This is a working config file of Samba PDC with ldap support
[global]
dos charset = 850
unix charset = LOCALE
workgroup = DOMAINNAME
server string = Domain PDC %v
interfaces = eth0, lo
bind interfaces only = Yes
security = user
password server = 127.0.0.1, slave.ldap.server
passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.ldap.server:389"
passwd program = /usr/sbin/smbldap-passwd -o %u
passwd chat timeout = 3
username map = /etc/samba/smbusers
log level = 3
log file = /var/log/samba/allmachines.log
smb ports = 139
announce version = 5.0
socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = logon.bat
logon path =
logon home =
domain logons = Yes
os level = 65
lm announce = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=root,dc=domain,dc=com
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=domain,dc=com
ldap ssl = no
ldap user suffix = ou=Users
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 1000-2000
idmap gid = 1000-2000
template shell = /bin/bash
winbind use default domain = Yes
winbind nss info = template, sfu
admin users = root, Administrator,
create mask = 0640
directory mask = 0750
case sensitive = No
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /netlogon
browseable = No
