Fichier de configuration Samba

[Global]
# Gestion du backend
 ;passdb backend = tdbsam :/usr/local/samba/lib/passdb.tdb, guest
passdb backend = ldapsam:ldap ://localhost, guest
ldap admin dn = "cn=manager,dc=linagora,dc=com"
ldap ssl = off
ldap delete dn = no
ldap user suffix = ou=Users
ldap machine suffix = ou=Machines
ldap group suffix = ou=Groups
ldap suffix = dc=samba,dc=linagora,dc=com
ldap filter = "(uid=%u)"

# Identification sur le réseau
workgroup = Linagora
netbios name = SambaPDC
netbios aliases = NTSERVER PDC
server string = Samba server

# Netbios
name resolve order = lmhosts host wins bcast
# Serveur WINS actif
wins support = yes
# Désactiver netbios
 ;disable netbios = yes

# Action a effectuer en cas de crash smbd ou nmbd
 ;panic action = echo \"Panic : process %d\" >> /tmp/log

# Sécurité
encrypt passwords = yes
null passwords = no
# Authentification via la base de comptes locale (LDAP)
security = user

# Browsing et rôle
os level = 65
# Activer le contrôle de domaine
domain logons = yes
domain master = yes
local master = yes
preferred master = yes

# Utilisé notamment lors du net vampire
add machine script = /usr/local/sbin/smbldap-useradd -g sambamachines -w -c "Samba Machine" -d /dev/null - s /bin/false ’%u’
add user script = /usr/local/sbin/smbldap-useradd -g sambausers -c "Samba User" -d /dev/null -s /bin/false ’%u’
add group script = /usr/local/sbin/smbldap-groupadd ’%g’
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user script = /usr/local/sbin/smbldap-userdel "%u"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

# Paramètres par défaut pour un utilisateur
logon drive = u :
logon home = \\SambaPDC\%U
logon path = \\SambaPDC\profiles\%U
logon script = %U.cmd

# Gestion des logs
log file = /var/log/samba/%m.log
log level = 2
max log size = 1000

# Serveur de temps (net time \\serveur /set /y)
time server = yes

# Options Réseau
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 ;hosts allow = 192.168.0. EXCEPT 192.168.0.35
 ;hosts deny = ALL
 ;interfaces = 192.168.0.1 127.0.0.1
 ;bind interfaces only = yes

# Charsets  ;Dos charset = 850
 ;Unix charset = ISO8859-1

# Gestion des noms de fichiers
preserve case = yes
short preserve case = yes
case sensitive = no

# Support des Acls
 ;nt acl support = yes
# Configuration auto de la gestion des acls en fonction du type de client
 ;acl compatibility = auto

# Gestion des profils pour 2000/XP
 ;profile acls = yes

# Interdire l’accès a certains fichiers
veto files = /lost+found/.recycle/

# Interdit oplocks (cache local) sur certains types de fichiers
 ;veto oplock files = /*.mdb/*.doc/*.xls/*.ppt/

# Impression
printing = cups
printcap name = cups
printer admin = root
load printers = yes
show add printer wizard = yes

# Partages homes, a mapper via \\serveur\utilisateur [homes]
path = /data/samba/home/%u
comment = Repertoire Homes
valid users = %S
guest ok = no
writeable = yes
create mode = 0700
directory mode = 2700
browsable = no
# Corbeille
vfs objects = recycle
recycle:versions = true
# Suivi des connexions
 ;preexec = echo \"%u se connecte a %S depuis %m (%I)\" >> /tmp/log

# Partage commun
[commun]
path = /data/samba/commun
comment = Partage Commun
writeable = yes
browsable = yes
guest ok = no
valid users = @sambausers
create mode = 774
directory mode = 2774
# Heritage des permissions ou acls
 ;inherit permissions = yes
 ;inherit acls = yes

# Partage d’imprimantes
# Configurées en "raw" sous CUPS
# Drivers installés sur chaque client
[printers]
comment = Partage d’imprimantes
path = /data/spool
printable = yes
browseable = yes
guest ok = no
valid users = @sambausers

# Ce partage contient les drivers des imprimantes
[print$]
comment = Drivers d’imprimantes
path = /data/samba/drivers
browseable = no
guest ok = no
writeable = no
write list = root

# Un partage tmp accessible a tous
 ;[tmp]
 ;path = /tmp
 ;guest ok = yes
 ;writeable = yes
 ;browsable = yes