calculate-utils-2.1-server/profile/samba/etc/samba/smb.conf

# Calculate format=samba\
chmod=0644\
chown=root:root
[global]
	# Имя сервера
	# --------------------------------------------------------------------
	workgroup = #-sr_samba_domain-#
	netbios name = #-sr_samba_netbios-#
	server string = Calculate Directory Server

	# Права на создание файлов
	# --------------------------------------------------------------------
#?pkg(samba)<4.10#
	#маска для изменения прав на директории для cifs-клиентов
	directory security mask = 0755
	#маска создаваемых директорий для smbfs-клиентов
	force directory security mode = 0755
	#ограничение прав файлов при создании и модификации
	#для cifs и smbfs клиентов
	security mask = 0644
	force security mode = 0644
#pkg#
#?pkg(samba)>=4.10#
	!directory security mask =
	!force directory security mode =
	!security mask =
	!force security mode =
#pkg#
	#маска создаваемых директорий для Windows и cifs-клиентов
	directory mask = 0755
	force directory mode = 0755
	#права файлов на создаваемые и модифицируемые файлы из Windows
	create mask = 0644
	force create mode = 0644

#?pkg(samba)<4.10#
	# добавление админских привилегий в домене группе Domain Admins
	enable privileges = yes
#pkg#
#?pkg(samba)>=4.10#
	!enable privileges =
#pkg#

	# Настройки LDAP
	# --------------------------------------------------------------------

	#unix password sync = Yes
	#passwd program = /usr/local/sbin/smbldap-passwd -u %u
	#passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"

	# При смене пароля юзером через smbpasswd меняем его и в LDAP
	#ldap passwd sync = Yes

	passdb backend = ldapsam:ldap://127.0.0.1/
	# В новых версиях Samba не воспринимает ldap filter
	# Удаляем этот аттрибут если версия samba больше 3.0.15
#?pkg(samba)>3.0.15#
	!ldap filter =
#pkg#
#?pkg(samba)<=3.0.15#
	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
#pkg# 
	ldap admin dn = #-ld_samba_dn-#
	ldap suffix = #-ld_samba_dn-#
	ldap group suffix = ou=Groups
	ldap user suffix = ou=Users
	ldap machine suffix = ou=Computers
	#ldap idmap suffix = ou=Idmap
	ldap ssl = off

	add machine script = /usr/bin/cl-useradd -w "%u" samba
	add user script = /usr/bin/cl-useradd "%u" samba
	ldap delete dn = Yes

	dos charset = 866
	unix charset = UTF-8
#?pkg(samba)<4.10#
	display charset = UTF-8
#pkg#
#?pkg(samba)>=4.10#
	!display charset =
#pkg#

	local master = yes
	domain master = yes
	preferred master = yes
	os level = 199
	log level = 1

	admin users = admin
	domain logons = yes
	logon script = start.cmd
	logon path = \\%L\profiles\%U
	logon home = \\%L\%U
	logon drive = H:

	hosts allow = #-sr_samba_net_allow_pass-#
	hosts deny = 0.0.0.0/0
	#interfaces = 127.0.0.1 eth0
	map to guest = bad user
	security = user

#?pkg(samba)<4.11#
	encrypt passwords = yes
#pkg#
#?pkg(samba)>=4.11#
	!encrypt passwords =
#pkg#
	# Запрет изменения пароля пользователя windows компьютера
	unix password sync = no
#?pkg(samba)<4.11#
	null passwords = no
#pkg#
#?pkg(samba)>=4.11#
	!null passwords =
#pkg#
	hide unreadable = yes
	hide dot files = yes
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	!server min protocol =
 
	# Поддержка wins
	# --------------------------------------------------------------------
	wins support = yes
	winbind normalize names = yes
	;name resolve order = wins lmhosts host bcast
	dns proxy = no

	# Поддержка сервера времени
	# --------------------------------------------------------------------
	time server = yes
	;time offset =
	# Поддержка томов больше 2 тб
	block size = 4096

[homes]
	path = #-sr_samba_home_path-#/%u
	comment = Home Directories
	valid users = %U
	read only = No
	browseable = No
	root preexec = /usr/lib/calculate/calculate-server/bin/execsamba -s --makedir %U
	root postexec = /usr/lib/calculate/calculate-server/bin/execsamba -s --logout %U

[profiles]
	path = #-sr_samba_winprof_path-#
	create mask = 0600
	directory mask = 0700
	browseable = No
	guest ok = Yes
	csc policy = disable
	writable = yes
	force user = %U
	valid users = %U

[unix]
	path = #-sr_samba_linprof_path-#/%u
	browseable = No
	writable = yes
#?pkg(samba)<4.11#
	directory mask = 0777
	directory security mask = 0777
	force directory security mode = 0
	create mask = 0777
	security mask = 0777
	force security mode = 0
#pkg#
#?pkg(samba)>=4.11#
	!directory security mask = 
	!force directory security mode = 
	!security mask = 
	!force security mode = 
	directory mask = 0777
	force directory mode = 0
	create mask = 0777
	force create mode = 0
#pkg#
	force user = %U
	valid users = %U
	hide unreadable = no
	root preexec = /usr/lib/calculate/calculate-server/bin/execserv -s --login %U
	root postexec = /usr/lib/calculate/calculate-server/bin/execserv -s --logout %U

[netlogon]
	path = #-sr_samba_winlogon_path-#/%u
	browseable = No
	read only = yes
	root preexec = /usr/lib/calculate/calculate-server/bin/execserv -s --makedir %U
	!root postexec = 


[share]
	path = #-sr_samba_share_path-#
	!magic script = del
	!preexec = del
	!postexec = del
	comment = Share Files
	browseable = yes
	writable = yes
	hide unreadable = yes
	nt acl support = no


[remote]
	path = /var/calculate/remote
	comment = Client Files
	browseable = No
	writable = yes
	hide unreadable = yes
#?pkg(net-fs/samba)<4.11#
	security mask = 0664
	force create mode = 0664
	force security mode = 0664
	force directory security mode = 2775
	force directory mode = 2775
	vfs objects = acl_xattr fake_perms
#pkg#
#pkg(net-fs/samba)>=4.11#
	force create mode = 0664
	force directory mode = 2775
	!security mask =
	!force directory security mode =
	vfs objects = acl_xattr
	inherit acls = yes
	inherit owner = yes
	inherit permissions = yes
#pkg#

#Удаляем ресурс для FTP - сервис FTP не установлен
#?sr_ftp_set==off#
[!ftp]
	comment = FTP files
#sr_ftp_set#

#Добавляем ресурс для FTP - сервис FTP установлен
#?sr_ftp_set==on#
[ftp]
	path = #-sr_ftp_path-#
	comment = FTP files
	browseable = yes
	writable = yes
	hide unreadable = yes
#sr_ftp_set#