В системе:

1. заводим несколько алиасов на сетевом интерфейсе. Несколько копий
самбы не могут использовать один и тот же адрес, но разные алиасы -
за милую душу.

В конфиг файлах:

1. для каждого домена пишем свои (уникальные) interfaces

2. пишем allowed hosts (не себя любимого ессно пускаем везде).

3. bind interfaces only = yes

4. само собой - разные имена домена и нетбиос неймы.

5. нежелательно чтобы в разных копиях самбы осуществлялся
одновременный доступ на ридрайт к тем же файлам (нет уверенности что
в этом случае файл локи правильно сработают)

Единственное ограничение - не получается (пока) запустить несколько
независимых WINS серверов (nmbd). Поэтому в одном домене пишем wins
support = yes, а в остальных wins server=(ip первого домена) и wins
proxy=yes. В этой конфигурации первый винс помнит все файлы, а остальные
отвечают на запросы "своих" компов. И все нормально видится (на компах
2-го, 3-го и т.д. доменов указываем винс своей сети).

Неудобство - стартовать-стопить процесс надо непосредственно из
/usr/local/etc/rc.d , а утилитами пользоваться из /usr/local/samba_nomer_1/bin (то есть из
того пути, где лежат бины нужного проекта)

Для удобства построения накидал пару скриптов:

Конфигуратор.

Строим так:
1. идем туда, где у нас раскручен пакет. Например у меня :

cd /usr/soft/samba-3.0.21b

2. Выполняем:

cd source

3. помещаем сюда все 3 файла приведенных тут (mk , samba.sh.sample, smb.conf.default)

4. Выполняем:

make clean; ./mk samba/dom1; make; make install

5. Выполняем:

cd /usr/local/etc/rc.d

6. Выполняем:

./samba_dom1.sh start

Итак необходимые файлы:

------ mk -------

#!/usr/bin/perl

$SM=@ARGV[0];
$PREFIX="/usr/local";
$LOCALBASE="/usr/local";

$CONFIG_ARGS="\\
--without-ldap \\
--with-quotas \\
--with-utmp \\
--with-acl-support \\
--with-libsmbclient \\
--with-winbind \\
";

if (length($SM)>0){ $PREFIX .= "/".$SM; };

$START_SCRIPT=$SM;
$START_SCRIPT=~s/\//_/g;

if (length($START_SCRIPT)==0) { $START_SCRIPT="samba"; };

$SED="/usr/bin/sed";

$VARDIR=$PREFIX."/var";
$WINBIND="";
$SAMBA_SPOOL=$VARDIR."/spool";
$SAMBA_LOGDIR=$VARDIR."/log";
$SAMBA_RUNDIR=$VARDIR."/run";
$SAMBA_LOCKDIR=$VARDIR."/db";
$SAMBA_PRIVATE=$PREFIX."/private";
$SAMBA_CONFDIR=$PREFIX."/etc";
$SAMBA_SWATDIR=$PREFIX."/swat";
$SAMBA_LIBDIR=$PREFIX."/lib";
$RC_SUBR="/etc/rc.subr";
$RC_DIR="/usr/local/etc/rc.d";
$SAMBA_CONFIG=$SAMBA_CONFDIR."/smb.conf";

print "
VARDIR= $VARDIR
SAMBA_SPOOL= $SAMBA_SPOOL
SAMBA_LOGDIR= $SAMBA_LOGDIR
SAMBA_RUNDIR= $SAMBA_RUNDIR
SAMBA_LOCKDIR= $SAMBA_LOCKDIR
SAMBA_PRIVATE= $SAMBA_PRIVATE
SAMBA_CONFDIR= $SAMBA_CONFDIR
SAMBA_SWATDIR= $SAMBA_SWATDIR
SAMBA_LIBDIR= $SAMBA_LIBDIR
RC_DIR= $RC_DIR
SAMBA_CONFIG= $SAMBA_CONFIG
SAMBA_SCRIPT=$SAMBA_SCRIPT
";

system ("mkdir $PREFIX;
mkdir $VARDIR;
mkdir $SAMBA_SPOOL;
mkdir $SAMBA_LOGDIR;
mkdir $SAMBA_RUNDIR;
mkdir $SAMBA_LOCKDIR;
mkdir $SAMBA_PRIVATE;
mkdir $SAMBA_CONFDIR;
mkdir $SAMBA_SWATDIR;
mkdir $SAMBA_LIBDIR;
mkdir $RC_DIR;");

$RC_SCRIPTS_SUB=" PREFIX=$PREFIX \
CUPS=$CUPS \
WINBIND=$WINBIND \
RC_SUBR=$RC_SUBR \
SAMBA_CONFDIR=$SAMBA_CONFDIR \
SAMBA_CONFIG=$SAMBA_CONFIG \
SAMBA_LOGDIR=$SAMBA_LOGDIR \
SAMBA_RUNDIR=$SAMBA_RUNDIR \
SAMBA_LOCKDIR=$SAMBA_LOCKDIR \
SAMBA_SPOOL=$SAMBA_SPOOL \
RC_DIR=$RC_DIR \
RC_SUBR=$RC_SUBR";

@params=split(" ",$RC_SCRIPTS_SUB);

$sed = "sed ";
foreach $var(@params)
{
print "$var\n";
($pn,$pv)=split("=",$var);
$sed .= " -e s!%%$pn%%!$pv!g ";
}

if (stat("samba.sh.sample"))
{
print $sed." samba.sh.sample > $RC_DIR/$START_SCRIPT.sh\n";
system $sed." samba.sh.sample > $RC_DIR/$START_SCRIPT.sh";
system "chmod +x $RC_DIR/$START_SCRIPT.sh";
}

if (stat("smb.conf.default"))
{
print $sed." smb.conf.default > $SAMBA_CONFIG.default\n";
system $sed." smb.conf.default > $SAMBA_CONFIG.default";

if (!stat($SAMBA_CONFIG))
{
system("cp $SAMBA_CONFIG.default $SAMBA_CONFIG");
}

}

# ./mks.pl "$RC_SCRIPTS_SUB"

#CONFIGURE_ENV+= CPPFLAGS=-I$LOCALBASE/include \
# LDFLAGS=-L$LOCALBASE/lib

#CONFIGURE_TARGET= --build=$MACHINE_ARCH-portbld-freebsd$OSREL

$conf_args = " --exec-prefix=$PREFIX \\
--localstatedir=$VARDIR \\
--with-configdir=$SAMBA_CONFDIR \\
--with-libdir=$SAMBA_LIBDIR/samba \\
--with-swatdir=$SAMBA_SWATDIR \\
--with-piddir=$SAMBA_RUNDIR \\
--with-lockdir=$SAMBA_LOCKDIR \\
--with-privatedir=$SAMBA_PRIVATE \\
--with-logfilebase=$SAMBA_LOGDIR \\
--with-manpages-langs=en \\
--with-libiconv=$LOCALBASE $CONFIG_ARGS";

print "./configure $conf_args\n";

system("./configure $conf_args");
#CONFIGURE_ARGS+= --with-libiconv=$LOCALBASEOB

А также для удобства луче взять файлы - образцы из портов

samba.sh.sample - шаблон скрипта

#!/bin/sh
#
# $FreeBSD: ports/net/samba3/files/samba.sh.sample,v 1.9 2004/11/23 17:34:51 krion Exp $
#

# PROVIDE: nmbd smbd
%%WINBIND%%# PROVIDE: winbindd
# REQUIRE: NETWORKING SERVERS named %%CUPS%%
# BEFORE: DAEMON
# KEYWORD: shutdown

#
# Add the following lines to /etc/rc.conf to enable samba:
#
#samba_enable="YES"
#
# or, for fine grain control
#
#nmbd_enable="YES"
#smbd_enable="YES"
%%WINBIND%%#winbindd_enable="YES"
#

. %%RC_SUBR%%

name=samba
rcvar=`set_rcvar`

load_rc_config $name
# Set defaults
samba_config=${samba_config:-"%%SAMBA_CONFIG%%"}
# Config file is required
if [ ! -r ${samba_config} ]; then
warn "${samba_config} is not readable."
case $1 in
force*) : ;;
*) exit 1 ;;
esac
fi

if test -n ${samba_enable:-""} && checkyesno samba_enable; then
nmbd_enable=${nmbd_enable:-"YES"}
smbd_enable=${smbd_enable:-"YES"}
%%WINBIND%% winbindd_enable=${winbindd_enable:-"YES"}
%%WINBIND%% # Check, that winbind is actally configured
%%WINBIND%% if [ ! "`egrep -i '(idmap.*uid|winbind.*uid)' ${samba_config} 2>/dev/null | egrep -v [\#\;]`" ]; then
%%WINBIND%% #warn "Winbind support is not configured"
%%WINBIND%%winbindd_enable="NO"
%%WINBIND%% fi
fi

# Hack until run_rc_command() get rid of exit()
samba_stop() {
pid=$(check_pidfile ${pidfile} ${command})
if [ -z ${pid} ]; then
echo "${name} not running? (check ${pidfile})."
return 1
fi
echo "Stopping ${command}."
kill -${sig_stop:-TERM} ${pid}
[ $? -ne 0 ] && [ -z "$rc_force" ] && return 1
wait_for_pids ${pid}
}

nmbd_precmd() {
# XXX: Never delete winbindd_idmap, winbindd_cache and group_mapping
if [ -d "%%SAMBA_LOCKDIR%%" ]; then
echo "Starting SAMBA: removing stale tdbs :"
for file in connections.tdb locking.tdb messages.tdb \
sessionid.tdb unexpected.tdb brlock.tdb \
namelist.debug
do
rm -vf "%%SAMBA_LOCKDIR%%/$file"
done
fi
}

# nmbd
name=nmbd
rcvar=`set_rcvar`
command="%%PREFIX%%/sbin/${name}"
required_dirs="%%SAMBA_LOCKDIR%%"
pidfile=%%SAMBA_RUNDIR%%/${name}.pid
start_precmd="nmbd_precmd"
stop_cmd="samba_stop"
# Defaults
nmbd_enable=${nmbd_enable:-"NO"}
nmbd_flags=${nmbd_flags:-"-D"}
command_args="-s ${samba_config}"

load_rc_config $name
run_rc_command "$1"

# smbd
name=smbd
rcvar=`set_rcvar`
command="%%PREFIX%%/sbin/${name}"
pidfile=%%SAMBA_RUNDIR%%/${name}.pid
start_precmd=":"
stop_cmd="samba_stop"
# Defaults
smbd_enable=${smbd_enable:-"NO"}
smbd_flags=${smbd_flags:-"-D"}
command_args="-s ${samba_config}"

load_rc_config $name
run_rc_command "$1"
%%WINBIND%%
%%WINBIND%%# winbindd
%%WINBIND%%name=winbindd
%%WINBIND%%rcvar=`set_rcvar`
%%WINBIND%%command="%%PREFIX%%/sbin/${name}"
%%WINBIND%%required_dirs="%%SAMBA_LOCKDIR%%"
%%WINBIND%%pidfile=%%SAMBA_RUNDIR%%/${name}.pid
%%WINBIND%%start_precmd=":"
%%WINBIND%%stop_cmd="samba_stop"
%%WINBIND%%# Defaults
%%WINBIND%%winbindd_enable=${winbindd_enable:-"NO"}
%%WINBIND%%winbindd_flags=${winbindd_flags:-""}
%%WINBIND%%command_args="-s ${samba_config}"
%%WINBIND%%
%%WINBIND%%load_rc_config $name
%%WINBIND%%run_rc_command "$1"

Ну и шаблон конфиг-файла

smb.conf.default

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = MYGROUP

# server string is the equivalent of the NT Description field
server string = Samba Server

# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
security = user

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = yes

# you may wish to override the location of the printcap file
; printcap name = /etc/printcap

# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
; printcap name = lpstat

# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
; printing = cups

# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest

# this tells Samba to use a separate log file for each machine
# that connects
log file = %%SAMBA_LOGDIR%%/log.%m

# Put a capping on the size of the log files (in Kb).
max log size = 50

# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server =

# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
; realm = MY_REALM

# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
; passdb backend = tdbsam

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = %%SAMBA_CONFDIR%%/smb.conf.%m

# Most people will find that this option gives better performance.
# See the chapter 'Samba performance issues' in the Samba HOWTO Collection
# and the manual pages for details.
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY

# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24

# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no

# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes

# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes

# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes

# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat

# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
#Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z

# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least oneWINS Server on the network. The default is NO.
; wins proxy = yes

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no

# charset settings
; display charset = ASCII
; unix charset = ASCII
; dos charset = ASCII

# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
; add user script = /usr/sbin/useradd %u
; add group script = /usr/sbin/groupadd %g
; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
; delete user script = /usr/sbin/userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
; delete group script = /usr/sbin/groupdel %g

#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes

# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = %%SAMBA_SPOOL%%
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes

# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes

# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff

# Other examples.
#
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes

# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no

# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes

# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no

# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765