users

2026-03-18 14:06:40 +00:00
parent 21bcac3ead
commit 5e8b4809e4
3 changed files with 41 additions and 2 deletions
--- a/samba-directory/lam.yaml
+++ b/samba-directory/lam.yaml
@@ -33,7 +33,7 @@ spec:
            - name: LDAP_BASE_DN
              value: "dc=undercloud,dc=local"
            - name: LDAP_USER
-              value: "Administrator@UNDERCLOUD.LOCAL"
+              value: "lam@UNDERCLOUD.LOCAL"
            - name: LDAP_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
--- a/samba-directory/samba-ad-server.yaml
+++ b/samba-directory/samba-ad-server.yaml
@@ -43,6 +43,38 @@ data:
    mail: sebastian@undercloud.local
    description: Test user
    userAccountControl: 512
+
+    dn: CN=shodan,OU=users,DC=undercloud,DC=local
+    objectClass: top
+    objectClass: person
+    objectClass: organizationalPerson
+    objectClass: user
+    cn: shodan
+    sn: Admin
+    givenName: Shodan
+    displayName: Shodan Admin
+    name: Shodan Admin
+    sAMAccountName: shodan
+    userPrincipalName: shodan@undercloud.local
+    mail: shodan@undercloud.local
+    description: Main admin user
+    userAccountControl: 512
+
+    dn: CN=lam,OU=serviceaccounts,OU=users,DC=undercloud,DC=local
+    objectClass: top
+    objectClass: person
+    objectClass: organizationalPerson
+    objectClass: user
+    cn: lam
+    sn: Service
+    givenName: LAM
+    displayName: LAM Service Account
+    name: LAM Service Account
+    sAMAccountName: lam
+    userPrincipalName: lam@undercloud.local
+    mail: lam@undercloud.local
+    description: LDAP Account Manager service account
+    userAccountControl: 512
 ---
 apiVersion: apps/v1
 kind: StatefulSet
@@ -113,8 +145,15 @@ spec:

              if [ ! -f /var/lib/samba/.bootstrap-ldif-applied ]; then
                ldbmodify -H /var/lib/samba/private/sam.ldb /bootstrap/bootstrap.ldif
+
                samba-tool user setpassword sebastian --newpassword='Test1234!'
+                samba-tool user setpassword shodan --newpassword='ChangeMeShodan123!'
+                samba-tool user setpassword lam --newpassword='ChangeMeLam123!'
+
                samba-tool group addmembers admins sebastian
+                samba-tool group addmembers "Domain Admins" shodan
+                samba-tool group addmembers "Domain Admins" lam
+
                touch /var/lib/samba/.bootstrap-ldif-applied
              fi

--- a/samba-directory/secrets.yaml
+++ b/samba-directory/secrets.yaml
@@ -15,4 +15,4 @@ metadata:
 type: Opaque
 stringData:
  LAM_PASSWORD: "ChangeThisLamConfigPassword"
-  LDAP_BIND_PASSWORD: "ChangeThisAdminPassword"
+  LDAP_BIND_PASSWORD: "ChangeMeLam123!"