Samba - check up against MS AD server

From Skytech
Jump to: navigation, search


Samba setup ( /etc/samba/smb.conf )

Config should look something ala


#======================= Global Settings =======================

[global]
security = ADS
password server = serv-dc1
encrypt passwords = true
workgroup = FAXEBEER
realm = FAXEBEER.LOCAL
# netbios name = beer-dev
preferred master = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = Yes
server string = %h server (Samba %v)

#### Debugging/Accounting ####
#log level = 3
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d

####### Authentication #######
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .

######## File sharing ########

# Name mangling options
preserve case = yes
short preserve case = yes

############ Misc ############
socket options = TCP_NODELAY

#======================= Share Definitions =======================
[master_dev]
   comment = www on %h
   path = /home/master
   browseable = no
   writable = yes
   create mask = 0664
   force create mode = 0664
   directory mask = 0775
   force directory mode = 0775
   force group = www-data
   force user = master_dev
   valid users = master_dev
[dev_1]
   copy = master_dev
   path = /home/dev_1
   force user = dev_1
   valid users = dev_1