SAMBA LDAP PDC OS : Opensuse 11.3 X86-64 with full optionnal server software installed
CLIENT OS : Opensuse 11.3 X86-64 with minimal desktop workstation configuration
Samba : 3.5.4-5.1.2
Ldap : 2.4.21-9.1
I have a small network with less than 10 LINUX CLIENTS and one SAMBA LDAP PDC LINUX.
This is my smb.conf server side file.
Any comment for thr server side are welcom.
What should I keep client side.
Is there any body who can help me to make smb.conf linux client side.
Clients are only laptop linux machine with nothing to share.
[global]
Domain
security = user
workgroup = HATHOR.NWK
netbios name = LINUX-SRV
domain logons = Yes
domain master = Yes
preferred master = yes
local master = yes
os level = 128
time server = Yes
wins support = Yes
name resolve order = wins bcast hosts
name resolve order = bcast hosts lmhosts wins
include = /etc/samba/dhcp.conf
unix charset = utf8
username map = /etc/samba/smbusers
map to guest = Bad User
guest account = nobody
Security
hosts allow = 127.0.0.1 127.0.0.2 192.168.130.0/24
hosts deny = 0.0.0.0/0
Usershare
usershare allow guests = No
usershare max shares = 100
usershare owner only = False
Printer
not in use ### printer admin = root
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
load printers = yes
use client driver = yes
Roaming profiles Home and share
Logon path → profil itinérent
le repertoire de base (profile) est fixé dans la
ressource [Samba_profiles]
logon path = \%N\Smb_profile%u
Logon home → home
le repertoire de base (home) est fixé dans la
ressource [Samba_homes]
logon home = \%N\Smb_home%u
logon script = logon.bat
logon drive = X:
Ldap config
peformance optimization all users stored in ldap
passdb backend = tdbsam
passdb backend = ldapsam:“ldap://LINUX-SRV.HATHOR.NWK”
passdb backend = ldapsam:“ldap://localhost”
ldapsam:trusted = yes
ldap ssl = on off start tls
ldap ssl = off
ldap passwd sync = yes
ldap suffix = dc=hathor,dc=nwk
ldap machine suffix = ou=Computers,ou=Users
ldap user suffix = ou=Peoples,ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Samba_Manager,dc=hathor,dc=nwk
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
samba tools
add user script = /usr/sbin/smbldap-useradd -m ‘%u’
delete user script = /usr/sbin/smbldap-userdel ‘%u’
add group script = /usr/sbin/smbldap-groupadd -p ‘%g’
delete group script = /usr/sbin/smbldap-groupdel ‘%g’
add user to group script = /usr/sbin/smbldap-groupmod -m ‘%g’ ‘%u’
delete user from group script = /usr/sbin/smbldap-groupmod -x ‘%g’ ‘%u’
set primary group script = /usr/sbin/smbldap-usermod -g ‘%g’ ‘%u’
passwd program = /usr/sbin/smbldap-passwd ‘%u’
add machine script = /usr/sbin/smbldap-useradd -w ‘%u’
windows workstation
add machine script = /usr/sbin/smbldap-useradd -w -i ‘%u’
syslog
log level = 2
syslog = 1
log file = /var/log/samba/%m
max log size = 0
Winbindd
winbind offline logon = yes
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
winbind separator = \
#========================Share Definitions=========================
[Smb_home]
comment = Votre Repertoire : \%N\Samba_homes%u
path = /data_1/100_samba/sysvol/homes
valid users = “@Domain Users”
writable = yes
create mask = 0700
directory mask = 0700
[Smb_profile]
comment = Profile itinerant \%N\Samba_profiles%u
path = /data_1/100_samba/sysvol/profiles
valid users = “@Domain Users”
writeable = yes
browseable = no
create mode = 0700
directory mode = 0700
[netlogon]
comment = Network Logon Service (Netlogon)
path = /data_1/100_samba/sysvol/linux-srv/netlogon
valid users = “@Domain Users”
writeable = yes
browseable = yes
Printer
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0700
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @Domain Admins
force group = Domain Admins
create mask = 0664
directory mask = 0775
[sysvol]
path = /data_1/100_samba/sysvol
valid users = “@Domain Users”
read only = no
[Publique]
comment = PUBLIC
path = /data_1/100_samba/publique
writeable = yes
browseable = yes
valid users = “@Domain Users”
Thank you for helping me
JC DOLE