#!/bin/bash

# Pour Samba4, il faut 'ntp_sign'
# le fichier /etc/ntp.conf est un template EOLE
# mais il faut créer un fichier

# rappel : Ntp must be Signed
# attention : Automatic ntp detection according to geographical zone is not always the best choice.
#      Example scenario: you have a DC in paris and another DC London. timezone is different by one hour. your DC won't replicate as AD won't handle more than 5 minute in time difference between 2 AD DCs.
#      In this scenario you'll have to use the same ntp so that they're set at the exact same time/date so they will replicate.
#      In an AD environement, you absolutely want to avoid stale objects.

get_ntp_signd_group() {
    if getent group _chrony >/dev/null; then
        echo _chrony
    elif getent group chrony >/dev/null; then
        echo chrony
    elif getent group ntpsec >/dev/null; then
        echo ntpsec
    else
        echo ntp
    fi
}

ACTIVER_SAMBA_AD=$(CreoleGet activer_ad_smb non)
if [ ${ACTIVER_SAMBA_AD} == 'oui' ];
then
  #TODO: quid  de l'existance de /var/lib/samba ?
  if [ ! -d /var/lib/samba/ntp_signd ]
  then
      install -d /var/lib/samba/ntp_signd
      chown root:$(get_ntp_signd_group) /var/lib/samba/ntp_signd
      chmod 0750 /var/lib/samba/ntp_signd
  fi
fi

exit 0
