[debian-edu-commits] r82033 - in branches/wheezy/debian-edu-config: . debian etc/samba ldap-tools
sunweaver at alioth.debian.org
sunweaver at alioth.debian.org
Tue Aug 13 23:10:25 UTC 2013
Author: sunweaver
Date: 2013-08-13 23:10:24 +0000 (Tue, 13 Aug 2013)
New Revision: 82033
Added:
branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif
Modified:
branches/wheezy/debian-edu-config/Makefile
branches/wheezy/debian-edu-config/debian/changelog
branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install
Log:
Set a default domain policy on LDAP bootstrap during main-server
installation. Fixes erroneous Samba log messages that complain about
failures in incrementing users' bad password counters.
Modified: branches/wheezy/debian-edu-config/Makefile
===================================================================
--- branches/wheezy/debian-edu-config/Makefile 2013-08-13 21:33:17 UTC (rev 82032)
+++ branches/wheezy/debian-edu-config/Makefile 2013-08-13 23:10:24 UTC (rev 82033)
@@ -141,6 +141,7 @@
samba/smb-debian-edu-client.conf \
samba/smb-debian-edu.conf \
samba/smb-winbind-debian-edu.conf \
+ samba/samba-domain-policy.ldif \
security/pam_mount-winbind-debian-edu.conf \
security/pam_mount-stateless-debian-edu.conf \
smbldap-tools/smbldap_bind.conf \
Modified: branches/wheezy/debian-edu-config/debian/changelog
===================================================================
--- branches/wheezy/debian-edu-config/debian/changelog 2013-08-13 21:33:17 UTC (rev 82032)
+++ branches/wheezy/debian-edu-config/debian/changelog 2013-08-13 23:10:24 UTC (rev 82033)
@@ -14,6 +14,9 @@
* Adapt sambaHashHook in /etc/gosa/gosa.conf in a way so that it works
for GOsa² 2.7.x. Fixes failures when trying to set the password through
GOsa²'s change-password-dialog.
+ * Set a default domain policy on LDAP bootstrap during main-server
+ installation. Fixes erroneous Samba log messages that complain about
+ failures in incrementing users' bad password counters.
-- Petter Reinholdtsen <pere at debian.org> Mon, 12 Aug 2013 10:56:34 +0200
Added: branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif
===================================================================
--- branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif (rev 0)
+++ branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif 2013-08-13 23:10:24 UTC (rev 82033)
@@ -0,0 +1,32 @@
+dn: sambaDomainName=SKOLELINUX,dc=skole,dc=skolelinux,dc=no
+changetype: modify
+replace: sambaForceLogoff
+sambaForceLogoff: -1
+-
+replace: sambaLockoutDuration
+sambaLockoutDuration: 30
+-
+replace: sambaLockoutObservationWindow
+sambaLockoutObservationWindow: 30
+-
+replace: sambaLockoutThreshold
+sambaLockoutThreshold: 0
+-
+replace: sambaLogonToChgPwd
+sambaLogonToChgPwd: 1
+-
+replace: sambaMaxPwdAge
+sambaMaxPwdAge: -1
+-
+replace: sambaMinPwdAge
+sambaMinPwdAge: 0
+-
+replace: sambaMinPwdLength
+sambaMinPwdLength: 5
+-
+replace: sambaPwdHistoryLength
+sambaPwdHistoryLength: 0
+-
+replace: sambaRefuseMachinePwdChange
+sambaRefuseMachinePwdChange: 0
+-
Property changes on: branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif
___________________________________________________________________
Added: svn:executable
+ *
Modified: branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install
===================================================================
--- branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install 2013-08-13 21:33:17 UTC (rev 82032)
+++ branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install 2013-08-13 23:10:24 UTC (rev 82033)
@@ -478,6 +478,12 @@
# for name: TJENER'' error if running ,,net getlocalsid'' after the bootstrap.
net getlocalsid -s /dev/null &> /dev/null
+ # prep the Samba domain with its domain policy
+ ldapmodify -ZZZ \
+ -f /etc/samba/samba-domain-policy.ldif \
+ -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no \
+ -w "$ROOTPWDCLEAR"
+
# and now... stop slapd again... and restore start-stop-daemon script
remember_RESTARTSLAPD=$RESTARTSLAPD
slapd_stop
More information about the debian-edu-commits
mailing list