5 # smbldap-tools.conf : Q & D configuration file for smbldap-tools
7 # This code was developped by IDEALX (http://IDEALX.org/) and
8 # contributors (their names can be found in the CONTRIBUTORS file).
10 # Copyright (C) 2001-2002 IDEALX
12 # This program is free software; you can redistribute it and/or
13 # modify it under the terms of the GNU General Public License
14 # as published by the Free Software Foundation; either version 2
15 # of the License, or (at your option) any later version.
17 # This program is distributed in the hope that it will be useful,
18 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 # GNU General Public License for more details.
22 # You should have received a copy of the GNU General Public License
23 # along with this program; if not, write to the Free Software
24 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
28 # . be the configuration file for all smbldap-tools scripts
30 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS
31 $UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP
32 $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd
33 $ldap_path $ldap_opts $ldapsearch $ldapsearchnobind
34 $ldapmodify $ldappasswd $ldapadd $ldapdelete $ldapmodrdn
35 $suffix $usersdn $computersdn
36 $groupsdn $scope $binddn $bindpasswd
37 $slaveDN $slavePw $masterDN $masterPw
38 $_userLoginShell $_userHomePrefix $_userGecos
39 $_defaultUserGid $_defaultComputerGid
40 $_skeletonDir $_userSmbHome
41 $_userProfile $_userHomeDrive
42 $_userScript $usersou $computersou $groupsou
50 $UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP
51 $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd
52 $ldap_path $ldap_opts $ldapsearch $ldapsearchnobind $ldapmodify $ldappasswd
53 $ldapadd $ldapdelete $ldapmodrdn $suffix $usersdn
54 $computersdn $groupsdn $scope $binddn $bindpasswd
55 $slaveDN $slavePw $masterDN $masterPw
56 $_userLoginShell $_userHomePrefix $_userGecos
57 $_defaultUserGid $_defaultComputerGid $_skeletonDir
58 $_userSmbHome $_userProfile $_userHomeDrive $_userScript
59 $usersou $computersou $groupsou
63 ##############################################################################
65 # General Configuration
67 ##############################################################################
70 # UID and GID starting at...
77 # to obtain this number do: # net getlocalsid
78 our $SID='S-1-5-21-636805976-1992644568-3666589737';
80 ##############################################################################
84 ##############################################################################
86 # Notes: to use to dual ldap servers backend for Samba, you must patch
87 # Samba with the dual-head patch from IDEALX. If not using this patch
88 # just use the same server for slaveLDAP and masterLDAP.
90 # Slave LDAP : needed for read operations
92 # Ex: $slaveLDAP = "127.0.0.1";
93 $slaveLDAP = "127.0.0.1";
98 # Master LDAP : needed for write operations
100 # Ex: $masterLDAP = "127.0.0.1";
101 $masterLDAP = "127.0.0.1";
107 # Ex: $masterPort = "
118 # Ex: $suffix = "dc=IDEALX,dc=ORG";
119 $suffix = "dc=IDEALX,dc=ORG";
123 # Where are stored Users
125 # Ex: $usersdn = "ou=Users,$suffix"; for ou=Users,dc=IDEALX,dc=ORG
126 $usersou = q(_USERS_);
128 $usersdn = "ou=$usersou,$suffix";
131 # Where are stored Computers
133 # Ex: $computersdn = "ou=Computers,$suffix"; for ou=Computers,dc=IDEALX,dc=ORG
134 $computersou = q(_COMPUTERS_);
136 $computersdn = "ou=$computersou,$suffix";
139 # Where are stored Groups
141 # Ex $groupsdn = "ou=Groups,$suffix"; for ou=Groups,dc=IDEALX,dc=ORG
142 $groupsou = q(_GROUPS_);
144 $groupsdn = "ou=$groupsou,$suffix";
152 # Credential Configuration
155 # Ex: $binddn = "cn=Manager,$suffix"; for cn=Manager,dc=IDEALX,dc=org
156 $binddn = "cn=Manager,$suffix";
158 # Bind DN passwd used
159 # Ex: $bindpasswd = 'secret'; for 'secret'
160 $bindpasswd = "secret";
163 # Notes: if using dual ldap patch, you can specify to different configuration
164 # By default, we will use the same DN (so it will work for standard Samba
168 $slavePw = $bindpasswd;
170 $masterPw = $bindpasswd;
172 ##############################################################################
174 # Unix Accounts Configuration
176 ##############################################################################
180 # Default Login Shell
182 # Ex: $_userLoginShell = q(/bin/bash);
183 $_userLoginShell = q(_LOGINSHELL_);
186 # Home directory prefix (without username)
188 #Ex: $_userHomePrefix = q(/home/);
189 $_userHomePrefix = q(_HOMEPREFIX_);
194 $_userGecos = q(System User);
197 # Default User (POSIX and Samba) GID
199 $_defaultUserGid = 100;
202 # Default Computer (Samba) GID
204 $_defaultComputerGid = 553;
209 $_skeletonDir = q(/etc/skel);
211 ##############################################################################
213 # SAMBA Configuration
215 ##############################################################################
218 # The UNC path to home drives location without the username last extension
219 # (will be dynamically prepended)
220 # Ex: q(\\\\My-PDC-netbios-name\\homes) for \\My-PDC-netbios-name\homes
221 $_userSmbHome = q(\\\\_PDCNAME_\\homes);
224 # The UNC path to profiles locations without the username last extension
225 # (will be dynamically prepended)
226 # Ex: q(\\\\My-PDC-netbios-name\\profiles) for \\My-PDC-netbios-name\profiles
227 $_userProfile = q(\\\\_PDCNAME_\\profiles\\);
230 # The default Home Drive Letter mapping
231 # (will be automatically mapped at logon time if home directory exist)
233 $_userHomeDrive = q(_HOMEDRIVE_);
236 # The default user netlogon script name
237 # if not used, will be automatically username.cmd
239 #$_userScript = q(startup.cmd); # make sure script file is edited under dos
242 ##############################################################################
244 # SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
246 ##############################################################################
248 # Allows not to use smbpasswd (if $with_smbpasswd == 0 in smbldap_conf.pm) but
249 # prefer mkntpwd... most of the time, it's a wise choice :-)
251 $smbpasswd = "/usr/bin/smbpasswd";
252 $mk_ntpasswd = "/usr/local/sbin/mkntpwd";
254 if ( $ldapSSL eq "0" ) {
255 $slaveURI = "ldap://$slaveLDAP:$slavePort";
256 $masterURI = "ldap://$masterLDAP:$masterPort";
258 elsif ( $ldapSSL eq "1" ) {
259 $slaveURI = "ldaps://$slaveLDAP:$slavePort";
260 $masterURI = "ldaps://$masterLDAP:$masterPort";
263 die "ldapSSL option must be either 0 or 1.\n";
267 $ldap_path = "/usr/bin";
269 $ldapsearch = "$ldap_path/ldapsearch $ldap_opts -H $slaveURI -D '$slaveDN' -w '$slavePw'";
270 $ldapsearchnobind = "$ldap_path/ldapsearch $ldap_opts -H $slaveURI";
271 $ldapmodify = "$ldap_path/ldapmodify $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'";
272 $ldappasswd = "$ldap_path/ldappasswd $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'";
273 $ldapadd = "$ldap_path/ldapadd $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'";
274 $ldapdelete = "$ldap_path/ldapdelete $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'";
275 $ldapmodrdn = "$ldap_path/ldapmodrdn $ldap_opts -H $masterURI -D '$masterDN' -w '$masterPw'";