Next: 6.5 Smbldap-tools Up: 6 DEBIAN DOMAIN CONTROLLERINA Previous: 6.3 Autentikointi Sisältö
Samban avulla jaetaan linux:in resursseja Windows-verkossa. Tässä kappaleessa konfiguroidaan samba toimimaan LDAP:in kanssa.
[global] workgroup = TEST.LOCAL netbios name = TESTSERVER passdb backend = ldapsam:ldap://localhost username map = /etc/samba/smbusers add user script = /usr/sbin/smbldap-useradd -m '%u' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = \ /usr/sbin/smbldap-groupmod -m '%g' '%u' delete user from group script = \ /usr/sbin/smbldap-groupmod -x '%g' '%u' set primary group script = \ /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\%U domain logons = Yes os level = 35 preferred master = Yes domain master = Yes ldap suffix = dc=test,dc=local ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap admin dn = cn=manager,dc=test,dc=local ldap ssl = no ldap passwd sync = Yes log file = /var/log/samba/%m.log loglevel = 0 encrypt passwords = true socket options = IPTOS_LOWDELAY TCP_NODELAY \ SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE # vain 192.168.1.0 -verkolle sallittu allow hosts = 192.168.1. # ei roottille lupaa invalid users = root # vain LAN-verkkokortille interfaces = eth0 192.168.1.0/24 ######## Share Definitions ######## # necessary share for domain controller [netlogon] comment = Network Logon Service path = /home/ldap/samba/netlogon guest ok = yes # share for storing user profiles [profiles] path = /home/ldap/samba/profiles writable = yes browseable = no create mode = 0664 create mode = 0755 guest ok = yes # user homes [homes] comment = Home Directories browseable = yes writable = yes valid users = %S create mode = 0664 directory mode = 0775 browseable = No
(Mukaillen Lemaire, 2005) [4]