
	; ldap

@!@
if configRegistry.get('samba/role') not in ['memberserver', None]:
	ldapserver = configRegistry['ldap/server/name'].split(' ')
	if configRegistry.get('ldap/server/addition', ''):
		ldapserver.extend(configRegistry.get('ldap/server/addition').split(' '))
	port = configRegistry.get('ldap/server/port', '7389')
	ldapserver = ['%s:%s' % (s, port) for s in ldapserver]
	print('\tpassdb backend = ldapsam:"ldap://%s"' % ' ldap://'.join(ldapserver))
	print('\tauth methods = %s' % configRegistry.get('samba/auth/methods', 'guest sam winbind'))

if configRegistry.get('server/role') == 'memberserver' and configRegistry.get('samba/memberserver/passdb/ldap', '').lower() in ('yes', 'true'):
	import sys
	sys.stderr.write("INFO: Running UCS Managed Node with passdb ldap.\n")  # Info comment
	ldapserver = configRegistry['ldap/server/name'].split(' ')
	if configRegistry.get('ldap/server/addition', ''):
		ldapserver.extend(configRegistry.get('ldap/server/addition').split(' '))
	port = configRegistry.get('ldap/server/port', '7389')
	ldapserver = ['%s:%s' % (s, port) for s in ldapserver]
	print('\tpassdb backend = ldapsam:"ldap://%s"' % ' ldap://'.join(ldapserver))

if len(configRegistry.get('samba/ldap/timeout', '')):
	print('\tldap timeout = %s' % configRegistry.get('samba/ldap/timeout'))

print('\tldap suffix = %s' % configRegistry['ldap/base'])
if configRegistry.get('samba/user'):
	print('\tldap admin dn = %s' % configRegistry['samba/user'])
elif configRegistry['server/role'] == 'domaincontroller_master':
	print('\tldap admin dn = cn=admin,%s' % (configRegistry['ldap/base']))
else:
	print('\tldap admin dn = cn=backup,%s' % (configRegistry['ldap/base']))

print('\tldap ssl = start tls')

if configRegistry.get('samba/role') not in ['memberserver', None]:
	if configRegistry.get('samba/ldap/replication/sleep'):
		print('\tldap replication sleep = %s' % configRegistry['samba/ldap/replication/sleep'])

print('\tpassdb expand explicit = %s' % configRegistry.get('samba/passdb/expand/explicit', 'no'))
@!@

