dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity

roles/samba-dc: Support configuring TLS 

In order to enable LDAPS/STARTTLS support in Samba, the `tls enabled`
option must be set to `yes` and the `tls keyfile` and `tls certfile`
options must be set to the path of the private key and certificate
files, respectively, that Samba will use. The `samba_tls_enabled`,
`samba_tls_keyfile`, and `samb_tls_certfile` Ansible variables can be
used to control these values.
jenkins-master
Dustin 2018-05-28 15:18:56 -05:00
parent 024f9f719d
commit 93598145b6
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
roles/samba-dc/templates/smb.conf.j2
View File

@ -11,6 +11,15 @@
template homedir = {{ winbind_template_homedir }} template homedir = {{ winbind_template_homedir }}
template shell = /bin/bash template shell = /bin/bash
{% if samba_tls_enabled|bool %}
tls enabled = yes
tls keyfile = {{ samba_tls_keyfile }}
tls certfile = {{ samba_tls_certfile }}
{% if samba_tls_cafile is defined %}
tls cafile = {{ samba_tls_cafile }}
{% endif %}
{% endif %}
[netlogon] [netlogon]
path = /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts path = /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts
read only = No read only = No