configpolicy/roles/samba-dc/templates/smb.conf.j2

# Global parameters
[global]
	netbios name = {{ ansible_hostname|upper }}
	realm = {{ krb5_realm }}
	server role = active directory domain controller
	workgroup = {{ workgroup }}
{% if samba_is_first_dc and samba_dc_use_rfc2307 %}
	idmap_ldb:use rfc2307 = yes
{% endif %}

	template homedir = {{ winbind_template_homedir }}
	template shell = /bin/bash

[netlogon]
	path = /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts
	read only = No

[sysvol]
	path = /var/lib/samba/sysvol
	read only = No