67 lines
1.5 KiB
Django/Jinja
67 lines
1.5 KiB
Django/Jinja
[global]
|
|
# Need the old protocol for the printers
|
|
# server min protocol = SMB3
|
|
# smb ports = 445
|
|
|
|
use sendfile = yes
|
|
winbind max domain connections = 10
|
|
|
|
# disable attack vectors
|
|
load printers = no
|
|
disable spoolss = yes
|
|
disable netbios = yes
|
|
|
|
# auto-create home directories with pam_mkhomedir
|
|
obey pam restrictions = yes
|
|
|
|
# template homedir = /home/%U@%D
|
|
# template shell = /bin/bash
|
|
|
|
# domain settings
|
|
security = ads
|
|
kerberos method = secrets and keytab
|
|
realm = {{ domain | upper }}
|
|
workgroup = {{ domain | split('.') | first | upper }}
|
|
|
|
idmap config * : backend = autorid
|
|
# idmap config {{ domain | split('.') | first | upper }} :
|
|
idmap config * : range = 600000-2147483647
|
|
|
|
[scan]
|
|
comment = Scan
|
|
path = /shares/scan
|
|
admin users = "@domain admins@{{ domain }}"
|
|
browseable = yes
|
|
read only = no
|
|
create mask = 0700
|
|
directory mask = 0700
|
|
vfs objects = acl_xattr
|
|
map acl inherit = yes
|
|
inherit acls = yes
|
|
inherit permissions = yes
|
|
|
|
# TODO parametrize this somehow
|
|
#[profiles]
|
|
#comment = Users profiles
|
|
#path = /home/profiles
|
|
#read only = no
|
|
#browsable = yes
|
|
#create mask = 0600
|
|
#directory mask = 0700
|
|
#vfs objects = acl_xattr
|
|
#map acl inherit = yes
|
|
##inherit acls = yes # default on for acl_xattr
|
|
## inherit permissions = yes
|
|
#
|
|
#[ucilnice_d]
|
|
#comment = Users profiles
|
|
#path = /home/ucilnice_d
|
|
#read only = no
|
|
#guest ok = yes
|
|
#browsable = yes
|
|
#create mask = 0600
|
|
#directory mask = 0700
|
|
#vfs objects = acl_xattr
|
|
#map acl inherit = yes
|
|
##inherit acls = yes # default on for acl_xattr
|
|
## inherit permissions = yes
|