[Samba] Example smb.conf?
Patrick Goetz
pgoetz at math.utexas.edu
Tue Dec 14 01:17:23 UTC 2021
On 12/13/21 17:59, Gregory Sloop via samba wrote:
>
>
> I'm looking for a good starting point for a smb.conf for an AD member file server, serving Windows/Mac clients.
> I don't see anything on the Wiki, and a good sane starting place would be good.
>
> (Probably use RID, I think it makes the most sense. No substantial *nix machines/users in the mix.)
>
This is a pretty basic smb.conf that uses RID and extended ACL support:
[global]
workgroup = EA
security = ADS
realm = EA.LINUXCS.COM
winbind refresh tickets = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind use default domain = yes
# (Remove the following after testing)
# winbind enum users = yes
# winbind enum groups = yes
idmap config * : backend = tdb
idmap config * : range = 3000-9999
idmap config EA : backend = rid
idmap config EA : range = 10000-999999
# Printing is disabled
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
# User templates
template homedir = /home/%U
template shell = /bin/bash
username map = /etc/samba/user.map
#======================= Share Definitions =======================
[home]
comment = Home Directories
path = /data/home
guest ok = no
browseable = no
writeable = yes
create mask = 2750
directory mask = 2750
follow symlinks = yes
[share]
comment = Share Directory
path = /data/share
guest ok = no
browseable = yes
writeable = yes
create mask = 2770
directory mask = 2770
# force group = ea-staff
# This can slow down large directory listings
# hide unreadable = yes
# inherit permissions = yes
follow symlinks = yes
More information about the samba
mailing list