<br><br><div class="gmail_quote">17 февраля 2011 г. 16:12 пользователь Anton A. Vinogradov <span dir="ltr"><<a href="mailto:vinogradov.mail@gmail.com">vinogradov.mail@gmail.com</a>></span> написал:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">17.02.2011 16:03, Алексей Кайтаз пишет:<br>
</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
будут весьма полезными<br>
</blockquote>
<br>
==================<br>
smb.conf<br>
<br>
[global]<br>
realm = GF.LCL<br>
netbios name = PDCSRV<br>
server string = PDCSRV.GF.LCL<br>
use kerberos keytab = Yes<br>
log file = /var/log/samba/log.%m<br>
max log size = 50<br>
printcap name = cups<br>
printing = cups<br>
os level = 254<br>
dns proxy = No<br>
name resolve order = wins bcast hosts<br>
use sendfile = Yes<br>
workgroup = GF<br>
security = user<br>
wins support = yes<br>
#hosts allow = 192.168. 127.0.0.1<br>
#socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192<br>
encrypt passwords = yes<br>
dos charset = 866<br>
unix charset = UTF-8<br>
client use spnego = yes<br>
client signing = yes<br>
<br>
nt acl support = yes<br>
acl compatibility = auto<br>
map acl inherit = yes<br>
acl map full control = yes<br>
dos filemode = yes<br>
orce unknown acl user = no<br>
map read only = Permissions<br>
enable privileges = yes<br>
obey pam restrictions = no<br>
passdb backend = ldapsam:ldap://<a href="http://127.0.0.1/" target="_blank">127.0.0.1/</a><br>
ldap admin dn = cn=ldaproot,dc=GF,dc=LCL<br>
ldap suffix = dc=GF,dc=LCL<br>
ldap group suffix = ou=Group<br>
ldap user suffix = ou=People<br>
ldap machine suffix = ou=Hosts<br>
ldap idmap suffix = ou=Idmap<br>
ldap passwd sync = Yes<br>
passwd program = /usr/sbin/smbldap-passwd %u<br>
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*<br>
add user script = /usr/sbin/smbldap-useradd -m "%u"<br>
add user script = /usr/sbin/useradd -g Hosts -d /dev/null -s /bin/false -M "%u"<br>
ldap delete dn = Yes<br>
delete user script = /usr/sbin/smbldap-userdel "%u"<br>
add machine script = /usr/sbin/smbldap-useradd -w "%u"<br>
add group script = /usr/sbin/smbldap-groupadd -p "%g"<br>
delete group script = /usr/sbin/smbldap-groupdel "%g"<br>
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"<br>
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"<br>
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"<br>
local master = yes<br>
domain master = yes<br>
preferred master = yes<br>
domain logons = yes<br>
# logon path = \\%L\profiles\%U<br>
# logon drive = X:<br>
# logon home = \\%L\%U<br>
logon path = \\pdcsrv\profiles\%U<br>
logon drive =<br>
logon home =<br>
logon script = logon.bat<br>
admin users = locadmin, Administrator<br>
<br>
#[homes]<br>
#comment = Home Directories<br>
#valid users = %S<br>
#create mask = 0711<br>
#directory mask = 0755<br>
#read only = no<br>
#browseable = no<br>
<br>
[netlogon]<br>
comment = Network Logon Service<br>
path = /domain/netlogon<br>
browseable = no<br>
guest ok = yes<br>
writable = no<br>
write list = Administrator, locadmin<br>
<br>
[profiles]<br>
path = /domain/profiles<br>
browseable = no<br>
read only = no<br>
create mask = 0666<br>
directory mask = 0777<br>
profile acls = yes<br>
=====================<br>
<br>
один из моих первых вариантов<div><div></div><div class="h5"><br>
_______________________________________________<br>
Sysadmins mailing list<br>
<a href="mailto:Sysadmins@lists.altlinux.org" target="_blank">Sysadmins@lists.altlinux.org</a><br>
<a href="https://lists.altlinux.org/mailman/listinfo/sysadmins" target="_blank">https://lists.altlinux.org/mailman/listinfo/sysadmins</a><br>
</div></div></blockquote></div><br>Видно, что работа проделана не маленькая.<br>Очень полезный конфиг. Спасибо, обязательно воспользуюсь.<br>