board, director
297
edits
Changes
Jump to navigation
Jump to search
Line 12:
Line 12: + + + + + + + Line 24:
Line 31: − + − + − '''Server Services:''' This parameter is not very well documented, but from what I could find thefollow services can be provided by the Samba daemon: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, ntp_signd, kcc, dnsupdate, dns, smb, nmb, winbind. The default for this parameter is: server services = s3fs rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns. Services can be added/remove from the default by a +/- and the service to add/remove. Example − server services = -s3fs (remove) +smb (add). Note that the smb, nmb, and windbind services are services equivalent to the older, Samba 3, type services (stand alone daemons). Of specific interest to SME 9 may be the use of the nmb service for WINS support. As we begin testing we may need to enable this service and possibly smb for simple share access. − − '''Server Role:'''' Samba 4 currently only supports the active directory domain controller server role. For now, we'll force Samba config into DC server role, but provide a fragment for expansion later. There is a long explaintion behind this, but for now, restriction doesn't hurt us. SME as a DC will provide auth for both domain membership and simple shares by either joining the domain or logging into the server every time.
no edit summary
===/etc/smb.conf===
===/etc/smb.conf===
Complete rewrite of all template fragments
Complete rewrite of all template fragments
===smb.conf Considerations===
'''Server Services:''' This parameter is not very well documented, but from what I could find thefollow services can be provided by the Samba daemon: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, ntp_signd, kcc, dnsupdate, dns, smb, nmb, winbind. The default for this parameter is: server services = s3fs rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns. Services can be added/remove from the default by a +/- and the service to add/remove. Example
server services = -s3fs (remove) +smb (add). Note that the smb, nmb, and windbind services are services equivalent to the older, Samba 3, type services (stand alone daemons). Of specific interest to SME 9 may be the use of the nmb service for WINS support. As we begin testing we may need to enable this service and possibly smb for simple share access.
'''Server Role:'''' Samba 4 currently only supports the active directory domain controller server role. For now, we'll force Samba config into DC server role, but provide a fragment for expansion later. There is a long explaintion behind this, but for now, restriction doesn't hurt us. SME as a DC will provide auth for both domain membership and simple shares by either joining the domain or logging into the server every time.
===/etc/raddb/radius.conf===
===/etc/raddb/radius.conf===
etc/raddb/radiusd.conf/65authorization40default: ( $ldap{Authentication} || 'disabled' ) eq 'enabled' ? 'ldap' : 'smbpasswd';
etc/raddb/radiusd.conf/65authorization40default: ( $ldap{Authentication} || 'disabled' ) eq 'enabled' ? 'ldap' : 'smbpasswd';
==smb.conf Considerations==
===/etc/krb5.conf===
Create based new template fragments for this configuration file
==Configuration Database Parameters to Modify==
==Configuration Database Parameters to Modify==