# Global parameters
[global]
	netbios name = KEK
	workgroup = KONYVKLUB
	server string = Master Server
	passdb backend = ldapsam:"ldap://ldap.int.mkk.hu ldap://ldap2.int.mkk.hu"
	log file = /var/log/samba/smbd.log
	log level = 0
#	log level = 3 passdb:10 auth:10 winbind:2
	syslog = 0
#	deadtime = 15
	max log size = 50
	name resolve order = wins bcast hosts
	time server = Yes
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	add user script = /usr/sbin/smbldap-useradd -a -m '%u'
	delete user script = /usr/sbin/smbldap-userdel %u
	add group script = /usr/sbin/smbldap-groupadd -p '%g'
	delete group script = /usr/sbin/smbldap-groupdel '%g'
	add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
	delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
	set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
	add machine script = /usr/sbin/smbldap-useradd -w '%u'
	logon script = scripts\logon.bat
	logon path = \\%N\profiles\%U
	logon drive = Y:
	logon home = \\%N\%U
	domain logons = Yes
	os level = 33
	preferred master = Yes
	domain master = Yes
	local master = Yes
	security = user
	obey pam restrictions = Yes
	wins server = 192.168.0.2
	ldap suffix = dc=mkk,dc=hu
	ldap machine suffix = ou=Computers
	ldap user suffix = ou=People
	ldap group suffix = ou=Groups
	ldap idmap suffix = ou=Idmap
	ldap admin dn = cn=samba,ou=DSA,dc=mkk,dc=hu
	ldap ssl = start tls
	ldap delete dn = Yes
	ldap passwd sync = Yes
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	admin users = @"Domain Admins"
	printer admin = @"Print Operators"
	ea support = Yes
	map acl inherit = Yes
	printing = cups
	printcap name = CUPS

[homes]
	comment = Home Directories for '%u'
	valid users = %S
	read only = No
	browseable = No
#	vfs objects = recycle
#	recycle:keeptree = Yes
#	recycle:versions = Yes
#	recycle:touch = Yes
#	recycle:noversions = *.doc|*.xls|*.ppt
#	recycle:excludedir = /tmp|/temp|/cache
#	recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
#	recycle:maxsize = 0

[netlogon]
	comment = Login scripts
        path = /home/samba/netlogon/
	write list = @"Domain Admins"
	browseable = No
        read only = Yes
	guest ok = Yes
	locking = No

[profiles]
	comment = User profiles
        path = /home/samba/profiles
        read only = No
        create mask = 0600
        directory mask = 0700
        browseable = No
        guest ok = Yes
        profile acls = Yes
	vfs objects = fake_perms
        csc policy = disable
        # next line is a great way to secure the profiles 
        force user = %U 
        # next line allows administrator to access all profiles 
        valid users = %U @"Domain Admins"

[printers]
        comment = Network Printers
        path = /var/spool/samba
        printer admin = @"Print Operators"
        guest ok = Yes 
        printable = Yes
        browseable = No
        read only  = Yes
#	print command = /usr/bin/lpr -P%p -r %s
#	lpq command = /usr/bin/lpq -P%p
#	lprm command = /usr/bin/lprm -P%p %j

[print$]
	comment = Printer Drivers
        path = /home/samba/drivers
        guest ok = No
        browseable = Yes
        read only = Yes
        valid users = @"Print Operators"
        write list = @"Print Operators"
        create mask = 0664
        directory mask = 0775

[kozos]
	path = /home/samba/kozos
	read only = No
	

[aclprobe]
	path = /tmp/aclprobe
        guest ok = No
        browseable = Yes
        read only = No
	admin users = '@Domain Admins'
	read list = '@Domain Users'
	write list = '@Domain Users'
	create mask = 0660
	force create mode = 0660
	directory mask = 0770
	force directory mode = 0770