OT: Example Samba 3.0 configuration file

To: <debian-user@lists.debian.org>
Subject: OT: Example Samba 3.0 configuration file
From: "Mark Maas" <mark@menem.mine.nu>
Date: Tue, 20 Jan 2004 21:02:00 +0100
Message-id: <[🔎] 007d01c3df90$4425d2c0$9600000a@picard>
Hi,

I've been busy trying to create a full fledge Samba 3.0 based PDC working.
Eventually I want to be able to fully transfer the whole domain and file and
printer serving from the current windows environment to a Debian/Samba based
domain.

It will contain ~50 users, and two interdomain trusts with company's in
america.

Currently I've got the following setup working for me:
1 server PDC.
Adding users and groups is working.

Starting work on compiling a new kernel with ACL support and then a LDAP
based user-backend because we could eventually migrate all domains to Samba
based domains. User replication is then only possible using LDAP.

I wanted to share my current findings with the world and figured this would
be a good place... If there is a better place: then i'm sorry to waste your
time. Please also show me the good place?


This SMB.conf and addgroup.sh are working great:
#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which
# are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentary and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not many any basic syntactic
# errors.
#

#======================= Global Settings =======================

[global]

panic action = /usr/share/samba/panic-action %d
follow symlinks = no

netbios name = data
workgroup = enterprise

server string = %h server (Samba %v)
guest account = nobody
invalid users = root
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
security = user
encrypt passwords = true
passdb backend = tdbsam
nt acl support = yes
host msdfs = yes
load printers = no
show add printer wizard = no

# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
# You may want to add the following on a Linux system:
#         SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY

local master = yes
os level = 65
domain master = yes
preferred master = yes
local master = yes
domain logons = yes
#logon path = \\$L\profiles\%U
logon path =  ;Disables Roaming Profiles
logon drive = M:
logon home = \\%L\%U
#logon script = kix32.exe

admin users = root administrator @ntadmin

add machine script = /usr/sbin/adduser --home /dev/null --ingroup
machines --shell /bin/false --no-create-home --disabled-login --gecos "SAMBA
Machine Account" --force-badname "%u"

unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter*new*UNIX*password:* %n\n *Retype*new*UNIX*password:*
%n\n *passwd:*password*updated*successfully*
passwd chat debug = yes

add user script = /usr/sbin/adduser --shell
/dev/null --quiet --disabled-login --gecos "Samba user" %u
delete user script =
/usr/sbin/deluser --remove-home --remove-all-files --backup %u

add group script = /etc/samba/addgroup.sh "%g"
delete group script = /usr/sbin/delgroup "%g"

add user to group script = /usr/sbin/adduser %u "%g"
delete user from group script = /usr/sbin/deluser %u "%g"
set primary group script = /usr/sbin/usermod -g "%g" %u

wins support = yes
dns proxy = no
preserve case = yes
short preserve case = yes


#======================= Share Definitions =======================

[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   create mask = 0700
   directory mask = 0700
   vfs objects = recycle

[netlogon]
   comment = Network Logon Service ;Needed for a PDC
   path = /home/samba/netlogon
#   guest ok = yes
   writable = no
   share modes = no
   write list = @ntadmin
   browseable = no

;[profiles]
;   path = /home/samba/profiles ;This share is needed for roaming profiles
;   read only = no
;   create mask = 0600
;   directory mask = 0700
;   browseable = no

;[printers]
;   comment = All Printers ;Share needed for printer support.
;   browseable = no
;   path = /tmp
;   printable = yes
;   public = no
;   writable = no
;   create mode = 0700

[dfs]
#Create dfs root links with: ln -s msdfs:storageA\\shareA linka and ln -s
msdfs:serverB\\share,serverC\\share linkb
#see also: http://www.samba.org/samba/docs/man/msdfs.html
    comment = Experimental DFS root share
    path = /home/dfs
    msdfs root = yes

[cdrom]
   comment = Data's CD-ROM
   writable = no
   locking = no
   path = /cdrom
   public = yes
   preexec = /bin/mount /cdrom
   postexec = /bin/umount /cdrom

addgroup.sh:
#!/bin/bash

# Add the group using normal system groupadd tool.
addgroup smbtmpgrp00

thegid=`cat /etc/group | grep smbtmpgrp00 | cut -d ":" -f3`

# Now change the name to what we want for the MS Windows networking end
cp /etc/group /etc/group.bak
cat /etc/group.bak | sed "s/smbtmpgrp00/$1/g" > /etc/group

# Now return the GID as would normally happen.
echo $thegid
exit 0
Reply to:
Prev by Date: Re: Debian dedicated hosting
Next by Date: True-type fonts from Windows
Previous by thread: Re: Semi-Old Video Card Recommendation
Next by thread: True-type fonts from Windows
Index(es):
- Date
- Thread