# /etc/samba/smb.conf
# archivo de configuracion de samba
[global]
# configuracion basica del servidor
workgroup = silcom
netbios name = pdc
server string = Samba PDC Version %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
# configuracion para que la maquina sea el PDC master
os level = 65
preferred master = yes
local master = yes
domain master = yes
domain logons = yes
# configuracion de seguridad y conexion
security = user
guest ok = no
encrypt passwords = yes
null passwords = no
# hosts allow es para que solo permita las maquinas de la LAN (192.168.0.x)
hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0
wins support = yes
name resolve order = wins lmhosts host bcast

dns proxy = no
# otras configuraciones varias para SAMBA
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
hide unreadable = yes
hide dot files = yes
# parametros para el soporte de LDAP
passdb backend = ldapsam:ldap://127.0.0.1
ldap suffix = dc=silcom,dc=com
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = cn=admin,dc=silcom,dc=com
ldap delete dn = no
enable privileges = yes
# para permitir a los usuarios cambiar su clave desde Windows
ldap password sync = yes
# perfiles moviles de usuario, carpeta home y script de inicio
logon home = \\%L\%U\.profile
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat OR %U.bat
# script para automatizar la adicion de cuentas de maquinas
# al arbol LDAP cuando estas se unan por primera vez al dominio
add machine script = /usr/sbin/smbldap-useradd -w "%u"
unix charset = ISO8859-15

#=== Recursos SAMBA ===
# ruta en donde se alojaran el(los) script(s) de inicio
[netlogon]
      path = /home/samba/netlogon
      guest ok = no
      read only = yes
      browseable = no
# carpetas home de los usuarios
[homes]
      path = /home/%U
      comment = Carpetas HOME
      browseable = no
      writeable = yes
      valid users = %S
      read only = no
      guest ok = no
      inherit permissions = yes
# carpeta en donde se guardan los perfiles de los usuarios
[profiles]
      path = /home/samba/profiles
      writeable = yes
      browseable = no
      default case = lower
      preserve case = no
      short preserve case = no
      case sensitive = no
      hide files = /desktop.ini/ntuser.ini/NTUSER.*/
      create mask = 0600
      directory mask = 0700
      csc policy = disable
# este es un recurso que solo debe ser accesible