debianforum.de

Samba config

SNIPPET_DESC:

Samba config

SNIPPET_CREATION_TIME:

05.06.2016 23:28:50

SNIPPET_PRUNE_TIME:

Unendlich

SNIPPET_TEXT:

1. # Global parameters
2. [global]
3. ## Server Einstellungen
4.         workgroup = HOME
5.         realm = HOME.LOCAL
6.         netbios name = SRV-04
7.         server role = active directory domain controller
8.         #server string = Samba Server 4.1.17-Debian
9.         server string = Samba Server 4.2.10-Debian
10.         comment = Samba Server 4.2.10-Debian
11.         #comment = Samba Server 4.1.17-Debian
12.         server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, ntp_signd, kcc, dnsupdate, smb, winbind
13.         dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver, winreg, srvsvc
14.  
15. ## Domain-Einstellungen
16.         os level = 65
17.         preferred master = yes
18.         domain master = yes
19.         local master = yes
20.         #allow trusted domains = Yes   
21.        
22. ## Netzwerk Einstellungen
23.         #interfaces = 192.168.1.130/255.255.255.0
24.         #hosts allow = 192.168.1.0/24 localhost
25.         #hosts deny =
26.         #bind interfaces only = yes
27.  
28. ## Time Server Einstellungen
29.         time server = no
30.         ntp signd socket directory = /var/lib/samba/ntp_signd
31.  
32. ## SMB Einstellungen   
33.         server signing = auto
34.         #min protocol = SMB2_10
35.         #max protocol = SMB3
36.         #client signing = auto
37.         #client ipc signing = auto
38.         #client min protocol = SMB2_10
39.         #client max protocol = SMB3_11
40.         #client ipc min protocol = SMB2_10
41.         ## Ab 4.3.xx SMB Protokoll 3.11
42.         #client ipc max protocol = SMB3_11
43.         smb2 max read  = 8388608
44.         smb2 max write = 8388608
45.         smb2 max trans = 8388608
46.         smb2 max credits = 8192
47.  
48.         #smb2 leases = yes
49.  
50. ## TLS
51.         #tls priority = NORMAL:-VERS-SSL3.0
52.         #tls verify peer = as_strict_as_possible
53.  
54.         #tls enabled  = yes
55.         #tls keyfile = /etc/samba/tls/myKey.pem
56.         #tls certfile = /etc/samba/tls/myCert.pem
57.         #tls cafile =
58.  
59. ## Performance Einstellungen
60.         socket options = TCP_NODELAY
61.         ##SO_RCVBUF=8192 SO_SNDBUF=8192
62.         ##write cache size = 262144
63.  
64. ## Script Einstellungen
65.         ##add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
66.         add user script = /usr/sbin/useradd -m %u
67.         delete user script = /usr/sbin/userdel -r %u
68.         add group script = /usr/sbin/groupadd %g  
69.         delete group script = /usr/sbin/groupdel %g  
70.         add user to group script = /usr/sbin/usermod -G %g %u
71.         add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null  -g computers %u
72.  
73. ## Servergespeicherte Profil Einstellungen
74.         hide files = /desktop.ini/ntuser.ini/NTUSER.*/Thumbs.db/
75.         logon script = logon.cmd
76.         logon path = \\srv-04\mnt\ntfs_hdd1\profile\%u
77.         domain logons = yes
78.         logon drive = H:
79.         logon home = \\srv-04\mnt\ntfs_hdd1\home\%u
80.  
81. ## Template Einstellungen
82.         template shell = /bin/bash
83.         template homedir = /mnt/ntfs_hdd1/home/%u
84.  
85. ## Sicherheits und Passwort-Einstellungen
86.         security = user
87.         passdb backend = tdbsam
88.         obey pam restrictions = yes
89.         pam password change = yes
90.         passwd program = /usr/bin/passwd %u
91.         passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
92.         unix password sync = yes
93.         encrypt passwords = true
94.  
95.         #smb passwd file = /etc/smbpasswd
96.         #LanManager-Authentifizierung
97.         #lanman auth = yes
98.         #
99.         # NTLM Version 2 - Authentifizierung
100.         #client ntlmv2 auth = yes
101.  
102. ## Winbind Einstellungen
103.         winbind use default domain = Yes
104.         winbind enum groups = yes
105.         winbind enum users = yes
106.         winbind cache time = 10
107.         winbind refresh tickets = yes
108.        
109.         #winbind sealed pipes = true
110.         #require strong key = false
111.         #winbindd:use external pipes = false
112.         #winbind separator = +
113.         #winbind reconnect delay = 30
114.         #winbind request timeout = 60
115.         #winbind max clients = 2000
116.         #winbind trusted domains only = Yes
117.         #winbind nested groups = Yes
118.         #winbind expand groups = 10
119.         #winbind nss info = rfc2307
120.         #winbind offline logon = No
121.         #winbind normalize names = No
122.         #winbind rpc only = No
123.  
124. ## Idmap Einstellungen
125.         idmap_ldb:use rfc2307 = yes
126.         idmap config * : range = 1000000 - 1999999
127.         idmap config HOME : backend = rid
128.         idmap config HOME : range = 1000000 - 1999999
129.  
130. ## LDAP
131.         #passdb backend = ldapsam:ldap://ldap.home.local
132.         #username map = /etc/samba/smbusers
133.         #ldap suffix = dc=home,dc=local
134.         #ldap machine suffix = ou=People
135.         #ldap user suffix = ou=People
136.         #ldap group suffix = ou=Group
137.         #ldap idmap suffix = ou=People
138.         #ldap admin dn = cn=Manager
139.         #ldap ssl = no
140.         #ldap passwd sync = yes
141.        
142.         ## AB 4.2.xx
143.         #ldap server require strong auth = no
144.         #client ldap sasl wrapping = plain
145.  
146.  
147. ## WINS / DNS Einstellungen
148.         wins support = no
149.         wins server = 192.168.1.130
150.         name resolve order = lmhosts host wins bcast
151.         #dns proxy = no
152.         dns update command = /usr/sbin/samba_dnsupdate
153.         nsupdate command = /usr/bin/nsupdate -g
154.         spn update command = /usr/sbin/samba_spnupdate
155.         dns forwarder = 192.168.1.100
156.         #multicast dns register = Yes
157.  
158. ## Charset Einstellungen
159.         unix charset = UTF-8
160.         dos charset = cp850
161.  
162. ## DFS
163.         #host msdfs = yes
164.  
165. ## Misc
166.         #follow symlinks = yes
167.         #wide links = yes
168.         #unix extensions = yes
169.  
170.  
171. ## ACL Einstellungen
172.         store dos attributes = Yes
173.         vfs objects = recycle acl acl_xattr dfs_samba4
174.         profile acls = Yes     
175.        
176.         #map acl inherit = Yes
177.         #nt acl support = Yes
178.         #acl group control = yes
179.         #acl map full control = Yes
180.         #acl allow execute always = No
181.  
182. ## Log Einstellungen
183.         log level = 5
184.         #log file = /var/log/samba/log.%m
185.         #syslog = 0
186.         #syslog only = no
187.         panic action = /usr/share/samba/panic-action %d
188.  
189. ###======================= Share Definitions =======================###
190.  
191. [netlogon]
192.         comment = Netlogon Directory
193.         path = /mnt/ntfs_hdd1/netlogon/home.local/scripts
194.         read only = yes
195.         browseable = no
196.         guest ok = no
197.         write list = root
198.  
199. [sysvol]
200.         comment = Sysvol Directory
201.         path = /mnt/ntfs_hdd1/sysvol
202.         read only = yes
203.         browseable = no
204.         guest ok = no
205.         write list = root
206.  
207. [profile]
208.         comment = Roaiming Profile Directory
209.         path = /mnt/ntfs_hdd1/profile
210.         read only = no
211.         writeable = yes
212.         guest ok = no
213.         profile acls = Yes
214.         create mask = 0777
215.         directory mask = 0777
216.         force create mode = 2777
217.         force directory mode = 2777
218.  
219. [home]
220.         comment = Home Directory
221.         path = /mnt/ntfs_hdd1/home
222.         read only = no
223.         browseable = yes
224.         writeable = yes
225.         guest ok = no
226.         create mask = 0777
227.         directory mask = 0777
228.         force create mode = 2777
229.         force directory mode = 2777
230.  
231. #[share_1]
232.         #comment = Share_1 Directory
233.         #path = /mnt/ntfs_hdd1/share_1
234.         #read only = no
235.         #browseable = yes
236.         #writeable = yes
237.         #guest ok = no
238.         #create mask = 0777
239.         #directory mask = 0777
240.         #force create mode = 2777
241.         #force directory mode = 2777
242.  
243. #[share_2]
244.         #comment = Share_2 Directory
245.         #path = /mnt/ntfs_hdd2/share_2
246.         #read only = no
247.         #browseable = yes
248.         #writeable = yes
249.         #guest ok = no
250.         #create mask = 0777
251.         #directory mask = 0777
252.         #force create mode = 2777
253.         #force directory mode = 2777
254.  
255. ###======================= Printer Definitions =======================###
256.  
257. # This is an example printers
258. # share, which works for Linux.
259. #[printers]
260.         #printable = yes
261.         #printing = BSD
262.         #print command = /usr/bin/lpr -P%p %s
263.         #path = /var/tmp
264.         #min print space = 2000
265.  
266. #[printers]
267.         #comment = All Printers
268.         #path = /tmp
269.         #browseable = no
270.         #printable = yes
271.         #public = no
272.         #writable = no
273.         #create mode = 0700

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN