Dustin C. Hatch
90f9e5eba5
Domain controllers only allow users in the *Domain Admins* AD group to use `sudo` by default. *dustin* and *jenkins* need to be able to apply configuration policy to these machines, but they are not members of said group.
28 lines
613 B
YAML
28 lines
613 B
YAML
samba_use_winbind: false
|
|
samba_server_role: active directory domain controller
|
|
samba_options:
|
|
- idmap_ldb:use rfc2307: 'yes'
|
|
|
|
samba_shares:
|
|
- name: sysvol
|
|
path: /var/lib/samba/sysvol
|
|
read_only: no
|
|
- name: netlogon
|
|
path: /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts
|
|
read_only: no
|
|
|
|
samba_tls_enabled: true
|
|
samba_tls_keyfile: /etc/pki/tls/private/samba.key
|
|
samba_tls_certfile: /etc/pki/tls/certs/samba.cer
|
|
samba_tls_cafile: /etc/pki/tls/certs/samba-ca.crt
|
|
|
|
collectd_processes:
|
|
- name: samba
|
|
- name: smbd
|
|
- name: krb5kdc
|
|
- name: winbindd
|
|
|
|
admin_users:
|
|
- 'PYROCUFFLINK\dustin'
|
|
- 'PYROCUFFLINK\jenkins'
|