3fc14286c5f50f2ff406?s=16&d=retro) |
38c3c43 |
# Ex: idmapdn="ou=Idmap,dc=IDEALX,dc=ORG"
|