mirror of
https://github.com/NetSPI/PowerHuntShares.git
synced 2025-05-04 19:28:42 +02:00
49 lines
1.3 KiB
Plaintext
49 lines
1.3 KiB
Plaintext
[global]
|
|
# General server settings
|
|
workgroup = EXAMPLE
|
|
realm = EXAMPLE.COM
|
|
server string = Samba Server Version %v
|
|
security = ads
|
|
encrypt passwords = yes
|
|
kerberos method = secrets and keytab
|
|
log file = /var/log/samba/log.%m
|
|
max log size = 50
|
|
|
|
# Domain and authentication settings
|
|
idmap config * : backend = tdb
|
|
idmap config EXAMPLE : backend = rid
|
|
idmap config EXAMPLE : range = 10000-20000
|
|
template shell = /bin/bash
|
|
winbind use default domain = yes
|
|
winbind offline logon = yes
|
|
winbind enum users = yes
|
|
winbind enum groups = yes
|
|
|
|
# INSECURE: Credentials for binding to Active Directory (avoid plaintext credentials)
|
|
# This exposes the AD admin account and password directly in the smb.conf file
|
|
username = ad-admin
|
|
password = P@ssw0rd123
|
|
|
|
# Kerberos keytab file location (more secure than plaintext credentials)
|
|
dedicated keytab file = /etc/krb5.keytab
|
|
kerberos method = secrets and keytab
|
|
|
|
[homes]
|
|
comment = Home Directories
|
|
browseable = no
|
|
writable = yes
|
|
|
|
[printers]
|
|
comment = All Printers
|
|
path = /var/spool/samba
|
|
printable = yes
|
|
guest ok = no
|
|
writable = no
|
|
browseable = no
|
|
|
|
[shared]
|
|
path = /srv/samba/shared
|
|
browseable = yes
|
|
read only = no
|
|
valid users = @staff
|