Changes
Jump to navigation
Jump to search
← Older edit
Systems/Services/Samba
(view source)
Revision as of 21:56, 13 September 2020
553 bytes added
,
21:56, 13 September 2020
no edit summary
Line 1:
Line 1:
+
{{mbox |type=warning |text=This information is out of date. [[IT Infrastructure|Up-to-date IT information can be found here]] }}
== Creating SSL CA and certs ==
== Creating SSL CA and certs ==
Line 12:
Line 13:
openssl x509 -req -in dc01.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out dc01.crt -days 500
openssl x509 -req -in dc01.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out dc01.crt -days 500
</pre>
</pre>
+
+
+
== Installing keys ==
+
+
Copy them into place (bob):
+
+
* /var/lib/samba/private/tls/bob.key
+
* /var/lib/samba/private/tls/bob.crt
+
* /var/lib/samba/private/tls/rootCA.pem
+
+
Tell samba to use them:
+
+
<pre>
+
[global]
+
tls enabled = yes
+
tls keyfile = tls/bob.key
+
tls certfile = tls/bob.crt
+
tls cafile = tls/rootCA.pem
+
</pre>
+
+
== Tell Samba to stop expiring passwords ==
+
samba-tool domain passwordsettings set --max-pwd-age=0
Books
33
edits
Cookies help us deliver our services. By using our services, you agree to our use of cookies.
More information
OK
Navigation menu
Personal tools
English
Log in
Request account
Namespaces
Page
Discussion
Variants
Views
Read
View source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
Special pages
Printable version