Dustin C. Hatch
4aded1e75c
Usually, the *samba* role is deployed as a dependency of the *winbind* role, which explicitly sets `samba_security` to `ads`. The new *fileserver* role also depends on the *samba* role, but it does NOT sett that variable. This can cause `smb.conf` to be rewritten with a different value whenever one or the other role is applied. Explicitly setting the `samba_security` variable at the group level ensures that the value is consistent no matter how the *samba* role is applied. Since all domain member machines need the same value, regardless of what function they perform, this is safe.
7 lines
130 B
YAML
7 lines
130 B
YAML
krb5_realm: PYROCUFFLINK.BLUE
|
|
samba_security: ads
|
|
samba_use_winbind: true
|
|
pam_winbind: true
|
|
nss_winbind: true
|
|
pam_mkhomedir: true
|