szaydel/afp-krb5.conf

## afp-krb5.conf
; Copyright 2009-2015 RackTop Systems Inc. and/or its affiliates.
; http://www.racktopsystems.com
;
; The methods and techniques utilized herein are considered TRADE SECRETS
; and/or CONFIDENTIAL unless otherwise noted. REPRODUCTION or DISTRIBUTION
; is FORBIDDEN, in whole and/or in part, except by express written permission
; of RackTop Systems.
;
; @@DESCRIPTION@@  Configuration file for Netatalk -- Apple Filing Protocol.
; @@NAME@@         afp.conf
; @@STABILITY@@    unstable
; @@VERSION@@      1.0.0
;
[Global]
; Global server settings
save password = yes
admin group = adm
log file = /var/log/afpd.log
; log level = default
log level = default:debug
; fqdn = <machine fqdn here>
; uam list = uams_dhx.so uams_dhx2.so ; uams_gss.so <- Native KRB5 support
k5 keytab = /etc/krb5/krb5.keytab
k5 service = afpserver
k5 realm = RACKTOPLABS.COM
uam list = uams_gss.so uams_dhx.so uams_dhx2.so
spotlight = yes
; Most of the LDAP settings below are per-instance configuration and
; will require modification. However, attr keys and *scope keys are
; likely always going to be same, assuming Active Directory. This may
; have to change if something other than AD is being used, like OpenDS,
; OpenLDAP, etc.
; ldap auth method = simple ; Other methods may be supported, but are untested
; ldap auth dn = CN=<bindUserName>,OU=SomeOUName,DC=mydomain,DC=com
; ldap auth dn = CN=svc-ldap2,OU=Service Accounts,DC=racktoplabs,DC=com
; ldap auth pw = <password for bindUserName>
; ldap auth pw = somePasswordHere
; ldap server = <IP Address of commonly Active Directory Controller>
; ldap server = 10.1.18.1
; Both userbase and groupbase will vary, depending on how customer
; has configured their active directory or LDAP.
; ldap userbase = OU=Users,DC=mydomain,DC=com
; ldap userbase = OU=Corp,DC=racktoplabs,DC=com
; ldap userscope = sub
; ldap groupbase = CN=Users,DC=mydomain,DC=com
; ldap groupbase = CN=Users,DC=racktoplabs,DC=com
; ldap groupscope = sub
; ldap uuid attr = ObjectGUID
; ldap uuid encoding = ms-guid
; ldap name attr = sAMAccountName
; ldap group attr = cn
; ldap user filter = objectClass=user
; ldap group filter = objectClass=group
; map acls = mode

[01]
path = /storage/p01/afp/01
#directory perm = 700
directory perm = 744
file perm = 660
time machine = no

## afp.conf
;
; Netatalk 3.x configuration file
; http://netatalk.sourceforge.net/3.0/htmldocs/afp.conf.5.html
;

[Global]
; Global server settings
vol preset = default_for_all_vol
log file = /var/log/netatalk.log
uam list = uams_dhx.so,uams_dhx2.so
save password = no

[default_for_all_vol]
file perm = 0664
directory perm = 0774
cnid scheme = dbd
valid users = @tmusers

[Homes]
; basedir regex = /xxxx
basedir regex = /home

[TimeMachine]
path = /afp/tm_backup
time machine = yes
vol size limit = 350000
	; Copyright 2009-2015 RackTop Systems Inc. and/or its affiliates.
	; http://www.racktopsystems.com
	;
	; The methods and techniques utilized herein are considered TRADE SECRETS
	; and/or CONFIDENTIAL unless otherwise noted. REPRODUCTION or DISTRIBUTION
	; is FORBIDDEN, in whole and/or in part, except by express written permission
	; of RackTop Systems.
	;
	; @@DESCRIPTION@@ Configuration file for Netatalk -- Apple Filing Protocol.
	; @@NAME@@ afp.conf
	; @@STABILITY@@ unstable
	; @@VERSION@@ 1.0.0
	;
	[Global]
	; Global server settings
	save password = yes
	admin group = adm
	log file = /var/log/afpd.log
	; log level = default
	log level = default:debug
	; fqdn = <machine fqdn here>
	; uam list = uams_dhx.so uams_dhx2.so ; uams_gss.so <- Native KRB5 support
	k5 keytab = /etc/krb5/krb5.keytab
	k5 service = afpserver
	k5 realm = RACKTOPLABS.COM
	uam list = uams_gss.so uams_dhx.so uams_dhx2.so
	spotlight = yes
	; Most of the LDAP settings below are per-instance configuration and
	; will require modification. However, attr keys and *scope keys are
	; likely always going to be same, assuming Active Directory. This may
	; have to change if something other than AD is being used, like OpenDS,
	; OpenLDAP, etc.
	; ldap auth method = simple ; Other methods may be supported, but are untested
	; ldap auth dn = CN=<bindUserName>,OU=SomeOUName,DC=mydomain,DC=com
	; ldap auth dn = CN=svc-ldap2,OU=Service Accounts,DC=racktoplabs,DC=com
	; ldap auth pw = <password for bindUserName>
	; ldap auth pw = somePasswordHere
	; ldap server = <IP Address of commonly Active Directory Controller>
	; ldap server = 10.1.18.1
	; Both userbase and groupbase will vary, depending on how customer
	; has configured their active directory or LDAP.
	; ldap userbase = OU=Users,DC=mydomain,DC=com
	; ldap userbase = OU=Corp,DC=racktoplabs,DC=com
	; ldap userscope = sub
	; ldap groupbase = CN=Users,DC=mydomain,DC=com
	; ldap groupbase = CN=Users,DC=racktoplabs,DC=com
	; ldap groupscope = sub
	; ldap uuid attr = ObjectGUID
	; ldap uuid encoding = ms-guid
	; ldap name attr = sAMAccountName
	; ldap group attr = cn
	; ldap user filter = objectClass=user
	; ldap group filter = objectClass=group
	; map acls = mode

	[01]
	path = /storage/p01/afp/01
	#directory perm = 700
	directory perm = 744
	file perm = 660
	time machine = no
	;
	; Netatalk 3.x configuration file
	; http://netatalk.sourceforge.net/3.0/htmldocs/afp.conf.5.html
	;

	[Global]
	; Global server settings
	vol preset = default_for_all_vol
	log file = /var/log/netatalk.log
	uam list = uams_dhx.so,uams_dhx2.so
	save password = no

	[default_for_all_vol]
	file perm = 0664
	directory perm = 0774
	cnid scheme = dbd
	valid users = @tmusers

	[Homes]
	; basedir regex = /xxxx
	basedir regex = /home

	[TimeMachine]
	path = /afp/tm_backup
	time machine = yes
	vol size limit = 350000