[global]
  workgroup = EXAMPLE
  domain logons = yes
  os level = 32
  time server = yes
  passdb backend = ldapsam
  ldapsam:editposix = yes
  ldapsam:trusted = yes
  ldap admin dn = cn=admin,dc=example,dc=com
  ldap suffix = dc=example,dc=com
  ldap group suffix = ou=groups
  ldap machine suffix = ou=computers
  ldap user suffix = ou=users
  idmap config *: backend = ldap
  idmap config *: range = 10000-19999
  idmap config *: ldap_url = ldap://localhost/
  idmap config *: ldap_base_dn = ou=idmap,dc=example,dc=com
  idmap config *: ldap_user_dn = cn=admin,dc=example,dc=com
  ldap delete dn = yes
  ldap password sync = yes
  wins support = yes
  template shell = /bin/bash
  template homedir = /home/%U
  obey pam restrictions = yes
  logon home =
  logon path =
  winbind normalize names = yes
  dns proxy = no
  log level = 10
  printing = bsd
  printcap name = /dev/null
  store dos attributes = yes
  map read only = no
  map archive = no
  dos filetime resolution = yes
  fake directory create times = yes
  csc policy = disable