Dustin C. Hatch
5a91cb731a
The *samba-dc* role now configures `winbindd` on domain controllers to support identity mapping on the local machine. This will allow domain users to log into the domain controller itself, e.g. via SSH. The Fedora packaging of *samba4* still has some warts. Specifically, it does not have a proper SELinux policy, so some work-arounds need to be put into place in order for confined processes to communicate with winbind.
5 lines
173 B
YAML
5 lines
173 B
YAML
samba_dc_use_rfc2307: true
|
|
samba_is_first_dc: false
|
|
workgroup: '{{ krb5_realm.split(".")[0] if krb5_realm is defined else "WORKGROUP" }}'
|
|
winbind_template_homedir: /home/%U
|