system-configs/etc/samba/smb.conf

[global]
realm = SLACKWARE.UK.NET
netbios name = CORE
workgroup = SLACKWAREUKNET
server string = "slackware.uk.net Domain Controller"
# dns forwarder = 5.101.171.216 5.101.171.217 185.176.90.169
dns forwarder = 216.119.155.58 185.176.90.169
allow dns updates = no
tls cafile = /etc/ssl/certs/ca-certificates.crt
tls certfile = /etc/certificates/core.slackware.uk.net_cert.pem
tls keyfile = /etc/certificates/core.slackware.uk.net_key.pem
tls verify peer = ca_and_name_if_available
log level = 2
logging = syslog:local5
log file = /var/log/core.slackware.uk.net/today/samba/samba
debug syslog format = always
debug hires timestamp = yes
enable core files = no
idmap config * : backend = tdb
# There are only 568 IDs mapped into the container by TrueNAS, so limit the number that can be used.
idmap config * : range = 10000-10500
idmap_ldb:use rfc2307 = yes
password hash userPassword schemes = CryptSHA512
server role = active directory domain controller
username map = /etc/samba/smbusers
vfs objects = dfs_samba4 posixacl acl_xattr
nfs4acl_xattr:encoding = nfs
nfs4acl_xattr:version = 41
nfs4acl_xattr:xattr_name = user.nfs4_acl
nfs4acl_xattr:default acl style = windows
acl_xattr:security_acl_name = user.NTACL
acl_xattr:default acl style = windows

# [homes]

# [printers]

[sysvol]
path = /var/lib/samba/sysvol
write list = @'Domain Admins@slackware.uk.net'

[netlogon]
path = /var/lib/samba/sysvol/slackware.uk.net/scripts
write list = @'Domain Admins@slackware.uk.net'