configuration-templates – Rev 97
?pathlinks?
###########################################################################
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ##
## rights of fair usage, the disclaimer and warranty conditions. ##
###########################################################################
## Optimized standalone configuration template for Samba servers. ##
## ##
## Ideal for: ##
## * Virtual machine file sharing ##
## ##
## Requirements: ##
## * Samba 4.x ##
## * smbldap-tools ##
## ##
## File placement layout: ##
## / ##
## `-- etc ##
## `-- samba ##
## |-- smb.conf ##
## |-- smb.conf.local ##
## |-- smb.conf.share ##
## `-- smb.conf.ldap ##
## ##
## Files Description: ##
## * /etc/samba/smb.conf (main configuration file) ##
## * /etc/samba/smb.conf.local (this file) ##
## * /etc/samba/smb.conf.share (samba shares go here) ##
## ##
###########################################################################
[global]
# Configuration for LDAP authentication backend.
# The setup assumes that all samba entries are children of the "samba"
# organizational unit.
server role = classic primary domain controller
passdb backend = ldapsam:ldap://example.com
ldap suffix = ou=samba,dc=example,dc=com
ldap admin dn = cn=admin,dc=example,dc=com
ldap ssl = off
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
ldap password sync = yes
# Scripts - requires smbldap-tools to be installed.
add user script = /usr/sbin/smbldap-useradd -m '%u' -t 1
rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold'
delete user script = /usr/sbin/smbldap-userdel '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
add machine script = /usr/sbin/smbldap-useradd -w '%u' -t 1