[global]
	client min protocol = NT1
	server min protocol = NT1
	workgroup = DOMAIN
	realm = ADDOMAIN.IT
	server string = %h (Samba %v, Ubuntu)
	security = ADS
	kerberos method = secrets and keytab
	client signing = if_required
	pam password change = yes
	log file = /var/log/samba/log.%m
	local master = No
	domain master = No
	dns proxy = No
	template shell = /bin/bash
	idmap config * : backend = tdb
	idmap config * : range = 10000-999999
	idmap config DOMAIN : backend = tdb
	idmap config DOMAIN : range = 1000000000-9999999999
	invalid users = root

[Shared]
    comment = %h_Shared
    path = /home/aduser/Shared
    valid users = user, @DOMAIN\adgroup
    read only = No
    create mask = 0664
    directory mask = 0775
    dos filemode = Yes


[Public]
    comment = %h_Public
    path = /home/aduser/Public
    read only = No
    guest only = Yes
    guest ok = Yes
    force user = DOMAIN\aduser
    create mask = 0666
    directory mask = 0777
    dos filemode = Yes