[Samba] Domain Controller GPO
Taylor, Jonn
jonnt at taylortelephone.com
Wed Apr 20 10:03:01 MDT 2011
/etc/init.d/samba for CentOS or RedHat.
#!/bin/sh
#
# chkconfig: - 91 35
# description: Starts and stops the Samba daemon \
# used to provide SMB network services.
#
# pidfile: /usr/local/samba/var/run/samba4/smbd.pid
# config: /usr/local/samba/etc/samba4/smb.conf
SAMBA_NAME=samba
# Source function library.
if [ -f /etc/init.d/functions ] ; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 1
fi
# Avoid using root's TMPDIR
unset TMPDIR
# Source networking configuration.
. /etc/sysconfig/network
if [ -f /etc/sysconfig/$SAMBA_NAME ]; then
. /etc/sysconfig/$SAMBA_NAME
fi
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 1
# Check that smb.conf exists.
[ -f /usr/local/samba/etc/smb.conf ] || exit 6
RETVAL=0
start() {
echo -n $"Starting Samba services: "
daemon /usr/local/samba/sbin/samba $SMBDOPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /usr/local/samba/var/locks/$SAMBA_NAME || \
RETVAL=1
return $RETVAL
}
stop() {
echo -n $"Shutting down Samba services: "
killproc samba
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /usr/local/samba/var/locks/$SAMBA_NAME
return $RETVAL
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading smb.conf file: "
killproc samba -HUP
RETVAL=$?
echo
return $RETVAL
}
rhstatus() {
status samba
return $?
}
# Allow status as non-root.
if [ "$1" = status ]; then
rhstatus
exit $?
fi
# Check that we can write to it... so non-root users stop here
[ -w /usr/local/samba/etc/smb.conf ] || exit 4
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
status)
rhstatus
;;
condrestart)
[ -f /usr/local/samba/var/locks/$SAMBA_NAME ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}"
exit 2
esac
exit $?
On 04/20/2011 09:47 AM, Ryan Leimenstoll wrote:
> Ok, I appreciate your suggestion. Would you be able to provide an Init
> script for Samba4 Alpha15? I am not certain on how to make one. Also, Is
> there a way to maintain my existing Samba4 powered AD Domain when upgrading?
> Thanks.
>
> On Wed, Apr 20, 2011 at 10:23 AM, timothy mcdaniel <timnboys333 at live.com>wrote:
>
>> I would redownload the git source and download the latest version of samba4
>> and compile it and provision it and then when you get the latest verison of
>> samba4(which I think is samba4 alpha 15) and then how you would change the
>> password complexity requirements in the latest version of samba4 you would
>> use samba-tool or if you do not have the samba4 bin and sbin folders in
>> your
>> path: /usr/local/samba/bin/samba-tool(this is assuming that you installed
>> the latest version of samba4 to your /usr/local folder) and you put this
>> command like this: "/usr/local/samba/bin/samba-tool pwsettings
>> --complexity=off --history-length=0 --min-pwd-length=0
>> --min-pwd-age=0" and then press enter and then it will disable the password
>> complexity on the latest version of samba4
>>> Thanks for your assistance, however the options are not recognized by the
>>> net command. Is there any other variation of those it could be?
>>> On Tue, Apr 19, 2011 at 2:49 AM, Daniel Müller <
>> mueller at tropenklinik.de>wrote:
>>
>>> Refer to my thread this list: HOWTO samba4 centos5.5 named dnsupdate drbd
>>> simple failover
>>>
>>>
>>> Password Policy Settings!!
>>>
>>> Along with Samba4 the Password Policy you can only set from console, with
>>> 'net pwsettings ' command.
>>> net pwsettings –help:
>>>
>>> usage: (show | set <options>)
>>>
>>> options:
>>> -h, --help show this help message and exit
>>> -H H LDB URL for database or target server
>>> --quiet Be quiet
>>> --complexity=COMPLEXITY
>>> The password complexity (on | off | default).
>>> Default
>>> is 'on'
>>> --history-length=HISTORY_LENGTH
>>> The password history length (<integer> | default).
>>> Default is 24.
>>> --min-pwd-length=MIN_PWD_LENGTH
>>> The minimum password length (<integer> | default).
>>> Default is 7.
>>> --min-pwd-age=MIN_PWD_AGE
>>> The minimum password age (<integer in days> |
>>> default). Default is 1.
>>> --max-pwd-age=MAX_PWD_AGE
>>> The maximum password age (<integer in days> |
>>> default). Default is 43.
>>>
>>> Samba Common Options:
>>> -s FILE, --configfile=FILE
>>> Configuration file
>>> -d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
>>> debug level
>>> --option=OPTION set smb.conf option from command line
>>> --realm=REALM set the realm name
>>>
>>> Credentials Options:
>>> --simple-bind-dn=DN
>>> DN to use for a simple bind
>>> --password=PASSWORD
>>> Password
>>> -U USERNAME, --username=USERNAME
>>> Username
>>> -W WORKGROUP, --workgroup=WORKGROUP
>>> Workgroup
>>> -N, --no-pass Don't ask for a password
>>> -k KERBEROS, --kerberos=KERBEROS
>>> Use Kerberos
>>>
>>> Version Options:
>>> --version Display version number
>>>
>>> So I set my Password Policy:
>>>
>>> net pwsettings set –--complexity=off
>>> net pwsettings set ---max-pwd-age=60 #<---60 Days
>>> net pwsettings set –min-pwd-length=5
>>>
>>> net pwsettings show:
>>>
>>> [root at node1 ~]# net pwsettings show
>>> Password informations for domain 'DC=tuebingen,DC=tst,DC=loc'
>>>
>>> Password complexity: off
>>> Password history length: 24
>>> Minimum password length: 5
>>> Minimum password age (days): 1
>>>
>>> -----------------------------------------------
>>> EDV Daniel Müller
>>>
>>> Leitung EDV
>>> Tropenklinik Paul-Lechler-Krankenhaus
>>> Paul-Lechler-Str. 24
>>> 72076 Tübingen
>>>
>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>> eMail: mueller at tropenklinik.de
>>> Internet: www.tropenklinik.de
>>> -----------------------------------------------
>>> -----Ursprüngliche Nachricht-----
>>> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org
>> ]
>>> Im
>>> Auftrag von Christophe Dezé
>>> Gesendet: Dienstag, 19. April 2011 07:58
>>> An: samba at lists.samba.org
>>> Betreff: Re: [Samba] Domain Controller GPO
>>>
>>> Le 18/04/2011 21:15, Ryan Leimenstoll a écrit :
>>>> Hi All,
>>>> I am using Samba4 Alpha12, and i am trying to edit the password
>> policy
>>>> (which I believe is derived from the PDC's policy), but I am trying to
>>>> figure out whether Samba4 can respond to GPOs. If It cannot, how would
>> I
>>>> define the password policy for the domain? Thanks.
>>> it 's maybe because 4.0.0alpha12 - wasn't released
>>>
>>>
>>> :)
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
More information about the samba
mailing list