diff --git a/src/zmb-cups/constants-service.conf b/src/zmb-cups/constants-service.conf
new file mode 100644
index 0000000..d68871d
--- /dev/null
+++ b/src/zmb-cups/constants-service.conf
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Authors:
+# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
+# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
+# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
+
+# This file contains the project constants on service level
+
+# Debian Version, which will be installed
+LXC_TEMPLATE_VERSION="debian-12-standard"
+
+# Create sharefs mountpoint
+LXC_MP="0"
+
+# Create unprivileged container
+LXC_UNPRIVILEGED="0"
+
+# enable nesting feature
+LXC_NESTING="1"
+
+# Sets the minimum amount of RAM the service needs for operation
+LXC_MEM_MIN=1024
+
+# service dependent meta tags
+SERVICE_TAGS="samba,member,fileserver"
\ No newline at end of file
diff --git a/src/zmb-cups/install-service.sh b/src/zmb-cups/install-service.sh
new file mode 100644
index 0000000..f13919e
--- /dev/null
+++ b/src/zmb-cups/install-service.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+
+# Authors:
+# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
+# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
+# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
+
+source /root/functions.sh
+source /root/zamba.conf
+source /root/constants-service.conf
+
+echo "deb http://ftp.halifax.rwth-aachen.de/debian/ bookworm-backports main contrib" >> /etc/apt/sources.list
+
+apt update
+
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -t bookworm-backports -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" acl cups samba winbind libpam-winbind libnss-winbind krb5-user krb5-config samba-dsdb-modules samba-vfs-modules wsdd
+
+mv /etc/krb5.conf /etc/krb5.conf.bak
+cat > /etc/krb5.conf <<EOF
+[libdefaults]
+	default_realm = $ZMB_REALM
+    ticket_lifetime = 600
+	dns_lookup_realm = true
+	dns_lookup_kdc = true
+	renew_lifetime = 7d
+EOF
+
+echo -e "$ZMB_ADMIN_PASS" | kinit -V $ZMB_ADMIN_USER
+klist
+
+mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
+cat > /etc/samba/smb.conf <<EOF
+[global]
+	workgroup = $ZMB_DOMAIN
+	security = ADS
+	realm = $ZMB_REALM
+	server string = %h server
+
+	vfs objects = acl_xattr shadow_copy2
+    map acl inherit = Yes
+    store dos attributes = Yes
+	idmap config *:backend = tdb
+	idmap config *:range = 3000000-4000000
+	idmap config *:schema_mode = rfc2307
+	username map = /etc/samba/user.map
+
+	winbind refresh tickets = Yes
+	winbind use default domain = Yes
+	winbind separator = /
+	winbind nested groups = yes
+	winbind nss info = rfc2307
+
+	pam password change = Yes
+	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
+	passwd program = /usr/bin/passwd %u
+
+	template homedir = /home/%U
+	template shell = /bin/bash
+	bind interfaces only = Yes
+	interfaces = lo eth0
+	log file = /var/log/samba/log.%m
+	logging = syslog
+	max log size = 1000
+	panic action = /usr/share/samba/panic-action %d
+
+	dns proxy = No
+	shadow: snapdir = .zfs/snapshot
+	shadow: sort = desc
+	shadow: format = -%Y-%m-%d-%H%M
+	shadow: snapprefix = ^zfs-auto-snap_\(frequent\)\{0,1\}\(hourly\)\{0,1\}\(daily\)\{0,1\}\(weekly\)\{0,1\}\(monthly\)\{0,1\}\(backup\)\{0,1\}\(manual\)\{0,1\}
+	shadow: delimiter = -20
+	printing = CUPS
+	rpcd_spoolss:idle_seconds=300
+	rpcd_spoolss:num_workers = 10
+	spoolss: architecture = Windows x64
+
+[printers]
+    path = /var/tmp/
+    printable = yes
+
+[print$]
+	path = /var/lib/samba/printers
+    read only = no
+
+EOF
+
+systemctl restart smbd
+
+echo -e "$ZMB_ADMIN_PASS" | net ads join -U $ZMB_ADMIN_USER createcomputer=Computers
+sed -i "s|files systemd|files systemd winbind|g" /etc/nsswitch.conf
+sed -i "s|#WINBINDD_OPTS=|WINBINDD_OPTS=|" /etc/default/winbind
+echo -e "session optional        pam_mkhomedir.so skel=/etc/skel umask=077" >> /etc/pam.d/common-session
+
+systemctl restart winbind nmbd
+
+chown -R ${ZMB_ADMIN_USER}:"domain admins" /var/lib/samba/printers
+chmod -R 2775 /var/lib/samba/printers
+setfacl -Rb /var/lib/samba/printers
+setfacl -Rm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r--,g:"NT Authority/system":rwx,o::--- /var/lib/samba/printers
+setfacl -Rdm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r--,g:"NT Authority/system":rwx,o::--- /var/lib/samba/printers
+echo -e "${ZMB_ADMIN_PASS}" | net rpc rights grant "${ZMB_DOMAIN}\\Domain Admins" SePrintOperatorPrivilege -U "${ZMB_DOMAIN}\\${ZMB_ADMIN_USER}"
+echo -e "!root = ${ZMB_DOMAIN}\\administrator ${ZMB_DOMAIN}\\Administrator" > /etc/samba/user.map
+
+cupsctl --remote-admin
+
+systemctl restart cups smbd nmbd winbind wsdd