samba: Added ad domain member support to samba::server.
This commit is contained in:
parent
e0362e5215
commit
9fd6b1e38d
2 changed files with 20 additions and 2 deletions
|
|
@ -66,7 +66,7 @@ class samba::server::configs {
|
||||||
# === Parameters
|
# === Parameters
|
||||||
#
|
#
|
||||||
# $auth:
|
# $auth:
|
||||||
# Server authentication type. Valid values are tdbsam, ldap and
|
# Server authentication type. Valid values are tdbsam, ldap, ad and
|
||||||
# domain. Default is tdbsam.
|
# domain. Default is tdbsam.
|
||||||
# $description:
|
# $description:
|
||||||
# Server description. Defaults to "Samba Server Version %v".
|
# Server description. Defaults to "Samba Server Version %v".
|
||||||
|
|
@ -78,7 +78,8 @@ class samba::server::configs {
|
||||||
# Array of NetBIOS names that host will be advertised. Defaults to
|
# Array of NetBIOS names that host will be advertised. Defaults to
|
||||||
# [$::hostname].
|
# [$::hostname].
|
||||||
# $workgroup:
|
# $workgroup:
|
||||||
# Workgroup or domain name.
|
# Workgroup or domain name. For ad authentication this needs to be
|
||||||
|
# full ad realm name.
|
||||||
#
|
#
|
||||||
# === Global variables
|
# === Global variables
|
||||||
#
|
#
|
||||||
|
|
@ -183,6 +184,15 @@ class samba::server($names=[$::hostname], $auth="tdbsam",
|
||||||
require => Service["smb"],
|
require => Service["smb"],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
"ad": {
|
||||||
|
exec { "net ads join":
|
||||||
|
command => "net ads join -U ${samba_join_user}%\"\${SECRET}\"",
|
||||||
|
environment => "SECRET=${samba_join_pass}",
|
||||||
|
path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
|
||||||
|
unless => "net ads testjoin",
|
||||||
|
require => Service["smb"],
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
service { "smb":
|
service { "smb":
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,11 @@
|
||||||
[global]
|
[global]
|
||||||
|
|
||||||
# host naming
|
# host naming
|
||||||
|
<% if @auth == 'ad' -%>
|
||||||
|
workgroup = <%= @workgroup.split('.')[0].upcase %>
|
||||||
|
<% else -%>
|
||||||
workgroup = <%= @workgroup.upcase %>
|
workgroup = <%= @workgroup.upcase %>
|
||||||
|
<% end -%>
|
||||||
server string = <%= @description %>
|
server string = <%= @description %>
|
||||||
netbios name = <%= @names[0] %>
|
netbios name = <%= @names[0] %>
|
||||||
<% if @names.length > 1 -%>
|
<% if @names.length > 1 -%>
|
||||||
|
|
@ -28,6 +32,10 @@ ldap suffix = <%= @ldap_basedn %>
|
||||||
<% elsif @auth == 'domain' -%>
|
<% elsif @auth == 'domain' -%>
|
||||||
security = domain
|
security = domain
|
||||||
password server = *
|
password server = *
|
||||||
|
<% elsif @auth == 'ad' -%>
|
||||||
|
security = domain
|
||||||
|
realm = <%= @workgroup.upcase %>
|
||||||
|
kerberos method = secrets and keytab
|
||||||
<% else -%>
|
<% else -%>
|
||||||
<% scope.function_fail(['Invalid value "%s" for auth.' % @auth]) -%>
|
<% scope.function_fail(['Invalid value "%s" for auth.' % @auth]) -%>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue