Von Gray Pudu, 3 Monate vorher, geschrieben in Plain Text.
Einbetten
  1. [global]
  2.         debug level     = 0
  3.         logging         = file
  4.         max log size    = 0
  5.  
  6.         netbios name    = adm-ucs0
  7.         server role     = active directory domain controller
  8.         name resolve order      = wins host bcast
  9.         server string   = Univention Corporate Server
  10.         server services = -dns -smb +s3fs -nbt
  11.         server role check:inhibit = yes
  12.         # use nmbd; to disable set samba4/service/nmb to s4
  13.         nmbd_proxy_logon:cldap_server=127.0.0.1
  14.         workgroup       = PROCORP
  15.         realm           = PROCORP.LOCAL
  16.  
  17.         tls enabled     = yes
  18.         tls keyfile     = /etc/univention/ssl/adm-ucs0.procorp.local/private.key
  19.         tls certfile    = /etc/univention/ssl/adm-ucs0.procorp.local/cert.pem
  20.         tls cafile      = /etc/univention/ssl/ucsCA/CAcert.pem
  21.         tls verify peer = ca_and_name
  22.         ldap server require strong auth = allow_sasl_over_tls
  23.         dsdb:schema update allowed = no
  24.         max open files = 32808
  25.         interfaces      = lo ens18 ens18:1
  26.         bind interfaces only    = yes
  27.         ntlm auth       = ntlmv2-only
  28.         machine password timeout        = 0
  29.         acl allow execute always = True
  30.         kccsrv:samba_kcc = False
  31.  
  32. ; ---------------------</10global>------------------------
  33. ; ---------------------<smb service configuration>-----------------------
  34.  
  35.         debug hirestimestamp = yes
  36.         debug pid = yes
  37. ; ---------------------</smb service configuration>----------------------
  38.  
  39.  
  40.         ; idmap/winbind
  41.  
  42.         winbind separator = +
  43.         template shell = /bin/bash
  44.         template homedir = /home/%D-%U
  45.        
  46.         idmap config * : backend = tdb
  47.         idmap config * : range = 300000-400000
  48.  
  49.         passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n *password*changed*
  50.  
  51.         obey pam restrictions = yes
  52.         encrypt passwords = yes
  53.  
  54.         spoolss: architecture = Windows x64
  55.  
  56.         ; domain service lookup related settings
  57.         preferred master = yes
  58.         local master = yes
  59.         domain master = yes
  60.         wins support = yes
  61.  
  62.         ; miscellaneous settings, mostly for file services
  63.         oplocks = yes
  64.         large readwrite = yes
  65.         read raw = yes
  66.         write raw = yes
  67.         max xmit = 65535
  68.         acl:search = no
  69.         host msdfs = yes
  70.         kernel oplocks = yes
  71.         deadtime = 15
  72.         getwd cache = yes
  73.         wide links = no
  74.         store dos attributes = yes
  75.         logon home = \\adm-ucs0\%U
  76.         logon drive = I:
  77.         logon path = \\adm-ucs0\%U\windows-profiles\%a
  78.         preserve case = yes
  79.         short preserve case = yes
  80.  
  81.         guest account = nobody
  82.         map to guest = Bad User
  83.         admin users = administrator join-backup
  84.  
  85.  
  86.         usershare max shares = 0
  87.  
  88.  
  89. ; -----------------------------------------------------------------------------------------------------------
  90.         include = /etc/samba/base.conf
  91.  
  92.  
  93.  
  94.  
  95.         include = /etc/samba/local.conf
  96.  
captcha