egscripts/egserverinstall/templates/smb.conf

138 lines
3.6 KiB
Text

#======================= Global Settings =======================
[global]
workgroup = DOMAIN_NAME
# server string is the equivalent of the NT Description field
server string = SERVER_STRING
wins support = yes
dns proxy = no
time server = yes
netbios name = NETBIOS_NAME
#### Networking ####
; interfaces = 127.0.0.0/8 eth0
;;;; bind interfaces only = true
#### Debugging/Accounting ####
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
log level = 3
####### Authentication #######
; security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
passwd program = /usr/bin/passwd %u
# modified rob@egressive.com 20070213 to make sure users can change password
# passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd chat = *password:* %n\n *password:* %n\n *success*
unix password sync = yes
########## Domains ###########
domain logons = yes
logon drive = H:
logon path = \\%N\profiles\%U
logon script = %U.cmd
domain master = yes
preferred master = yes
enable privileges = yes
#
# Scripts
#
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
#
# Winbind
#
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
########## Misc ###########
socket options = TCP_NODELAY
# added rob@egressive.com 20070226
# PDB and PNX are used by profax - attempt to sort out speed issues
level2 oplocks = yes
oplocks = yes
veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/*.dbf/*.DBF/*.pdb/*.PDB/*.pnx/*.PNX/
######### Printing ########
load printers = yes
printing = cups
printcap name = CUPS
cups options = Raw
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
valid users = %S
writable = yes
create mask = 0600
directory mask = 0700
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
admin users = Administrator
valid users = %U
guest ok = yes
writable = no
share modes = no
[profiles]
comment = User Profiles
path = /home/samba/profiles
valid users = %U
guest ok = no
browseable = no
create mask = 0640
directory mask = 0750
writable = yes
[profdata]
comment = User Profile Data
path = /home/samba/profdata
valid users = %U
guest ok = no
browseable = no
create mask = 0660
directory mask = 0770
writable = yes
#[printers]
# comment = All Printers
# browseable = no
# path = /var/spool/samba
# printable = yes
# guest ok = yes
# rob@egresisve.com 20070213
; public = no
; writable = no
; create mode = 0700
#[print$]
# comment = Printer Drivers
## path = /var/lib/samba/printers
# browseable = no
# writable = yes
# guest ok = no
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
public = no
writable = no
create mode = 0700
# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# Replace 'ntadmin' with the name of the group your admin users are
# members of.
write list = root, @domainadmins