139 lines
3.6 KiB
Text
139 lines
3.6 KiB
Text
|
#======================= Global Settings =======================
|
||
|
[global]
|
||
|
workgroup = DOMAIN_NAME
|
||
|
# server string is the equivalent of the NT Description field
|
||
|
server string = SERVER_STRING
|
||
|
wins support = yes
|
||
|
dns proxy = no
|
||
|
time server = yes
|
||
|
netbios name = NETBIOS_NAME
|
||
|
#### Networking ####
|
||
|
; interfaces = 127.0.0.0/8 eth0
|
||
|
;;;; bind interfaces only = true
|
||
|
#### Debugging/Accounting ####
|
||
|
log file = /var/log/samba/log.%m
|
||
|
max log size = 1000
|
||
|
syslog = 0
|
||
|
panic action = /usr/share/samba/panic-action %d
|
||
|
log level = 3
|
||
|
####### Authentication #######
|
||
|
; security = user
|
||
|
encrypt passwords = true
|
||
|
passdb backend = tdbsam
|
||
|
obey pam restrictions = yes
|
||
|
passwd program = /usr/bin/passwd %u
|
||
|
# modified rob@egressive.com 20070213 to make sure users can change password
|
||
|
# passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
|
||
|
passwd chat = *password:* %n\n *password:* %n\n *success*
|
||
|
unix password sync = yes
|
||
|
########## Domains ###########
|
||
|
domain logons = yes
|
||
|
logon drive = H:
|
||
|
logon path = \\%N\profiles\%U
|
||
|
logon script = %U.cmd
|
||
|
domain master = yes
|
||
|
preferred master = yes
|
||
|
|
||
|
enable privileges = yes
|
||
|
|
||
|
#
|
||
|
# Scripts
|
||
|
#
|
||
|
add user script = /usr/sbin/useradd -m %u
|
||
|
delete user script = /usr/sbin/userdel -r %u
|
||
|
add group script = /usr/sbin/groupadd %g
|
||
|
delete group script = /usr/sbin/groupdel %g
|
||
|
add user to group script = /usr/sbin/usermod -G %g %u
|
||
|
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
|
||
|
#
|
||
|
# Winbind
|
||
|
#
|
||
|
idmap uid = 10000-20000
|
||
|
idmap gid = 10000-20000
|
||
|
template shell = /bin/bash
|
||
|
########## Misc ###########
|
||
|
socket options = TCP_NODELAY
|
||
|
# added rob@egressive.com 20070226
|
||
|
# PDB and PNX are used by profax - attempt to sort out speed issues
|
||
|
level2 oplocks = yes
|
||
|
oplocks = yes
|
||
|
veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/*.dbf/*.DBF/*.pdb/*.PDB/*.pnx/*.PNX/
|
||
|
|
||
|
######### Printing ########
|
||
|
load printers = yes
|
||
|
printing = cups
|
||
|
printcap name = CUPS
|
||
|
cups options = Raw
|
||
|
|
||
|
#======================= Share Definitions =======================
|
||
|
[homes]
|
||
|
comment = Home Directories
|
||
|
browseable = no
|
||
|
valid users = %S
|
||
|
writable = yes
|
||
|
create mask = 0600
|
||
|
directory mask = 0700
|
||
|
[netlogon]
|
||
|
comment = Network Logon Service
|
||
|
path = /home/samba/netlogon
|
||
|
admin users = Administrator
|
||
|
valid users = %U
|
||
|
guest ok = yes
|
||
|
writable = no
|
||
|
share modes = no
|
||
|
[profiles]
|
||
|
comment = User Profiles
|
||
|
path = /home/samba/profiles
|
||
|
valid users = %U
|
||
|
guest ok = no
|
||
|
browseable = no
|
||
|
create mask = 0640
|
||
|
directory mask = 0750
|
||
|
writable = yes
|
||
|
[profdata]
|
||
|
comment = User Profile Data
|
||
|
path = /home/samba/profdata
|
||
|
valid users = %U
|
||
|
guest ok = no
|
||
|
browseable = no
|
||
|
create mask = 0660
|
||
|
directory mask = 0770
|
||
|
writable = yes
|
||
|
#[printers]
|
||
|
# comment = All Printers
|
||
|
# browseable = no
|
||
|
# path = /var/spool/samba
|
||
|
# printable = yes
|
||
|
# guest ok = yes
|
||
|
# rob@egresisve.com 20070213
|
||
|
; public = no
|
||
|
; writable = no
|
||
|
; create mode = 0700
|
||
|
#[print$]
|
||
|
# comment = Printer Drivers
|
||
|
## path = /var/lib/samba/printers
|
||
|
# browseable = no
|
||
|
# writable = yes
|
||
|
# guest ok = no
|
||
|
[printers]
|
||
|
comment = All Printers
|
||
|
browseable = no
|
||
|
path = /var/spool/samba
|
||
|
printable = yes
|
||
|
public = no
|
||
|
writable = no
|
||
|
create mode = 0700
|
||
|
|
||
|
# Windows clients look for this share name as a source of downloadable
|
||
|
# printer drivers
|
||
|
[print$]
|
||
|
comment = Printer Drivers
|
||
|
path = /var/lib/samba/printers
|
||
|
browseable = yes
|
||
|
read only = yes
|
||
|
guest ok = no
|
||
|
# Uncomment to allow remote administration of Windows print drivers.
|
||
|
# Replace 'ntadmin' with the name of the group your admin users are
|
||
|
# members of.
|
||
|
write list = root, @domainadmins
|