SAMBA домен с авторизацией в ldap +

Конфигурирование Файл-сервера (Установка, настройка SAMBA)
Ответить
Аватара пользователя
Роман Торопов
Администратор
Сообщения: 140
Зарегистрирован: 24 мар 2008, 10:49
Откуда: г. Пермь
Контактная информация:

SAMBA домен с авторизацией в ldap +

Сообщение Роман Торопов » 25 мар 2008, 12:17

Код: Выделить всё

[global]
    workgroup = AKA
    netbios name = server1
    server string = AKA PDC Server

    security = user
    domain master = yes
    preferred master = yes
    domain logons = yes

    os level = 230
    wins support = yes
    dns proxy = yes

    log file = /var/log/samba/log.%m
    max log size = 1000

    log level = 5
    syslog = 0

    passdb backend = ldapsam:ldap://127.0.0.1

    obey pam restrictions = no

    ldap admin dn = cn=admin,dc=aka,dc=local
    ldap suffix = dc=aka,dc=local
    ldap group suffix = ou=Groups
    ldap user suffix = ou=Users
    ldap machine suffix = ou=Computers
    ldap idmap suffix = ou=Users

    ldap passwd sync = Yes
    passwd program = /usr/sbin/smbldap-passwd %u
    passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*
    ldap delete dn = yes
# Uncomment  at 15/01/08. All (old - only add machine uncommented)
#    add user script = /usr/sbin/smbldap-useradd -m "%u"
#    delete user script = /usr/sbin/smbldap-userdel "%u"
    add machine script = /usr/sbin/smbldap-useradd -w "%u"
#    add group script = /usr/sbin/smbldap-groupadd -p "%g"
#    delete group script = /usr/sbin/smbldap-groupdel "%g"
#    add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
#    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
    set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

    enable privileges = yes

    guest account = nobody

    hosts allow = 192.168.2. 127.
    time server = yes
    logon path =
    logon drive = H:
    logon script = %G.bat

    invalid users = root

    admin users = administrator
    unix charset = utf8
    dos charset = cp1251
    display charset = utf8
    load printers = no
    socket options = TCP_NODELAY

[homes]
    comment = Home Directories
    browseable = no
    valid users = %S
    vfs objects = vscan-clamav
    vscan-clamav: configurefile=/etc/samba/vscan-clamav.conf
    writable = yes
    create mask = 0777
    directory mask = 0777
    force create mode = 0777
    force directory mode = 0777

[netlogon]
    path = /var/www/AKA/netlogon
    read only = yes
    browseable = no

[printers]
    comment = All Printers
    path = /var/spool/samba
    guest ok = Yes
    printable = Yes
    browseable = No

[exchange]
    path = /var/www/AKA/exchange
    vfs objects = vscan-clamav
    vscan-clamav: configfile=/etc/samba/vscan-clamav.conf
    browseable = yes
    writable = yes
    create mask = 0777
    directory mask = 0777
    force create mode = 0777
    force directory mode = 0777

[public]
   path = /var/www/AKA/public
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf
    browseable = yes
    writable = yes
    create mask = 0755
    directory mask = 0755
    force create mode = 0777
    force directory mode = 0777

[aka]
    path = /var/www/AKA/akafiles
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf
    writable = yes
    create mask = 0755
    directory mask = 0755
    force create mode = 0777
    force directory mode = 0777
    browseable = no
    valid users = administrator

[kurs]
    path = /var/www/AKA/akafiles/kurs/kurs
    valid users = @kurs
    writable = yes
    create mask = 0770
    directory mask = 0770
    browseable = no
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf

[cons]
    path = /var/www/AKA/akafiles/cons/cons
    valid users = @cons
    writable = yes
    create mask = 0777
    directory mask = 0777
    force create mode = 0777
    force directory mode = 0777
    browsable = no
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf

[class]
    path = /var/www/AKA/akafiles/class/class
    valid users = @class
    writable = yes
    create mask = 0770
    directory mask = 0770
    browsable = no
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf

[base]
    path = /var/www/AKA/base
    valid users = aka1c
    writable = yes
    create mask = 0770
    directory mask = 0770
    browsable = no
    vfs objects = vscan-clamav
    vscan-clamav: configure=/etc/samba/vscan-clamav.conf

Ответить