[global]
        netbios name = LX-SV-03
        server string = Daten
        security = ADS
        realm = HQ.DOMAIN.DE
        workgroup = DOMAIN-02
        disable netbios = yes
        smb ports = 445
        interfaces = eth0
        bind interfaces only = yes
        server min protocol = SMB2
        client min protocol = SMB2
        log level = 1 auth_audit:5
        logging = syslog only
        kerberos method = secrets and keytab
        dedicated keytab file = /etc/krb5.keytab
        writeable =YES
        map acl inherit = yes
        store dos attributes = yes
        inherit acls = Yes
        vfs objects = recycle acl_xattr
        apply group policies = yes
        username map = /etc/samba/smbusers

        interfaces = lo eth0
        bind interfaces only = Yes
        ##idmap##
        # Default idmap config used for BUILTIN and local windows accounts/groups
        idmap config *:backend = tdb
        idmap config *:range = 1000000-2000000

        # idmap config for domain DOMAIN-02
        idmap config DOMAIN-02:backend = ad
        idmap config DOMAIN-02:range = 500-65555
        idmap config DOMAIN-02:unix_nss_info = yes
        idmap config DOMAIN-02:schema_mode = rfc2307
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = Yes
        machine password timeout = 30
        winbind reconnect delay = 5
        winbind refresh tickets = yes


[test]
        writeable = yes
        path = /srv/
        recycle:keeptree = yes
        recycle:versions = yes
        recycle:touch = yes
        recycle:keeptree = yes
        recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP
        recycle:exclude_dir=  /tmp,/temp,/cache
        recycle:repository = /srv/Papierkorb/%U
        recycle:noversions = *.doc,*.xls,*.ppt