From a70c8f95c4f0cc69f3f358482c628eccf0aaf198 Mon Sep 17 00:00:00 2001
From: Britney Fransen <brfransen@gmail.com>
Date: Thu, 10 Apr 2014 23:15:00 +0000
Subject: system-templates: update smb.conf.template for samba 4.1

---
 abs/core/system-templates/PKGBUILD                 |   2 +-
 .../templates/samba/smb.conf.template              | 127 +++++++++++++++------
 2 files changed, 92 insertions(+), 37 deletions(-)

diff --git a/abs/core/system-templates/PKGBUILD b/abs/core/system-templates/PKGBUILD
index 7a66e82..0013ab4 100755
--- a/abs/core/system-templates/PKGBUILD
+++ b/abs/core/system-templates/PKGBUILD
@@ -1,6 +1,6 @@
 pkgname=system-templates
 pkgver=2.0
-pkgrel=27
+pkgrel=28
 conflicts=( )
 pkgdesc="Templates used for system configuration"
 depends=()
diff --git a/abs/core/system-templates/templates/samba/smb.conf.template b/abs/core/system-templates/templates/samba/smb.conf.template
index 478ea6b..773315a 100644
--- a/abs/core/system-templates/templates/samba/smb.conf.template
+++ b/abs/core/system-templates/templates/samba/smb.conf.template
@@ -1,14 +1,24 @@
+# This is the main Samba configuration file. You should read the
+# smb.conf(5) manual page in order to understand the options listed
+# here. Samba has a huge number of configurable options (perhaps too
+# many!) most of which are not shown in this example
+#
+# Any line which starts with a ; (semi-colon) or a # (hash) 
+# is a comment and is ignored. In this example we will use a #
+# for commentry and a ; for parts of the config file that you
+# may wish to enable
+#
+# NOTE: Whenever you modify this file you should run the command "testparm"
+# to check that you have not made any basic syntactic errors. 
 #
 #======================= Global Settings =====================================
 [global]
 
+# workgroup = NT-Domain-Name or Workgroup-Name
    workgroup = home_lan
-   server string = MythVantage
 
-# Security mode. Defines in which mode Samba will operate. Possible 
-# values are share, user, server, domain and ads. Most people will want 
-# user level security. See the Samba-HOWTO-Collection for details.
-   security = share
+# server string is the equivalent of the NT Description field
+   server string = LinHES
 
 # This option is important for security. It allows you to restrict
 # connections to machines which are on your local network. The
@@ -17,49 +27,73 @@
 # the smb.conf man page
 ;   hosts allow = 192.168.1. 192.168.2. 127.
 
-   load printers = no
-   printing = bsd
+# if you want to automatically load your printer list rather
+# than setting them up individually then you'll need this
    printcap name = /dev/null
-# you may wish to override the location of the printcap file
-;   printcap name = /etc/printcap
+   load printers = no
+
+# It should not be necessary to spell out the print system type unless
+# yours is non-standard. Currently supported print systems include:
+# bsd, sysv, plp, lprng, aix, hpux, qnx
+;   printing = bsd
 
+# Uncomment this if you want a guest account, you must add this to /etc/passwd
+# otherwise the user "nobody" is used
 ;  guest account = pcguest
 
 # this tells Samba to use a separate log file for each machine
 # that connects
-   log file = /var/log/samba/log.%m
+   log file = /var/log/samba/%m.log
 
 # Put a capping on the size of the log files (in Kb).
    max log size = 50
 
+# Security mode. Most people will want user level security. See
+# security_level.txt for details.
+   security = user
 # Use password server option only with security = server
-# The argument list may include:
-#   password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
-# or to auto-locate the domain controller/s
-#   password server = *
 ;   password server = <NT-Server-Name>
 
-# Use the realm option only with security = ads
-# Specifies the Active Directory realm the host is part of
-;   realm = MY_REALM
-
-# Backend to store user information in. New installations should 
-# use either tdbsam or ldapsam. smbpasswd is available for backwards 
-# compatibility. tdbsam requires no further configuration.
-;   passdb backend = tdbsam
+# Password Level allows matching of _n_ characters of the password for
+# all combinations of upper and lower case.
+;  username level = 8
+
+# You may wish to use password encryption. Please read
+# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
+# Do not enable this option unless you have read those documents
+;  encrypt passwords = yes
+;  smb passwd file = /etc/samba/smbpasswd
+
+# The following are needed to allow password changing from Windows to
+# update the Linux sytsem password also.
+# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
+# NOTE2: You do NOT need these to allow workstations to change only
+#        the encrypted SMB passwords. They allow the Unix password
+#        to be kept in sync with the SMB password.
+;  unix password sync = Yes
+;  passwd program = /usr/bin/passwd %u
+;  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
+
+# Unix users can map to different SMB User names
+;  username map = /etc/samba/smbusers
 
 # Using the following line enables you to customise your configuration
 # on a per machine basis. The %m gets replaced with the netbios name
-# of the machine that is connecting.
-# Note: Consider carefully the location in the configuration file of
-#       this line.  The included file is read at that point.
-;   include = /usr/local/samba/lib/smb.conf.%m
+# of the machine that is connecting
+;   include = /etc/samba/smb.conf.%m
 
 # Configure Samba to use multiple interfaces
 # If you have multiple network interfaces then you must list them
 # here. See the man page for details.
 ;   interfaces = 192.168.12.2/24 192.168.13.2/24 
 
+# Configure remote browse list synchronisation here
+#  request announcement to, or browse list sync from:
+#	a specific host or from / to a whole subnet (see below)
+;   remote browse sync = 192.168.3.25 192.168.5.255
+# Cause this host to announce itself to local subnets here
+;   remote announce = 192.168.1.255 192.168.2.44
+
 # Browser Control Options:
 # set local master to no if you don't want Samba to become a master
 # browser on your network. Otherwise the normal election rules apply
@@ -78,6 +112,10 @@
 # and gives it a slightly higher chance of winning the election
 ;   preferred master = yes
 
+# Use only if you have an NT server on your network that has been
+# configured at install time to be a primary domain controller.
+;   domain controller = <NT-Domain-Controller-SMBName>
+
 # Enable this if you want Samba to be a domain logon server for 
 # Windows95 workstations. 
 ;   domain logons = yes
@@ -94,6 +132,19 @@
 #        You must uncomment the [Profiles] share below
 ;   logon path = \\%L\Profiles\%U
 
+# All NetBIOS names must be resolved to IP Addresses
+# 'Name Resolve Order' allows the named resolution mechanism to be specified
+# the default order is "host lmhosts wins bcast". "host" means use the unix
+# system gethostbyname() function call that will use either /etc/hosts OR
+# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
+# and the /etc/resolv.conf file. "host" therefore is system configuration
+# dependant. This parameter is most often of use to prevent DNS lookups
+# in order to resolve NetBIOS names to IP Addresses. Use with care!
+# The example below excludes use of name resolution for machines that are NOT
+# on the local network segment
+# - OR - are not deliberately to be known via lmhosts or via WINS.
+; name resolve order = wins lmhosts bcast
+
 # Windows Internet Name Serving Support Section:
 # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
 ;   wins support = yes
@@ -108,18 +159,22 @@
 ;   wins proxy = yes
 
 # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
-# via DNS nslookups. The default is NO.
+# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
+# this has been changed in version 1.9.18 to no.
    dns proxy = no 
 
-# These scripts are used on a domain controller or stand-alone 
-# machine to add or delete corresponding unix accounts
-;  add user script = /usr/sbin/useradd %u
-;  add group script = /usr/sbin/groupadd %g
-;  add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
-;  delete user script = /usr/sbin/userdel %u
-;  delete user from group script = /usr/sbin/deluser %u %g
-;  delete group script = /usr/sbin/groupdel %g
-
+# Case Preservation can be handy - system default is _no_
+# NOTE: These can be set on a per share basis
+;  preserve case = no
+;  short preserve case = no
+# Default case is normally upper case for all DOS files
+;  default case = lower
+# Be very careful with case sensitivity - it can break things!
+;  case sensitive = no
+
+   map to guest = bad user
+   unix extensions = no
+   wide links = yes
 
 #============================ Share Definitions ==============================
 
-- 
cgit v0.12