[global] netbios name = ns1 workgroup = example security = user username map = /etc/samba/smbusers os level = 64 domain master = yes local master = yes preferred master = yes wins support = yes domain logons = yes nt acl support = yes # dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # unix password sync = Yes # passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u # passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n ldap admin dn = "cn=Manager,dc=example,dc=com" ldap ssl = start tls passdb backend = ldapsam:"ldap://ns1.example.com" ldap delete dn = no ldap suffix = dc=example,dc=com ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers # add machine script = \ # /usr/sbin/useradd -g users -s /bin/false -M %u # add user script = \ # /usr/sbin/useradd -g users -s /bin/false -m %u # delete user script = \ # /usr/sbin/userdel -r %u # /usr/sbin/gpasswd -r %u %g add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' logon drive = H: logon home = \\%N\%U logon path = \\%L\profiles\%U logon script = logon.bat [netlogon] writable = no public = no path = /home/netlogon root preexec = /usr/local/bin/generate_logon_script \ '%m' '%u' '%a' '%g' '%L' write list = root, Administrator, Admin [profiles] comment = Profiles Share path = /home/profiles guest ok = false writable = yes create mode = 0600 directory mode = 0700 profile acls = yes [homes] path = /home/%U comment = Home Dir browsable = no writable = yes valid users = %S [tmp] comment = temp dir writable = yes browsable = yes public = yes path = /tmp