[gate:~] # pkg_add -r samba3
[gate:~] # cat /etc/rc.conf
…
nmbd_enable="YES"
smbd_enable="YES"
winbindd_enable="NO"
…

[gate:~] # rehash

[gate:~] # сd /usr/local/etc/

root@gate:~# apt-get install samba

root@gate:~# cd /etc/samba/

gate# cat smb.conf

[global]
   workgroup = CORPX
   security = share 
[share]
   path = /usr/share
   guest ok = yes

или

[global]
   workgroup = CORPX
   security = user
   map to guest = Bad User
[share]
   path = /usr/share
   guest ok = Yes

gate# testparm

gate# mkdir /var/samba

gate# cat smb.conf

[global]
   workgroup = CORPX
   security = share
   hosts allow = 192.168.X. 
[share]
   path = /var/samba
   guest ok = yes
   read only = no

gate# chmod 777 /var/samba

или

[global]
   workgroup = CORPX
   security = user
   hosts allow = 192.168.X. 
   map to guest = Bad User
[share]
   path = /var/samba
   guest ok = yes
   read only = no
   force user = nobody

gate# chmod -R nobody:nobody /var/samba

gate# testparm

gate# adduser user1
...
gate# adduser userN

gate# smbpasswd -a user1
...
gate# smbpasswd -a userN

gate# cat smb.conf
[global]
        workgroup = CORPX
        security = user
[user]
        path = /home/user
        valid users = user1, ... ,userN
#       valid users = @groupsamba
#       force user = nobody  #if need all files owned by single user
        read only = No

Или для всех пользователей с домашними каталогами

[global]
        workgroup = CORPX
        security = user
[homes]
        read only = no

WINBIND синхронизация пользователей с Microsoft AD

gate# cat smb.conf
...
[user_write]
        path = /tmp
        valid users = CORPX\user1, CORPX\Administrator
        read only = no
[group_write]
        path = /tmp
        valid users = "@CORPX\domain users"
        read only = no
        force user = nobody

[gate.corp13.un:~] # ktutil list | grep cifs

root@gate.corp13.un:~# klist -ek /etc/krb5.keytab  | grep cifs

  2  aes256-cts-hmac-sha1-96  cifs/gate.CORP13.UN@CORP13.UN
  2  arcfour-hmac-md5         cifs/gate.CORP13.UN@CORP13.UN
  2  des3-cbc-sha1            cifs/gate.CORP13.UN@CORP13.UN
  2  des-cbc-crc              cifs/gate.CORP13.UN@CORP13.UN
  2  aes256-cts-hmac-sha1-96  cifs/gate.corp13.un@CORP13.UN
  2  arcfour-hmac-md5         cifs/gate.corp13.un@CORP13.UN
  2  des3-cbc-sha1            cifs/gate.corp13.un@CORP13.UN
  2  des-cbc-crc              cifs/gate.corp13.un@CORP13.UN

[gate.corp13.un:~] # cat /usr/local/etc/smb.conf
[global]
  use kerberos keytab = yes
  realm = CORP13.UN
  security = ads
[homes]
        read only = no


user2@client2:~$ smbclient -k //gate.corp13.un/homes

root@client2.corp13.un:~# chmod +s /sbin/mount.cifs
root@client2.corp13.un:~# chmod +s /sbin/umount.cifs

user2@client2:~$ mkdir mnt/

user2@client2:~$ mount.cifs //gate.corp13.un/homes mnt --verbose -o sec=krb5
user2@client2:~$ umount.cifs mnt/

root@client2.corp13.un:~# cat /etc/fstab
...
//gate.corp13.un/homes mnt cifs rw,user,noauto,sec=krb5 0 0

user2@client2:~$ mount mnt
user2@client2:~$ umount mnt