Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Defining domain name, hostname
- ####################################################
- [global]
- dns proxy = no
- netbios name = pdc
- wins support = Yes
- workgroup = SEMARKIT
- include = /etc/samba/dhcp.conf
- server string = Debian Lenny (5.0.3) PDC
- name resolve order = host lmhosts wins bcast
- # Netwok-settings
- ####################################################
- hosts deny = ALL
- hosts allow = 192.168.1.0/24 127.
- # Specifying passwd backend database
- ####################################################
- # username map = /etc/samba/smbusers
- # smb passwd file = /etc/samba/smbpasswd
- # passdb backend = tdbsam:/etc/samba/userdatabase.tdb
- passdb backend = ldapsam:ldap://127.0.0.1:389
- # LDAPSMB-CONFIG - SMBLDAP-TOOLS
- ####################################################
- # LDAPSMB-CONFIG
- # add user script = /usr/sbin/ldapsmb -a -u "%u"
- # add machine script = /usr/sbin/ldapsmb -a -w "%u"
- # add group script = /usr/sbin/ldapsmb -a -g "%g"
- # add user to group script = /usr/sbin/ldapsmb -j -u "%u" -g "%g"
- # delete user script = /usr/sbin/ldapsmb -d -u "%u"
- # delete group script = /usr/sbin/ldapsmb -d -g "%g"
- # delete user from group script = /usr/sbin/ldapsmb -r -u "%u" -g "%g"
- # set primary group script = /usr/sbin/ldapsmb -m -u "%u" -g "%g"
- # SMBLDAP-TOOLS
- add user script = /usr/sbin/smbldap-useradd -a -m "%u"
- add machine script = /usr/sbin/smbldap-useradd -w "%u"
- add group script = /usr/sbin/smbldap-groupadd -p "%g"
- add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
- delete user script = /usr/sbin/smbldap-userdel "%u"
- delete group script = /usr/sbin/smbldap-groupdel "%g"
- delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
- set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
- # TDBSAM
- # add user script = /usr/sbin/useradd -m %u
- # delete user script = /usr/sbin/userdel -r %u
- # add group script = /usr/sbin/groupadd %g
- # delete group script = /usr/sbin/groupdel %g
- # add user to group script = /usr/sbin/usermod -G %g %u
- # add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g machines %u
- # Various other directives ( man smb.conf )
- ###################################################
- logon drive = H:
- logon home = \\%L\%U
- # logon path = \\%L\profile\%U
- logon script = scripts/logon.bat
- os level = 65
- time server = Yes
- domain master = Yes
- domain logons = Yes
- preferred master = Yes
- enable privileges = yes
- show add printer wizard = yes
- dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
- # Windbind
- ##################################################
- winbind separator = %
- winbind cache time = 10
- winbind enum users = Yes
- winbind uid = 1000-21000
- winbind gid = 1000-21000
- winbind enum groups = Yes
- template shell = /bin/bash
- template homedir = /home/%U
- winbind use default domain = Yes
- # OpenLDAP stuff is defined here
- ###################################################
- ldap ssl = no
- ldap delete dn = Yes
- ldap passwd sync = Yes
- ldap user suffix = ou=Users
- ldap idmap suffix = ou=Users
- ldap group suffix = ou=Groups
- ldap machine suffix = ou=Computers
- ldap suffix = dc=semarkit,dc=dk
- ldap admin dn = cn=admin,dc=semarkit,dc=dk
- idmap uid = 1000-21000
- idmap gid = 1000-21000
- # Defining logging facility
- ####################################################
- syslog = 10
- log level = 256
- log file = /var/log/samba/%m.log
- panic action = /usr/share/samba/panic-action %d
- # Authentication
- ####################################################
- local master = yes
- nt acl support = yes
- security = user
- encrypt passwords = true
- unix password sync = yes
- pam password change = yes
- obey pam restrictions = no
- # Removed for windows clients roaming pofile
- # invalid users = root
- # For unix passwd change - dosen't matter if running LDAP for UNIX auth
- # passwd program = /usr/bin/passwd %u
- # passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
- passwd program = /usr/sbin/smbldap-passwd %u
- passwd chat = *Nyt kodeord* \n *Det nye kodeord skal v�re minimum 6 karaktere lange, og kan indeholde [0-9], [a-z] og [A-Z]* \n *Ny kode* %n\n *Gentag koden* %n\n *Koden skiftet korrekt*
- # Specifying printing subsystem
- ####################################################
- printing = cups
- load printers = Yes
- printcap name = cups
- # Virus Scanning Definitions
- ####################################################
- # vfs object = vscan-clamav
- # vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
- # Misc
- ###################################################
- socket options = TCP_NODELAY
- # SHARE
- ##################################################
- [homes]
- comment = Home Directories
- read only = No
- browseable = Yes
- valid users = %U
- create mode = 0750
- create mask = 0750
- [html]
- comment = www
- path = /home/%U/public
- valid users = %U
- writeable = Yes
- browseable = Yes
- guest ok = No
- # Defining printers
- ####################################################
- [printers]
- comment = All Printers
- path = /var/spool/samba
- printer admin = @"Print Operators"
- public = Yes
- guest ok = Yes
- read only = Yes
- printable = Yes
- browseable = No
- [print$]
- comment = Printer Drivers
- path = /etc/samba/drivers
- guest ok = No
- read only = Yes
- browseable = Yes
- create mask = 0664
- directory mask = 0775
- write list = @"Print Operators"
- # valid users = @"Print Operators"
- # Defining network logon service
- ####################################################
- [netlogon]
- comment = Network Logon Service
- path = /var/lib/samba/netlogon
- guest ok = Yes
- browseable = No
- write list = "@admins"
- # Defining profile share ( for roaming profiles )
- ####################################################
- [profiles]
- comment = Roaming Profiles
- path = /var/lib/samba/profiles
- create mask = 0664
- directory mask = 0755
- browseable = No
- guest ok = Yes
- force user = %U
- valid users = %U "Domain Admins"
- read only = No
- profile acls = Yes
- writeable = Yes
- # Defining arbitary shared resource
- ####################################################
- [share]
- comment = data share
- path = /opt/stuff
- valid users = %U
- # Mnt
- ####################################################
- #[mnt]
- # path = /mnt
- # guest ok = No
- # read only = No
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement