1# Global parameters 2[global] 3 workgroup = IDEALX-NT 4 netbios name = PDC-SRV 5 security = user 6 enable privileges = yes 7 #interfaces = 192.168.5.11 8 #username map = /etc/samba/smbusers 9 server string = Samba Server %v 10 #security = ads 11 encrypt passwords = Yes 12 min passwd length = 3 13 #pam password change = no 14 #obey pam restrictions = No 15 #ldap passwd sync = Yes 16 unix password sync = Yes 17 passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u 18 passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" 19 #passwd chat debug = Yes 20 log level = 0 21 syslog = 0 22 log file = /var/log/samba/log.%m 23 max log size = 100000 24 time server = Yes 25 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 26 mangling method = hash2 27 Dos charset = 850 28 Unix charset = ISO8859-1 29 30 logon script = logon.bat 31 logon drive = H: 32 logon home = 33 logon path = 34 35 domain logons = Yes 36 domain master = Yes 37 os level = 65 38 preferred master = Yes 39 wins support = yes 40 passdb backend = ldapsam:ldap://127.0.0.1/ 41 ldap admin dn = cn=Manager,dc=idealx,dc=org 42 #ldap admin dn = cn=samba,ou=DSA,dc=idealx,dc=org 43 ldap suffix = dc=idealx,dc=org 44 ldap group suffix = ou=Groups 45 ldap user suffix = ou=Users 46 ldap machine suffix = ou=Computers 47 #ldap idmap suffix = ou=Idmap 48 add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" 49 #ldap delete dn = Yes 50 delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" 51 add machine script = /opt/IDEALX/sbin/smbldap-useradd -t 0 -w "%u" 52 add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" 53 #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" 54 add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" 55 delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" 56 set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u' 57 58 # printers configuration 59 printer admin = @"Print Operators" 60 load printers = Yes 61 create mask = 0640 62 directory mask = 0750 63 #force create mode = 0640 64 #force directory mode = 0750 65 nt acl support = No 66 printing = cups 67 printcap name = cups 68 deadtime = 10 69 guest account = nobody 70 map to guest = Bad User 71 dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd 72 show add printer wizard = yes 73 ; to maintain capital letters in shortcuts in any of the profile folders: 74 preserve case = yes 75 short preserve case = yes 76 case sensitive = no 77 78[netlogon] 79 path = /home/netlogon/ 80 browseable = No 81 read only = yes 82 83[profiles] 84 path = /home/profiles 85 read only = no 86 create mask = 0600 87 directory mask = 0700 88 browseable = No 89 guest ok = Yes 90 profile acls = yes 91 csc policy = disable 92 # next line is a great way to secure the profiles 93 #force user = %U 94 # next line allows administrator to access all profiles 95 #valid users = %U "Domain Admins" 96 97[printers] 98 comment = Network Printers 99 printer admin = @"Print Operators" 100 guest ok = yes 101 printable = yes 102 path = /home/spool/ 103 browseable = No 104 read only = Yes 105 printable = Yes 106 print command = /usr/bin/lpr -P%p -r %s 107 lpq command = /usr/bin/lpq -P%p 108 lprm command = /usr/bin/lprm -P%p %j 109 # print command = /usr/bin/lpr -U%U@%M -P%p -r %s 110 # lpq command = /usr/bin/lpq -U%U@%M -P%p 111 # lprm command = /usr/bin/lprm -U%U@%M -P%p %j 112 # lppause command = /usr/sbin/lpc -U%U@%M hold %p %j 113 # lpresume command = /usr/sbin/lpc -U%U@%M release %p %j 114 # queuepause command = /usr/sbin/lpc -U%U@%M stop %p 115 # queueresume command = /usr/sbin/lpc -U%U@%M start %p 116 117[print$] 118 path = /home/printers 119 guest ok = No 120 browseable = Yes 121 read only = Yes 122 valid users = @"Print Operators" 123 write list = @"Print Operators" 124 create mask = 0664 125 directory mask = 0775 126 127