Introduction link
Samba is very versatile and can emulate a domain controller (similar to Windows NT4).
Configuration link
Here is a typical configuration for this type of environment with an OpenLDAP backend:
(/etc/samba/smb.conf
):
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
| [global]
workgroup = deimos.fr
netbios name= %h
server string = Controleur du domaine deimos.fr
log level = 2
#log file = /var/log/samba/smbd.log
log file = /var/log/samba/%m.log
max log size = 5000
security = user
encrypt passwords = yes
obey pam restrictions = No
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
logon script = netlogon.vbs
logon path =
logon drive =
logon home =
wins support = yes
dns proxy = no
unix extensions = no
# LDAP
# Pour que Samba puisse lire et écrire dans l'annuaire : smbpasswd -w mypassword
ldap suffix = dc=deimos.fr,dc=local
ldap machine suffix = ou=hosts
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = uid=samba,ou=utilisateurs,dc=local
ldap ssl = Start_tls
ldap passwd sync = yes
passdb backend = ldapsam:"ldap://ldap-slave1 ldap://ldap-slave2"
[netlogon]
comment = Network Logon Service
path = /mnt/netlogon
browseable = no
writable = no
share modes = no
[homes]
path = /datas/users/%U
valid users = %U
comment = %U personnal folder
browseable = no
writable = yes
[partage]
path = /mnt/partage
comment = partage
browseable = yes
create mask = 0700
directory mask = 0700
create mode = 0700
directory mode = 0700
writable = yes
#valid users = @"utilisateurs du domaine"
[commons]
path = /mnt/commons
comment = commons
browseable = yes
writable = yes
valid users = @"utilisateurs du domaine"
|
Resources link
Last updated
07 Nov 2012, 09:52 +0200. history