Primary Domain Controller
Материал из OpenWiki
Пример smb.conf
[global] dos charset = CP866 unix charset = koi8-r display charset = koi8-r workgroup = HOMENET netbios name = HOMENET-DC1 netbios aliases = Gate, MyFrame, Cluster, Server2, Offices-Gate, Video, Music, Wsus, Ftp, Sql, Security, Www, Optic, Fiber server string = interfaces = lo, eth0 bind interfaces only = Yes update encrypted = Yes obey pam restrictions = Yes passdb backend = ldapsam:ldap://10.70.1.6 pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . username map = /etc/samba/users.map client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 announce version = 6.0 time server = Yes enable asu support = Yes load printers = No show add printer wizard = No add user script = /usr/sbin/smbldap-useradd -a -m '%u' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -t 0 -i -w '%u' logon script = scripts\homenet.bat logon path = logon drive = U: domain logons = Yes os level = 255 lm announce = Yes preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=homenet,dc=ru ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=samba,dc=homenet,dc=ru ldap ssl = no ldap user suffix = ou=Users afs username map = %u@homenet.ru panic action = /usr/share/samba/panic-action %d idmap backend = ldap:ldap://10.70.1.6 idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes admin users = "@Domain Admins", @Administrators, root write list = "@Domain Admins" create mask = 0666 directory mask = 0777 hosts allow = 0.0.0.0, 127.0.0.1, 10.70.0.0/16, homenet.ru hosts deny = all ea support = Yes hide files = /*desktop.ini*/ include = /etc/samba/dhcp.conf [homes] comment = Homes valid users = "@Domain Users" read only = No create mask = 0644 directory mask = 0700 browseable = No [netlogon] comment = Network Logon Service path = /home/netlogon read only = No create mask = 0644 security mask = 0644 directory mask = 0644 directory security mask = 0644 guest ok = Yes browseable = No share modes = No [Distributive] comment = Install Programs & More path = /home/f/ftp/pub/distributive valid users = "@Domain Users" read only = No force create mode = 0666 force security mode = 0777 force directory mode = 0777 force directory security mode = 0777 [MultiMedia] comment = Movies & Musics path = /home/f/ftp/pub/music_video valid users = "@Domain Users" write list = "@Domain Admins", "@MultiMedia Admins" force create mode = 0666 force security mode = 0777 force directory mode = 0777 force directory security mode = 0777 [Drivers] comment = Drivers path = /home/f/ftp/pub/drivers valid users = "@Domain Users" read only = No force create mode = 0666 force security mode = 0777 force directory mode = 0777 force directory security mode = 0777 [Internet] comment = Internet Sharing path = /home/internet valid users = "@WWW Internet" read list = "@WWW Internet" write list = "@Domain Admins", @Administrators browseable = No [Multimedia] comment = Upload Users path = /home/f/ftp/pub/music_video/Upload valid users = "@Domain Users" write list = "@Domain Admins", "@Domain Users" read only = No
