[Samba] SAMBA smb.conf LINUX CLIENT SIDE

jcdole at free.fr jcdole at free.fr
Thu Oct 28 09:39:10 MDT 2010 

      
      SAMBA LDAP PDC OS : Opensuse 11.3 X86-64 with full optionnal server software installed

CLIENT OS : Opensuse 11.3 X86-64 with minimal desktop workstation configuration



Samba : 3.5.4-5.1.2

Ldap : 2.4.21-9.1



I have a small network with less than 10 LINUX CLIENTS and one SAMBA LDAP PDC LINUX.



This is my smb.conf server side file.

Any comment for the server side are welcome.



What should I keep client side.

Is there any body who can help me to make smb.conf linux client side.

Clients are only laptop linux machine with nothing to share.



[global]

#

# Domain

	security = user

#

	workgroup = HATHOR.NWK

	netbios name = LINUX-SRV

	domain logons = Yes

	domain master = Yes

	preferred master = yes

	local master = yes

	os level = 128

	time server = Yes

	wins support = Yes

#	name resolve order = wins bcast hosts

	name resolve order = bcast hosts lmhosts wins

	include = /etc/samba/dhcp.conf

	unix charset = utf8

	username map = /etc/samba/smbusers

	map to guest = Bad User

	guest account = nobody

#

#

# Security

	hosts allow = 127.0.0.1 127.0.0.2 192.168.130.0/24

	hosts deny = 0.0.0.0/0

#

#

#

# Usershare

#

	usershare allow guests = No

	usershare max shares = 100

	usershare owner only = False

#

# Printer

#

### not in use ### printer admin = root

	printing = cups

	printcap name = cups

	printcap cache time = 750

	cups options = raw

	load printers = yes

	use client driver = yes



#

# Roaming profiles Home and share

#

	logon path = \\%N\Smb_profile\%u

#

	logon home = \\%N\Smb_home\%u

#

	logon script = logon.sh

#

	logon drive = X:

#

#

# Ldap config

#

#			passdb backend = tdbsam

#	passdb backend		= ldapsam:"ldap://LINUX-SRV.HATHOR.NWK"

#

	passdb backend		= ldapsam:"ldap://localhost"

	ldapsam:trusted	    = yes

# ldap ssl = on off start tls

	ldap ssl			= off

	ldap passwd sync	    = yes

	ldap suffix		    = dc=hathor,dc=nwk

	ldap machine suffix	= ou=Computers,ou=Users

	ldap user suffix	    = ou=Peoples,ou=Users

	ldap group suffix	    = ou=Groups

	ldap idmap suffix	    = ou=Idmap

	ldap admin dn		= cn=Samba_Manager,dc=hathor,dc=nwk

	idmap backend		= ldap:ldap://127.0.0.1

	idmap uid			= 10000-20000

	idmap gid			= 10000-20000

#

#

# samba tools

#

	add user script = /usr/sbin/smbldap-useradd -m '%u'

	delete user script = /usr/sbin/smbldap-userdel '%u'

	add group script = /usr/sbin/smbldap-groupadd -p '%g'

	delete group script = /usr/sbin/smbldap-groupdel '%g'

	add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'

	delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'

	set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'

	passwd program = /usr/sbin/smbldap-passwd '%u'

# Only linux box

	add machine script = /usr/sbin/smbldap-useradd -w '%u'

#

#

# syslog

#

	log level = 2

	syslog = 1

	log file = /var/log/samba/%m

	max log size = 0

#

#

# Winbindd

#

winbind offline logon = yes

winbind enum users = yes

winbind enum groups = yes

template homedir = /home/%D/%U

template shell = /bin/bash

winbind separator = \

#

#



#========================Share Definitions=========================

#

#

[Smb_home]

	comment = Votre Repertoire : \\%N\Samba_homes\%u

	path = /data_1/100_samba/sysvol/homes

	valid users = "@Domain Users"

	writable = yes

	create mask = 0700

	directory mask = 0700

#

#

[Smb_profile]

	comment = Profile itinerant \\%N\Samba_profiles\%u

	path = /data_1/100_samba/sysvol/profiles

	valid users = "@Domain Users"

	writeable = yes

	browseable = no

	create mode = 0700

	directory mode = 0700

#

#

[netlogon]

	comment = Network Logon Service (Netlogon)

	path = /data_1/100_samba/sysvol/linux-srv/netlogon

	valid users = "@Domain Users"

	writeable = yes

	browseable = yes

#

# Printer

#

[printers]

	comment = All Printers

	path = /var/tmp

	printable = Yes

	create mask = 0700

	browseable = No

#

#

[print$]

	comment = Printer Drivers

	path = /var/lib/samba/drivers

	write list = @Domain Admins

	force group = Domain Admins

	create mask = 0664

	directory mask = 0775

#

#

[sysvol]

	path = /data_1/100_samba/sysvol

	valid users = "@Domain Users"

	read only = no

#

#

[Publique]

	comment = PUBLIC 

	path = /data_1/100_samba/publique

	writeable = yes

	browseable = yes

	valid users = "@Domain Users"



Thank you for helping me



JC DOLE

More information about the samba mailing list