# Samba example configuration for a Primary Domain Controller

# Global parameters
[global]
	workgroup = MASTER
	server string = Samba %v PDC (%h)
	interfaces = eth0, lo
	bind interfaces only = Yes
	auth methods = guest, sam, winbind
	passdb backend = tdbsam
	passwd program = /usr/bin/passwd '%u'
	username map = /etc/samba/users.map
	unix password sync = Yes
	enable privileges = Yes
	log level = 1
	time server = Yes
	hostname lookups = Yes
	add user script = /usr/sbin/useradd -g users -G domuser -c "Domain User" -d /home/'%u' -s /bin/false -m '%u'
	delete user script = /usr/sbin/userdel -r '%u'
	add group script = /usr/bin/smb_addgroup '%g'
	delete group script = /usr/sbin/groupdel '%g'
	add user to group script = /usr/bin/smb_addtogroup '%u' '%g'
	delete user from group script = /usr/bin/smb_delfromgroup '%u' '%g'
	set primary group script = /usr/bin/smb_setprimgroup '%u' '%g'
	add machine script = /usr/sbin/useradd -g domcomputer -c Machine_%u -d /dev/null -s /bin/false '%u'
	shutdown script = /usr/bin/smb_shutdown %t %r %f
	abort shutdown script = /usr/bin/smb_abortshutdown
	add share command = /usr/bin/smb_modshare
	delete share command = /usr/bin/smb_modshare
	logon script = scripts\%U.bat
	logon path = \\%L\profiles\%U\%a
	logon drive = G:
	logon home = \\%L\%U\.profiles
	domain logons = Yes
	os level = 65
	preferred master = Yes
	domain master = Yes
	wins support = Yes
	ldap ssl = no
	utmp = Yes
	map acl inherit = Yes
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	hosts allow = 192.168.0.0/16, 127.0.0.1
	hosts deny = 0.0.0.0/0

[homes]
	comment = Home Directories
	valid users = %S
	read only = No
	browseable = No

[printers]
	comment = SMB Print Spool
	path = /var/spool/samba
	printable = Yes
	use client driver = Yes
	browseable = No

[netlogon]
	comment = Domain Logon Service
	path = /home/samba/logon
	write list = root
	guest ok = Yes
	browsable = no
	share modes = no
	locking = no
	root preexec = /usr/bin/smb_genlogon '%U' '%G' '%L' '%a' '%H' '%D'

[profiles]
	path = /home/samba/ntprofile
	read only = no
	create mask = 0600
	directory mask = 0700
	browsable = no
	profile acls = Yes

[print$]
	comment = Network Printer Drivers
	path = /home/samba/printers
	write list = root
	guest ok = Yes

[IPC$]
	path = /tmp

[ibmlan$]
	path = /tmp

[users]
	comment = All Users
	path = /mnt/users
	force group = users
	read only = No
	create mask = 0664
	directory mask = 0775