From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <vinogradov.mail@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00, DNS_FROM_OPENWHOIS, 
	RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.2.5
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:message-id:date:from:user-agent:mime-version:to
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding;
	bh=8p/u+IjORwvvLY5QBwTyAYAXnuOEy6RHyZg/TCOrlJw=;
	b=RsZGjGqtXvfUurJV2n225s3LNjFqiyQazoOuUKWM83sIzXkULvN/Krsu7USguRy+zr
	gVcDW/OaUOeg1SM1JLy3NJE/SmVq5926aR95l/D3yU9xYYZSZNnhwixbi3lEC3swwi9h
	87ljk/jYNtOl3GbEPgWy/v33uU2hB+dUK/hr4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type:content-transfer-encoding;
	b=tnG0iACUB4kgwplDlGDvuSEgA1KcPEEdyP+m/CLxGSPUhNe8yEyK+oTo+rg1qRX1rC
	QbHuvVr1nXBkEUguV1A4aTqOJmHERJE5vErX18TSweA5iara/VlovGMhZowhSsvOCBGW
	GeTdhT1RzaTXSvl4zeeQqy7IQV3eMMWE7h2mQ=
Message-ID: <4D5D1EB6.4000607@gmail.com>
Date: Thu, 17 Feb 2011 16:12:22 +0300
From: "Anton A. Vinogradov" <vinogradov.mail@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.14pre) Gecko/20110124 Lightning/1.0b2 Thunderbird/3.1.8pre
MIME-Version: 1.0
To: ALT Linux sysadmins' discussion <sysadmins@lists.altlinux.org>
References: <AANLkTikptnB=kJ0BU5=ZHPA+50=b1QCTbcj7XxDZq=D2@mail.gmail.com>	<201102171510.01188.cas@altlinux.ru>
	<4D5D15C0.2040407@gmail.com>
	<AANLkTimtCm32p+cyw14s6NssssyS4dv_JEBg04hH5Td8@mail.gmail.com>
In-Reply-To: <AANLkTimtCm32p+cyw14s6NssssyS4dv_JEBg04hH5Td8@mail.gmail.com>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [Sysadmins]
 =?koi8-r?b?9dDSwdfMxc7JxSDV3sXUztnNySDawdDJ09HNyQ==?=
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux sysadmins' discussion <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmins' discussion <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Feb 2011 13:12:53 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/4D5D1EB6.4000607@gmail.com/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

17.02.2011 16:03, Алексей Кайтаз пишет:
> будут весьма полезными

==================
smb.conf

[global]
realm = GF.LCL
netbios name = PDCSRV
server string = PDCSRV.GF.LCL
use kerberos keytab = Yes
log file = /var/log/samba/log.%m
max log size = 50
printcap name = cups
printing = cups
os level = 254
dns proxy = No
name resolve order = wins bcast hosts
use sendfile = Yes
workgroup = GF
security = user
wins support = yes
#hosts allow = 192.168. 127.0.0.1
#socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
encrypt passwords = yes
dos charset = 866
unix charset = UTF-8
client use spnego = yes
client signing = yes

nt acl support = yes
acl compatibility = auto
map acl inherit = yes
acl map full control = yes
dos filemode = yes
orce unknown acl user = no
map read only = Permissions
enable privileges = yes
obey pam restrictions = no
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=ldaproot,dc=GF,dc=LCL
ldap suffix = dc=GF,dc=LCL
ldap group suffix = ou=Group
ldap user suffix = ou=People
ldap machine suffix = ou=Hosts
ldap idmap suffix = ou=Idmap
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
*all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
add user script = /usr/sbin/useradd -g Hosts -d /dev/null -s /bin/false 
-M "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
local master = yes
domain master = yes
preferred master = yes
domain logons = yes
# logon path = \\%L\profiles\%U
# logon drive = X:
# logon home = \\%L\%U
logon path = \\pdcsrv\profiles\%U
logon drive =
logon home =
logon script = logon.bat
admin users = locadmin, Administrator

#[homes]
#comment = Home Directories
#valid users = %S
#create mask = 0711
#directory mask = 0755
#read only = no
#browseable = no

[netlogon]
comment = Network Logon Service
path = /domain/netlogon
browseable = no
guest ok = yes
writable = no
write list = Administrator, locadmin

[profiles]
path = /domain/profiles
browseable = no
read only = no
create mask = 0666
directory mask = 0777
profile acls = yes
=====================

один из моих первых вариантов