[gate:~] # pkg_add -r samba3
[gate:~] # cat /etc/rc.conf
…
nmbd_enable="YES"
smbd_enable="YES"
winbindd_enable="NO"
…

[gate:~] # rehash

[gate:~] # сd /usr/local/etc/

root@gate:~# apt-get install samba

root@gate:~# cd /etc/samba/

gate# cat smb.conf

[global]
   workgroup = CORPX
   security = share 
[share]
   path = /usr/share
   guest ok = yes

или

[global]
   workgroup = CORPX
   security = user
   map to guest = Bad User
[share]
   path = /usr/share
   guest ok = Yes

gate# testparm

gate# mkdir /var/samba

gate# cat smb.conf

[global]
   workgroup = CORPX
   security = share
   hosts allow = 192.168.X. 
[share]
   path = /var/samba
   guest ok = yes
   read only = no

gate# chmod 777 /var/samba

или

[global]
   workgroup = CORPX
   security = user
   hosts allow = 192.168.X. 
   map to guest = Bad User
[share]
   path = /var/samba
   guest ok = yes
   read only = no
   force user = nobody

gate# chmod -R nobody:nobody /var/samba

gate# testparm

gate# adduser user1
...
gate# adduser userN

gate# smbpasswd -a user1
...
gate# smbpasswd -a userN

gate# cat smb.conf
[global]
        workgroup = CORPX
        security = user
[user]
        path = /home/user
        valid users = user1, ... ,userN
#       valid users = @groupsamba
#       force user = nobody  #if need all files owned by single user
        read only = No

Или для всех пользователей с домашними каталогами

[global]
        workgroup = CORPX
        security = user
[homes]
        read only = no

WINBIND синхронизация пользователей с Microsoft AD

gate# cat smb.conf
...
[user_write]
        path = /tmp
        valid users = CORPX\user1, CORPX\Administrator
        read only = no
[group_write]
        path = /tmp
        valid users = "@CORPX\domain users"
        read only = no
        force user = nobody

[gate.corp13.un:~] # ktutil list | grep cifs
  2  aes256-cts-hmac-sha1-96  cifs/gate.CORP13.UN@CORP13.UN
  2  arcfour-hmac-md5         cifs/gate.CORP13.UN@CORP13.UN
  2  des3-cbc-sha1            cifs/gate.CORP13.UN@CORP13.UN
  2  des-cbc-crc              cifs/gate.CORP13.UN@CORP13.UN
  2  aes256-cts-hmac-sha1-96  cifs/gate.corp13.un@CORP13.UN
  2  arcfour-hmac-md5         cifs/gate.corp13.un@CORP13.UN
  2  des3-cbc-sha1            cifs/gate.corp13.un@CORP13.UN
  2  des-cbc-crc              cifs/gate.corp13.un@CORP13.UN

[gate.corp13.un:~] # cat /usr/local/etc/smb.conf
[global]
  use kerberos keytab = yes
  realm = CORP13.UN
  security = ads
[homes]
        read only = no


user2@client2:~$ smbclient -k //gate.corp13.un/homes

# chmod +s /sbin/mount.cifs
user2@client2:~$ mount.cifs //gate.corp13.un/homes mnt --verbose -o sec=krb5