-
Notifications
You must be signed in to change notification settings - Fork 0
/
smb.conf
92 lines (92 loc) · 2.38 KB
/
smb.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
netbios name = pdc
workgroup = mondomaine
wins support = yes
interfaces = 127.0.0.1/8 10.1.0.0/24
bind interfaces only = yes
server role = active directory domain controller
domain master = yes
security = user
preferred master = yes
...
passdb backend = ldapsam:ldap://ldap
ldap suffix = dc=mondomaine,dc=fr
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,dc=mondomaine,dc=fr
# ldap ssl = start tls
ldap ssl = no
ldap passwd sync = yes
...
# (outils de smbldap-utils)
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldapgroupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldapgroupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldapusermod -g "%g" "%u"
...
winbind use default domain = yes
nt acl support = yes
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
...
domain logons = yes
logon path = \\%L\profiles\%U
logon drive = P:
logon home = \\%L\%U
logon script =%U.bat
...
[homes]
comment = Home Directories
path = /home/samba/shares/users/%U b
rowseable = no
read only = no
writeable = yes
public = no
printable = no
browsable = no force user =%U
force group = %U
preserve case = yes
create mask = 0660
force create mode = 0660
directory mask = 0770
force directory mode = 0770
valid users = %U
...
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
create mask = 0700
directory mask = 0700
read only = yes
write list = @"Domain Admins"
...
[profiles]
comment = Users profiles
path = /home/samba/profiles
guest ok = no browseable = yes
create mask = 0600
directory mask = 0700
valid users = %U,@"Domain Admins"
profile acls = yes
writable = yes
...
[commun]
comment = Commun
path = /home/samba/shares/commun
valid users = @"Domain Users",@"Domain Admins"
public = no
writable = yes
printable = no
browseable = yes
force user = %U
force group = "Domain Users"
preserve case = yes
create mask = 0660
directory mask = 0770
force create mode = 0660
force directory mode = 0770