[global] # Let's identify ourselves netbios name = GROOVE workgroup = NYMUSIKK server string = Ny Musikk PDC [on Ubuntu :: Samba server %v] # Secure the box a bit #hosts allow = 10.0.0.0/24 127.0.0.0/8 #hosts allow = 192.168.4.0/24 127.0.0.0/8 security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #interfaces = lo eth0 #bind interfaces only = yes # We wanna be a PDC local master = yes os level = 65 domain master = yes preferred master = yes # Secure the box a bit more null passwords = no hide unreadable = yes hide dot files = yes # Domain related domain logons = yes logon script = logon.bat OR %U.bat logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\%U\.9xprofile # Wins and proxy support wins support = yes name resolve order = wins lmhosts hosts bcast dns proxy = no # Time server and logging time server = yes log level = 2 log file = /var/log/samba/sambapdc.%m max log size = 50 smb passwd file = /etc/samba/private/smbpasswd # User maintenance add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel =r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u passwd program = /usr/bin/passwd %u passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \ "*Password changed*" # # Adding users: # - smbpasswd -a your_user # - smbpasswd -a root # Set the unix charset unix charset = ISO8859-1 # Needed to be able to add new computers to the domain admin users = @admins admin group = @admins ;; net groupmap modify ntgroup="Domain Admins" unixgroup=admins ;; net groupmap modify ntgroup="Domain Users" unixgroup=nymusikk ;; net groupmap modify ntgroup="Domain Guests" unixgroup=nobody [netlogon] # chmod -R 0755 path = /var/lib/samba/netlogon public = no writeable = no browseable = no #read only = yes #write list = @admins #read list = @admins, @nymusikk [profiles] # chmod -R 0755 path = /var/lib/samba/profiles browseable = no writable = yes default case = lower preserve case = no short preserve case = no case sensitive = no hide files = /desktop.ini/ntuser.ini/NTUSER.*/ write list = @admins @nymusikk create mode = 0600 directory mode = 0700 [homes] path = /home/%U comment = Home Directories valid users = %S browseable = No writable = yes guest ok = no inherit permissions = yes [nymusikk] comment = Shared area for Ny Musikk path = /opt/nymusikk public = yes writable = no browseable = yes valid users = @nymusikk read list = @nymusikk write list = @nymusikk