[global]
 workgroup = JPJLIN1
 passdb backend = ldapsam:ldap://127.0.0.1
 ldap admin dn = "cn=manager,dc=rchland.ibm.com"
 ldapsam:trusted = yes 
 ldap ssl = no
 ldap delete dn = no
 ldap user suffix = ou=Users
 ldap group suffix = ou=Groups
 ldap machine suffix = ou=Users
 ldap suffix = dc=rchdnt,dc=rchland.ibm.com
 ldap timeout = 60
 os level = 255 
 wins server = 9.10.244.40
 security = user
 preferred master = yes 
 domain master = yes 
 local master = yes 
 domain logons = yes
 encrypt passwords = yes
 restrict anonymous = 1 
# server schannel = no 
# client schannel = no
# server signing = disabled
 enable privileges = yes 
 invalid users = root daemon bin sys adm uucp nuucp lpd imnadm ipsec lp snapp invscout
 
 dead time = 15
 guest account = smbnobody

 winbind trusted domains only = yes
 winbind uid = 400000-500000
 winbind gid = 400000-500000

 debug hires timestamp = yes 
 log level = 1 

 log file = /usr/local/samba/var/log.%m
 include = /usr/local/samba/lib/smb.conf.%m
 socket options = 
 
logon home = 
logon path = 

 add user script = /opt/IDEALX/sbin/smbldap-useradd '%u'
 add group script = /opt/IDEALX/sbin/smbldap-groupadd '%g'
 add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%u' '%g'
 add machine script = /opt/IDEALX/sbin/smbldap-useradd '%u'
 
 rename user script = /opt/IDEALX/sbin/smbldap-usermod -r '%u1' '%u2'

 delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g'
 delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%u' '%g'
 delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u'

 set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u'

 admin users = "@Domain Admins"
#============================ Share Definitions ==============================

[netlogon]
 admin users = "@Domain Admins"
 comment = Network Logon Service
 path = /usr/local/samba/var/netlogon
 guest ok = yes
 browseable = yes 
 writable = yes

[homes]
 browseable = no
  writable = yes
   map acl inherit = no
   store dos attributes = yes