maskshell · February 24, 2018 05:48
diff --git a/afp-krb5.conf b/afp-krb5.conf
 ; Copyright 2009-2015 RackTop Systems Inc. and/or its affiliates.
 ; http://www.racktopsystems.com
 ;
 ; The methods and techniques utilized herein are considered TRADE SECRETS
 ; and/or CONFIDENTIAL unless otherwise noted. REPRODUCTION or DISTRIBUTION
 ; is FORBIDDEN, in whole and/or in part, except by express written permission
 ; of RackTop Systems.
 ;
 ; @@DESCRIPTION@@  Configuration file for Netatalk -- Apple Filing Protocol.
 ; @@NAME@@         afp.conf
 ; @@STABILITY@@    unstable
 ; @@VERSION@@      1.0.0
 ;
 [Global]
 ; Global server settings
 save password = yes
 admin group = adm
 log file = /var/log/afpd.log
 ; log level = default
 log level = default:debug
 ; fqdn = <machine fqdn here>
 ; uam list = uams_dhx.so uams_dhx2.so ; uams_gss.so <- Native KRB5 support
 k5 keytab = /etc/krb5/krb5.keytab
 k5 service = afpserver
 k5 realm = RACKTOPLABS.COM
 uam list = uams_gss.so uams_dhx.so uams_dhx2.so
 spotlight = yes
 ; Most of the LDAP settings below are per-instance configuration and
 ; will require modification. However, attr keys and *scope keys are
 ; likely always going to be same, assuming Active Directory. This may
 ; have to change if something other than AD is being used, like OpenDS,
 ; OpenLDAP, etc.
 ; ldap auth method = simple ; Other methods may be supported, but are untested
 ; ldap auth dn = CN=<bindUserName>,OU=SomeOUName,DC=mydomain,DC=com
 ; ldap auth dn = CN=svc-ldap2,OU=Service Accounts,DC=racktoplabs,DC=com
 ; ldap auth pw = <password for bindUserName>
 ; ldap auth pw = somePasswordHere
 ; ldap server = <IP Address of commonly Active Directory Controller>
 ; ldap server = 10.1.18.1
 ; Both userbase and groupbase will vary, depending on how customer
 ; has configured their active directory or LDAP.
 ; ldap userbase = OU=Users,DC=mydomain,DC=com
 ; ldap userbase = OU=Corp,DC=racktoplabs,DC=com
 ; ldap userscope = sub
 ; ldap groupbase = CN=Users,DC=mydomain,DC=com
 ; ldap groupbase = CN=Users,DC=racktoplabs,DC=com
 ; ldap groupscope = sub
 ; ldap uuid attr = ObjectGUID
 ; ldap uuid encoding = ms-guid
 ; ldap name attr = sAMAccountName
 ; ldap group attr = cn
 ; ldap user filter = objectClass=user
 ; ldap group filter = objectClass=group
 ; map acls = mode

 [01]
 path = /storage/p01/afp/01
 #directory perm = 700
 directory perm = 744
 file perm = 660
 time machine = no
diff --git a/afp.conf b/afp.conf
 ;
 ; Netatalk 3.x configuration file
 ; http://netatalk.sourceforge.net/3.0/htmldocs/afp.conf.5.html
 ;

 [Global]
 ; Global server settings
 vol preset = default_for_all_vol
 log file = /var/log/netatalk.log
 uam list = uams_dhx.so,uams_dhx2.so
 save password = no

 [default_for_all_vol]
 file perm = 0664
 directory perm = 0774
 cnid scheme = dbd
 valid users = @tmusers

 [Homes]
 ; basedir regex = /xxxx
 basedir regex = /home

 [TimeMachine]
 path = /afp/tm_backup
 time machine = yes
 vol size limit = 350000
	; Copyright 2009-2015 RackTop Systems Inc. and/or its affiliates.
	; http://www.racktopsystems.com
	;
	; The methods and techniques utilized herein are considered TRADE SECRETS
	; and/or CONFIDENTIAL unless otherwise noted. REPRODUCTION or DISTRIBUTION
	; is FORBIDDEN, in whole and/or in part, except by express written permission
	; of RackTop Systems.
	;
	; @@DESCRIPTION@@ Configuration file for Netatalk -- Apple Filing Protocol.
	; @@NAME@@ afp.conf
	; @@STABILITY@@ unstable
	; @@VERSION@@ 1.0.0
	;
	[Global]
	; Global server settings
	save password = yes
	admin group = adm
	log file = /var/log/afpd.log
	; log level = default
	log level = default:debug
	; fqdn = <machine fqdn here>
	; uam list = uams_dhx.so uams_dhx2.so ; uams_gss.so <- Native KRB5 support
	k5 keytab = /etc/krb5/krb5.keytab
	k5 service = afpserver
	k5 realm = RACKTOPLABS.COM
	uam list = uams_gss.so uams_dhx.so uams_dhx2.so
	spotlight = yes
	; Most of the LDAP settings below are per-instance configuration and
	; will require modification. However, attr keys and *scope keys are
	; likely always going to be same, assuming Active Directory. This may
	; have to change if something other than AD is being used, like OpenDS,
	; OpenLDAP, etc.
	; ldap auth method = simple ; Other methods may be supported, but are untested
	; ldap auth dn = CN=<bindUserName>,OU=SomeOUName,DC=mydomain,DC=com
	; ldap auth dn = CN=svc-ldap2,OU=Service Accounts,DC=racktoplabs,DC=com
	; ldap auth pw = <password for bindUserName>
	; ldap auth pw = somePasswordHere
	; ldap server = <IP Address of commonly Active Directory Controller>
	; ldap server = 10.1.18.1
	; Both userbase and groupbase will vary, depending on how customer
	; has configured their active directory or LDAP.
	; ldap userbase = OU=Users,DC=mydomain,DC=com
	; ldap userbase = OU=Corp,DC=racktoplabs,DC=com
	; ldap userscope = sub
	; ldap groupbase = CN=Users,DC=mydomain,DC=com
	; ldap groupbase = CN=Users,DC=racktoplabs,DC=com
	; ldap groupscope = sub
	; ldap uuid attr = ObjectGUID
	; ldap uuid encoding = ms-guid
	; ldap name attr = sAMAccountName
	; ldap group attr = cn
	; ldap user filter = objectClass=user
	; ldap group filter = objectClass=group
	; map acls = mode

	[01]
	path = /storage/p01/afp/01
	#directory perm = 700
	directory perm = 744
	file perm = 660
	time machine = no
	;
	; Netatalk 3.x configuration file
	; http://netatalk.sourceforge.net/3.0/htmldocs/afp.conf.5.html
	;

	[Global]
	; Global server settings
	vol preset = default_for_all_vol
	log file = /var/log/netatalk.log
	uam list = uams_dhx.so,uams_dhx2.so
	save password = no

	[default_for_all_vol]
	file perm = 0664
	directory perm = 0774
	cnid scheme = dbd
	valid users = @tmusers

	[Homes]
	; basedir regex = /xxxx
	basedir regex = /home

	[TimeMachine]
	path = /afp/tm_backup
	time machine = yes
	vol size limit = 350000