[global] workgroup = DOMAIN server string = NT4-style PDC (ver. %v) netbios name = dc0 log file = /var/log/samba/log.%m-%L max log size = 65535 ldap ssl = off security = user # passdb backend = ldapsam:ldap://smbldap.local/ passdb backend = ldapsam:ldap://192.168.0.2/ ldapsam:trusted = yes ldap admin dn = cn=samba,ou=Daemons,dc=smbldap,dc=local ldap delete dn = no ldap passwd sync = yes ldap suffix = dc=smbldap,dc=local ldap user suffix = ou=Users,ou=Accounts ldap machine suffix = ou=Computers,ou=Accounts ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap idmap config * : backend = ldap:ldap://smbldap.local idmap config * : range = 10000-50000 domain master = yes domain logons = yes max protocol = NT1 logon script = %U-%m.vbs logon path = logon home = add user script = /usr/local/sbin/smbldap-useradd "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" delete user script = /usr/local/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" rename user script = /usr/local/sbin/smbldap-usermod -r "%unew" "%uold" guest account = guest local master = yes os level = 254 preferred master = yes wins support = yes load printers = no printing = lprng printcap name = /dev/null map archive = no map hidden = no map read only = no map system = no store dos attributes = yes dos charset = CP866 unix charset = UTF8 defer sharing violations = no time server = yes map acl inherit = yes winbind enum users = yes winbind enum groups = yes template shell = /bin/false vfs objects = acl_xattr, streams_xattr [netlogon] comment = Network Logon Service path = /mnt/shared/netlogon guest ok = yes writable = no write list = "+DOMAIN\Domain Admins" root preexec = /usr/local/sbin/smblogon.sh "%U" "%m" "%a" root postexec = rm -f "/mnt/shared/netlogon/%U-%m.vbs"