samba-dc: Configure samba4 winbind
The *samba-dc* role now configures `winbindd` on domain controllers to support identity mapping on the local machine. This will allow domain users to log into the domain controller itself, e.g. via SSH. The Fedora packaging of *samba4* still has some warts. Specifically, it does not have a proper SELinux policy, so some work-arounds need to be put into place in order for confined processes to communicate with winbind.
This commit is contained in:
@@ -1,3 +1,5 @@
|
||||
- name: reload systemd
|
||||
command: systemctl daemon-reload
|
||||
- name: restore samba file contexts
|
||||
command: restorecon -RF /var/lib/samba/bind-dns
|
||||
- name: display generated admin password
|
||||
@@ -5,3 +7,7 @@
|
||||
var=samba_dc_provision.admin_password
|
||||
- name: save firewalld configuration
|
||||
command: firewall-cmd --runtime-to-permanent
|
||||
- name: restart samba
|
||||
service:
|
||||
name=samba
|
||||
state=restarted
|
||||
|
||||
Reference in New Issue
Block a user