From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00, DNS_FROM_OPENWHOIS, NORMAL_HTTP_TO_IP, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=no version=3.2.5 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=qZmZUfBOPZ55tn6ZGJUfC0y1eSxtSdzySPlW5+7U0hU=; b=V6OI0GsLg1JMqhW8FwnsdGTaWoHc1xR7laS7XHvgA0fweZmKCK9XcMoMejl30llfpX egsxXymHT/bbyGbdQyDCt6kRVq7jQ924pUi1MhL0foQX9lUj2ibdeQTYMLdlYQl/vU8i bleTI7aSlfyY55JwNv8O2ULLSx+As/lSRcCFE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=wbLpRQ+tDAQo9GYMJGsyNomzDFY7px3s5rFvcRITH9HYajC4D7yxjwgNUGsrCyy4EU XRT8DJSnxasEgzMfQvq9jr1hRLQsd6I4bjDQrtsDLmAL0wHPvlv0ZufufK5GIj8cU7Os QZEFnVEETiwiqmFrBKaEAznYoch/35P6bxu3k= Message-ID: <4D5D3EDF.9060802@gmail.com> Date: Thu, 17 Feb 2011 18:29:35 +0300 From: "Anton A. Vinogradov" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.14pre) Gecko/20110124 Lightning/1.0b2 Thunderbird/3.1.8pre MIME-Version: 1.0 To: ALT Linux sysadmins' discussion References: <201102171510.01188.cas@altlinux.ru> <4D5D15C0.2040407@gmail.com> <4D5D1EB6.4000607@gmail.com> In-Reply-To: Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [Sysadmins] =?koi8-r?b?9dDSwdfMxc7JxSDV3sXUztnNySDawdDJ09HNyQ==?= X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux sysadmins' discussion List-Id: ALT Linux sysadmins' discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Feb 2011 15:30:20 -0000 Archived-At: List-Archive: 17.02.2011 16:23, Алексей Кайтаз пишет: > > > 17 февраля 2011 г. 16:12 пользователь Anton A. Vinogradov > > написал: > > 17.02.2011 16:03, Алексей Кайтаз пишет: > > будут весьма полезными > > > ================== > smb.conf > > [global] > realm = GF.LCL > netbios name = PDCSRV > server string = PDCSRV.GF.LCL > use kerberos keytab = Yes > log file = /var/log/samba/log.%m > max log size = 50 > printcap name = cups > printing = cups > os level = 254 > dns proxy = No > name resolve order = wins bcast hosts > use sendfile = Yes > workgroup = GF > security = user > wins support = yes > #hosts allow = 192.168. 127.0.0.1 > #socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 > encrypt passwords = yes > dos charset = 866 > unix charset = UTF-8 > client use spnego = yes > client signing = yes > > nt acl support = yes > acl compatibility = auto > map acl inherit = yes > acl map full control = yes > dos filemode = yes > orce unknown acl user = no > map read only = Permissions > enable privileges = yes > obey pam restrictions = no > passdb backend = ldapsam:ldap://127.0.0.1/ > ldap admin dn = cn=ldaproot,dc=GF,dc=LCL > ldap suffix = dc=GF,dc=LCL > ldap group suffix = ou=Group > ldap user suffix = ou=People > ldap machine suffix = ou=Hosts > ldap idmap suffix = ou=Idmap > ldap passwd sync = Yes > passwd program = /usr/sbin/smbldap-passwd %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *all*authentication*tokens*updated* > add user script = /usr/sbin/smbldap-useradd -m "%u" > add user script = /usr/sbin/useradd -g Hosts -d /dev/null -s > /bin/false -M "%u" > ldap delete dn = Yes > delete user script = /usr/sbin/smbldap-userdel "%u" > add machine script = /usr/sbin/smbldap-useradd -w "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > delete group script = /usr/sbin/smbldap-groupdel "%g" > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > local master = yes > domain master = yes > preferred master = yes > domain logons = yes > # logon path = \\%L\profiles\%U > # logon drive = X: > # logon home = \\%L\%U > logon path = \\pdcsrv\profiles\%U > logon drive = > logon home = > logon script = logon.bat > admin users = locadmin, Administrator > > #[homes] > #comment = Home Directories > #valid users = %S > #create mask = 0711 > #directory mask = 0755 > #read only = no > #browseable = no > > [netlogon] > comment = Network Logon Service > path = /domain/netlogon > browseable = no > guest ok = yes > writable = no > write list = Administrator, locadmin > > [profiles] > path = /domain/profiles > browseable = no > read only = no > create mask = 0666 > directory mask = 0777 > profile acls = yes > ===================== > > один из моих первых вариантов > > _______________________________________________ > Sysadmins mailing list > Sysadmins@lists.altlinux.org > https://lists.altlinux.org/mailman/listinfo/sysadmins > > > Видно, что работа проделана не маленькая. > Очень полезный конфиг. Спасибо, обязательно воспользуюсь. > [profiles] только потом потуже затяните, чтоб не лазал где попало. при этом конфиге на ковчеге винда заходит "как родная" И да, от дефолтного конфига ковчега здесь совсем немного отличий