[global] # No .tld workgroup = Domaine # With .tld realm = Domaine.INTERNAL server string = %h server (Samba %v) # Active Directory System security = ads # Just a member server local master = no domain master = no preferred master = no dns proxy = no winbind enum users = yes winbind enum groups = yes winbind uid = 10000-20000 winbind gid = 10000-20000 # This way users log in with username instead of username@example.org winbind use default domain = yes # Inherit groups in groups winbind nested groups = yes winbind refresh tickets = yes winbind offline logon = true interfaces = eth0 lo syslog = 0 log file = /var/log/samba/log.%m log level = 2 max log size = 1000 panic action = /usr/share/samba/panic-action %d invalid users = root # Becomes /home/example/username template homedir = /home/%D/%U # No shell access template shell = /bin/bash winbind offline logon = yes winbind refresh tickets = yes client use spnego = yes client ntlmv2 auth = yes encrypt passwords = true restrict anonymous = 2 #Drucker deaktivieren: printcap name = /dev/null load printers = no printing = bsd show add printer wizard = no disable spoolss = yes # Works both in samba 3.2 and 3.6. idmap backend = tdb idmap uid = 10000-99999 idmap gid = 10000-99999 # no .tld idmap config * : backend = tdb idmap config * : range = 10000-30000 #idmap config Domaine :backend = rid #idmap config Domaine :range = 10000-99999 winbind nss info = tfc2307 idmap config Domaine : backend = ad idmap config Domaine : schema_mode = rfc2307 idmap config Domaine : range = 30000-40000 idmap_ldb:use rfc2307 = yes winbind cache time = 60 vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes unix extensions = no reset on zero vc = yes veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/.profile/.gnupg/ hide unreadable = yes #speed max xmit = 65535 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=65535 SO_RCVBUF=65535 read raw = yes write raw = yes max connections = 65535 max open files = 65535 [DATA1] comment = 2 TB Share path = /mnt/data7/ read only = No create mask = 0754 guest ok = Yes hide files = /lost+found/:2eFBCLockFolder/.FBCLockFolder/:2eFBCIndex/.FBCIndex/TheVolumeSettingsFolder/TheFindByContentFolder/Temporary Items/Network Trash Folder/.AppleDB/:2eVolumeIcon.icns/.VolumeIcon.icns/Icon/.AppleDouble/.AppleDesktop/desktop.ini/RECYCLER/.apdisk/ writeable = yes force group = domänen-benutzer #valid users = @domänen-benutzer [TEST] comment = Test - Share path = /home/Domaine/testbenutzer/ read only = No create mask = 0754 guest ok = Yes hide dot files = No hide files = /lost+found/:2eFBCLockFolder/.FBCLockFolder/:2eFBCIndex/.FBCIndex/TheVolumeSettingsFolder/TheFindByContentFolder/Temporary Items/Network Trash Folder/.AppleDB/:2eVolumeIcon.icns/.VolumeIcon.icns/Icon/.AppleDouble/.AppleDesktop/desktop.ini/RECYCLER/.apdisk/