[global]

#nome do dom�nio
workgroup = reinfacil
server string = %h PDC server
security = user
domain master = yes
prefered master = yes
local master = yes
netbios name = servlinux
map to guest = Bad User
pam password change = Yes
encrypt passwords = true
client lanman auth = Yes
smb passwd file = /etc/samba/smbpasswd
#usu�rios administradores da rede (permiss�o para adicionar maquinas no dominio).
admin users = administrador ivan
#restrige o acesso ao servidor apenas nas afixas de IP informadas.
hosts allow = 10.23.0. 127.
enable privileges = yes
time server = yes
passdb backend = tdbsam
socket options = TCP_NODELAY SO_RCVBUF=102400 SO_SNDBUF=102400
#interfaces de redes habilitadas ao acesso
interfaces = lo eth0
bind interfaces only = yes
log level = 0
#scripts para inclus�o autom�tica de usu�rios e maquinas ao dom�nio
add user script = /usr/sbin/useradd -m %u
set primary group script = /usr/sbin/usermod -g %g %u /bin/false -d /dev/null %u
add group script = /usr/sbin/groupadd %g
add user to group script = /usr/bin/gpasswd -a %u %g
#o comado abaixo � respons�vel pelo ingresso autom�tico das maquinas, para que
funcione
#corretamente voc� deve criar um grupo no samba para receber os computadores do
dom�nio
#nesse exemplo o nome do gropu � "maquinas".
add machine script = useradd -g maquinas -c "Maquina reinfacil.local" -s /bin/false
-d /dev/null %u
delete group script = /usr/sbin/groupdel %g
delete user from group script = /usr/bin/gpasswd -d %u %g
delete user script = /usr/sbin/userdel -r %u
rename user script = /usr/sbin/usermod -l %unew %uold
obey pam restrictions = yes
domain logons = yes
unix password sync = Yes
syslog = 1
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
logon path =
logon script = netlogon.bat
level2 oplocks = no
ntlm auth = yes
lanman auth = yes
client ntlmv2 auth = yes
#n�o permite a grava��o das extens�es de arquivos declaradas nas pastas
compartilhadas
#do servidor ex: filmes, m�sicas execut�veis, etc.
veto files =
/*.mp3/*.avi/*.mpeg/*.mpg/*.wma/*.wmv/*.cmd/*.exe/*.bat/*.scr/*.inf/*.vmx
delete veto files = yes
unix charset = iso8859-1
display charset = cp850
follow symlinks = yes
wide links = no
getwd cache = yes
vfs object = recycle full_audit
# Auditoria - Grava no log todas as altera��es processadas pelos usu�rios no
servidor
full_audit:success = open, opendir, write, unlink, rename, mkdir, rmdir
full_audit:prefix = %u|%I|%S
full_audit:failure = none
full_audit:facilit = local5
full_audit:priority = notice
# Lixeira - Guarda uma c�pia dos arquivos exclu�dos em uma pasta oculta
recycle:repository = .lixeira
recycle:keeptree = yes
recycle:versions = yes
#tipos de arquivos que n�o v�o para a lixeira
recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.iso
recycle:exclude_dir = tmp, cache

[netlogon]
comment = Servi�o de Logon
path = /var/netlogon
guest ok = Yes
browseable =no
write list = ivan
public = no
veto files =
vfs object = full_audit
force create mode = 0777
directory mask = 0777
force directory mode = 777

[Publica]
comment = Pasta publica
path = /files/shares/public
writeable = yes
public = yes
vfs object = full_audit
force create mode = 0777
directory mask = 0777
force directory mode = 777

[suport]
write list = ivan
path = /files/shares/suport
comment = Equipe Telem�tica
veto files =
vfs object = full_audit
force create mode = 0777
directory mask = 0777
force directory mode = 777

[RH]
comment = Exemplo de Compartilhamento com acesso restrito
path = /files/shares/RH
#somente usu�rios do grupo RH e o administrador ter�o acesso aos arquivos.
valid users = administrador @RH
writeable = yes
force create mode = 0777
directory mask = 0777
force directory mode = 777