FreeSource :
ReMaks
как-то понадобилось, а не было,
теперь есть
http://freesource.info/wiki/Software/ThunderBird
samba
http://wiki.samba.org/index.php/Ldapsam_Editposix
http://www.lissyara.su/?id=1487
http://www.samba.org/samba/docs/man/Samba3-ByExample
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/index.html
http://debian.telenet.ru/adjustmentsoft/samba_pdc
my smb.conf
#======================= Global Settings ===================================== [global] # dos charset = CP850 # unix charset = UTF8 # display charset = <locale-specific for an user running client tools> # # This is an example for Russian users: ; dos charset = CP866 ; unix charset = CP1251 ; display charset = LOCALE # Please note that KOI8-R *does not* contain the NUMERO SIGN (N) which is in CP866 # and therefore there will be problems when unix charset is KOI8-R workgroup = Perfect netbios name = SRV-GW-1 ## netbios name = perfect server string = Samba server on %h (v. %v) printcap name = cups load printers = Yes printing = cups ; printer admin = @adm log file = /var/log/samba/log.%m max log size = 2048 log level = 4 hosts allow = 192.168.10. 127. security = user encrypt passwords = Yes smb passwd file = /etc/samba/smbpasswd unix password sync = No ldapsam:trusted = Yes ldapsam:editposix = Yes ; username map = /etc/samba/smbusers ; include = /etc/samba/smb.conf.%m ; winbind uid = 10000-20000 ; winbind gid = 10000-20000 ; winbind separator = @ ; winbind use default domain = False ; template homedir = /home/%D/%U ; template shell = /bin/bash socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.10.1/24 remote browse sync = 192.168.10.255 remote announce = 192.168.10.255 local master = Yes os level = 255 domain master = Yes preferred master = Yes domain logons = Yes ; logon script = %m.bat ; logon path = \\%L\Profiles\%U ; logon home = \\%L\%U\.profile ; add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u ; add user script = /usr/sbin/useradd -s /bin/false %u ; name resolve order = wins lmhosts bcast wins support = Yes wins proxy = Yes dns proxy = No ; preserve case = no ; short preserve case = no ; default case = lower ; case sensitive = no use sendfile = Yes obey pam restrictions = No dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd show add printer wizard = Yes # idmap uid = 15000-20000 # idmap gid = 15000-20000 idmap domains = PERFECT idmap config PERFECT:backend = ldap idmap config PERFECT:readonly = no idmap config PERFECT:default = yes idmap config PERFECT:ldap_base_dn = ou=idmap,dc=office,dc=perfect-ltd,dc=ru idmap config PERFECT:ldap_user_dn = cn=sysop,dc=office,dc=perfect-ltd,dc=ru idmap config PERFECT:ldap_url = ldap://localhost idmap config PERFECT:range = 50000-500000 idmap alloc backend = ldap idmap alloc config:ldap_base_dn = ou=idmap,dc=office,dc=perfect-ltd,dc=ru idmap alloc config:ldap_user_dn = cn=sysop,dc=office,dc=perfect-ltd,dc=ru idmap alloc config:ldap_url = ldap://localhost idmap alloc config:range = 50000-500000 # LDAP passdb backend = ldapsam:ldap://127.0.0.1 ldap ssl = off ldap suffix = dc=office,dc=perfect-ltd,dc=ru admin users = sysop ldap admin dn = cn=sysop,dc=office,dc=perfect-ltd,dc=ru ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap delete dn = Yes # ldap delete dn = No ldap passwd sync = Yes # passwd program = /usr/sbin/smbldap-passwd -o %u passwd chat = *new*password* %n\n *new*password:* %n\ *successfully* passwd chat debug = Yes # # add machine script = /usr/sbin/smbldap-useradd -w "%u" add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" time server = yes #============================ Share Definitions ============================== [homes] comment = Home Directory for '%u' browseable = no writable = yes [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no ;root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba/netlogon ;root postexec = rm -f /var/lib/samba/netlogon/%U.bat [Profiles] path = /var/lib/samba/profiles browseable = no guest ok = yes ;[printers] ; comment = All Printers ; path = /var/spool/samba ; browseable = no # to allow user 'guest account' to print. ; guest ok = yes ; writable = no ; printable = yes ; create mode = 0700 # ===================================== # print command: see above for details. # ===================================== ; print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. ;; print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). # The following two commands are the samba defaults for printing=cups # change them only if you need different options: ; lpq command = lpq -P %p ; lprm command = cancel %p-%j # This share is used for Windows NT-style point-and-print support. # To be able to install drivers, you need to be either root, or listed # in the printer admin parameter above. Note that you also need write access # to the directory and share definition to be able to upload the drivers. # For more information on this, please see the Printing Support Section of # /usr/share/doc/samba-<version>/docs/Samba-HOWTO-Collection.pdf ;[print$] ; path = /var/lib/samba/printers ; browseable = yes ; read only = yes ; write list = @adm root # This is 'a must' when you'd like to support quotas on your shares. # Quotas are set up per mount point and can be changed from Win2K/XP/2K3 # Explorer's share 'properties' dialog when browsing the share as Domain Admin. # Quotas are supported and tested on Ext2/3 and XFS file systems. # It is important to represent mount point as 'drive' share (C$/D$/etc) # otherwise Win2K/XP/2K3 would not issue proper RPC calls. # Note also that domain separator should be exact as set above for winbind ;[C$] ; comment = Administrative share for homes ; path = /home ; admin users = @"DOMAIN\\Domain Admins" ; valid users = @"DOMAIN\\Domain Admins" ; writable = yes ;[tmp] ; comment = Temporary file space ; path = /var/local/share ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba/public ; public = yes ; writable = no ; write list = @staff ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no