[global]
# Nome da Maquina
netbios name = samba
netbios aliases = samba
# Nome do Dominio
workgroup = TESTES
server string = Servidor de Testes
# Hosts que possuem acesso liberado a base de dados
hosts allow = 192.168.0. 127.0.0.
interfaces = eth1 lo
bind interfaces only = yes
remote announce = [192.168.0.1]
# Opcoes de Log
log level = 3
log file = /var/log/samba/%m.log
max log size = 500
syslog = 1
debug timestamp = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
name resolve order = wins host bcast
winbind use default domain = yes
# Permite aos Administradores colocarem Máquinas no Domínio
enable privileges = yes
# Nivel de Seguranca
security = user
# Opcao para Encriptar as senhas
encrypt passwords = yes
guest ok = yes
guest account = nobody
admin users = root
local master = yes
os level = 65
time server = yes
domain master = yes
preferred master = yes
domain logons = yes
preserve case = yes
short preserve case = yes
# Permite ou nega a identificacao de maiusculas e minusculas
case sensitive = no
# Mapeamento do Home do Usuario
#logon home = \\%N\%U
#logon drive = H:
# Script a ser executado no Login do usuario
logon script = %G.bat
logon path = \\%L\Profiles\%U
wins support = yes
wins proxy = no
# Verificar essa opcao caso haja defeito na conexao cliente/servidor
dns proxy = no
veto files = /explorer.*exe/*.VOB/*.mp3/*.mpg/*.mpeg/*.avi/*.wma/*.wav/*.wmv/*.iso/copy.exe/host.exe/autorun.inf/*.{*}/
# Opcoes de Melhoria de Desempenho - Bruno - 23/09/2008
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
dead time = 15
getwd cache = yes
# Mostra os Caracteres acentuados corretamente
#unix charset = iso8859-1
#display charset = cp850
display charset = UTF-8
# Configurações do LDAP
# =======================
# Administrador do LDAP
ldap admin dn = cn=root,dc=saude,dc=al,dc=gov,dc=br
# Sufixo do LDAP
ldap suffix = dc=saude,dc=al,dc=gov,dc=br
passdb backend = ldapsam:ldap://127.0.0.1
# Usa ou não SSL
ldap ssl = no
ldap user suffix = ou=Pessoas
ldap group suffix = ou=Grupos
ldap machine suffix = ou=Computadores
ldap idmap suffix = ou=sambaDomainName=SES
ldap delete dn = yes
# Opcao para sincronizar as senhas do LDAP
ldap passwd sync = yes
#force user = %U:
winbind separator = /
winbind cache time = 10
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = no
winbind nested groups = yes
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 500-15000
idmap gid = 500-15000
template shell = /bin/false
# Scripts para a manipulacao de usuarios, grupos, etc.
add user script = /usr/sbin/smbldap-useradd -m "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold'
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user script = /usr/sbin/smbldap-userdel "%u"
delete group script = /usr/sbin/smbldap-groupdel "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
# Troca de senha:
passwd program = /usr/sbin/smbldap-passwd "%u"
passwd chat = *New*password* %n *Retype*new*password* %n *passwd:*all*authentication*tokens*updated*successfully*
#============================ Definições de Compartilhamento ==============================
[netlogon]
comment = Servico de logon de rede
path = /var/lib/samba/netlogon
guest ok = yes
browseable = no
writable = no
write list = @suporte
[Profiles]
create mask = 0600
csc policy = disable
directory mask = 0700
path = /setores/profiles
browseable = no
writable = yes
[publico]
comment = Diretorio público SESAU
path = /tmp
directory mode = 0777
create mode = 0777
read only = no
public = yes
writable = yes
browseable = yes
[suporte]
comment = suporte
path = /setores/suporte
directory mode = 0755
create mode = 0755
read only = no
public = no
write list = @suporte
browseable = no