[debian-edu-commits] r82055 - in branches/wheezy/debian-edu-config: debian etc/samba ldap-tools
sunweaver at alioth.debian.org
sunweaver at alioth.debian.org
Fri Aug 16 15:36:40 UTC 2013
Author: sunweaver
Date: 2013-08-16 15:36:40 +0000 (Fri, 16 Aug 2013)
New Revision: 82055
Modified:
branches/wheezy/debian-edu-config/debian/changelog
branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif
branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install
Log:
Fix Samba LDAP bootstrap during main-server installation. The Samba2LDAP
connection now uses ldapi:/// during bootstrap. As a result the
sambaDomainName=SKOLELINUX object will now be created during bootstrap
rather than during first boot. The recently introduced
samba-domain-policy.ldif will be kept for reference and possible later
customizations (by site admins).
Modified: branches/wheezy/debian-edu-config/debian/changelog
===================================================================
--- branches/wheezy/debian-edu-config/debian/changelog 2013-08-15 20:32:56 UTC (rev 82054)
+++ branches/wheezy/debian-edu-config/debian/changelog 2013-08-16 15:36:40 UTC (rev 82055)
@@ -1,3 +1,14 @@
+debian-edu-config (1.712~svn82050) UNRELEASED; urgency=low
+
+ * Fix Samba LDAP bootstrap during main-server installation. The Samba2LDAP
+ connection now uses ldapi:/// during bootstrap. As a result the
+ sambaDomainName=SKOLELINUX object will now be created during bootstrap
+ rather than during first boot. The recently introduced
+ samba-domain-policy.ldif will be kept for reference and possible later
+ customizations (by site admins).
+
+ -- Mike Gabriel <sunweaver at debian.org> Fri, 16 Aug 2013 17:32:06 +0200
+
debian-edu-config (1.712~svn82049) wheezy-test; urgency=low
[ Wolfgang Schweer ]
Modified: branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif
===================================================================
--- branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif 2013-08-15 20:32:56 UTC (rev 82054)
+++ branches/wheezy/debian-edu-config/etc/samba/samba-domain-policy.ldif 2013-08-16 15:36:40 UTC (rev 82055)
@@ -1,3 +1,6 @@
+### Use this file to modify the domain policy during runtime of
+### your Debian Edu main server
+
dn: sambaDomainName=SKOLELINUX,dc=skole,dc=skolelinux,dc=no
changetype: modify
replace: sambaForceLogoff
@@ -13,7 +16,7 @@
sambaLockoutThreshold: 0
-
replace: sambaLogonToChgPwd
-sambaLogonToChgPwd: 1
+sambaLogonToChgPwd: 0
-
replace: sambaMaxPwdAge
sambaMaxPwdAge: -1
Modified: branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install
===================================================================
--- branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install 2013-08-15 20:32:56 UTC (rev 82054)
+++ branches/wheezy/debian-edu-config/ldap-tools/ldap-debian-edu-install 2013-08-16 15:36:40 UTC (rev 82055)
@@ -429,11 +429,11 @@
security = USER
workgroup = SKOLELINUX
encrypt passwords = true
- passdb backend = ldapsam:"ldap://ldap.intern"
+ passdb backend = ldapsam:"ldapi:///"
ldapsam:trusted = yes
ldap suffix = ou=samba,dc=skole,dc=skolelinux,dc=no
ldap admin dn = "cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no"
- ldap ssl = start_tls
+ ldap ssl = no
local master = yes
domain logons = yes
domain master = yes
@@ -478,12 +478,6 @@
# for name: TJENER'' error if running ,,net getlocalsid'' after the bootstrap.
net getlocalsid -s /dev/null &> /dev/null
- # prep the Samba domain with its domain policy
- ldapmodify -ZZZ \
- -f /etc/samba/samba-domain-policy.ldif \
- -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no \
- -w "$ROOTPWDCLEAR"
-
# and now... stop slapd again... and restore start-stop-daemon script
remember_RESTARTSLAPD=$RESTARTSLAPD
slapd_stop
More information about the debian-edu-commits
mailing list