|
|
# Calculate format=samba\
|
|
|
chmod=0644\
|
|
|
chown=root:root
|
|
|
[global]
|
|
|
# Имя сервера
|
|
|
# --------------------------------------------------------------------
|
|
|
workgroup = #-sr_samba_domain-#
|
|
|
netbios name = #-sr_samba_netbios-#
|
|
|
server string = Calculate Directory Server
|
|
|
|
|
|
# Права на создание файлов
|
|
|
# --------------------------------------------------------------------
|
|
|
#маска создаваемых директорий для Windows и cifs-клиентов
|
|
|
directory mask = 0755
|
|
|
#маска для изменения прав на директории для cifs-клиентов
|
|
|
directory security mask = 0755
|
|
|
#маска создаваемых директорий для smbfs-клиентов
|
|
|
force directory security mode = 0755
|
|
|
#ограничение прав файлов при создании и модификации
|
|
|
#для cifs и smbfs клиентов
|
|
|
security mask = 0644
|
|
|
force security mode = 0644
|
|
|
#права файлов на создаваемые и модифицируемые файлы из Windows
|
|
|
create mask = 0644
|
|
|
|
|
|
# добавление админских привилегий в домене группе Domain Admins
|
|
|
enable privileges = yes
|
|
|
|
|
|
# Настройки LDAP
|
|
|
# --------------------------------------------------------------------
|
|
|
|
|
|
#unix password sync = Yes
|
|
|
#passwd program = /usr/local/sbin/smbldap-passwd -u %u
|
|
|
#passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
|
|
|
|
|
|
# При смене пароля юзером через smbpasswd меняем его и в LDAP
|
|
|
#ldap passwd sync = Yes
|
|
|
|
|
|
passdb backend = ldapsam:ldap://127.0.0.1/
|
|
|
# В новых версиях Samba не воспринимает ldap filter
|
|
|
# Удаляем этот аттрибут если версия samba больше 3.0.15
|
|
|
#?pkg(samba)>3.0.15#
|
|
|
!ldap filter =
|
|
|
#pkg#
|
|
|
#?pkg(samba)<=3.0.15#
|
|
|
ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
|
|
|
#pkg#
|
|
|
ldap admin dn = #-ld_samba_dn-#
|
|
|
ldap suffix = #-ld_samba_dn-#
|
|
|
ldap group suffix = ou=Groups
|
|
|
ldap user suffix = ou=Users
|
|
|
ldap machine suffix = ou=Computers
|
|
|
#ldap idmap suffix = ou=Idmap
|
|
|
ldap ssl = off
|
|
|
|
|
|
add machine script = /usr/bin/cl-useradd -w "%u" samba
|
|
|
add user script = /usr/bin/cl-useradd "%u" samba
|
|
|
ldap delete dn = Yes
|
|
|
|
|
|
dos charset = 866
|
|
|
unix charset = UTF-8
|
|
|
display charset = UTF-8
|
|
|
|
|
|
local master = yes
|
|
|
domain master = yes
|
|
|
preferred master = yes
|
|
|
os level = 199
|
|
|
log level = 1
|
|
|
|
|
|
admin users = admin
|
|
|
domain logons = yes
|
|
|
logon script = start.cmd
|
|
|
logon path = \\%L\profiles\%U
|
|
|
logon home = \\%L\%U
|
|
|
logon drive = H:
|
|
|
|
|
|
hosts allow = #-sr_samba_net_allow_pass-#
|
|
|
hosts deny = 0.0.0.0/0
|
|
|
#interfaces = 127.0.0.1 eth0
|
|
|
map to guest = bad user
|
|
|
security = user
|
|
|
encrypt passwords = yes
|
|
|
# Запрет изменения пароля пользователя windows компьютера
|
|
|
unix password sync = yes
|
|
|
null passwords = no
|
|
|
hide unreadable = yes
|
|
|
hide dot files = yes
|
|
|
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
|
|
|
|
|
|
|
|
|
# Поддержка wins
|
|
|
# --------------------------------------------------------------------
|
|
|
wins support = yes
|
|
|
;name resolve order = wins lmhosts host bcast
|
|
|
dns proxy = no
|
|
|
|
|
|
# Поддержка сервера времени
|
|
|
# --------------------------------------------------------------------
|
|
|
time server = yes
|
|
|
;time offset =
|
|
|
# Поддержка томов больше 2 тб
|
|
|
block size = 4096
|
|
|
|
|
|
[homes]
|
|
|
path = #-sr_samba_home_path-#/%u
|
|
|
comment = Home Directories
|
|
|
valid users = %U
|
|
|
read only = No
|
|
|
browseable = No
|
|
|
|
|
|
[profiles]
|
|
|
path = #-sr_samba_winprof_path-#
|
|
|
create mask = 0600
|
|
|
directory mask = 0700
|
|
|
browseable = No
|
|
|
guest ok = Yes
|
|
|
csc policy = disable
|
|
|
writable = yes
|
|
|
force user = %U
|
|
|
valid users = %U
|
|
|
|
|
|
[unix]
|
|
|
path = #-sr_samba_linprof_path-#/%u
|
|
|
browseable = No
|
|
|
writable = yes
|
|
|
directory mask = 0777
|
|
|
directory security mask = 0777
|
|
|
force directory security mode = 0
|
|
|
create mask = 0777
|
|
|
security mask = 0777
|
|
|
force security mode = 0
|
|
|
force user = %U
|
|
|
valid users = %U
|
|
|
hide unreadable = no
|
|
|
root preexec = /usr/lib/calculate/calculate-server/bin/execserv -s --login %U
|
|
|
root postexec = /usr/lib/calculate/calculate-server/bin/execserv -s --logout %U
|
|
|
|
|
|
[netlogon]
|
|
|
path = #-sr_samba_winlogon_path-#/%u
|
|
|
browseable = No
|
|
|
read only = yes
|
|
|
root preexec = /usr/lib/calculate/calculate-server/bin/execserv -s --makedir %U
|
|
|
!root postexec =
|
|
|
|
|
|
|
|
|
[share]
|
|
|
path = #-sr_samba_share_path-#
|
|
|
!magic script = del
|
|
|
!preexec = del
|
|
|
!postexec = del
|
|
|
comment = Share Files
|
|
|
browseable = yes
|
|
|
writable = yes
|
|
|
hide unreadable = yes
|
|
|
|
|
|
|
|
|
[remote]
|
|
|
path = /var/calculate/remote
|
|
|
comment = Client Files
|
|
|
browseable = No
|
|
|
writable = yes
|
|
|
hide unreadable = yes
|
|
|
|
|
|
#Удаляем ресурс для FTP - сервис FTP не установлен
|
|
|
#?sr_ftp_set==off#
|
|
|
[!ftp]
|
|
|
comment = FTP files
|
|
|
#sr_ftp_set#
|
|
|
|
|
|
#Добавляем ресурс для FTP - сервис FTP установлен
|
|
|
#?sr_ftp_set==on#
|
|
|
[ftp]
|
|
|
path = #-sr_ftp_path-#
|
|
|
comment = FTP files
|
|
|
browseable = yes
|
|
|
writable = yes
|
|
|
hide unreadable = yes
|
|
|
#sr_ftp_set# |
