samba_use_winbind: false
samba_server_role: active directory domain controller
samba_options:
- idmap_ldb:use rfc2307: 'yes'

samba_shares:
- name: sysvol
  path: /var/lib/samba/sysvol
  read_only: no
- name: netlogon
  path: /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts
  read_only: no