+# Global parameters
+[global]
+ workgroup = IDEALX-NT
+ netbios name = PDC-SRV
+ security = user
+ enable privileges = yes
+ #interfaces = 192.168.5.11
+ #username map = /etc/samba/smbusers
+ server string = Samba Server %v
+ #security = ads
+ encrypt passwords = Yes
+ min passwd length = 3
+ #pam password change = no
+ #obey pam restrictions = No
+ #ldap passwd sync = Yes
+ unix password sync = Yes
+ passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
+ passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
+ #passwd chat debug = Yes
+ log level = 0
+ syslog = 0
+ log file = /var/log/samba/log.%m
+ max log size = 100000
+ time server = Yes
+ socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
+ mangling method = hash2
+ Dos charset = 850
+ Unix charset = ISO8859-1
+
+ logon script = logon.bat
+ logon drive = H:
+ logon home =
+ logon path =
+
+ domain logons = Yes
+ domain master = Yes
+ os level = 65
+ preferred master = Yes
+ wins support = yes
+ passdb backend = ldapsam:ldap://127.0.0.1/
+ ldap admin dn = cn=Manager,dc=idealx,dc=org
+ #ldap admin dn = cn=samba,ou=DSA,dc=idealx,dc=org
+ ldap suffix = dc=idealx,dc=org
+ ldap group suffix = ou=Groups
+ ldap user suffix = ou=Users
+ ldap machine suffix = ou=Computers
+ #ldap idmap suffix = ou=Idmap
+ add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
+ #ldap delete dn = Yes
+ delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u"
+ add machine script = /opt/IDEALX/sbin/smbldap-useradd -t 0 -w "%u"
+ add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g"
+ #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
+ add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
+ delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
+ set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u'
+
+ # printers configuration
+ printer admin = @"Print Operators"
+ load printers = Yes
+ create mask = 0640
+ directory mask = 0750
+ #force create mode = 0640
+ #force directory mode = 0750
+ nt acl support = No
+ printing = cups
+ printcap name = cups
+ deadtime = 10
+ guest account = nobody
+ map to guest = Bad User
+ dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
+ show add printer wizard = yes
+ ; to maintain capital letters in shortcuts in any of the profile folders:
+ preserve case = yes
+ short preserve case = yes
+ case sensitive = no
+
+[netlogon]
+ path = /home/netlogon/
+ browseable = No
+ read only = yes
+
+[profiles]
+ path = /home/profiles
+ read only = no
+ create mask = 0600
+ directory mask = 0700
+ browseable = No
+ guest ok = Yes
+ profile acls = yes
+ csc policy = disable
+ # next line is a great way to secure the profiles
+ #force user = %U
+ # next line allows administrator to access all profiles
+ #valid users = %U "Domain Admins"
+
+[printers]
+ comment = Network Printers
+ printer admin = @"Print Operators"
+ guest ok = yes
+ printable = yes
+ path = /home/spool/
+ browseable = No
+ read only = Yes
+ printable = Yes
+ print command = /usr/bin/lpr -P%p -r %s
+ lpq command = /usr/bin/lpq -P%p
+ lprm command = /usr/bin/lprm -P%p %j
+ # print command = /usr/bin/lpr -U%U@%M -P%p -r %s
+ # lpq command = /usr/bin/lpq -U%U@%M -P%p
+ # lprm command = /usr/bin/lprm -U%U@%M -P%p %j
+ # lppause command = /usr/sbin/lpc -U%U@%M hold %p %j
+ # lpresume command = /usr/sbin/lpc -U%U@%M release %p %j
+ # queuepause command = /usr/sbin/lpc -U%U@%M stop %p
+ # queueresume command = /usr/sbin/lpc -U%U@%M start %p
+
+[print$]
+ path = /home/printers
+ guest ok = No
+ browseable = Yes
+ read only = Yes
+ valid users = @"Print Operators"
+ write list = @"Print Operators"
+ create mask = 0664
+ directory mask = 0775
+