templates/smb.conf.j2

[global]
   workgroup = {{ ad_realm.split('.')[0] }}
   security = ads
   realm = {{ ad_realm }}

   # users will be in the form username instead of DOMAIN\username.
   winbind use default domain = true
   
   winbind offline logon = false
   dedicated keytab file = /etc/krb5.keytab
   kerberos method = secrets and keytab
   
   # Default ID mapping configuration for local BUILTIN accounts
   # and groups on a domain member. The default (*) domain:
   # - must not overlap with any domain ID mapping configuration!
   # - must use a read-write-enabled back end, such as tdb.
   idmap config * : backend = tdb
   idmap config * : range = 3000-7999

   # - You must set a DOMAIN backend configuration
   # idmap config for the {{ ad_realm.split('.')[0] }} domain
   idmap config {{ ad_realm.split('.')[0] }} : backend = rid
   idmap config {{ ad_realm.split('.')[0] }} : range = 10000-999999

   # Template settings for login shell and home directory
   template shell = /bin/bash
   template homedir = /home/%U
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`[global]`
			`workgroup = {{ ad_realm.split('.')[0] }}`
			`security = ads`
			`realm = {{ ad_realm }}`
refactor ♻️: Update ntp.conf to use AD DCs, configure winbind, and enable SMB service with appropriate ID mapping. Refactored the ntp configuration to include AD domain controllers, updated winbind settings for local BUILTIN accounts, and enabled SMB service with proper ID mapping. 2025-10-09 17:25:12 +02:00
			`# users will be in the form username instead of DOMAIN\username.`
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`winbind use default domain = true`
refactor ♻️: Update ntp.conf to use AD DCs, configure winbind, and enable SMB service with appropriate ID mapping. Refactored the ntp configuration to include AD domain controllers, updated winbind settings for local BUILTIN accounts, and enabled SMB service with proper ID mapping. 2025-10-09 17:25:12 +02:00
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`winbind offline logon = false`
			`dedicated keytab file = /etc/krb5.keytab`
			`kerberos method = secrets and keytab`
refactor ♻️: Update ntp.conf to use AD DCs, configure winbind, and enable SMB service with appropriate ID mapping. Refactored the ntp configuration to include AD domain controllers, updated winbind settings for local BUILTIN accounts, and enabled SMB service with proper ID mapping. 2025-10-09 17:25:12 +02:00
			`# Default ID mapping configuration for local BUILTIN accounts`
			`# and groups on a domain member. The default (*) domain:`
			`# - must not overlap with any domain ID mapping configuration!`
			`# - must use a read-write-enabled back end, such as tdb.`
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`idmap config * : backend = tdb`
refactor ♻️: Update ntp.conf to use AD DCs, configure winbind, and enable SMB service with appropriate ID mapping. Refactored the ntp configuration to include AD domain controllers, updated winbind settings for local BUILTIN accounts, and enabled SMB service with proper ID mapping. 2025-10-09 17:25:12 +02:00			`idmap config * : range = 3000-7999`

			`# - You must set a DOMAIN backend configuration`
			`# idmap config for the {{ ad_realm.split('.')[0] }} domain`
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`idmap config {{ ad_realm.split('.')[0] }} : backend = rid`
refactor ♻️: Update ntp.conf to use AD DCs, configure winbind, and enable SMB service with appropriate ID mapping. Refactored the ntp configuration to include AD domain controllers, updated winbind settings for local BUILTIN accounts, and enabled SMB service with proper ID mapping. 2025-10-09 17:25:12 +02:00			`idmap config {{ ad_realm.split('.')[0] }} : range = 10000-999999`

			`# Template settings for login shell and home directory`
refactor ♻️: Refactoring the Ansible playbook to include new tasks for joining an Active Directory domain. Added tasks to install required packages, configure Kerberos and Samba, and join the domain. This refactoring improves the automation of the setup process. 2025-10-08 19:04:53 +02:00			`template shell = /bin/bash`
			`template homedir = /home/%U`