diff options
Diffstat (limited to 'docs/htmldocs/smb.conf.5.html')
-rw-r--r-- | docs/htmldocs/smb.conf.5.html | 359 |
1 files changed, 180 insertions, 179 deletions
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html index 2b3d51d6f6..4928d41048 100644 --- a/docs/htmldocs/smb.conf.5.html +++ b/docs/htmldocs/smb.conf.5.html @@ -244,8 +244,8 @@ alias|alias|alias|alias... connection is made as the username given in the "guest account =" for the service, irrespective of the supplied password.</p></li></ol></div></div><div class="refsect1" lang="en"><h2>COMPLETE LIST OF GLOBAL PARAMETERS</h2><p>Here is a list of all global parameters. See the section of - each parameter for details. Note that some are synonyms.</p><div class="itemizedlist"><ul type="disc"><li><p><a href="#ABORTSHUTDOWNSCRIPT"><i class="parameter"><tt>abort shutdown script</tt></i></a></p></li><li><p><a href="#ADDGROUPSCRIPT"><i class="parameter"><tt>add group script</tt></i></a></p></li><li><p><a href="#ADDMACHINESCRIPT"><i class="parameter"><tt>add machine script</tt></i></a></p></li><li><p><a href="#ADDPRINTERCOMMAND"><i class="parameter"><tt>addprinter command</tt></i></a></p></li><li><p><a href="#ADDSHARECOMMAND"><i class="parameter"><tt>add share command</tt></i></a></p></li><li><p><a href="#ADDUSERSCRIPT"><i class="parameter"><tt>add user script</tt></i></a></p></li><li><p><a href="#ADDUSERTOGROUPSCRIPT"><i class="parameter"><tt>add user to group script</tt></i></a></p></li><li><p><a href="#ALGORITHMICRIDBASE"><i class="parameter"><tt>algorithmic rid base</tt></i></a></p></li><li><p><a href="#ALLOWTRUSTEDDOMAINS"><i class="parameter"><tt>allow trusted domains</tt></i></a></p></li><li><p><a href="#ANNOUNCEAS"><i class="parameter"><tt>announce as</tt></i></a></p></li><li><p><a href="#ANNOUNCEVERSION"><i class="parameter"><tt>announce version</tt></i></a></p></li><li><p><a href="#AUTHMETHODS"><i class="parameter"><tt>auth methods</tt></i></a></p></li><li><p><a href="#AUTOSERVICES"><i class="parameter"><tt>auto services</tt></i></a></p></li><li><p><a href="#BINDINTERFACESONLY"><i class="parameter"><tt>bind interfaces only</tt></i></a></p></li><li><p><a href="#BROWSELIST"><i class="parameter"><tt>browse list</tt></i></a></p></li><li><p><a href="#CHANGENOTIFYTIMEOUT"><i class="parameter"><tt>change notify timeout</tt></i></a></p></li><li><p><a href="#CHANGESHARECOMMAND"><i class="parameter"><tt>change share command</tt></i></a></p></li><li><p><a href="#CLIENTLANMANAUTH"><i class="parameter"><tt>client lanman auth</tt></i></a></p></li><li><p><a href="#CLIENTNTLMV2AUTH"><i class="parameter"><tt>client ntlmv2 auth</tt></i></a></p></li><li><p><a href="#CLIENTUSESPNEGO"><i class="parameter"><tt>client use spnego</tt></i></a></p></li><li><p><a href="#CONFIGFILE"><i class="parameter"><tt>config file</tt></i></a></p></li><li><p><a href="#DEADTIME"><i class="parameter"><tt>dead time</tt></i></a></p></li><li><p><a href="#DEBUGHIRESTIMESTAMP"><i class="parameter"><tt>debug hires timestamp</tt></i></a></p></li><li><p><a href="#DEBUGLEVEL"><i class="parameter"><tt>debuglevel</tt></i></a></p></li><li><p><a href="#DEBUGPID"><i class="parameter"><tt>debug pid</tt></i></a></p></li><li><p><a href="#DEBUGTIMESTAMP"><i class="parameter"><tt>debug timestamp</tt></i></a></p></li><li><p><a href="#DEBUGUID"><i class="parameter"><tt>debug uid</tt></i></a></p></li><li><p><a href="#DEFAULT"><i class="parameter"><tt>default</tt></i></a></p></li><li><p><a href="#DEFAULTSERVICE"><i class="parameter"><tt>default service</tt></i></a></p></li><li><p><a href="#DELETEGROUPSCRIPT"><i class="parameter"><tt>delete group script</tt></i></a></p></li><li><p><a href="#DELETEPRINTERCOMMAND"><i class="parameter"><tt>deleteprinter command</tt></i></a></p></li><li><p><a href="#DELETESHARECOMMAND"><i class="parameter"><tt>delete share command</tt></i></a></p></li><li><p><a href="#DELETEUSERFROMGROUPSCRIPT"><i class="parameter"><tt>delete user from group script</tt></i></a></p></li><li><p><a href="#DELETEUSERSCRIPT"><i class="parameter"><tt>delete user script</tt></i></a></p></li><li><p><a href="#DFREECOMMAND"><i class="parameter"><tt>dfree command</tt></i></a></p></li><li><p><a href="#DISABLENETBIOS"><i class="parameter"><tt>disable netbios</tt></i></a></p></li><li><p><a href="#DISABLESPOOLSS"><i class="parameter"><tt>disable spoolss</tt></i></a></p></li><li><p><a href="#DISPLAYCHARSET"><i class="parameter"><tt>display charset</tt></i></a></p></li><li><p><a href="#DNSPROXY"><i class="parameter"><tt>dns proxy</tt></i></a></p></li><li><p><a href="#DOMAINLOGONS"><i class="parameter"><tt>domain logons</tt></i></a></p></li><li><p><a href="#DOMAINMASTER"><i class="parameter"><tt>domain master</tt></i></a></p></li><li><p><a href="#DOSCHARSET"><i class="parameter"><tt>dos charset</tt></i></a></p></li><li><p><a href="#ENABLERIDALGORITHM"><i class="parameter"><tt>enable rid algorithm</tt></i></a></p></li><li><p><a href="#ENCRYPTPASSWORDS"><i class="parameter"><tt>encrypt passwords</tt></i></a></p></li><li><p><a href="#ENHANCEDBROWSING"><i class="parameter"><tt>enhanced browsing</tt></i></a></p></li><li><p><a href="#ENUMPORTSCOMMAND"><i class="parameter"><tt>enumports command</tt></i></a></p></li><li><p><a href="#GETWDCACHE"><i class="parameter"><tt>getwd cache</tt></i></a></p></li><li><p><a href="#GUESTACCOUNT"><i class="parameter"><tt>guest account</tt></i></a></p></li><li><p><a href="#HIDELOCALUSERS"><i class="parameter"><tt>hide local users</tt></i></a></p></li><li><p><a href="#HOMEDIRMAP"><i class="parameter"><tt>homedir map</tt></i></a></p></li><li><p><a href="#HOSTMSDFS"><i class="parameter"><tt>host msdfs</tt></i></a></p></li><li><p><a href="#HOSTNAMELOOKUPS"><i class="parameter"><tt>hostname lookups</tt></i></a></p></li><li><p><a href="#HOSTSEQUIV"><i class="parameter"><tt>hosts equiv</tt></i></a></p></li><li><p><a href="#IDMAPGID"><i class="parameter"><tt>idmap gid</tt></i></a></p></li><li><p><a href="#IDMAPUID"><i class="parameter"><tt>idmap uid</tt></i></a></p></li><li><p><a href="#INCLUDE"><i class="parameter"><tt>include</tt></i></a></p></li><li><p><a href="#INTERFACES"><i class="parameter"><tt>interfaces</tt></i></a></p></li><li><p><a href="#KEEPALIVE"><i class="parameter"><tt>keepalive</tt></i></a></p></li><li><p><a href="#KERNELOPLOCKS"><i class="parameter"><tt>kernel oplocks</tt></i></a></p></li><li><p><a href="#LANMANAUTH"><i class="parameter"><tt>lanman auth</tt></i></a></p></li><li><p><a href="#LARGEREADWRITE"><i class="parameter"><tt>large readwrite</tt></i></a></p></li><li><p><a href="#LDAPADMINDN"><i class="parameter"><tt>ldap admin dn</tt></i></a></p></li><li><p><a href="#LDAPDELETEDN"><i class="parameter"><tt>ldap delete dn</tt></i></a></p></li><li><p><a href="#LDAPFILTER"><i class="parameter"><tt>ldap filter</tt></i></a></p></li><li><p><a href="#LDAPMACHINESUFFIX"><i class="parameter"><tt>ldap machine suffix</tt></i></a></p></li><li><p><a href="#LDAPPASSWDSYNC"><i class="parameter"><tt>ldap passwd sync</tt></i></a></p></li><li><p><a href="#LDAPPORT"><i class="parameter"><tt>ldap port</tt></i></a></p></li><li><p><a href="#LDAPSERVER"><i class="parameter"><tt>ldap server</tt></i></a></p></li><li><p><a href="#LDAPSSL"><i class="parameter"><tt>ldap ssl</tt></i></a></p></li><li><p><a href="#LDAPSUFFIX"><i class="parameter"><tt>ldap suffix</tt></i></a></p></li><li><p><a href="#LDAPTRUSTIDS"><i class="parameter"><tt>ldap trust ids</tt></i></a></p></li><li><p><a href="#LDAPUSERSUFFIX"><i class="parameter"><tt>ldap user suffix</tt></i></a></p></li><li><p><a href="#LMANNOUNCE"><i class="parameter"><tt>lm announce</tt></i></a></p></li><li><p><a href="#LMINTERVAL"><i class="parameter"><tt>lm interval</tt></i></a></p></li><li><p><a href="#LOADPRINTERS"><i class="parameter"><tt>load printers</tt></i></a></p></li><li><p><a href="#LOCALMASTER"><i class="parameter"><tt>local master</tt></i></a></p></li><li><p><a href="#LOCKDIR"><i class="parameter"><tt>lock dir</tt></i></a></p></li><li><p><a href="#LOCKDIRECTORY"><i class="parameter"><tt>lock directory</tt></i></a></p></li><li><p><a href="#LOCKSPINCOUNT"><i class="parameter"><tt>lock spin count</tt></i></a></p></li><li><p><a href="#LOCKSPINTIME"><i class="parameter"><tt>lock spin time</tt></i></a></p></li><li><p><a href="#LOGFILE"><i class="parameter"><tt>log file</tt></i></a></p></li><li><p><a href="#LOGLEVEL"><i class="parameter"><tt>log level</tt></i></a></p></li><li><p><a href="#LOGONDRIVE"><i class="parameter"><tt>logon drive</tt></i></a></p></li><li><p><a href="#LOGONHOME"><i class="parameter"><tt>logon home</tt></i></a></p></li><li><p><a href="#LOGONPATH"><i class="parameter"><tt>logon path</tt></i></a></p></li><li><p><a href="#LOGONSCRIPT"><i class="parameter"><tt>logon script</tt></i></a></p></li><li><p><a href="#LPQCACHETIME"><i class="parameter"><tt>lpq cache time</tt></i></a></p></li><li><p><a href="#MACHINEPASSWORDTIMEOUT"><i class="parameter"><tt>machine password timeout</tt></i></a></p></li><li><p><a href="#MANGLEDSTACK"><i class="parameter"><tt>mangled stack</tt></i></a></p></li><li><p><a href="#MANGLEPREFIX"><i class="parameter"><tt>mangle prefix</tt></i></a></p></li><li><p><a href="#MANGLINGMETHOD"><i class="parameter"><tt>mangling method</tt></i></a></p></li><li><p><a href="#MAPTOGUEST"><i class="parameter"><tt>map to guest</tt></i></a></p></li><li><p><a href="#MAXDISKSIZE"><i class="parameter"><tt>max disk size</tt></i></a></p></li><li><p><a href="#MAXLOGSIZE"><i class="parameter"><tt>max log size</tt></i></a></p></li><li><p><a href="#MAXMUX"><i class="parameter"><tt>max mux</tt></i></a></p></li><li><p><a href="#MAXOPENFILES"><i class="parameter"><tt>max open files</tt></i></a></p></li><li><p><a href="#MAXPROTOCOL"><i class="parameter"><tt>max protocol</tt></i></a></p></li><li><p><a href="#MAXSMBDPROCESSES"><i class="parameter"><tt>max smbd processes</tt></i></a></p></li><li><p><a href="#MAXTTL"><i class="parameter"><tt>max ttl</tt></i></a></p></li><li><p><a href="#MAXWINSTTL"><i class="parameter"><tt>max wins ttl</tt></i></a></p></li><li><p><a href="#MAXXMIT"><i class="parameter"><tt>max xmit</tt></i></a></p></li><li><p><a href="#MESSAGECOMMAND"><i class="parameter"><tt>message command</tt></i></a></p></li><li><p><a href="#MINPASSWDLENGTH"><i class="parameter"><tt>min passwd length</tt></i></a></p></li><li><p><a href="#MINPASSWORDLENGTH"><i class="parameter"><tt>min password length</tt></i></a></p></li><li><p><a href="#MINPROTOCOL"><i class="parameter"><tt>min protocol</tt></i></a></p></li><li><p><a href="#MINWINSTTL"><i class="parameter"><tt>min wins ttl</tt></i></a></p></li><li><p><a href="#NAMECACHETIMEOUT"><i class="parameter"><tt>name cache timeout</tt></i></a></p></li><li><p><a href="#NAMERESOLVEORDER"><i class="parameter"><tt>name resolve order</tt></i></a></p></li><li><p><a href="#NETBIOSALIASES"><i class="parameter"><tt>netbios aliases</tt></i></a></p></li><li><p><a href="#NETBIOSNAME"><i class="parameter"><tt>netbios name</tt></i></a></p></li><li><p><a href="#NETBIOSSCOPE"><i class="parameter"><tt>netbios scope</tt></i></a></p></li><li><p><a href="#NISHOMEDIR"><i class="parameter"><tt>nis homedir</tt></i></a></p></li><li><p><a href="#NTLMAUTH"><i class="parameter"><tt>ntlm auth</tt></i></a></p></li><li><p><a href="#NTPIPESUPPORT"><i class="parameter"><tt>nt pipe support</tt></i></a></p></li><li><p><a href="#NTSTATUSSUPPORT"><i class="parameter"><tt>nt status support</tt></i></a></p></li><li><p><a href="#NULLPASSWORDS"><i class="parameter"><tt>null passwords</tt></i></a></p></li><li><p><a href="#OBEYPAMRESTRICTIONS"><i class="parameter"><tt>obey pam restrictions</tt></i></a></p></li><li><p><a href="#OPLOCKBREAKWAITTIME"><i class="parameter"><tt>oplock break wait time</tt></i></a></p></li><li><p><a href="#OS2DRIVERMAP"><i class="parameter"><tt>os2 driver map</tt></i></a></p></li><li><p><a href="#OSLEVEL"><i class="parameter"><tt>os level</tt></i></a></p></li><li><p><a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i></a></p></li><li><p><a href="#PANICACTION"><i class="parameter"><tt>panic action</tt></i></a></p></li><li><p><a href="#PARANOIDSERVERSECURITY"><i class="parameter"><tt>paranoid server security</tt></i></a></p></li><li><p><a href="#PASSDBBACKEND"><i class="parameter"><tt>passdb backend</tt></i></a></p></li><li><p><a href="#PASSWDCHAT"><i class="parameter"><tt>passwd chat</tt></i></a></p></li><li><p><a href="#PASSWDCHATDEBUG"><i class="parameter"><tt>passwd chat debug</tt></i></a></p></li><li><p><a href="#PASSWDPROGRAM"><i class="parameter"><tt>passwd program</tt></i></a></p></li><li><p><a href="#PASSWORDLEVEL"><i class="parameter"><tt>password level</tt></i></a></p></li><li><p><a href="#PASSWORDSERVER"><i class="parameter"><tt>password server</tt></i></a></p></li><li><p><a href="#PIDDIRECTORY"><i class="parameter"><tt>pid directory</tt></i></a></p></li><li><p><a href="#PREFEREDMASTER"><i class="parameter"><tt>prefered master</tt></i></a></p></li><li><p><a href="#PREFERREDMASTER"><i class="parameter"><tt>preferred master</tt></i></a></p></li><li><p><a href="#PRELOAD"><i class="parameter"><tt>preload</tt></i></a></p></li><li><p><a href="#PRELOADMODULES"><i class="parameter"><tt>preload modules</tt></i></a></p></li><li><p><a href="#PRINTCAP"><i class="parameter"><tt>printcap</tt></i></a></p></li><li><p><a href="#PRIVATEDIR"><i class="parameter"><tt>private dir</tt></i></a></p></li><li><p><a href="#PROTOCOL"><i class="parameter"><tt>protocol</tt></i></a></p></li><li><p><a href="#READBMPX"><i class="parameter"><tt>read bmpx</tt></i></a></p></li><li><p><a href="#READRAW"><i class="parameter"><tt>read raw</tt></i></a></p></li><li><p><a href="#READSIZE"><i class="parameter"><tt>read size</tt></i></a></p></li><li><p><a href="#REALM"><i class="parameter"><tt>realm</tt></i></a></p></li><li><p><a href="#REMOTEANNOUNCE"><i class="parameter"><tt>remote announce</tt></i></a></p></li><li><p><a href="#REMOTEBROWSESYNC"><i class="parameter"><tt>remote browse sync</tt></i></a></p></li><li><p><a href="#RESTRICTANONYMOUS"><i class="parameter"><tt>restrict anonymous</tt></i></a></p></li><li><p><a href="#ROOT"><i class="parameter"><tt>root</tt></i></a></p></li><li><p><a href="#ROOTDIR"><i class="parameter"><tt>root dir</tt></i></a></p></li><li><p><a href="#ROOTDIRECTORY"><i class="parameter"><tt>root directory</tt></i></a></p></li><li><p><a href="#SECURITY"><i class="parameter"><tt>security</tt></i></a></p></li><li><p><a href="#SERVERSCHANNEL"><i class="parameter"><tt>server schannel</tt></i></a></p></li><li><p><a href="#SERVERSTRING"><i class="parameter"><tt>server string</tt></i></a></p></li><li><p><a href="#SETPRIMARYGROUPSCRIPT"><i class="parameter"><tt>set primary group script</tt></i></a></p></li><li><p><a href="#SHOWADDPRINTERWIZARD"><i class="parameter"><tt>show add printer wizard</tt></i></a></p></li><li><p><a href="#SHUTDOWNSCRIPT"><i class="parameter"><tt>shutdown script</tt></i></a></p></li><li><p><a href="#SMBPASSWDFILE"><i class="parameter"><tt>smb passwd file</tt></i></a></p></li><li><p><a href="#SMBPORTS"><i class="parameter"><tt>smb ports</tt></i></a></p></li><li><p><a href="#SOCKETADDRESS"><i class="parameter"><tt>socket address</tt></i></a></p></li><li><p><a href="#SOCKETOPTIONS"><i class="parameter"><tt>socket options</tt></i></a></p></li><li><p><a href="#SOURCEENVIRONMENT"><i class="parameter"><tt>source environment</tt></i></a></p></li><li><p><a href="#STATCACHE"><i class="parameter"><tt>stat cache</tt></i></a></p></li><li><p><a href="#STRIPDOT"><i class="parameter"><tt>strip dot</tt></i></a></p></li><li><p><a href="#SYSLOG"><i class="parameter"><tt>syslog</tt></i></a></p></li><li><p><a href="#SYSLOGONLY"><i class="parameter"><tt>syslog only</tt></i></a></p></li><li><p><a href="#TEMPLATEHOMEDIR"><i class="parameter"><tt>template homedir</tt></i></a></p></li><li><p><a href="#TEMPLATEPRIMARYGROUP"><i class="parameter"><tt>template primary group</tt></i></a></p></li><li><p><a href="#TEMPLATESHELL"><i class="parameter"><tt>template shell</tt></i></a></p></li><li><p><a href="#TIMEOFFSET"><i class="parameter"><tt>time offset</tt></i></a></p></li><li><p><a href="#TIMESERVER"><i class="parameter"><tt>time server</tt></i></a></p></li><li><p><a href="#TIMESTAMPLOGS"><i class="parameter"><tt>timestamp logs</tt></i></a></p></li><li><p><a href="#TOTALPRINTJOBS"><i class="parameter"><tt>total print jobs</tt></i></a></p></li><li><p><a href="#UNICODE"><i class="parameter"><tt>unicode</tt></i></a></p></li><li><p><a href="#UNIXCHARSET"><i class="parameter"><tt>unix charset</tt></i></a></p></li><li><p><a href="#UNIXEXTENSIONS"><i class="parameter"><tt>unix extensions</tt></i></a></p></li><li><p><a href="#UNIXPASSWORDSYNC"><i class="parameter"><tt>unix password sync</tt></i></a></p></li><li><p><a href="#UPDATEENCRYPTED"><i class="parameter"><tt>update encrypted</tt></i></a></p></li><li><p><a href="#USEMMAP"><i class="parameter"><tt>use mmap</tt></i></a></p></li><li><p><a href="#USERNAMELEVEL"><i class="parameter"><tt>username level</tt></i></a></p></li><li><p><a href="#USERNAMEMAP"><i class="parameter"><tt>username map</tt></i></a></p></li><li><p><a href="#USESPNEGO"><i class="parameter"><tt>use spnego</tt></i></a></p></li><li><p><a href="#UTMP"><i class="parameter"><tt>utmp</tt></i></a></p></li><li><p><a href="#UTMPDIRECTORY"><i class="parameter"><tt>utmp directory</tt></i></a></p></li><li><p><a href="#WINBINDCACHETIME"><i class="parameter"><tt>winbind cache time</tt></i></a></p></li><li><p><a href="#WINBINDENABLELOCALACCOUNTS"><i class="parameter"><tt>winbind enable local accounts</tt></i></a></p></li><li><p><a href="#WINBINDENUMGROUPS"><i class="parameter"><tt>winbind enum groups</tt></i></a></p></li><li><p><a href="#WINBINDENUMUSERS"><i class="parameter"><tt>winbind enum users</tt></i></a></p></li><li><p><a href="#WINBINDGID"><i class="parameter"><tt>winbind gid</tt></i></a></p></li><li><p><a href="#WINBINDSEPARATOR"><i class="parameter"><tt>winbind separator</tt></i></a></p></li><li><p><a href="#WINBINDTRUSTEDDOMAINSONLY"><i class="parameter"><tt>winbind trusted domains only</tt></i></a></p></li><li><p><a href="#WINBINDUID"><i class="parameter"><tt>winbind uid</tt></i></a></p></li><li><p><a href="#WINBINDUSEDEFAULTDOMAIN"><i class="parameter"><tt>winbind use default domain</tt></i></a></p></li><li><p><a href="#WINSHOOK"><i class="parameter"><tt>wins hook</tt></i></a></p></li><li><p><a href="#WINSPARTNERS"><i class="parameter"><tt>wins partners</tt></i></a></p></li><li><p><a href="#WINSPROXY"><i class="parameter"><tt>wins proxy</tt></i></a></p></li><li><p><a href="#WINSSERVER"><i class="parameter"><tt>wins server</tt></i></a></p></li><li><p><a href="#WINSSUPPORT"><i class="parameter"><tt>wins support</tt></i></a></p></li><li><p><a href="#WORKGROUP"><i class="parameter"><tt>workgroup</tt></i></a></p></li><li><p><a href="#WRITERAW"><i class="parameter"><tt>write raw</tt></i></a></p></li><li><p><a href="#WTMPDIRECTORY"><i class="parameter"><tt>wtmp directory</tt></i></a></p></li></ul></div></div><div class="refsect1" lang="en"><h2>COMPLETE LIST OF SERVICE PARAMETERS</h2><p>Here is a list of all service parameters. See the section on - each parameter for details. Note that some are synonyms.</p><div class="itemizedlist"><ul type="disc"><li><p><a href="#ADMINUSERS"><i class="parameter"><tt>admin users</tt></i></a></p></li><li><p><a href="#ALLOWHOSTS"><i class="parameter"><tt>allow hosts</tt></i></a></p></li><li><p><a href="#AVAILABLE"><i class="parameter"><tt>available</tt></i></a></p></li><li><p><a href="#BLOCKINGLOCKS"><i class="parameter"><tt>blocking locks</tt></i></a></p></li><li><p><a href="#BLOCKSIZE"><i class="parameter"><tt>block size</tt></i></a></p></li><li><p><a href="#BROWSABLE"><i class="parameter"><tt>browsable</tt></i></a></p></li><li><p><a href="#BROWSEABLE"><i class="parameter"><tt>browseable</tt></i></a></p></li><li><p><a href="#CASESENSITIVE"><i class="parameter"><tt>case sensitive</tt></i></a></p></li><li><p><a href="#CASESIGNAMES"><i class="parameter"><tt>casesignames</tt></i></a></p></li><li><p><a href="#COMMENT"><i class="parameter"><tt>comment</tt></i></a></p></li><li><p><a href="#COPY"><i class="parameter"><tt>copy</tt></i></a></p></li><li><p><a href="#CREATEMASK"><i class="parameter"><tt>create mask</tt></i></a></p></li><li><p><a href="#CREATEMODE"><i class="parameter"><tt>create mode</tt></i></a></p></li><li><p><a href="#CSCPOLICY"><i class="parameter"><tt>csc policy</tt></i></a></p></li><li><p><a href="#DEFAULTCASE"><i class="parameter"><tt>default case</tt></i></a></p></li><li><p><a href="#DEFAULTDEVMODE"><i class="parameter"><tt>default devmode</tt></i></a></p></li><li><p><a href="#DELETEREADONLY"><i class="parameter"><tt>delete readonly</tt></i></a></p></li><li><p><a href="#DELETEVETOFILES"><i class="parameter"><tt>delete veto files</tt></i></a></p></li><li><p><a href="#DENYHOSTS"><i class="parameter"><tt>deny hosts</tt></i></a></p></li><li><p><a href="#DIRECTORY"><i class="parameter"><tt>directory</tt></i></a></p></li><li><p><a href="#DIRECTORYMASK"><i class="parameter"><tt>directory mask</tt></i></a></p></li><li><p><a href="#DIRECTORYMODE"><i class="parameter"><tt>directory mode</tt></i></a></p></li><li><p><a href="#DIRECTORYSECURITYMASK"><i class="parameter"><tt>directory security mask</tt></i></a></p></li><li><p><a href="#DONTDESCEND"><i class="parameter"><tt>dont descend</tt></i></a></p></li><li><p><a href="#DOSFILEMODE"><i class="parameter"><tt>dos filemode</tt></i></a></p></li><li><p><a href="#DOSFILETIMERESOLUTION"><i class="parameter"><tt>dos filetime resolution</tt></i></a></p></li><li><p><a href="#DOSFILETIMES"><i class="parameter"><tt>dos filetimes</tt></i></a></p></li><li><p><a href="#EXEC"><i class="parameter"><tt>exec</tt></i></a></p></li><li><p><a href="#FAKEDIRECTORYCREATETIMES"><i class="parameter"><tt>fake directory create times</tt></i></a></p></li><li><p><a href="#FAKEOPLOCKS"><i class="parameter"><tt>fake oplocks</tt></i></a></p></li><li><p><a href="#FOLLOWSYMLINKS"><i class="parameter"><tt>follow symlinks</tt></i></a></p></li><li><p><a href="#FORCECREATEMODE"><i class="parameter"><tt>force create mode</tt></i></a></p></li><li><p><a href="#FORCEDIRECTORYMODE"><i class="parameter"><tt>force directory mode</tt></i></a></p></li><li><p><a href="#FORCEDIRECTORYSECURITYMODE"><i class="parameter"><tt>force directory security mode</tt></i></a></p></li><li><p><a href="#FORCEGROUP"><i class="parameter"><tt>force group</tt></i></a></p></li><li><p><a href="#FORCESECURITYMODE"><i class="parameter"><tt>force security mode</tt></i></a></p></li><li><p><a href="#FORCEUSER"><i class="parameter"><tt>force user</tt></i></a></p></li><li><p><a href="#FSTYPE"><i class="parameter"><tt>fstype</tt></i></a></p></li><li><p><a href="#GROUP"><i class="parameter"><tt>group</tt></i></a></p></li><li><p><a href="#GUESTACCOUNT"><i class="parameter"><tt>guest account</tt></i></a></p></li><li><p><a href="#GUESTOK"><i class="parameter"><tt>guest ok</tt></i></a></p></li><li><p><a href="#GUESTONLY"><i class="parameter"><tt>guest only</tt></i></a></p></li><li><p><a href="#HIDEDOTFILES"><i class="parameter"><tt>hide dot files</tt></i></a></p></li><li><p><a href="#HIDEFILES"><i class="parameter"><tt>hide files</tt></i></a></p></li><li><p><a href="#HIDESPECIALFILES"><i class="parameter"><tt>hide special files</tt></i></a></p></li><li><p><a href="#HIDEUNREADABLE"><i class="parameter"><tt>hide unreadable</tt></i></a></p></li><li><p><a href="#HIDEUNWRITEABLEFILES"><i class="parameter"><tt>hide unwriteable files</tt></i></a></p></li><li><p><a href="#HOSTSALLOW"><i class="parameter"><tt>hosts allow</tt></i></a></p></li><li><p><a href="#HOSTSDENY"><i class="parameter"><tt>hosts deny</tt></i></a></p></li><li><p><a href="#INHERITACLS"><i class="parameter"><tt>inherit acls</tt></i></a></p></li><li><p><a href="#INHERITPERMISSIONS"><i class="parameter"><tt>inherit permissions</tt></i></a></p></li><li><p><a href="#INVALIDUSERS"><i class="parameter"><tt>invalid users</tt></i></a></p></li><li><p><a href="#LEVEL2OPLOCKS"><i class="parameter"><tt>level2 oplocks</tt></i></a></p></li><li><p><a href="#LOCKING"><i class="parameter"><tt>locking</tt></i></a></p></li><li><p><a href="#LPPAUSECOMMAND"><i class="parameter"><tt>lppause command</tt></i></a></p></li><li><p><a href="#LPQCOMMAND"><i class="parameter"><tt>lpq command</tt></i></a></p></li><li><p><a href="#LPRESUMECOMMAND"><i class="parameter"><tt>lpresume command</tt></i></a></p></li><li><p><a href="#LPRMCOMMAND"><i class="parameter"><tt>lprm command</tt></i></a></p></li><li><p><a href="#MAGICOUTPUT"><i class="parameter"><tt>magic output</tt></i></a></p></li><li><p><a href="#MAGICSCRIPT"><i class="parameter"><tt>magic script</tt></i></a></p></li><li><p><a href="#MANGLECASE"><i class="parameter"><tt>mangle case</tt></i></a></p></li><li><p><a href="#MANGLEDMAP"><i class="parameter"><tt>mangled map</tt></i></a></p></li><li><p><a href="#MANGLEDNAMES"><i class="parameter"><tt>mangled names</tt></i></a></p></li><li><p><a href="#MANGLINGCHAR"><i class="parameter"><tt>mangling char</tt></i></a></p></li><li><p><a href="#MAPACLINHERIT"><i class="parameter"><tt>map acl inherit</tt></i></a></p></li><li><p><a href="#MAPARCHIVE"><i class="parameter"><tt>map archive</tt></i></a></p></li><li><p><a href="#MAPHIDDEN"><i class="parameter"><tt>map hidden</tt></i></a></p></li><li><p><a href="#MAPSYSTEM"><i class="parameter"><tt>map system</tt></i></a></p></li><li><p><a href="#MAXCONNECTIONS"><i class="parameter"><tt>max connections</tt></i></a></p></li><li><p><a href="#MAXPRINTJOBS"><i class="parameter"><tt>max print jobs</tt></i></a></p></li><li><p><a href="#MAXREPORTEDPRINTJOBS"><i class="parameter"><tt>max reported print jobs</tt></i></a></p></li><li><p><a href="#MINPRINTSPACE"><i class="parameter"><tt>min print space</tt></i></a></p></li><li><p><a href="#MSDFSPROXY"><i class="parameter"><tt>msdfs proxy</tt></i></a></p></li><li><p><a href="#MSDFSROOT"><i class="parameter"><tt>msdfs root</tt></i></a></p></li><li><p><a href="#NTACLSUPPORT"><i class="parameter"><tt>nt acl support</tt></i></a></p></li><li><p><a href="#ONLYGUEST"><i class="parameter"><tt>only guest</tt></i></a></p></li><li><p><a href="#ONLYUSER"><i class="parameter"><tt>only user</tt></i></a></p></li><li><p><a href="#OPLOCKCONTENTIONLIMIT"><i class="parameter"><tt>oplock contention limit</tt></i></a></p></li><li><p><a href="#OPLOCKS"><i class="parameter"><tt>oplocks</tt></i></a></p></li><li><p><a href="#PATH"><i class="parameter"><tt>path</tt></i></a></p></li><li><p><a href="#POSIXLOCKING"><i class="parameter"><tt>posix locking</tt></i></a></p></li><li><p><a href="#POSTEXEC"><i class="parameter"><tt>postexec</tt></i></a></p></li><li><p><a href="#PREEXEC"><i class="parameter"><tt>preexec</tt></i></a></p></li><li><p><a href="#PREEXECCLOSE"><i class="parameter"><tt>preexec close</tt></i></a></p></li><li><p><a href="#PRESERVECASE"><i class="parameter"><tt>preserve case</tt></i></a></p></li><li><p><a href="#PRINTABLE"><i class="parameter"><tt>printable</tt></i></a></p></li><li><p><a href="#PRINTCAPNAME"><i class="parameter"><tt>printcap name</tt></i></a></p></li><li><p><a href="#PRINTCOMMAND"><i class="parameter"><tt>print command</tt></i></a></p></li><li><p><a href="#PRINTER"><i class="parameter"><tt>printer</tt></i></a></p></li><li><p><a href="#PRINTERADMIN"><i class="parameter"><tt>printer admin</tt></i></a></p></li><li><p><a href="#PRINTERNAME"><i class="parameter"><tt>printer name</tt></i></a></p></li><li><p><a href="#PRINTING"><i class="parameter"><tt>printing</tt></i></a></p></li><li><p><a href="#PRINTOK"><i class="parameter"><tt>print ok</tt></i></a></p></li><li><p><a href="#PROFILEACLS"><i class="parameter"><tt>profile acls</tt></i></a></p></li><li><p><a href="#PUBLIC"><i class="parameter"><tt>public</tt></i></a></p></li><li><p><a href="#QUEUEPAUSECOMMAND"><i class="parameter"><tt>queuepause command</tt></i></a></p></li><li><p><a href="#QUEUERESUMECOMMAND"><i class="parameter"><tt>queueresume command</tt></i></a></p></li><li><p><a href="#READLIST"><i class="parameter"><tt>read list</tt></i></a></p></li><li><p><a href="#READONLY"><i class="parameter"><tt>read only</tt></i></a></p></li><li><p><a href="#ROOTPOSTEXEC"><i class="parameter"><tt>root postexec</tt></i></a></p></li><li><p><a href="#ROOTPREEXEC"><i class="parameter"><tt>root preexec</tt></i></a></p></li><li><p><a href="#ROOTPREEXECCLOSE"><i class="parameter"><tt>root preexec close</tt></i></a></p></li><li><p><a href="#SECURITYMASK"><i class="parameter"><tt>security mask</tt></i></a></p></li><li><p><a href="#SETDIRECTORY"><i class="parameter"><tt>set directory</tt></i></a></p></li><li><p><a href="#SHAREMODES"><i class="parameter"><tt>share modes</tt></i></a></p></li><li><p><a href="#SHORTPRESERVECASE"><i class="parameter"><tt>short preserve case</tt></i></a></p></li><li><p><a href="#STRICTALLOCATE"><i class="parameter"><tt>strict allocate</tt></i></a></p></li><li><p><a href="#STRICTLOCKING"><i class="parameter"><tt>strict locking</tt></i></a></p></li><li><p><a href="#STRICTSYNC"><i class="parameter"><tt>strict sync</tt></i></a></p></li><li><p><a href="#SYNCALWAYS"><i class="parameter"><tt>sync always</tt></i></a></p></li><li><p><a href="#USECLIENTDRIVER"><i class="parameter"><tt>use client driver</tt></i></a></p></li><li><p><a href="#USER"><i class="parameter"><tt>user</tt></i></a></p></li><li><p><a href="#USERNAME"><i class="parameter"><tt>username</tt></i></a></p></li><li><p><a href="#USERS"><i class="parameter"><tt>users</tt></i></a></p></li><li><p><a href="#USESENDFILE"><i class="parameter"><tt>use sendfile</tt></i></a></p></li><li><p><a href="#-VALID"><i class="parameter"><tt>-valid</tt></i></a></p></li><li><p><a href="#VALIDUSERS"><i class="parameter"><tt>valid users</tt></i></a></p></li><li><p><a href="#VETOFILES"><i class="parameter"><tt>veto files</tt></i></a></p></li><li><p><a href="#VETOOPLOCKFILES"><i class="parameter"><tt>veto oplock files</tt></i></a></p></li><li><p><a href="#VFSOBJECT"><i class="parameter"><tt>vfs object</tt></i></a></p></li><li><p><a href="#VFSOBJECTS"><i class="parameter"><tt>vfs objects</tt></i></a></p></li><li><p><a href="#VOLUME"><i class="parameter"><tt>volume</tt></i></a></p></li><li><p><a href="#WIDELINKS"><i class="parameter"><tt>wide links</tt></i></a></p></li><li><p><a href="#WRITABLE"><i class="parameter"><tt>writable</tt></i></a></p></li><li><p><a href="#WRITEABLE"><i class="parameter"><tt>writeable</tt></i></a></p></li><li><p><a href="#WRITECACHESIZE"><i class="parameter"><tt>write cache size</tt></i></a></p></li><li><p><a href="#WRITELIST"><i class="parameter"><tt>write list</tt></i></a></p></li><li><p><a href="#WRITEOK"><i class="parameter"><tt>write ok</tt></i></a></p></li></ul></div></div><div class="refsect1" lang="en"><h2>EXPLANATION OF EACH PARAMETER</h2><div class="variablelist"><dl><dt><span class="term"><a name="ABORTSHUTDOWNSCRIPT"></a>abort shutdown script (G)</span></dt><dd><p><span class="emphasis"><em>This parameter only exists in the HEAD cvs branch</em></span> + each parameter for details. Note that some are synonyms.</p><div class="itemizedlist"><ul type="disc"><li><p><a href="#ABORTSHUTDOWNSCRIPT"><i class="parameter"><tt>abort shutdown script</tt></i></a></p></li><li><p><a href="#ADDGROUPSCRIPT"><i class="parameter"><tt>add group script</tt></i></a></p></li><li><p><a href="#ADDMACHINESCRIPT"><i class="parameter"><tt>add machine script</tt></i></a></p></li><li><p><a href="#ADDPRINTERCOMMAND"><i class="parameter"><tt>addprinter command</tt></i></a></p></li><li><p><a href="#ADDSHARECOMMAND"><i class="parameter"><tt>add share command</tt></i></a></p></li><li><p><a href="#ADDUSERSCRIPT"><i class="parameter"><tt>add user script</tt></i></a></p></li><li><p><a href="#ADDUSERTOGROUPSCRIPT"><i class="parameter"><tt>add user to group script</tt></i></a></p></li><li><p><a href="#ALGORITHMICRIDBASE"><i class="parameter"><tt>algorithmic rid base</tt></i></a></p></li><li><p><a href="#ALLOWTRUSTEDDOMAINS"><i class="parameter"><tt>allow trusted domains</tt></i></a></p></li><li><p><a href="#ANNOUNCEAS"><i class="parameter"><tt>announce as</tt></i></a></p></li><li><p><a href="#ANNOUNCEVERSION"><i class="parameter"><tt>announce version</tt></i></a></p></li><li><p><a href="#AUTHMETHODS"><i class="parameter"><tt>auth methods</tt></i></a></p></li><li><p><a href="#AUTOSERVICES"><i class="parameter"><tt>auto services</tt></i></a></p></li><li><p><a href="#BINDINTERFACESONLY"><i class="parameter"><tt>bind interfaces only</tt></i></a></p></li><li><p><a href="#BROWSELIST"><i class="parameter"><tt>browse list</tt></i></a></p></li><li><p><a href="#CHANGENOTIFYTIMEOUT"><i class="parameter"><tt>change notify timeout</tt></i></a></p></li><li><p><a href="#CHANGESHARECOMMAND"><i class="parameter"><tt>change share command</tt></i></a></p></li><li><p><a href="#CLIENTLANMANAUTH"><i class="parameter"><tt>client lanman auth</tt></i></a></p></li><li><p><a href="#CLIENTNTLMV2AUTH"><i class="parameter"><tt>client ntlmv2 auth</tt></i></a></p></li><li><p><a href="#CLIENTUSESPNEGO"><i class="parameter"><tt>client use spnego</tt></i></a></p></li><li><p><a href="#CONFIGFILE"><i class="parameter"><tt>config file</tt></i></a></p></li><li><p><a href="#DEADTIME"><i class="parameter"><tt>deadtime</tt></i></a></p></li><li><p><a href="#DEBUGHIRESTIMESTAMP"><i class="parameter"><tt>debug hires timestamp</tt></i></a></p></li><li><p><a href="#DEBUGLEVEL"><i class="parameter"><tt>debuglevel</tt></i></a></p></li><li><p><a href="#DEBUGPID"><i class="parameter"><tt>debug pid</tt></i></a></p></li><li><p><a href="#DEBUGTIMESTAMP"><i class="parameter"><tt>debug timestamp</tt></i></a></p></li><li><p><a href="#DEBUGUID"><i class="parameter"><tt>debug uid</tt></i></a></p></li><li><p><a href="#DEFAULTSERVICE"><i class="parameter"><tt>default service</tt></i></a></p></li><li><p><a href="#DEFAULT"><i class="parameter"><tt>default</tt></i></a></p></li><li><p><a href="#DELETEGROUPSCRIPT"><i class="parameter"><tt>delete group script</tt></i></a></p></li><li><p><a href="#DELETEPRINTERCOMMAND"><i class="parameter"><tt>deleteprinter command</tt></i></a></p></li><li><p><a href="#DELETESHARECOMMAND"><i class="parameter"><tt>delete share command</tt></i></a></p></li><li><p><a href="#DELETEUSERFROMGROUPSCRIPT"><i class="parameter"><tt>delete user from group script</tt></i></a></p></li><li><p><a href="#DELETEUSERSCRIPT"><i class="parameter"><tt>delete user script</tt></i></a></p></li><li><p><a href="#DFREECOMMAND"><i class="parameter"><tt>dfree command</tt></i></a></p></li><li><p><a href="#DISABLENETBIOS"><i class="parameter"><tt>disable netbios</tt></i></a></p></li><li><p><a href="#DISABLESPOOLSS"><i class="parameter"><tt>disable spoolss</tt></i></a></p></li><li><p><a href="#DISPLAYCHARSET"><i class="parameter"><tt>display charset</tt></i></a></p></li><li><p><a href="#DNSPROXY"><i class="parameter"><tt>dns proxy</tt></i></a></p></li><li><p><a href="#DOMAINLOGONS"><i class="parameter"><tt>domain logons</tt></i></a></p></li><li><p><a href="#DOMAINMASTER"><i class="parameter"><tt>domain master</tt></i></a></p></li><li><p><a href="#DOSCHARSET"><i class="parameter"><tt>dos charset</tt></i></a></p></li><li><p><a href="#ENABLERIDALGORITHM"><i class="parameter"><tt>enable rid algorithm</tt></i></a></p></li><li><p><a href="#ENCRYPTPASSWORDS"><i class="parameter"><tt>encrypt passwords</tt></i></a></p></li><li><p><a href="#ENHANCEDBROWSING"><i class="parameter"><tt>enhanced browsing</tt></i></a></p></li><li><p><a href="#ENUMPORTSCOMMAND"><i class="parameter"><tt>enumports command</tt></i></a></p></li><li><p><a href="#GETWDCACHE"><i class="parameter"><tt>getwd cache</tt></i></a></p></li><li><p><a href="#GUESTACCOUNT"><i class="parameter"><tt>guest account</tt></i></a></p></li><li><p><a href="#HIDELOCALUSERS"><i class="parameter"><tt>hide local users</tt></i></a></p></li><li><p><a href="#HOMEDIRMAP"><i class="parameter"><tt>homedir map</tt></i></a></p></li><li><p><a href="#HOSTMSDFS"><i class="parameter"><tt>host msdfs</tt></i></a></p></li><li><p><a href="#HOSTNAMELOOKUPS"><i class="parameter"><tt>hostname lookups</tt></i></a></p></li><li><p><a href="#HOSTSEQUIV"><i class="parameter"><tt>hosts equiv</tt></i></a></p></li><li><p><a href="#IDMAPBACKEND"><i class="parameter"><tt>idmap backend</tt></i></a></p></li><li><p><a href="#IDMAPGID"><i class="parameter"><tt>idmap gid</tt></i></a></p></li><li><p><a href="#IDMAPUID"><i class="parameter"><tt>idmap uid</tt></i></a></p></li><li><p><a href="#INCLUDE"><i class="parameter"><tt>include</tt></i></a></p></li><li><p><a href="#INTERFACES"><i class="parameter"><tt>interfaces</tt></i></a></p></li><li><p><a href="#KEEPALIVE"><i class="parameter"><tt>keepalive</tt></i></a></p></li><li><p><a href="#KERNELOPLOCKS"><i class="parameter"><tt>kernel oplocks</tt></i></a></p></li><li><p><a href="#LANMANAUTH"><i class="parameter"><tt>lanman auth</tt></i></a></p></li><li><p><a href="#LARGEREADWRITE"><i class="parameter"><tt>large readwrite</tt></i></a></p></li><li><p><a href="#LDAPADMINDN"><i class="parameter"><tt>ldap admin dn</tt></i></a></p></li><li><p><a href="#LDAPDELETEDN"><i class="parameter"><tt>ldap delete dn</tt></i></a></p></li><li><p><a href="#LDAPFILTER"><i class="parameter"><tt>ldap filter</tt></i></a></p></li><li><p><a href="#LDAPMACHINESUFFIX"><i class="parameter"><tt>ldap machine suffix</tt></i></a></p></li><li><p><a href="#LDAPPASSWDSYNC"><i class="parameter"><tt>ldap passwd sync</tt></i></a></p></li><li><p><a href="#LDAPPORT"><i class="parameter"><tt>ldap port</tt></i></a></p></li><li><p><a href="#LDAPSERVER"><i class="parameter"><tt>ldap server</tt></i></a></p></li><li><p><a href="#LDAPSSL"><i class="parameter"><tt>ldap ssl</tt></i></a></p></li><li><p><a href="#LDAPSUFFIX"><i class="parameter"><tt>ldap suffix</tt></i></a></p></li><li><p><a href="#LDAPTRUSTIDS"><i class="parameter"><tt>ldap trust ids</tt></i></a></p></li><li><p><a href="#LDAPUSERSUFFIX"><i class="parameter"><tt>ldap user suffix</tt></i></a></p></li><li><p><a href="#LMANNOUNCE"><i class="parameter"><tt>lm announce</tt></i></a></p></li><li><p><a href="#LMINTERVAL"><i class="parameter"><tt>lm interval</tt></i></a></p></li><li><p><a href="#LOADPRINTERS"><i class="parameter"><tt>load printers</tt></i></a></p></li><li><p><a href="#LOCALMASTER"><i class="parameter"><tt>local master</tt></i></a></p></li><li><p><a href="#LOCKDIRECTORY"><i class="parameter"><tt>lock directory</tt></i></a></p></li><li><p><a href="#LOCKDIR"><i class="parameter"><tt>lock dir</tt></i></a></p></li><li><p><a href="#LOCKSPINCOUNT"><i class="parameter"><tt>lock spin count</tt></i></a></p></li><li><p><a href="#LOCKSPINTIME"><i class="parameter"><tt>lock spin time</tt></i></a></p></li><li><p><a href="#LOGFILE"><i class="parameter"><tt>log file</tt></i></a></p></li><li><p><a href="#LOGLEVEL"><i class="parameter"><tt>log level</tt></i></a></p></li><li><p><a href="#LOGONDRIVE"><i class="parameter"><tt>logon drive</tt></i></a></p></li><li><p><a href="#LOGONHOME"><i class="parameter"><tt>logon home</tt></i></a></p></li><li><p><a href="#LOGONPATH"><i class="parameter"><tt>logon path</tt></i></a></p></li><li><p><a href="#LOGONSCRIPT"><i class="parameter"><tt>logon script</tt></i></a></p></li><li><p><a href="#LPQCACHETIME"><i class="parameter"><tt>lpq cache time</tt></i></a></p></li><li><p><a href="#MACHINEPASSWORDTIMEOUT"><i class="parameter"><tt>machine password timeout</tt></i></a></p></li><li><p><a href="#MANGLEDSTACK"><i class="parameter"><tt>mangled stack</tt></i></a></p></li><li><p><a href="#MANGLEPREFIX"><i class="parameter"><tt>mangle prefix</tt></i></a></p></li><li><p><a href="#MANGLINGMETHOD"><i class="parameter"><tt>mangling method</tt></i></a></p></li><li><p><a href="#MAPTOGUEST"><i class="parameter"><tt>map to guest</tt></i></a></p></li><li><p><a href="#MAXDISKSIZE"><i class="parameter"><tt>max disk size</tt></i></a></p></li><li><p><a href="#MAXLOGSIZE"><i class="parameter"><tt>max log size</tt></i></a></p></li><li><p><a href="#MAXMUX"><i class="parameter"><tt>max mux</tt></i></a></p></li><li><p><a href="#MAXOPENFILES"><i class="parameter"><tt>max open files</tt></i></a></p></li><li><p><a href="#MAXPROTOCOL"><i class="parameter"><tt>max protocol</tt></i></a></p></li><li><p><a href="#MAXSMBDPROCESSES"><i class="parameter"><tt>max smbd processes</tt></i></a></p></li><li><p><a href="#MAXTTL"><i class="parameter"><tt>max ttl</tt></i></a></p></li><li><p><a href="#MAXWINSTTL"><i class="parameter"><tt>max wins ttl</tt></i></a></p></li><li><p><a href="#MAXXMIT"><i class="parameter"><tt>max xmit</tt></i></a></p></li><li><p><a href="#MESSAGECOMMAND"><i class="parameter"><tt>message command</tt></i></a></p></li><li><p><a href="#MINPASSWDLENGTH"><i class="parameter"><tt>min passwd length</tt></i></a></p></li><li><p><a href="#MINPASSWORDLENGTH"><i class="parameter"><tt>min password length</tt></i></a></p></li><li><p><a href="#MINPROTOCOL"><i class="parameter"><tt>min protocol</tt></i></a></p></li><li><p><a href="#MINWINSTTL"><i class="parameter"><tt>min wins ttl</tt></i></a></p></li><li><p><a href="#NAMECACHETIMEOUT"><i class="parameter"><tt>name cache timeout</tt></i></a></p></li><li><p><a href="#NAMERESOLVEORDER"><i class="parameter"><tt>name resolve order</tt></i></a></p></li><li><p><a href="#NETBIOSALIASES"><i class="parameter"><tt>netbios aliases</tt></i></a></p></li><li><p><a href="#NETBIOSNAME"><i class="parameter"><tt>netbios name</tt></i></a></p></li><li><p><a href="#NETBIOSSCOPE"><i class="parameter"><tt>netbios scope</tt></i></a></p></li><li><p><a href="#NISHOMEDIR"><i class="parameter"><tt>nis homedir</tt></i></a></p></li><li><p><a href="#NTLMAUTH"><i class="parameter"><tt>ntlm auth</tt></i></a></p></li><li><p><a href="#NTPIPESUPPORT"><i class="parameter"><tt>nt pipe support</tt></i></a></p></li><li><p><a href="#NTSTATUSSUPPORT"><i class="parameter"><tt>nt status support</tt></i></a></p></li><li><p><a href="#NULLPASSWORDS"><i class="parameter"><tt>null passwords</tt></i></a></p></li><li><p><a href="#OBEYPAMRESTRICTIONS"><i class="parameter"><tt>obey pam restrictions</tt></i></a></p></li><li><p><a href="#OPLOCKBREAKWAITTIME"><i class="parameter"><tt>oplock break wait time</tt></i></a></p></li><li><p><a href="#OS2DRIVERMAP"><i class="parameter"><tt>os2 driver map</tt></i></a></p></li><li><p><a href="#OSLEVEL"><i class="parameter"><tt>os level</tt></i></a></p></li><li><p><a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i></a></p></li><li><p><a href="#PANICACTION"><i class="parameter"><tt>panic action</tt></i></a></p></li><li><p><a href="#PARANOIDSERVERSECURITY"><i class="parameter"><tt>paranoid server security</tt></i></a></p></li><li><p><a href="#PASSDBBACKEND"><i class="parameter"><tt>passdb backend</tt></i></a></p></li><li><p><a href="#PASSWDCHATDEBUG"><i class="parameter"><tt>passwd chat debug</tt></i></a></p></li><li><p><a href="#PASSWDCHAT"><i class="parameter"><tt>passwd chat</tt></i></a></p></li><li><p><a href="#PASSWDPROGRAM"><i class="parameter"><tt>passwd program</tt></i></a></p></li><li><p><a href="#PASSWORDLEVEL"><i class="parameter"><tt>password level</tt></i></a></p></li><li><p><a href="#PASSWORDSERVER"><i class="parameter"><tt>password server</tt></i></a></p></li><li><p><a href="#PIDDIRECTORY"><i class="parameter"><tt>pid directory</tt></i></a></p></li><li><p><a href="#PREFEREDMASTER"><i class="parameter"><tt>prefered master</tt></i></a></p></li><li><p><a href="#PREFERREDMASTER"><i class="parameter"><tt>preferred master</tt></i></a></p></li><li><p><a href="#PRELOADMODULES"><i class="parameter"><tt>preload modules</tt></i></a></p></li><li><p><a href="#PRELOAD"><i class="parameter"><tt>preload</tt></i></a></p></li><li><p><a href="#PRINTCAP"><i class="parameter"><tt>printcap</tt></i></a></p></li><li><p><a href="#PRIVATEDIR"><i class="parameter"><tt>private dir</tt></i></a></p></li><li><p><a href="#PROTOCOL"><i class="parameter"><tt>protocol</tt></i></a></p></li><li><p><a href="#READBMPX"><i class="parameter"><tt>read bmpx</tt></i></a></p></li><li><p><a href="#READRAW"><i class="parameter"><tt>read raw</tt></i></a></p></li><li><p><a href="#READSIZE"><i class="parameter"><tt>read size</tt></i></a></p></li><li><p><a href="#REALM"><i class="parameter"><tt>realm</tt></i></a></p></li><li><p><a href="#REMOTEANNOUNCE"><i class="parameter"><tt>remote announce</tt></i></a></p></li><li><p><a href="#REMOTEBROWSESYNC"><i class="parameter"><tt>remote browse sync</tt></i></a></p></li><li><p><a href="#RESTRICTANONYMOUS"><i class="parameter"><tt>restrict anonymous</tt></i></a></p></li><li><p><a href="#ROOTDIRECTORY"><i class="parameter"><tt>root directory</tt></i></a></p></li><li><p><a href="#ROOTDIR"><i class="parameter"><tt>root dir</tt></i></a></p></li><li><p><a href="#ROOT"><i class="parameter"><tt>root</tt></i></a></p></li><li><p><a href="#SECURITY"><i class="parameter"><tt>security</tt></i></a></p></li><li><p><a href="#SERVERSCHANNEL"><i class="parameter"><tt>server schannel</tt></i></a></p></li><li><p><a href="#SERVERSTRING"><i class="parameter"><tt>server string</tt></i></a></p></li><li><p><a href="#SETPRIMARYGROUPSCRIPT"><i class="parameter"><tt>set primary group script</tt></i></a></p></li><li><p><a href="#SHOWADDPRINTERWIZARD"><i class="parameter"><tt>show add printer wizard</tt></i></a></p></li><li><p><a href="#SHUTDOWNSCRIPT"><i class="parameter"><tt>shutdown script</tt></i></a></p></li><li><p><a href="#SMBPASSWDFILE"><i class="parameter"><tt>smb passwd file</tt></i></a></p></li><li><p><a href="#SMBPORTS"><i class="parameter"><tt>smb ports</tt></i></a></p></li><li><p><a href="#SOCKETADDRESS"><i class="parameter"><tt>socket address</tt></i></a></p></li><li><p><a href="#SOCKETOPTIONS"><i class="parameter"><tt>socket options</tt></i></a></p></li><li><p><a href="#SOURCEENVIRONMENT"><i class="parameter"><tt>source environment</tt></i></a></p></li><li><p><a href="#STATCACHE"><i class="parameter"><tt>stat cache</tt></i></a></p></li><li><p><a href="#STRIPDOT"><i class="parameter"><tt>strip dot</tt></i></a></p></li><li><p><a href="#SYSLOGONLY"><i class="parameter"><tt>syslog only</tt></i></a></p></li><li><p><a href="#SYSLOG"><i class="parameter"><tt>syslog</tt></i></a></p></li><li><p><a href="#TEMPLATEHOMEDIR"><i class="parameter"><tt>template homedir</tt></i></a></p></li><li><p><a href="#TEMPLATEPRIMARYGROUP"><i class="parameter"><tt>template primary group</tt></i></a></p></li><li><p><a href="#TEMPLATESHELL"><i class="parameter"><tt>template shell</tt></i></a></p></li><li><p><a href="#TIMEOFFSET"><i class="parameter"><tt>time offset</tt></i></a></p></li><li><p><a href="#TIMESERVER"><i class="parameter"><tt>time server</tt></i></a></p></li><li><p><a href="#TIMESTAMPLOGS"><i class="parameter"><tt>timestamp logs</tt></i></a></p></li><li><p><a href="#UNICODE"><i class="parameter"><tt>unicode</tt></i></a></p></li><li><p><a href="#UNIXCHARSET"><i class="parameter"><tt>unix charset</tt></i></a></p></li><li><p><a href="#UNIXEXTENSIONS"><i class="parameter"><tt>unix extensions</tt></i></a></p></li><li><p><a href="#UNIXPASSWORDSYNC"><i class="parameter"><tt>unix password sync</tt></i></a></p></li><li><p><a href="#UPDATEENCRYPTED"><i class="parameter"><tt>update encrypted</tt></i></a></p></li><li><p><a href="#USEMMAP"><i class="parameter"><tt>use mmap</tt></i></a></p></li><li><p><a href="#USERNAMELEVEL"><i class="parameter"><tt>username level</tt></i></a></p></li><li><p><a href="#USERNAMEMAP"><i class="parameter"><tt>username map</tt></i></a></p></li><li><p><a href="#USESPNEGO"><i class="parameter"><tt>use spnego</tt></i></a></p></li><li><p><a href="#UTMPDIRECTORY"><i class="parameter"><tt>utmp directory</tt></i></a></p></li><li><p><a href="#UTMP"><i class="parameter"><tt>utmp</tt></i></a></p></li><li><p><a href="#WINBINDCACHETIME"><i class="parameter"><tt>winbind cache time</tt></i></a></p></li><li><p><a href="#WINBINDENABLELOCALACCOUNTS"><i class="parameter"><tt>winbind enable local accounts</tt></i></a></p></li><li><p><a href="#WINBINDENUMGROUPS"><i class="parameter"><tt>winbind enum groups</tt></i></a></p></li><li><p><a href="#WINBINDENUMUSERS"><i class="parameter"><tt>winbind enum users</tt></i></a></p></li><li><p><a href="#WINBINDGID"><i class="parameter"><tt>winbind gid</tt></i></a></p></li><li><p><a href="#WINBINDSEPARATOR"><i class="parameter"><tt>winbind separator</tt></i></a></p></li><li><p><a href="#WINBINDTRUSTEDDOMAINSONLY"><i class="parameter"><tt>winbind trusted domains only</tt></i></a></p></li><li><p><a href="#WINBINDUID"><i class="parameter"><tt>winbind uid</tt></i></a></p></li><li><p><a href="#WINBINDUSEDEFAULTDOMAIN"><i class="parameter"><tt>winbind use default domain</tt></i></a></p></li><li><p><a href="#WINSHOOK"><i class="parameter"><tt>wins hook</tt></i></a></p></li><li><p><a href="#WINSPARTNERS"><i class="parameter"><tt>wins partners</tt></i></a></p></li><li><p><a href="#WINSPROXY"><i class="parameter"><tt>wins proxy</tt></i></a></p></li><li><p><a href="#WINSSERVER"><i class="parameter"><tt>wins server</tt></i></a></p></li><li><p><a href="#WINSSUPPORT"><i class="parameter"><tt>wins support</tt></i></a></p></li><li><p><a href="#WORKGROUP"><i class="parameter"><tt>workgroup</tt></i></a></p></li><li><p><a href="#WRITERAW"><i class="parameter"><tt>write raw</tt></i></a></p></li><li><p><a href="#WTMPDIRECTORY"><i class="parameter"><tt>wtmp directory</tt></i></a></p></li></ul></div></div><div class="refsect1" lang="en"><h2>COMPLETE LIST OF SERVICE PARAMETERS</h2><p>Here is a list of all service parameters. See the section on + each parameter for details. Note that some are synonyms.</p><div class="itemizedlist"><ul type="disc"><li><p><a href="#ADMINUSERS"><i class="parameter"><tt>admin users</tt></i></a></p></li><li><p><a href="#ALLOWHOSTS"><i class="parameter"><tt>allow hosts</tt></i></a></p></li><li><p><a href="#AVAILABLE"><i class="parameter"><tt>available</tt></i></a></p></li><li><p><a href="#BLOCKINGLOCKS"><i class="parameter"><tt>blocking locks</tt></i></a></p></li><li><p><a href="#BLOCKSIZE"><i class="parameter"><tt>block size</tt></i></a></p></li><li><p><a href="#BROWSABLE"><i class="parameter"><tt>browsable</tt></i></a></p></li><li><p><a href="#BROWSEABLE"><i class="parameter"><tt>browseable</tt></i></a></p></li><li><p><a href="#CASESENSITIVE"><i class="parameter"><tt>case sensitive</tt></i></a></p></li><li><p><a href="#CASESIGNAMES"><i class="parameter"><tt>casesignames</tt></i></a></p></li><li><p><a href="#COMMENT"><i class="parameter"><tt>comment</tt></i></a></p></li><li><p><a href="#COPY"><i class="parameter"><tt>copy</tt></i></a></p></li><li><p><a href="#CREATEMASK"><i class="parameter"><tt>create mask</tt></i></a></p></li><li><p><a href="#CREATEMODE"><i class="parameter"><tt>create mode</tt></i></a></p></li><li><p><a href="#CSCPOLICY"><i class="parameter"><tt>csc policy</tt></i></a></p></li><li><p><a href="#DEFAULTCASE"><i class="parameter"><tt>default case</tt></i></a></p></li><li><p><a href="#DEFAULTDEVMODE"><i class="parameter"><tt>default devmode</tt></i></a></p></li><li><p><a href="#DELETEREADONLY"><i class="parameter"><tt>delete readonly</tt></i></a></p></li><li><p><a href="#DELETEVETOFILES"><i class="parameter"><tt>delete veto files</tt></i></a></p></li><li><p><a href="#DENYHOSTS"><i class="parameter"><tt>deny hosts</tt></i></a></p></li><li><p><a href="#DIRECTORYMASK"><i class="parameter"><tt>directory mask</tt></i></a></p></li><li><p><a href="#DIRECTORYMODE"><i class="parameter"><tt>directory mode</tt></i></a></p></li><li><p><a href="#DIRECTORYSECURITYMASK"><i class="parameter"><tt>directory security mask</tt></i></a></p></li><li><p><a href="#DIRECTORY"><i class="parameter"><tt>directory</tt></i></a></p></li><li><p><a href="#DONTDESCEND"><i class="parameter"><tt>dont descend</tt></i></a></p></li><li><p><a href="#DOSFILEMODE"><i class="parameter"><tt>dos filemode</tt></i></a></p></li><li><p><a href="#DOSFILETIMERESOLUTION"><i class="parameter"><tt>dos filetime resolution</tt></i></a></p></li><li><p><a href="#DOSFILETIMES"><i class="parameter"><tt>dos filetimes</tt></i></a></p></li><li><p><a href="#EXEC"><i class="parameter"><tt>exec</tt></i></a></p></li><li><p><a href="#FAKEDIRECTORYCREATETIMES"><i class="parameter"><tt>fake directory create times</tt></i></a></p></li><li><p><a href="#FAKEOPLOCKS"><i class="parameter"><tt>fake oplocks</tt></i></a></p></li><li><p><a href="#FOLLOWSYMLINKS"><i class="parameter"><tt>follow symlinks</tt></i></a></p></li><li><p><a href="#FORCECREATEMODE"><i class="parameter"><tt>force create mode</tt></i></a></p></li><li><p><a href="#FORCEDIRECTORYMODE"><i class="parameter"><tt>force directory mode</tt></i></a></p></li><li><p><a href="#FORCEDIRECTORYSECURITYMODE"><i class="parameter"><tt>force directory security mode</tt></i></a></p></li><li><p><a href="#FORCEGROUP"><i class="parameter"><tt>force group</tt></i></a></p></li><li><p><a href="#FORCESECURITYMODE"><i class="parameter"><tt>force security mode</tt></i></a></p></li><li><p><a href="#FORCEUSER"><i class="parameter"><tt>force user</tt></i></a></p></li><li><p><a href="#FSTYPE"><i class="parameter"><tt>fstype</tt></i></a></p></li><li><p><a href="#GROUP"><i class="parameter"><tt>group</tt></i></a></p></li><li><p><a href="#GUESTOK"><i class="parameter"><tt>guest ok</tt></i></a></p></li><li><p><a href="#GUESTONLY"><i class="parameter"><tt>guest only</tt></i></a></p></li><li><p><a href="#HIDEDOTFILES"><i class="parameter"><tt>hide dot files</tt></i></a></p></li><li><p><a href="#HIDEFILES"><i class="parameter"><tt>hide files</tt></i></a></p></li><li><p><a href="#HIDESPECIALFILES"><i class="parameter"><tt>hide special files</tt></i></a></p></li><li><p><a href="#HIDEUNREADABLE"><i class="parameter"><tt>hide unreadable</tt></i></a></p></li><li><p><a href="#HIDEUNWRITEABLEFILES"><i class="parameter"><tt>hide unwriteable files</tt></i></a></p></li><li><p><a href="#HOSTSALLOW"><i class="parameter"><tt>hosts allow</tt></i></a></p></li><li><p><a href="#HOSTSDENY"><i class="parameter"><tt>hosts deny</tt></i></a></p></li><li><p><a href="#INHERITACLS"><i class="parameter"><tt>inherit acls</tt></i></a></p></li><li><p><a href="#INHERITPERMISSIONS"><i class="parameter"><tt>inherit permissions</tt></i></a></p></li><li><p><a href="#INVALIDUSERS"><i class="parameter"><tt>invalid users</tt></i></a></p></li><li><p><a href="#LEVEL2OPLOCKS"><i class="parameter"><tt>level2 oplocks</tt></i></a></p></li><li><p><a href="#LOCKING"><i class="parameter"><tt>locking</tt></i></a></p></li><li><p><a href="#LPPAUSECOMMAND"><i class="parameter"><tt>lppause command</tt></i></a></p></li><li><p><a href="#LPQCOMMAND"><i class="parameter"><tt>lpq command</tt></i></a></p></li><li><p><a href="#LPRESUMECOMMAND"><i class="parameter"><tt>lpresume command</tt></i></a></p></li><li><p><a href="#LPRMCOMMAND"><i class="parameter"><tt>lprm command</tt></i></a></p></li><li><p><a href="#MAGICOUTPUT"><i class="parameter"><tt>magic output</tt></i></a></p></li><li><p><a href="#MAGICSCRIPT"><i class="parameter"><tt>magic script</tt></i></a></p></li><li><p><a href="#MANGLECASE"><i class="parameter"><tt>mangle case</tt></i></a></p></li><li><p><a href="#MANGLEDMAP"><i class="parameter"><tt>mangled map</tt></i></a></p></li><li><p><a href="#MANGLEDNAMES"><i class="parameter"><tt>mangled names</tt></i></a></p></li><li><p><a href="#MANGLINGCHAR"><i class="parameter"><tt>mangling char</tt></i></a></p></li><li><p><a href="#MAPACLINHERIT"><i class="parameter"><tt>map acl inherit</tt></i></a></p></li><li><p><a href="#MAPARCHIVE"><i class="parameter"><tt>map archive</tt></i></a></p></li><li><p><a href="#MAPHIDDEN"><i class="parameter"><tt>map hidden</tt></i></a></p></li><li><p><a href="#MAPSYSTEM"><i class="parameter"><tt>map system</tt></i></a></p></li><li><p><a href="#MAXCONNECTIONS"><i class="parameter"><tt>max connections</tt></i></a></p></li><li><p><a href="#MAXPRINTJOBS"><i class="parameter"><tt>max print jobs</tt></i></a></p></li><li><p><a href="#MAXREPORTEDPRINTJOBS"><i class="parameter"><tt>max reported print jobs</tt></i></a></p></li><li><p><a href="#MINPRINTSPACE"><i class="parameter"><tt>min print space</tt></i></a></p></li><li><p><a href="#MSDFSPROXY"><i class="parameter"><tt>msdfs proxy</tt></i></a></p></li><li><p><a href="#MSDFSROOT"><i class="parameter"><tt>msdfs root</tt></i></a></p></li><li><p><a href="#NTACLSUPPORT"><i class="parameter"><tt>nt acl support</tt></i></a></p></li><li><p><a href="#ONLYGUEST"><i class="parameter"><tt>only guest</tt></i></a></p></li><li><p><a href="#ONLYUSER"><i class="parameter"><tt>only user</tt></i></a></p></li><li><p><a href="#OPLOCKCONTENTIONLIMIT"><i class="parameter"><tt>oplock contention limit</tt></i></a></p></li><li><p><a href="#OPLOCKS"><i class="parameter"><tt>oplocks</tt></i></a></p></li><li><p><a href="#PATH"><i class="parameter"><tt>path</tt></i></a></p></li><li><p><a href="#POSIXLOCKING"><i class="parameter"><tt>posix locking</tt></i></a></p></li><li><p><a href="#POSTEXEC"><i class="parameter"><tt>postexec</tt></i></a></p></li><li><p><a href="#PREEXECCLOSE"><i class="parameter"><tt>preexec close</tt></i></a></p></li><li><p><a href="#PREEXEC"><i class="parameter"><tt>preexec</tt></i></a></p></li><li><p><a href="#PRESERVECASE"><i class="parameter"><tt>preserve case</tt></i></a></p></li><li><p><a href="#PRINTABLE"><i class="parameter"><tt>printable</tt></i></a></p></li><li><p><a href="#PRINTCAPNAME"><i class="parameter"><tt>printcap name</tt></i></a></p></li><li><p><a href="#PRINTCOMMAND"><i class="parameter"><tt>print command</tt></i></a></p></li><li><p><a href="#PRINTERADMIN"><i class="parameter"><tt>printer admin</tt></i></a></p></li><li><p><a href="#PRINTERNAME"><i class="parameter"><tt>printer name</tt></i></a></p></li><li><p><a href="#PRINTER"><i class="parameter"><tt>printer</tt></i></a></p></li><li><p><a href="#PRINTING"><i class="parameter"><tt>printing</tt></i></a></p></li><li><p><a href="#PRINTOK"><i class="parameter"><tt>print ok</tt></i></a></p></li><li><p><a href="#PROFILEACLS"><i class="parameter"><tt>profile acls</tt></i></a></p></li><li><p><a href="#PUBLIC"><i class="parameter"><tt>public</tt></i></a></p></li><li><p><a href="#QUEUEPAUSECOMMAND"><i class="parameter"><tt>queuepause command</tt></i></a></p></li><li><p><a href="#QUEUERESUMECOMMAND"><i class="parameter"><tt>queueresume command</tt></i></a></p></li><li><p><a href="#READLIST"><i class="parameter"><tt>read list</tt></i></a></p></li><li><p><a href="#READONLY"><i class="parameter"><tt>read only</tt></i></a></p></li><li><p><a href="#ROOTPOSTEXEC"><i class="parameter"><tt>root postexec</tt></i></a></p></li><li><p><a href="#ROOTPREEXECCLOSE"><i class="parameter"><tt>root preexec close</tt></i></a></p></li><li><p><a href="#ROOTPREEXEC"><i class="parameter"><tt>root preexec</tt></i></a></p></li><li><p><a href="#SECURITYMASK"><i class="parameter"><tt>security mask</tt></i></a></p></li><li><p><a href="#SETDIRECTORY"><i class="parameter"><tt>set directory</tt></i></a></p></li><li><p><a href="#SHAREMODES"><i class="parameter"><tt>share modes</tt></i></a></p></li><li><p><a href="#SHORTPRESERVECASE"><i class="parameter"><tt>short preserve case</tt></i></a></p></li><li><p><a href="#STRICTALLOCATE"><i class="parameter"><tt>strict allocate</tt></i></a></p></li><li><p><a href="#STRICTLOCKING"><i class="parameter"><tt>strict locking</tt></i></a></p></li><li><p><a href="#STRICTSYNC"><i class="parameter"><tt>strict sync</tt></i></a></p></li><li><p><a href="#SYNCALWAYS"><i class="parameter"><tt>sync always</tt></i></a></p></li><li><p><a href="#USECLIENTDRIVER"><i class="parameter"><tt>use client driver</tt></i></a></p></li><li><p><a href="#USERNAME"><i class="parameter"><tt>username</tt></i></a></p></li><li><p><a href="#USERS"><i class="parameter"><tt>users</tt></i></a></p></li><li><p><a href="#USER"><i class="parameter"><tt>user</tt></i></a></p></li><li><p><a href="#USESENDFILE"><i class="parameter"><tt>use sendfile</tt></i></a></p></li><li><p><a href="#VALIDUSERS"><i class="parameter"><tt>valid users</tt></i></a></p></li><li><p><a href="#-VALID"><i class="parameter"><tt>-valid</tt></i></a></p></li><li><p><a href="#VETOFILES"><i class="parameter"><tt>veto files</tt></i></a></p></li><li><p><a href="#VETOOPLOCKFILES"><i class="parameter"><tt>veto oplock files</tt></i></a></p></li><li><p><a href="#VFSOBJECTS"><i class="parameter"><tt>vfs objects</tt></i></a></p></li><li><p><a href="#VFSOBJECT"><i class="parameter"><tt>vfs object</tt></i></a></p></li><li><p><a href="#VOLUME"><i class="parameter"><tt>volume</tt></i></a></p></li><li><p><a href="#WIDELINKS"><i class="parameter"><tt>wide links</tt></i></a></p></li><li><p><a href="#WRITABLE"><i class="parameter"><tt>writable</tt></i></a></p></li><li><p><a href="#WRITEABLE"><i class="parameter"><tt>writeable</tt></i></a></p></li><li><p><a href="#WRITECACHESIZE"><i class="parameter"><tt>write cache size</tt></i></a></p></li><li><p><a href="#WRITELIST"><i class="parameter"><tt>write list</tt></i></a></p></li><li><p><a href="#WRITEOK"><i class="parameter"><tt>write ok</tt></i></a></p></li></ul></div></div><div class="refsect1" lang="en"><h2>EXPLANATION OF EACH PARAMETER</h2><div class="variablelist"><dl><dt><span class="term"><a name="ABORTSHUTDOWNSCRIPT"></a>abort shutdown script (G)</span></dt><dd><p><span class="emphasis"><em>This parameter only exists in the HEAD cvs branch</em></span> This a full path name to a script called by <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that should stop a shutdown procedure issued by the <a href="#SHUTDOWNSCRIPT"> <i class="parameter"><tt>shutdown script</tt></i></a>.</p><p>This command will be run as user.</p><p>Default: <span class="emphasis"><em>None</em></span>.</p><p>Example: <b class="command">abort shutdown script = /sbin/shutdown -c</b></p></dd><dt><span class="term"><a name="ADDGROUPSCRIPT"></a>add group script (G)</span></dt><dd><p>This is the full pathname to a script that will be run @@ -571,7 +571,7 @@ alias|alias|alias|alias... policy</em></span>, and specifies how clients capable of offline caching will cache the files in the share. The valid values are: manual, documents, programs, disable.</p><p>These values correspond to those used on Windows servers.</p><p>For example, shares containing roaming profiles can have - offline caching disabled using <b class="command">csc policy = disable</b>.</p><p>Default: <b class="command">csc policy = manual</b></p><p>Example: <b class="command">csc policy = programs</b></p></dd><dt><span class="term"><a name="DEADTIME"></a>dead time (G)</span></dt><dd><p>The value of the parameter (a decimal integer) + offline caching disabled using <b class="command">csc policy = disable</b>.</p><p>Default: <b class="command">csc policy = manual</b></p><p>Example: <b class="command">csc policy = programs</b></p></dd><dt><span class="term"><a name="DEADTIME"></a>deadtime (G)</span></dt><dd><p>The value of the parameter (a decimal integer) represents the number of minutes of inactivity before a connection is considered dead, and it is disconnected. The deadtime only takes effect if the number of open files is zero.</p><p>This is useful to stop a server's resources being @@ -600,8 +600,7 @@ alias|alias|alias|alias... current euid, egid, uid and gid to the timestamp message headers in the log file if turned on.</p><p>Note that the parameter <a href="#DEBUGTIMESTAMP"><i class="parameter"><tt> debug timestamp</tt></i></a> must be on for this to have an - effect.</p><p>Default: <b class="command">debug uid = no</b></p></dd><dt><span class="term"><a name="DEFAULT"></a>default (G)</span></dt><dd><p>A synonym for <a href="#DEFAULTSERVICE"><i class="parameter"><tt> - default service</tt></i></a>.</p></dd><dt><span class="term"><a name="DEFAULTCASE"></a>default case (S)</span></dt><dd><p>See the section on <a href="#NAMEMANGLINGSECT" title="NAME MANGLING"> + effect.</p><p>Default: <b class="command">debug uid = no</b></p></dd><dt><span class="term"><a name="DEFAULTCASE"></a>default case (S)</span></dt><dd><p>See the section on <a href="#NAMEMANGLINGSECT" title="NAME MANGLING"> NAME MANGLING</a>. Also note the <a href="#SHORTPRESERVECASE"> <i class="parameter"><tt>short preserve case</tt></i></a> parameter.</p><p>Default: <b class="command">default case = lower</b></p></dd><dt><span class="term"><a name="DEFAULTDEVMODE"></a>default devmode (S)</span></dt><dd><p>This parameter is only applicable to <a href="#PRINTOK">printable</a> services. When smbd is serving Printer Drivers to Windows NT/2k/XP clients, each printer on the Samba @@ -642,7 +641,8 @@ alias|alias|alias|alias... [pub] path = /%S -</pre></dd><dt><span class="term"><a name="DELETEGROUPSCRIPT"></a>delete group script (G)</span></dt><dd><p>This is the full pathname to a script that will +</pre></dd><dt><span class="term"><a name="DEFAULT"></a>default (G)</span></dt><dd><p>A synonym for <a href="#DEFAULTSERVICE"><i class="parameter"><tt> + default service</tt></i></a>.</p></dd><dt><span class="term"><a name="DELETEGROUPSCRIPT"></a>delete group script (G)</span></dt><dd><p>This is the full pathname to a script that will be run <span class="emphasis"><em>AS ROOT</em></span> <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when a group is requested to be deleted. It will expand any <i class="parameter"><tt>%g</tt></i> to the group name passed. This script is only useful for installations using the Windows NT domain administration tools. @@ -737,7 +737,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' </pre><p>or perhaps (on Sys V based systems):</p><pre class="programlisting"> #!/bin/sh /usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}' -</pre><p>Note that you may have to replace the command names with full path names on some systems.</p></dd><dt><span class="term"><a name="DIRECTORY"></a>directory (S)</span></dt><dd><p>Synonym for <a href="#PATH"><i class="parameter"><tt>path</tt></i></a>.</p></dd><dt><span class="term"><a name="DIRECTORYMASK"></a>directory mask (S)</span></dt><dd><p>This parameter is the octal modes which are +</pre><p>Note that you may have to replace the command names with full path names on some systems.</p></dd><dt><span class="term"><a name="DIRECTORYMASK"></a>directory mask (S)</span></dt><dd><p>This parameter is the octal modes which are used when converting DOS modes to UNIX modes when creating UNIX directories.</p><p>When a directory is created, the necessary permissions are calculated according to the mapping from DOS modes to UNIX permissions, @@ -777,7 +777,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' force directory security mode</tt></i></a>, <a href="#SECURITYMASK"> <i class="parameter"><tt>security mask</tt></i></a>, <a href="#FORCESECURITYMODE"><i class="parameter"><tt>force security mode - </tt></i></a> parameters.</p><p>Default: <b class="command">directory security mask = 0777</b></p><p>Example: <b class="command">directory security mask = 0700</b></p></dd><dt><span class="term"><a name="DISABLENETBIOS"></a>disable netbios (G)</span></dt><dd><p>Enabling this parameter will disable netbios support + </tt></i></a> parameters.</p><p>Default: <b class="command">directory security mask = 0777</b></p><p>Example: <b class="command">directory security mask = 0700</b></p></dd><dt><span class="term"><a name="DIRECTORY"></a>directory (S)</span></dt><dd><p>Synonym for <a href="#PATH"><i class="parameter"><tt>path</tt></i></a>.</p></dd><dt><span class="term"><a name="DISABLENETBIOS"></a>disable netbios (G)</span></dt><dd><p>Enabling this parameter will disable netbios support in Samba. Netbios is the only available form of browsing in all windows versions except for 2000 and XP. </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Note that clients that only support netbios won't be able to see your samba server when netbios support is disabled. @@ -1054,7 +1054,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' calls. This can have a significant impact on performance, especially when the <a href="#WIDELINKS"><i class="parameter"><tt>wide links</tt></i> </a> parameter is set to <tt class="constant">no</tt>.</p><p>Default: <b class="command">getwd cache = yes</b></p></dd><dt><span class="term"><a name="GROUP"></a>group (S)</span></dt><dd><p>Synonym for <a href="#FORCEGROUP"> - <i class="parameter"><tt>force group</tt></i></a>.</p></dd><dt><span class="term"><a name="GUESTACCOUNT"></a>guest account (G,S)</span></dt><dd><p>This is a username which will be used for access + <i class="parameter"><tt>force group</tt></i></a>.</p></dd><dt><span class="term"><a name="GUESTACCOUNT"></a>guest account (G)</span></dt><dd><p>This is a username which will be used for access to services which are specified as <a href="#GUESTOK"><i class="parameter"><tt> guest ok</tt></i></a> (see below). Whatever privileges this user has will be available to any client connecting to the guest service. @@ -1062,7 +1062,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' have a valid login. The user account "ftp" is often a good choice for this parameter. If a username is specified in a given service, the specified username overrides this one. - </p><p>One some systems the default guest account "nobody" may not + </p><p>On some systems the default guest account "nobody" may not be able to print. Use another account in this case. You should test this by trying to log in as your guest user (perhaps by using the <b class="command">su -</b> command) and trying to print using the @@ -1117,9 +1117,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' automounter) maps.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>A working NIS client is required on the system for this option to work.</p></div><p>See also <a href="#NISHOMEDIR"><i class="parameter"><tt>nis homedir</tt></i> </a>, <a href="#DOMAINLOGONS"><i class="parameter"><tt>domain logons</tt></i> - </a>.</p><p>Default: <b class="command">homedir map = <empty string></b></p><p>Example: <b class="command">homedir map = amd.homedir</b></p></dd><dt><span class="term"><a name="HOSTMSDFS"></a>host msdfs (G)</span></dt><dd><p>This boolean parameter is only available - if Samba has been configured and compiled with the <b class="command"> - --with-msdfs</b> option. If set to <tt class="constant">yes</tt>, + </a>.</p><p>Default: <b class="command">homedir map = <empty string></b></p><p>Example: <b class="command">homedir map = amd.homedir</b></p></dd><dt><span class="term"><a name="HOSTMSDFS"></a>host msdfs (G)</span></dt><dd><p>If set to <tt class="constant">yes</tt>, Samba will act as a Dfs server, and allow Dfs-aware clients to browse Dfs trees hosted on the server.</p><p>See also the <a href="#MSDFSROOT"><i class="parameter"><tt> msdfs root</tt></i></a> share level parameter. For @@ -1164,8 +1162,14 @@ df $1 | tail -1 | awk '{print $2" "$4}' <i class="parameter"><tt>hosts equiv</tt></i> option be only used if you really know what you are doing, or perhaps on a home network where you trust your spouse and kids. And only if you <span class="emphasis"><em>really</em></span> trust - them :-).</p></div><p>Default: <span class="emphasis"><em>no host equivalences</em></span></p><p>Example: <b class="command">hosts equiv = /etc/hosts.equiv</b></p></dd><dt><span class="term"><a name="IDMAPGID"></a>idmap gid (G)</span></dt><dd><p>The idmap gid parameter specifies the range of group ids that are allocated for - the purpose of mapping UNX groups to NT group SIDs. This range of group ids should have no + them :-).</p></div><p>Default: <span class="emphasis"><em>no host equivalences</em></span></p><p>Example: <b class="command">hosts equiv = /etc/hosts.equiv</b></p></dd><dt><span class="term"><a name="IDMAPBACKEND"></a>idmap backend (G)</span></dt><dd><p> + The purpose of the idmap backend parameter is to allow idmap to NOT use the local idmap + tdb file to obtain SID to UID / GID mappings, but instead to obtain them from a common + LDAP backend. This way all domain members and controllers will have the same UID and GID + to SID mappings. This avoids the risk of UID / GID inconsistencies across UNIX / Linux + systems that are sharing information over protocols other than SMB/CIFS (ie: NFS). + </p><p>Default: <b class="command">idmap backend = <empty string></b></p><p>Example: <b class="command">idmap backend = ldapsam://ldapslave.example.com</b></p></dd><dt><span class="term"><a name="IDMAPGID"></a>idmap gid (G)</span></dt><dd><p>The idmap gid parameter specifies the range of group ids that are allocated for + the purpose of mapping UNIX groups to NT group SIDs. This range of group ids should have no existing local or NIS groups within it as strange conflicts can occur otherwise.</p><p>The availability of an idmap gid range is essential for correct operation of all group mapping.</p><p>Default: <b class="command">idmap gid = <empty string></b></p><p>Example: <b class="command">idmap gid = 10000-20000</b></p></dd><dt><span class="term"><a name="IDMAPUID"></a>idmap uid (G)</span></dt><dd><p>The idmap uid parameter specifies the range of user ids that are allocated for use in mapping UNIX users to NT user SIDs. This range of ids should have no existing local @@ -1375,12 +1379,12 @@ df $1 | tail -1 | awk '{print $2" "$4}' <tt class="constant">yes</tt> doesn't mean that Samba will <span class="emphasis"><em>become</em></span> the local master browser on a subnet, just that <b class="command">nmbd</b> will <span class="emphasis"><em>participate</em></span> in elections for local master browser.</p><p>Setting this value to <tt class="constant">no</tt> will cause <b class="command">nmbd</b> <span class="emphasis"><em>never</em></span> to become a local - master browser.</p><p>Default: <b class="command">local master = yes</b></p></dd><dt><span class="term"><a name="LOCKDIR"></a>lock dir (G)</span></dt><dd><p>Synonym for <a href="#LOCKDIRECTORY"><i class="parameter"><tt> - lock directory</tt></i></a>. -</p></dd><dt><span class="term"><a name="LOCKDIRECTORY"></a>lock directory (G)</span></dt><dd><p>This option specifies the directory where lock + master browser.</p><p>Default: <b class="command">local master = yes</b></p></dd><dt><span class="term"><a name="LOCKDIRECTORY"></a>lock directory (G)</span></dt><dd><p>This option specifies the directory where lock files will be placed. The lock files are used to implement the <a href="#MAXCONNECTIONS"><i class="parameter"><tt>max connections</tt></i> - </a> option.</p><p>Default: <b class="command">lock directory = ${prefix}/var/locks</b></p><p>Example: <b class="command">lock directory = /var/run/samba/locks</b></p></dd><dt><span class="term"><a name="LOCKING"></a>locking (S)</span></dt><dd><p>This controls whether or not locking will be + </a> option.</p><p>Default: <b class="command">lock directory = ${prefix}/var/locks</b></p><p>Example: <b class="command">lock directory = /var/run/samba/locks</b></p></dd><dt><span class="term"><a name="LOCKDIR"></a>lock dir (G)</span></dt><dd><p>Synonym for <a href="#LOCKDIRECTORY"><i class="parameter"><tt> + lock directory</tt></i></a>. +</p></dd><dt><span class="term"><a name="LOCKING"></a>locking (S)</span></dt><dd><p>This controls whether or not locking will be performed by the server in response to lock requests from the client.</p><p>If <b class="command">locking = no</b>, all lock and unlock requests will appear to succeed and all lock queries will report @@ -1398,7 +1402,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' in case the lock could later be aquired. This behavior is used to support PC database formats such as MS Access and FoxPro. - </p><p>Default: <b class="command">lock spin count = 2</b></p></dd><dt><span class="term"><a name="LOCKSPINTIME"></a>lock spin time (G)</span></dt><dd><p>The time in microseconds that smbd should + </p><p>Default: <b class="command">lock spin count = 3</b></p></dd><dt><span class="term"><a name="LOCKSPINTIME"></a>lock spin time (G)</span></dt><dd><p>The time in microseconds that smbd should pause before attempting to gain a failed lock. See <a href="#LOCKSPINCOUNT"><i class="parameter"><tt>lock spin count</tt></i></a> for more details.</p><p>Default: <b class="command">lock spin time = 10</b></p></dd><dt><span class="term"><a name="LOGFILE"></a>log file (G)</span></dt><dd><p>This option allows you to override the name @@ -1613,10 +1617,12 @@ df $1 | tail -1 | awk '{print $2" "$4}' characters from the original name used when generating the mangled names. A larger value will give a weaker hash and therefore more name collisions. The minimum - value is 1 and the maximum value is 6.</p><p>Default: <b class="command">mangle prefix = 1</b></p><p>Example: <b class="command">mangle prefix = 4</b></p></dd><dt><span class="term"><a name="MANGLINGCHAR"></a>mangling char (S)</span></dt><dd><p>This controls what character is used as + value is 1 and the maximum value is 6.</p><p> + mangle prefix is effective only when mangling method is hash2. + </p><p>Default: <b class="command">mangle prefix = 1</b></p><p>Example: <b class="command">mangle prefix = 4</b></p></dd><dt><span class="term"><a name="MANGLINGCHAR"></a>mangling char (S)</span></dt><dd><p>This controls what character is used as the <span class="emphasis"><em>magic</em></span> character in <a href="#NAMEMANGLINGSECT" title="NAME MANGLING">name mangling</a>. The default is a '~' but this may interfere with some software. Use this option to set - it to whatever you prefer.</p><p>Default: <b class="command">mangling char = ~</b></p><p>Example: <b class="command">mangling char = ^</b></p></dd><dt><span class="term"><a name="MANGLINGMETHOD"></a>mangling method (G)</span></dt><dd><p> controls the algorithm used for the generating + it to whatever you prefer. This is effective only when mangling method is hash.</p><p>Default: <b class="command">mangling char = ~</b></p><p>Example: <b class="command">mangling char = ^</b></p></dd><dt><span class="term"><a name="MANGLINGMETHOD"></a>mangling method (G)</span></dt><dd><p> controls the algorithm used for the generating the mangled names. Can take two different values, "hash" and "hash2". "hash" is the default and is the algorithm that has been used in Samba for many years. "hash2" is a newer and considered @@ -1702,7 +1708,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' this parameter so you should never need to touch this parameter.</p><p>Default: <b class="command">max open files = 10000</b></p></dd><dt><span class="term"><a name="MAXPRINTJOBS"></a>max print jobs (S)</span></dt><dd><p>This parameter limits the maximum number of jobs allowable in a Samba printer queue at any given moment. If this number is exceeded, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will remote "Out of Space" to the client. - See all <a href="#TOTALPRINTJOBS"><i class="parameter"><tt>total + See all <a href="#"><i class="parameter"><tt>total print jobs</tt></i></a>. </p><p>Default: <b class="command">max print jobs = 1000</b></p><p>Example: <b class="command">max print jobs = 5000</b></p></dd><dt><span class="term"><a name="MAXPROTOCOL"></a>max protocol (G)</span></dt><dd><p>The value of the parameter (a string) is the highest protocol level that will be supported by the server.</p><p>Possible values are :</p><div class="itemizedlist"><ul type="disc"><li><p><tt class="constant">CORE</tt>: Earliest version. No @@ -1719,7 +1725,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' A value of zero means there is no limit on the number of print jobs reported. - See all <a href="#TOTALPRINTJOBS"><i class="parameter"><tt>total + See all <a href="#"><i class="parameter"><tt>total print jobs</tt></i></a> and <a href="#MAXPRINTJOBS"><i class="parameter"><tt>max print jobs</tt></i></a> parameters. </p><p>Default: <b class="command">max reported print jobs = 0</b></p><p>Example: <b class="command">max reported print jobs = 1000</b></p></dd><dt><span class="term"><a name="MAXSMBDPROCESSES"></a>max smbd processes (G)</span></dt><dd><p>This parameter limits the maximum number of <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> processes concurrently running on a system and is intended @@ -1793,9 +1799,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' the SMB-Dfs protocol.</p><p>Only Dfs roots can act as proxy shares. Take a look at the <a href="#MSDFSROOT"><i class="parameter"><tt>msdfs root</tt></i></a> and <a href="#HOSTMSDFS"><i class="parameter"><tt>host msdfs</tt></i></a> - options to find out how to set up a Dfs root share.</p><p>Example: <b class="command">msdfs proxy = \\\\otherserver\\someshare</b></p></dd><dt><span class="term"><a name="MSDFSROOT"></a>msdfs root (S)</span></dt><dd><p>This boolean parameter is only available if - Samba is configured and compiled with the <b class="command"> - --with-msdfs</b> option. If set to <tt class="constant">yes</tt>, + options to find out how to set up a Dfs root share.</p><p>Example: <b class="command">msdfs proxy = \\\\otherserver\\someshare</b></p></dd><dt><span class="term"><a name="MSDFSROOT"></a>msdfs root (S)</span></dt><dd><p>If set to <tt class="constant">yes</tt>, Samba treats the share as a Dfs root and allows clients to browse the distributed file system tree rooted at the share directory. Dfs links are specified in the share directory by symbolic @@ -1966,15 +1970,15 @@ df $1 | tail -1 | awk '{print $2" "$4}' to the logs and exit. </p><p>Disabling this option prevents Samba from making this check, which involves deliberatly attempting a - bad logon to the remote server.</p><p>Default: <b class="command">paranoid server security = yes</b></p></dd><dt><span class="term"><a name="PASSDBBACKEND"></a>passdb backend (G)</span></dt><dd xmlns:ns1=""><p>This option allows the administrator to chose which backends + bad logon to the remote server.</p><p>Default: <b class="command">paranoid server security = yes</b></p></dd><dt><span class="term"><a name="PASSDBBACKEND"></a>passdb backend (G)</span></dt><dd><p>This option allows the administrator to chose which backends to retrieve and store passwords with. This allows (for example) both smbpasswd and tdbsam to be used without a recompile. Multiple backends can be specified, separated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified. </p><p>This parameter is in two parts, the backend's name, and a 'location' string that has meaning only to that particular backed. These are separated - by a : character.</p><ns1:p>Available backends can include: - </ns1:p><div class="itemizedlist"><ul type="disc"><li><p><b class="command">smbpasswd</b> - The default smbpasswd + by a : character.</p><p>Available backends can include: + </p><div class="itemizedlist"><ul type="disc"><li><p><b class="command">smbpasswd</b> - The default smbpasswd backend. Takes a path to the smbpasswd file as an optional argument. </p></li><li><p><b class="command">tdbsam</b> - The TDB based password storage backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb @@ -1995,8 +1999,22 @@ df $1 | tail -1 | awk '{print $2" "$4}' Very simple backend that only provides one user: the guest user. Only maps the NT guest user to the <i class="parameter"><tt>guest account</tt></i>. Required in pretty much all situations. - </p></li></ul></div><ns1:p> - </ns1:p><p>Default: <b class="command">passdb backend = smbpasswd</b></p><p>Example: <b class="command">passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest</b></p><p>Example: <b class="command">passdb backend = ldapsam:ldaps://ldap.example.com guest</b></p><p>Example: <b class="command">passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb guest</b></p></dd><dt><span class="term"><a name="PASSWDCHAT"></a>passwd chat (G)</span></dt><dd><p>This string controls the <span class="emphasis"><em>"chat"</em></span> + </p></li></ul></div><p> + </p><p>Default: <b class="command">passdb backend = smbpasswd</b></p><p>Example: <b class="command">passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest</b></p><p>Example: <b class="command">passdb backend = ldapsam:ldaps://ldap.example.com guest</b></p><p>Example: <b class="command">passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb guest</b></p></dd><dt><span class="term"><a name="PASSWDCHATDEBUG"></a>passwd chat debug (G)</span></dt><dd><p>This boolean specifies if the passwd chat script + parameter is run in <span class="emphasis"><em>debug</em></span> mode. In this mode the + strings passed to and received from the passwd chat are printed + in the <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> log with a + <a href="#DEBUGLEVEL"><i class="parameter"><tt>debug level</tt></i></a> + of 100. This is a dangerous option as it will allow plaintext passwords + to be seen in the <b class="command">smbd</b> log. It is available to help + Samba admins debug their <i class="parameter"><tt>passwd chat</tt></i> scripts + when calling the <i class="parameter"><tt>passwd program</tt></i> and should + be turned off after this has been done. This option has no effect if the + <a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i></a> + paramter is set. This parameter is off by default.</p><p>See also <a href="#PASSWDCHAT"><i class="parameter"><tt>passwd chat</tt></i> + </a>, <a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i> + </a>, <a href="#PASSWDPROGRAM"><i class="parameter"><tt>passwd program</tt></i> + </a>.</p><p>Default: <b class="command">passwd chat debug = no</b></p></dd><dt><span class="term"><a name="PASSWDCHAT"></a>passwd chat (G)</span></dt><dd><p>This string controls the <span class="emphasis"><em>"chat"</em></span> conversation that takes places between <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> and the local password changing program to change the user's password. The string describes a sequence of response-receive pairs that <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> uses to determine what to send to the @@ -2030,21 +2048,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' <i class="parameter"><tt>pam password change</tt></i></a>.</p><p>Default: <b class="command">passwd chat = *new*password* %n\\n *new*password* %n\\n *changed*</b></p><p>Example: <b class="command">passwd chat = "*Enter OLD password*" %o\\n "*Enter NEW password*" %n\\n "*Reenter NEW password*" %n\\n - "*Password changed*"</b></p></dd><dt><span class="term"><a name="PASSWDCHATDEBUG"></a>passwd chat debug (G)</span></dt><dd><p>This boolean specifies if the passwd chat script - parameter is run in <span class="emphasis"><em>debug</em></span> mode. In this mode the - strings passed to and received from the passwd chat are printed - in the <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> log with a - <a href="#DEBUGLEVEL"><i class="parameter"><tt>debug level</tt></i></a> - of 100. This is a dangerous option as it will allow plaintext passwords - to be seen in the <b class="command">smbd</b> log. It is available to help - Samba admins debug their <i class="parameter"><tt>passwd chat</tt></i> scripts - when calling the <i class="parameter"><tt>passwd program</tt></i> and should - be turned off after this has been done. This option has no effect if the - <a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i></a> - paramter is set. This parameter is off by default.</p><p>See also <a href="#PASSWDCHAT"><i class="parameter"><tt>passwd chat</tt></i> - </a>, <a href="#PAMPASSWORDCHANGE"><i class="parameter"><tt>pam password change</tt></i> - </a>, <a href="#PASSWDPROGRAM"><i class="parameter"><tt>passwd program</tt></i> - </a>.</p><p>Default: <b class="command">passwd chat debug = no</b></p></dd><dt><span class="term"><a name="PASSWDPROGRAM"></a>passwd program (G)</span></dt><dd><p>The name of a program that can be used to set + "*Password changed*"</b></p></dd><dt><span class="term"><a name="PASSWDPROGRAM"></a>passwd program (G)</span></dt><dd><p>The name of a program that can be used to set UNIX user passwords. Any occurrences of <i class="parameter"><tt>%u</tt></i> will be replaced with the user name. The user name is checked for existence before calling the password changing program.</p><p>Also note that many passwd programs insist in <span class="emphasis"><em>reasonable @@ -2061,7 +2065,12 @@ df $1 | tail -1 | awk '{print $2" "$4}' is set this parameter <span class="emphasis"><em>MUST USE ABSOLUTE PATHS</em></span> for <span class="emphasis"><em>ALL</em></span> programs called, and must be examined for security implications. Note that by default <i class="parameter"><tt>unix - password sync</tt></i> is set to <tt class="constant">no</tt>.</p><p>See also <a href="#UNIXPASSWORDSYNC"><i class="parameter"><tt>unix + password sync</tt></i> is set to <tt class="constant">no</tt>.</p><p>Not that this program is only invoked when a password change is + done via the smbd program, not when smbpasswd is used locally as root to + change a password. This means that you cannot run "smbpasswd USERNAME" as + root on the SMB server in order to test this parameter, but should run the + command "smbpasswd -r SMBMACHINE" as a non-root user instead if you want + to test the invocation of this program.</p><p>See also <a href="#UNIXPASSWORDSYNC"><i class="parameter"><tt>unix password sync</tt></i></a>.</p><p>Default: <b class="command">passwd program = /bin/passwd</b></p><p>Example: <b class="command">passwd program = /sbin/npasswd %u</b></p></dd><dt><span class="term"><a name="PASSWORDLEVEL"></a>password level (G)</span></dt><dd><p>Some client/server combinations have difficulty with mixed-case passwords. One offending client is Windows for Workgroups, which for some reason forces passwords to upper @@ -2158,13 +2167,13 @@ df $1 | tail -1 | awk '{print $2" "$4}' whenever the service is disconnected. It takes the usual substitutions. The command may be run as the root on some systems.</p><p>An interesting example may be to unmount server - resources:</p><p><b class="command">postexec = /etc/umount /cdrom</b></p><p>See also <a href="#PREEXEC"><i class="parameter"><tt>preexec</tt></i></a>.</p><p>Default: <span class="emphasis"><em>none (no command executed)</em></span></p><p>Example: <b class="command">postexec = echo \"%u disconnected from %S from %m (%I)\" >> /tmp/log</b></p></dd><dt><span class="term"><a name="PREEXEC"></a>preexec (S)</span></dt><dd><p>This option specifies a command to be run whenever + resources:</p><p><b class="command">postexec = /etc/umount /cdrom</b></p><p>See also <a href="#PREEXEC"><i class="parameter"><tt>preexec</tt></i></a>.</p><p>Default: <span class="emphasis"><em>none (no command executed)</em></span></p><p>Example: <b class="command">postexec = echo \"%u disconnected from %S from %m (%I)\" >> /tmp/log</b></p></dd><dt><span class="term"><a name="PREEXECCLOSE"></a>preexec close (S)</span></dt><dd><p>This boolean option controls whether a non-zero + return code from <a href="#PREEXEC"><i class="parameter"><tt>preexec + </tt></i></a> should close the service being connected to.</p><p>Default: <b class="command">preexec close = no</b></p></dd><dt><span class="term"><a name="PREEXEC"></a>preexec (S)</span></dt><dd><p>This option specifies a command to be run whenever the service is connected to. It takes the usual substitutions.</p><p>An interesting example is to send the users a welcome message every time they log in. Maybe a message of the day? Here is an example:</p><p><b class="command">preexec = csh -c 'echo \"Welcome to %S!\" | /usr/local/samba/bin/smbclient -M %m -I %I' & </b></p><p>Of course, this could get annoying after a while :-)</p><p>See also <a href="#PREEXECCLOSE"><i class="parameter"><tt>preexec close</tt></i></a> and <a href="#POSTEXEC"><i class="parameter"><tt>postexec - </tt></i></a>.</p><p>Default: <span class="emphasis"><em>none (no command executed)</em></span></p><p>Example: <b class="command">preexec = echo \"%u connected to %S from %m (%I)\" >> /tmp/log</b></p></dd><dt><span class="term"><a name="PREEXECCLOSE"></a>preexec close (S)</span></dt><dd><p>This boolean option controls whether a non-zero - return code from <a href="#PREEXEC"><i class="parameter"><tt>preexec - </tt></i></a> should close the service being connected to.</p><p>Default: <b class="command">preexec close = no</b></p></dd><dt><span class="term"><a name="PREFEREDMASTER"></a>prefered master (G)</span></dt><dd><p>Synonym for <a href="#PREFERREDMASTER"><i class="parameter"><tt> + </tt></i></a>.</p><p>Default: <span class="emphasis"><em>none (no command executed)</em></span></p><p>Example: <b class="command">preexec = echo \"%u connected to %S from %m (%I)\" >> /tmp/log</b></p></dd><dt><span class="term"><a name="PREFEREDMASTER"></a>prefered master (G)</span></dt><dd><p>Synonym for <a href="#PREFERREDMASTER"><i class="parameter"><tt> preferred master</tt></i></a> for people who cannot spell :-).</p></dd><dt><span class="term"><a name="PREFERREDMASTER"></a>preferred master (G)</span></dt><dd><p>This boolean parameter controls if <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> is a preferred master browser for its workgroup.</p><p>If this is set to <tt class="constant">yes</tt>, on startup, <b class="command">nmbd</b> @@ -2177,15 +2186,15 @@ df $1 | tail -1 | awk '{print $2" "$4}' preferred master browsers on the same subnet, they will each periodically and continuously attempt to become the local master browser. This will result in unnecessary broadcast - traffic and reduced browsing capabilities.</p><p>See also <a href="#OSLEVEL"><i class="parameter"><tt>os level</tt></i></a>.</p><p>Default: <b class="command">preferred master = auto</b></p></dd><dt><span class="term"><a name="PRELOAD"></a>preload (G)</span></dt><dd><p>This is a list of services that you want to be + traffic and reduced browsing capabilities.</p><p>See also <a href="#OSLEVEL"><i class="parameter"><tt>os level</tt></i></a>.</p><p>Default: <b class="command">preferred master = auto</b></p></dd><dt><span class="term"><a name="PRELOADMODULES"></a>preload modules (G)</span></dt><dd><p>This is a list of paths to modules that should + be loaded into smbd before a client connects. This improves + the speed of smbd when reacting to new connections somewhat. </p><p>It is recommended to only use this option on heavy-performance + servers.</p><p>Default: <b class="command">preload modules = </b></p><p>Example: <b class="command">preload modules = /usr/lib/samba/passdb/mysql.so+++ </b></p></dd><dt><span class="term"><a name="PRELOAD"></a>preload (G)</span></dt><dd><p>This is a list of services that you want to be automatically added to the browse lists. This is most useful for homes and printers services that would otherwise not be visible.</p><p>Note that if you just want all printers in your printcap file loaded then the <a href="#LOADPRINTERS"> - <i class="parameter"><tt>load printers</tt></i></a> option is easier.</p><p>Default: <span class="emphasis"><em>no preloaded services</em></span></p><p>Example: <b class="command">preload = fred lp colorlp</b></p></dd><dt><span class="term"><a name="PRELOADMODULES"></a>preload modules (G)</span></dt><dd><p>This is a list of paths to modules that should - be loaded into smbd before a client connects. This improves - the speed of smbd when reacting to new connections somewhat. </p><p>It is recommended to only use this option on heavy-performance - servers.</p><p>Default: <b class="command">preload modules = </b></p><p>Example: <b class="command">preload modules = /usr/lib/samba/passdb/mysql.so+++ </b></p></dd><dt><span class="term"><a name="PRESERVECASE"></a>preserve case (S)</span></dt><dd><p> This controls if new filenames are created + <i class="parameter"><tt>load printers</tt></i></a> option is easier.</p><p>Default: <span class="emphasis"><em>no preloaded services</em></span></p><p>Example: <b class="command">preload = fred lp colorlp</b></p></dd><dt><span class="term"><a name="PRESERVECASE"></a>preserve case (S)</span></dt><dd><p> This controls if new filenames are created with the case that the client passes, or if they are forced to be the <a href="#DEFAULTCASE"><i class="parameter"><tt>default case </tt></i></a>.</p><p>Default: <b class="command">preserve case = yes</b></p><p>See the section on <a href="#NAMEMANGLINGSECT" title="NAME MANGLING">NAME MANGLING</a> for a fuller discussion.</p></dd><dt><span class="term"><a name="PRINTABLE"></a>printable (S)</span></dt><dd><p>If this parameter is <tt class="constant">yes</tt>, then @@ -2194,8 +2203,7 @@ df $1 | tail -1 | awk '{print $2" "$4}' to the service path (user privileges permitting) via the spooling of print data. The <a href="#READONLY"><i class="parameter"><tt>read only </tt></i></a> parameter controls only non-printing access to - the resource.</p><p>Default: <b class="command">printable = no</b></p></dd><dt><span class="term"><a name="PRINTCAP"></a>printcap (G)</span></dt><dd><p>Synonym for <a href="#PRINTCAPNAME"><i class="parameter"><tt> - printcap name</tt></i></a>.</p></dd><dt><span class="term"><a name="PRINTCAPNAME"></a>printcap name (S)</span></dt><dd><p>This parameter may be used to override the + the resource.</p><p>Default: <b class="command">printable = no</b></p></dd><dt><span class="term"><a name="PRINTCAPNAME"></a>printcap name (S)</span></dt><dd><p>This parameter may be used to override the compiled-in default printcap name used by the server (usually <tt class="filename"> /etc/printcap</tt>). See the discussion of the <a href="#PRINTERSSECT" title="The [printers] section">[printers]</a> section above for reasons why you might want to do this.</p><p>To use the CUPS printing interface set <b class="command">printcap name = cups @@ -2222,7 +2230,8 @@ print5|My Printer 5 that it's a comment.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Under AIX the default printcap name is <tt class="filename">/etc/qconfig</tt>. Samba will assume the file is in AIX <tt class="filename">qconfig</tt> format if the string - <tt class="filename">qconfig</tt> appears in the printcap filename.</p></div><p>Default: <b class="command">printcap name = /etc/printcap</b></p><p>Example: <b class="command">printcap name = /etc/myprintcap</b></p></dd><dt><span class="term"><a name="PRINTCOMMAND"></a>print command (S)</span></dt><dd><p>After a print job has finished spooling to + <tt class="filename">qconfig</tt> appears in the printcap filename.</p></div><p>Default: <b class="command">printcap name = /etc/printcap</b></p><p>Example: <b class="command">printcap name = /etc/myprintcap</b></p></dd><dt><span class="term"><a name="PRINTCAP"></a>printcap (G)</span></dt><dd><p>Synonym for <a href="#PRINTCAPNAME"><i class="parameter"><tt> + printcap name</tt></i></a>.</p></dd><dt><span class="term"><a name="PRINTCOMMAND"></a>print command (S)</span></dt><dd><p>After a print job has finished spooling to a service, this command will be used via a <b class="command">system()</b> call to process the spool file. Typically the command specified will submit the spool file to the host's printing subsystem, but there @@ -2263,15 +2272,15 @@ print5|My Printer 5 uses <b class="command">lp -c -d%p -oraw; rm %s</b>. With <b class="command">printing = cups</b>, and if SAMBA is compiled against libcups, any manually - set print command will be ignored.</p><p>Example: <b class="command">print command = /usr/local/samba/bin/myprintscript %p %s</b></p></dd><dt><span class="term"><a name="PRINTER"></a>printer (S)</span></dt><dd><p>Synonym for <a href="#PRINTERNAME"><i class="parameter"><tt> - printer name</tt></i></a>.</p></dd><dt><span class="term"><a name="PRINTERADMIN"></a>printer admin (S)</span></dt><dd><p>This is a list of users that can do anything to + set print command will be ignored.</p><p>Example: <b class="command">print command = /usr/local/samba/bin/myprintscript %p %s</b></p></dd><dt><span class="term"><a name="PRINTERADMIN"></a>printer admin (S)</span></dt><dd><p>This is a list of users that can do anything to printers via the remote administration interfaces offered by MS-RPC (usually using a NT workstation). Note that the root user always has admin rights.</p><p>Default: <b class="command">printer admin = <empty string></b></p><p>Example: <b class="command">printer admin = admin, @staff</b></p></dd><dt><span class="term"><a name="PRINTERNAME"></a>printer name (S)</span></dt><dd><p>This parameter specifies the name of the printer to which print jobs spooled through a printable service will be sent.</p><p>If specified in the [global] section, the printer name given will be used for any printable service that does not have its own printer name specified.</p><p>Default: <span class="emphasis"><em>none (but may be <tt class="constant">lp</tt> - on many systems)</em></span></p><p>Example: <b class="command">printer name = laserwriter</b></p></dd><dt><span class="term"><a name="PRINTING"></a>printing (S)</span></dt><dd><p>This parameters controls how printer status information is + on many systems)</em></span></p><p>Example: <b class="command">printer name = laserwriter</b></p></dd><dt><span class="term"><a name="PRINTER"></a>printer (S)</span></dt><dd><p>Synonym for <a href="#PRINTERNAME"><i class="parameter"><tt> + printer name</tt></i></a>.</p></dd><dt><span class="term"><a name="PRINTING"></a>printing (S)</span></dt><dd><p>This parameters controls how printer status information is interpreted on your system. It also affects the default values for the <i class="parameter"><tt>print command</tt></i>, <i class="parameter"><tt>lpq command</tt></i>, <i class="parameter"><tt>lppause command </tt></i>, <i class="parameter"><tt>lpresume command</tt></i>, and <i class="parameter"><tt>lprm command</tt></i> if specified in the [global] section.</p><p>Currently nine printing styles are supported. They are @@ -2418,11 +2427,7 @@ print5|My Printer 5 The security advantage of using restrict anonymous = 2 is removed by setting <a href="#GUESTOK"><i class="parameter"><tt>guest ok</tt></i> = yes</a> on any share. - </p></div><p>Default: <b class="command">restrict anonymous = 0</b></p></dd><dt><span class="term"><a name="ROOT"></a>root (G)</span></dt><dd><p>Synonym for <a href="#ROOTDIRECTORY"> - <i class="parameter"><tt>root directory"</tt></i></a>. - </p></dd><dt><span class="term"><a name="ROOTDIR"></a>root dir (G)</span></dt><dd><p>Synonym for <a href="#ROOTDIRECTORY"> - <i class="parameter"><tt>root directory"</tt></i></a>. - </p></dd><dt><span class="term"><a name="ROOTDIRECTORY"></a>root directory (G)</span></dt><dd><p>The server will <b class="command">chroot()</b> (i.e. + </p></div><p>Default: <b class="command">restrict anonymous = 0</b></p></dd><dt><span class="term"><a name="ROOTDIRECTORY"></a>root directory (G)</span></dt><dd><p>The server will <b class="command">chroot()</b> (i.e. Change its root directory) to this directory on startup. This is not strictly necessary for secure operation. Even without it the server will deny access to files not in one of the service entries. @@ -2442,19 +2447,40 @@ print5|My Printer 5 you will need to mirror <tt class="filename">/etc/passwd</tt> (or a subset of it), and any binaries or configuration files needed for printing (if required). The set of files that must be mirrored is - operating system dependent.</p><p>Default: <b class="command">root directory = /</b></p><p>Example: <b class="command">root directory = /homes/smb</b></p></dd><dt><span class="term"><a name="ROOTPOSTEXEC"></a>root postexec (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>postexec</tt></i> + operating system dependent.</p><p>Default: <b class="command">root directory = /</b></p><p>Example: <b class="command">root directory = /homes/smb</b></p></dd><dt><span class="term"><a name="ROOTDIR"></a>root dir (G)</span></dt><dd><p>Synonym for <a href="#ROOTDIRECTORY"> + <i class="parameter"><tt>root directory"</tt></i></a>. + </p></dd><dt><span class="term"><a name="ROOTPOSTEXEC"></a>root postexec (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>postexec</tt></i> parameter except that the command is run as root. This is useful for unmounting filesystems (such as CDROMs) after a connection is closed.</p><p>See also <a href="#POSTEXEC"><i class="parameter"><tt> - postexec</tt></i></a>.</p><p>Default: <b class="command">root postexec = <empty string></b></p></dd><dt><span class="term"><a name="ROOTPREEXEC"></a>root preexec (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>preexec</tt></i> + postexec</tt></i></a>.</p><p>Default: <b class="command">root postexec = <empty string></b></p></dd><dt><span class="term"><a name="ROOTPREEXECCLOSE"></a>root preexec close (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>preexec close + </tt></i> parameter except that the command is run as root.</p><p>See also <a href="#PREEXEC"><i class="parameter"><tt> + preexec</tt></i></a> and <a href="#PREEXECCLOSE"> + <i class="parameter"><tt>preexec close</tt></i></a>.</p><p>Default: <b class="command">root preexec close = no</b></p></dd><dt><span class="term"><a name="ROOTPREEXEC"></a>root preexec (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>preexec</tt></i> parameter except that the command is run as root. This is useful for mounting filesystems (such as CDROMs) when a connection is opened.</p><p>See also <a href="#PREEXEC"><i class="parameter"><tt> preexec</tt></i></a> and <a href="#PREEXECCLOSE"> - <i class="parameter"><tt>preexec close</tt></i></a>.</p><p>Default: <b class="command">root preexec = <empty string></b></p></dd><dt><span class="term"><a name="ROOTPREEXECCLOSE"></a>root preexec close (S)</span></dt><dd><p>This is the same as the <i class="parameter"><tt>preexec close - </tt></i> parameter except that the command is run as root.</p><p>See also <a href="#PREEXEC"><i class="parameter"><tt> - preexec</tt></i></a> and <a href="#PREEXECCLOSE"> - <i class="parameter"><tt>preexec close</tt></i></a>.</p><p>Default: <b class="command">root preexec close = no</b></p></dd><dt><span class="term"><a name="SECURITY"></a>security (G)</span></dt><dd><p>This option affects how clients respond to + <i class="parameter"><tt>preexec close</tt></i></a>.</p><p>Default: <b class="command">root preexec = <empty string></b></p></dd><dt><span class="term"><a name="ROOT"></a>root (G)</span></dt><dd><p>Synonym for <a href="#ROOTDIRECTORY"> + <i class="parameter"><tt>root directory"</tt></i></a>. + </p></dd><dt><span class="term"><a name="SECURITYMASK"></a>security mask (S)</span></dt><dd><p>This parameter controls what UNIX permission + bits can be modified when a Windows NT client is manipulating + the UNIX permission on a file using the native NT security + dialog box.</p><p>This parameter is applied as a mask (AND'ed with) to + the changed permission bits, thus preventing any bits not in + this mask from being modified. Essentially, zero bits in this + mask may be treated as a set of bits the user is not allowed + to change.</p><p>If not set explicitly this parameter is 0777, allowing + a user to modify all the user/group/world permissions on a file. + </p><p><span class="emphasis"><em>Note</em></span> that users who can access the + Samba server through other means can easily bypass this + restriction, so it is primarily useful for standalone + "appliance" systems. Administrators of most normal systems will + probably want to leave it set to <tt class="constant">0777</tt>.</p><p>See also the <a href="#FORCEDIRECTORYSECURITYMODE"> + <i class="parameter"><tt>force directory security mode</tt></i></a>, + <a href="#DIRECTORYSECURITYMASK"><i class="parameter"><tt>directory + security mask</tt></i></a>, <a href="#FORCESECURITYMODE"> + <i class="parameter"><tt>force security mode</tt></i></a> parameters.</p><p>Default: <b class="command">security mask = 0777</b></p><p>Example: <b class="command">security mask = 0770</b></p></dd><dt><span class="term"><a name="SECURITY"></a>security (G)</span></dt><dd><p>This option affects how clients respond to Samba and is one of the most important settings in the <tt class="filename"> smb.conf</tt> file.</p><p>The option sets the "security mode bit" in replies to protocol negotiations with <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> to turn share level security on or off. Clients decide @@ -2462,8 +2488,8 @@ print5|My Printer 5 information to the server.</p><p>The default is <b class="command">security = user</b>, as this is the most common setting needed when talking to Windows 98 and Windows NT.</p><p>The alternatives are <b class="command">security = share</b>, - <b class="command">security = server</b> or <b class="command">security = domain - </b>.</p><p>In versions of Samba prior to 2.0.0, the default was + <b class="command">security = server</b>, <b class="command">security = domain + </b>, or <b class="command">security = ads</b>.</p><p>In versions of Samba prior to 2.0.0, the default was <b class="command">security = share</b> mainly because that was the only option at one stage.</p><p>There is a bug in WfWg that has relevance to this setting. When in user or server level security a WfWg client @@ -2600,24 +2626,7 @@ print5|My Printer 5 Controller. </p><p>Read the chapter about Domain Membership in the HOWTO for details.</p><p>See also the <a href="#"><i class="parameter"><tt>ads server </tt></i></a> parameter, the <a href="#REALM"><i class="parameter"><tt>realm </tt></i></a> paramter and the <a href="#ENCRYPTPASSWORDS"> - <i class="parameter"><tt>encrypted passwords</tt></i></a> parameter.</p><p>Default: <b class="command">security = USER</b></p><p>Example: <b class="command">security = DOMAIN</b></p></dd><dt><span class="term"><a name="SECURITYMASK"></a>security mask (S)</span></dt><dd><p>This parameter controls what UNIX permission - bits can be modified when a Windows NT client is manipulating - the UNIX permission on a file using the native NT security - dialog box.</p><p>This parameter is applied as a mask (AND'ed with) to - the changed permission bits, thus preventing any bits not in - this mask from being modified. Essentially, zero bits in this - mask may be treated as a set of bits the user is not allowed - to change.</p><p>If not set explicitly this parameter is 0777, allowing - a user to modify all the user/group/world permissions on a file. - </p><p><span class="emphasis"><em>Note</em></span> that users who can access the - Samba server through other means can easily bypass this - restriction, so it is primarily useful for standalone - "appliance" systems. Administrators of most normal systems will - probably want to leave it set to <tt class="constant">0777</tt>.</p><p>See also the <a href="#FORCEDIRECTORYSECURITYMODE"> - <i class="parameter"><tt>force directory security mode</tt></i></a>, - <a href="#DIRECTORYSECURITYMASK"><i class="parameter"><tt>directory - security mask</tt></i></a>, <a href="#FORCESECURITYMODE"> - <i class="parameter"><tt>force security mode</tt></i></a> parameters.</p><p>Default: <b class="command">security mask = 0777</b></p><p>Example: <b class="command">security mask = 0770</b></p></dd><dt><span class="term"><a name="SERVERSCHANNEL"></a>server schannel (G)</span></dt><dd><p>This controls whether the server offers or even + <i class="parameter"><tt>encrypted passwords</tt></i></a> parameter.</p><p>Default: <b class="command">security = USER</b></p><p>Example: <b class="command">security = DOMAIN</b></p></dd><dt><span class="term"><a name="SERVERSCHANNEL"></a>server schannel (G)</span></dt><dd><p>This controls whether the server offers or even demands the use of the netlogon schannel. <i class="parameter"><tt>server schannel = no</tt></i> does not offer the schannel, <i class="parameter"><tt>server schannel = @@ -2682,7 +2691,7 @@ print5|My Printer 5 administrative privilege on an individual printer.</p><p>See also <a href="#ADDPRINTERCOMMAND"><i class="parameter"><tt>addprinter command</tt></i></a>, <a href="#DELETEPRINTERCOMMAND"> <i class="parameter"><tt>deleteprinter command</tt></i></a>, <a href="#PRINTERADMIN"> - <i class="parameter"><tt>printer admin</tt></i></a></p><p>Default :<b class="command">show add printer wizard = yes</b></p></dd><dt><span class="term"><a name="SHUTDOWNSCRIPT"></a>shutdown script (G)</span></dt><dd xmlns:ns2=""><p><span class="emphasis"><em>This parameter only exists in the HEAD cvs branch</em></span> + <i class="parameter"><tt>printer admin</tt></i></a></p><p>Default :<b class="command">show add printer wizard = yes</b></p></dd><dt><span class="term"><a name="SHUTDOWNSCRIPT"></a>shutdown script (G)</span></dt><dd><p><span class="emphasis"><em>This parameter only exists in the HEAD cvs branch</em></span> This a full path name to a script called by <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that should start a shutdown procedure.</p><p>This command will be run as the user connected to the server.</p><p>%m %t %r %f parameters are expanded:</p><div class="itemizedlist"><ul type="disc"><li><p><i class="parameter"><tt>%m</tt></i> will be substituted with the shutdown message sent to the server.</p></li><li><p><i class="parameter"><tt>%t</tt></i> will be substituted with the number of seconds to wait before effectively starting the @@ -2690,8 +2699,8 @@ print5|My Printer 5 switch <span class="emphasis"><em>-r</em></span>. It means reboot after shutdown for NT.</p></li><li><p><i class="parameter"><tt>%f</tt></i> will be substituted with the switch <span class="emphasis"><em>-f</em></span>. It means force the shutdown - even if applications do not respond for NT.</p></li></ul></div><p>Default: <span class="emphasis"><em>None</em></span>.</p><p>Example: <b class="command">abort shutdown script = /usr/local/samba/sbin/shutdown %m %t %r %f</b></p><ns2:p>Shutdown script example: -</ns2:p><pre class="programlisting"> + even if applications do not respond for NT.</p></li></ul></div><p>Default: <span class="emphasis"><em>None</em></span>.</p><p>Example: <b class="command">abort shutdown script = /usr/local/samba/sbin/shutdown %m %t %r %f</b></p><p>Shutdown script example: +</p><pre class="programlisting"> #!/bin/bash $time=0 @@ -2699,9 +2708,9 @@ let "time/60" let "time++" /sbin/shutdown $3 $4 +$time $1 & -</pre><ns2:p> +</pre><p> Shutdown does not return so we need to launch it in background. -</ns2:p><p>See also <a href="#ABORTSHUTDOWNSCRIPT"> +</p><p>See also <a href="#ABORTSHUTDOWNSCRIPT"> <i class="parameter"><tt>abort shutdown script</tt></i></a>.</p></dd><dt><span class="term"><a name="SMBPASSWDFILE"></a>smb passwd file (G)</span></dt><dd><p>This option sets the path to the encrypted smbpasswd file. By default the path to the smbpasswd file is compiled into Samba.</p><p>Default: <b class="command">smb passwd file = ${prefix}/private/smbpasswd</b></p><p>Example: <b class="command">smb passwd file = /etc/samba/smbpasswd</b></p></dd><dt><span class="term"><a name="SMBPORTS"></a>smb ports (G)</span></dt><dd><p>Specifies which ports the server should listen on for SMB traffic.</p><p>Default: <b class="command">smb ports = 445 139</b></p></dd><dt><span class="term"><a name="SOCKETADDRESS"></a>socket address (G)</span></dt><dd><p>This option allows you to control what address Samba will listen for connections on. This is used to @@ -2779,7 +2788,9 @@ Shutdown does not return so we need to launch it in background. the <i class="parameter"><tt>strict sync</tt></i> parameter must be set to <tt class="constant">yes</tt> in order for this parameter to have any affect.</p><p>See also the <a href="#STRICTSYNC"><i class="parameter"><tt>strict - sync</tt></i></a> parameter.</p><p>Default: <b class="command">sync always = no</b></p></dd><dt><span class="term"><a name="SYSLOG"></a>syslog (G)</span></dt><dd><p>This parameter maps how Samba debug messages + sync</tt></i></a> parameter.</p><p>Default: <b class="command">sync always = no</b></p></dd><dt><span class="term"><a name="SYSLOGONLY"></a>syslog only (G)</span></dt><dd><p>If this parameter is set then Samba debug + messages are logged into the system syslog only, and not to + the debug log files.</p><p>Default: <b class="command">syslog only = no</b></p></dd><dt><span class="term"><a name="SYSLOG"></a>syslog (G)</span></dt><dd><p>This parameter maps how Samba debug messages are logged onto the system syslog logging levels. Samba debug level zero maps onto syslog <tt class="constant">LOG_ERR</tt>, debug level one maps onto <tt class="constant">LOG_WARNING</tt>, debug level @@ -2787,9 +2798,7 @@ Shutdown does not return so we need to launch it in background. maps onto LOG_INFO. All higher levels are mapped to <tt class="constant"> LOG_DEBUG</tt>.</p><p>This parameter sets the threshold for sending messages to syslog. Only messages with debug level less than this value - will be sent to syslog.</p><p>Default: <b class="command">syslog = 1</b></p></dd><dt><span class="term"><a name="SYSLOGONLY"></a>syslog only (G)</span></dt><dd><p>If this parameter is set then Samba debug - messages are logged into the system syslog only, and not to - the debug log files.</p><p>Default: <b class="command">syslog only = no</b></p></dd><dt><span class="term"><a name="TEMPLATEHOMEDIR"></a>template homedir (G)</span></dt><dd><p>When filling out the user information for a Windows NT + will be sent to syslog.</p><p>Default: <b class="command">syslog = 1</b></p></dd><dt><span class="term"><a name="TEMPLATEHOMEDIR"></a>template homedir (G)</span></dt><dd><p>When filling out the user information for a Windows NT user, the <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon uses this parameter to fill in the home directory for that user. If the string <i class="parameter"><tt>%D</tt></i> is present it @@ -2805,16 +2814,7 @@ Shutdown does not return so we need to launch it in background. you are serving a lot of PCs that have incorrect daylight saving time handling.</p><p>Default: <b class="command">time offset = 0</b></p><p>Example: <b class="command">time offset = 60</b></p></dd><dt><span class="term"><a name="TIMESERVER"></a>time server (G)</span></dt><dd><p>This parameter determines if <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> advertises itself as a time server to Windows clients.</p><p>Default: <b class="command">time server = no</b></p></dd><dt><span class="term"><a name="TIMESTAMPLOGS"></a>timestamp logs (G)</span></dt><dd><p>Synonym for <a href="#DEBUGTIMESTAMP"><i class="parameter"><tt> - debug timestamp</tt></i></a>.</p></dd><dt><span class="term"><a name="TOTALPRINTJOBS"></a>total print jobs (G)</span></dt><dd><p>This parameter accepts an integer value which defines - a limit on the maximum number of print jobs that will be accepted - system wide at any given time. If a print job is submitted - by a client which will exceed this number, then <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will return an - error indicating that no space is available on the server. The - default value of 0 means that no such limit exists. This parameter - can be used to prevent a server from exceeding its capacity and is - designed as a printing throttle. See also <a href="#MAXPRINTJOBS"> - <i class="parameter"><tt>max print jobs</tt></i></a>. - </p><p>Default: <b class="command">total print jobs = 0</b></p><p>Example: <b class="command">total print jobs = 5000</b></p></dd><dt><span class="term"><a name="UNICODE"></a>unicode (G)</span></dt><dd><p>Specifies whether Samba should try + debug timestamp</tt></i></a>.</p></dd><dt><span class="term"><a name="UNICODE"></a>unicode (G)</span></dt><dd><p>Specifies whether Samba should try to use unicode on the wire by default. Note: This does NOT mean that samba will assume that the unix machine uses unicode! </p><p>Default: <b class="command">unicode = yes</b></p></dd><dt><span class="term"><a name="UNIXCHARSET"></a>unix charset (G)</span></dt><dd><p>Specifies the charset the unix machine @@ -2883,42 +2883,7 @@ Shutdown does not return so we need to launch it in background. default on HPUX. On all other systems this parameter should be left alone. This parameter is provided to help the Samba developers track down problems with the tdb internal code. - </p><p>Default: <b class="command">use mmap = yes</b></p></dd><dt><span class="term"><a name="USER"></a>user (S)</span></dt><dd><p>Synonym for <a href="#USERNAME"><i class="parameter"><tt>username</tt></i></a>.</p></dd><dt><span class="term"><a name="USERNAME"></a>username (S)</span></dt><dd><p>Multiple users may be specified in a comma-delimited - list, in which case the supplied password will be tested against - each username in turn (left to right).</p><p>The <i class="parameter"><tt>username</tt></i> line is needed only when - the PC is unable to supply its own username. This is the case - for the COREPLUS protocol or where your users have different WfWg - usernames to UNIX usernames. In both these cases you may also be - better using the \\server\share%user syntax instead.</p><p>The <i class="parameter"><tt>username</tt></i> line is not a great - solution in many cases as it means Samba will try to validate - the supplied password against each of the usernames in the - <i class="parameter"><tt>username</tt></i> line in turn. This is slow and - a bad idea for lots of users in case of duplicate passwords. - You may get timeouts or security breaches using this parameter - unwisely.</p><p>Samba relies on the underlying UNIX security. This - parameter does not restrict who can login, it just offers hints - to the Samba server as to what usernames might correspond to the - supplied password. Users can login as whoever they please and - they will be able to do no more damage than if they started a - telnet session. The daemon runs as the user that they log in as, - so they cannot do anything that user cannot do.</p><p>To restrict a service to a particular set of users you - can use the <a href="#VALIDUSERS"><i class="parameter"><tt>valid users - </tt></i></a> parameter.</p><p>If any of the usernames begin with a '@' then the name - will be looked up first in the NIS netgroups list (if Samba - is compiled with netgroup support), followed by a lookup in - the UNIX groups database and will expand to a list of all users - in the group of that name.</p><p>If any of the usernames begin with a '+' then the name - will be looked up only in the UNIX groups database and will - expand to a list of all users in the group of that name.</p><p>If any of the usernames begin with a '&' then the name - will be looked up only in the NIS netgroups database (if Samba - is compiled with netgroup support) and will expand to a list - of all users in the netgroup group of that name.</p><p>Note that searching though a groups database can take - quite some time, and some clients may time out during the - search.</p><p>See the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">NOTE ABOUT - USERNAME/PASSWORD VALIDATION</a> for more information on how - this parameter determines access to the services.</p><p>Default: <b class="command">The guest account if a guest service, - else <empty string>.</b></p><p>Examples:<b class="command">username = fred, mary, jack, jane, - @users, @pcgroup</b></p></dd><dt><span class="term"><a name="USERNAMELEVEL"></a>username level (G)</span></dt><dd><p>This option helps Samba to try and 'guess' at + </p><p>Default: <b class="command">use mmap = yes</b></p></dd><dt><span class="term"><a name="USERNAMELEVEL"></a>username level (G)</span></dt><dd><p>This option helps Samba to try and 'guess' at the real UNIX username, as many DOS clients send an all-uppercase username. By default Samba tries all lowercase, followed by the username with the first letter capitalized, and fails if the @@ -2972,19 +2937,60 @@ guest = * modification.</p><p>Also note that no reverse mapping is done. The main effect this has is with printing. Users who have been mapped may have trouble deleting print jobs as PrintManager under WfWg will think - they don't own the print job.</p><p>Default: <span class="emphasis"><em>no username map</em></span></p><p>Example: <b class="command">username map = /usr/local/samba/lib/users.map</b></p></dd><dt><span class="term"><a name="USERS"></a>users (S)</span></dt><dd><p>Synonym for <a href="#USERNAME"><i class="parameter"><tt> - username</tt></i></a>.</p></dd><dt><span class="term"><a name="USESENDFILE"></a>use sendfile (S)</span></dt><dd><p>If this parameter is <tt class="constant">yes</tt>, and Samba - was built with the --with-sendfile-support option, and the underlying operating + they don't own the print job.</p><p>Default: <span class="emphasis"><em>no username map</em></span></p><p>Example: <b class="command">username map = /usr/local/samba/lib/users.map</b></p></dd><dt><span class="term"><a name="USERNAME"></a>username (S)</span></dt><dd><p>Multiple users may be specified in a comma-delimited + list, in which case the supplied password will be tested against + each username in turn (left to right).</p><p>The <i class="parameter"><tt>username</tt></i> line is needed only when + the PC is unable to supply its own username. This is the case + for the COREPLUS protocol or where your users have different WfWg + usernames to UNIX usernames. In both these cases you may also be + better using the \\server\share%user syntax instead.</p><p>The <i class="parameter"><tt>username</tt></i> line is not a great + solution in many cases as it means Samba will try to validate + the supplied password against each of the usernames in the + <i class="parameter"><tt>username</tt></i> line in turn. This is slow and + a bad idea for lots of users in case of duplicate passwords. + You may get timeouts or security breaches using this parameter + unwisely.</p><p>Samba relies on the underlying UNIX security. This + parameter does not restrict who can login, it just offers hints + to the Samba server as to what usernames might correspond to the + supplied password. Users can login as whoever they please and + they will be able to do no more damage than if they started a + telnet session. The daemon runs as the user that they log in as, + so they cannot do anything that user cannot do.</p><p>To restrict a service to a particular set of users you + can use the <a href="#VALIDUSERS"><i class="parameter"><tt>valid users + </tt></i></a> parameter.</p><p>If any of the usernames begin with a '@' then the name + will be looked up first in the NIS netgroups list (if Samba + is compiled with netgroup support), followed by a lookup in + the UNIX groups database and will expand to a list of all users + in the group of that name.</p><p>If any of the usernames begin with a '+' then the name + will be looked up only in the UNIX groups database and will + expand to a list of all users in the group of that name.</p><p>If any of the usernames begin with a '&' then the name + will be looked up only in the NIS netgroups database (if Samba + is compiled with netgroup support) and will expand to a list + of all users in the netgroup group of that name.</p><p>Note that searching though a groups database can take + quite some time, and some clients may time out during the + search.</p><p>See the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">NOTE ABOUT + USERNAME/PASSWORD VALIDATION</a> for more information on how + this parameter determines access to the services.</p><p>Default: <b class="command">The guest account if a guest service, + else <empty string>.</b></p><p>Examples:<b class="command">username = fred, mary, jack, jane, + @users, @pcgroup</b></p></dd><dt><span class="term"><a name="USERS"></a>users (S)</span></dt><dd><p>Synonym for <a href="#USERNAME"><i class="parameter"><tt> + username</tt></i></a>.</p></dd><dt><span class="term"><a name="USER"></a>user (S)</span></dt><dd><p>Synonym for <a href="#USERNAME"><i class="parameter"><tt>username</tt></i></a>.</p></dd><dt><span class="term"><a name="USESENDFILE"></a>use sendfile (S)</span></dt><dd><p>If this parameter is <tt class="constant">yes</tt>, and the underlying operating system supports sendfile system call, then some SMB read calls (mainly ReadAndX and ReadRaw) will use the more efficient sendfile system call for files that are exclusively oplocked. This may make more efficient use of the system CPU's - and cause Samba to be faster. This is off by default as it's effects are unknown - as yet.</p><p>Default: <b class="command">use sendfile = no</b></p></dd><dt><span class="term"><a name="USESPNEGO"></a>use spnego (G)</span></dt><dd><p> This variable controls controls whether samba will try + and cause Samba to be faster.</p><p>Default: <b class="command">use sendfile = no</b></p></dd><dt><span class="term"><a name="USESPNEGO"></a>use spnego (G)</span></dt><dd><p> This variable controls controls whether samba will try to use Simple and Protected NEGOciation (as specified by rfc2478) with WindowsXP and Windows2000 clients to agree upon an authentication mechanism. Unless further issues are discovered with our SPNEGO implementation, there is no reason this should ever be - disabled.</p><p>Default: <span class="emphasis"><em>use spnego = yes</em></span></p></dd><dt><span class="term"><a name="UTMP"></a>utmp (G)</span></dt><dd><p>This boolean parameter is only available if + disabled.</p><p>Default: <span class="emphasis"><em>use spnego = yes</em></span></p></dd><dt><span class="term"><a name="UTMPDIRECTORY"></a>utmp directory (G)</span></dt><dd><p>This parameter is only available if Samba has + been configured and compiled with the option <b class="command"> + --with-utmp</b>. It specifies a directory pathname that is + used to store the utmp or utmpx files (depending on the UNIX system) that + record user connections to a Samba server. See also the <a href="#UTMP"> + <i class="parameter"><tt>utmp</tt></i></a> parameter. By default this is + not set, meaning the system will use whatever utmp file the + native system is set to use (usually + <tt class="filename">/var/run/utmp</tt> on Linux).</p><p>Default: <span class="emphasis"><em>no utmp directory</em></span></p><p>Example: <b class="command">utmp directory = /var/run/utmp</b></p></dd><dt><span class="term"><a name="UTMP"></a>utmp (G)</span></dt><dd><p>This boolean parameter is only available if Samba has been configured and compiled with the option <b class="command"> --with-utmp</b>. If set to <tt class="constant">yes</tt> then Samba will attempt to add utmp or utmpx records (depending on the UNIX system) whenever a @@ -2994,22 +3000,7 @@ guest = * incoming user. Enabling this option creates an n^2 algorithm to find this number. This may impede performance on large installations. </p><p>See also the <a href="#UTMPDIRECTORY"><i class="parameter"><tt> - utmp directory</tt></i></a> parameter.</p><p>Default: <b class="command">utmp = no</b></p></dd><dt><span class="term"><a name="UTMPDIRECTORY"></a>utmp directory (G)</span></dt><dd><p>This parameter is only available if Samba has - been configured and compiled with the option <b class="command"> - --with-utmp</b>. It specifies a directory pathname that is - used to store the utmp or utmpx files (depending on the UNIX system) that - record user connections to a Samba server. See also the <a href="#UTMP"> - <i class="parameter"><tt>utmp</tt></i></a> parameter. By default this is - not set, meaning the system will use whatever utmp file the - native system is set to use (usually - <tt class="filename">/var/run/utmp</tt> on Linux).</p><p>Default: <span class="emphasis"><em>no utmp directory</em></span></p><p>Example: <b class="command">utmp directory = /var/run/utmp</b></p></dd><dt><span class="term"><a name="-VALID"></a>-valid (S)</span></dt><dd><p> This parameter indicates whether a share is - valid and thus can be used. When this parameter is set to false, - the share will be in no way visible nor accessible. - </p><p> - This option should not be - used by regular users but might be of help to developers. - Samba uses this option internally to mark shares as deleted. - </p><p>Default: <span class="emphasis"><em>True</em></span></p></dd><dt><span class="term"><a name="VALIDUSERS"></a>valid users (S)</span></dt><dd><p>This is a list of users that should be allowed + utmp directory</tt></i></a> parameter.</p><p>Default: <b class="command">utmp = no</b></p></dd><dt><span class="term"><a name="VALIDUSERS"></a>valid users (S)</span></dt><dd><p>This is a list of users that should be allowed to login to this service. Names starting with '@', '+' and '&' are interpreted using the same rules as described in the <i class="parameter"><tt>invalid users</tt></i> parameter.</p><p>If this is empty (the default) then any user can login. @@ -3017,7 +3008,14 @@ guest = * users</tt></i> list then access is denied for that user.</p><p>The current servicename is substituted for <i class="parameter"><tt>%S </tt></i>. This is useful in the [homes] section.</p><p>See also <a href="#INVALIDUSERS"><i class="parameter"><tt>invalid users </tt></i></a></p><p>Default: <span class="emphasis"><em>No valid users list (anyone can login) - </em></span></p><p>Example: <b class="command">valid users = greg, @pcusers</b></p></dd><dt><span class="term"><a name="VETOFILES"></a>veto files (S)</span></dt><dd xmlns:ns3=""><p>This is a list of files and directories that + </em></span></p><p>Example: <b class="command">valid users = greg, @pcusers</b></p></dd><dt><span class="term"><a name="-VALID"></a>-valid (S)</span></dt><dd><p> This parameter indicates whether a share is + valid and thus can be used. When this parameter is set to false, + the share will be in no way visible nor accessible. + </p><p> + This option should not be + used by regular users but might be of help to developers. + Samba uses this option internally to mark shares as deleted. + </p><p>Default: <span class="emphasis"><em>True</em></span></p></dd><dt><span class="term"><a name="VETOFILES"></a>veto files (S)</span></dt><dd><p>This is a list of files and directories that are neither visible nor accessible. Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files @@ -3035,8 +3033,8 @@ guest = * for a match as they are scanned.</p><p>See also <a href="#HIDEFILES"><i class="parameter"><tt>hide files </tt></i></a> and <a href="#CASESENSITIVE"><i class="parameter"><tt> case sensitive</tt></i></a>.</p><p>Default: <span class="emphasis"><em>No files or directories are vetoed. - </em></span></p><ns3:p>Examples: -</ns3:p><pre class="programlisting"> + </em></span></p><p>Examples: +</p><pre class="programlisting"> ; Veto any files containing the word Security, ; any ending in .tmp, and any directory containing the ; word root. @@ -3057,14 +3055,17 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ client contention for files ending in <tt class="filename">.SEM</tt>. To cause Samba not to grant oplocks on these files you would use the line (either in the [global] section or in the section for - the particular NetBench share :</p><p>Example: <b class="command">veto oplock files = /*.SEM/</b></p></dd><dt><span class="term"><a name="VFSOBJECT"></a>vfs object (S)</span></dt><dd><p>Synonym for + the particular NetBench share :</p><p>Example: <b class="command">veto oplock files = /*.SEM/</b></p></dd><dt><span class="term"><a name="VFSOBJECTS"></a>vfs objects (S)</span></dt><dd><p>This parameter specifies the backend module names which + are used for Samba VFS I/O operations. By default, normal + disk I/O operations are used but these can be overloaded + with one or more VFS objects. </p><p>Options for a given VFS module are specified one per line + smb.conf perfaced by the module name and a colon (:). Such as</p><p>foo:bar=biddle</p><p>where 'foo' is the name of VFS module, 'bar' is a parameter supported + by ;foo;, and 'biddle' is the value of the option 'bar'. Refer to the + manpage for a given VFS modules regarding the options supported by that module.</p><p>Default: <span class="emphasis"><em>no value</em></span></p><p>Example: <b class="command">vfs objects = extd_audit recycle</b></p></dd><dt><span class="term"><a name="VFSOBJECT"></a>vfs object (S)</span></dt><dd><p>Synonym for <a href="#VFSOBJECTS"> <i class="parameter"><tt>vfs objects</tt></i> </a>. - </p></dd><dt><span class="term"><a name="VFSOBJECTS"></a>vfs objects (S)</span></dt><dd><p>This parameter specifies the backend names which - are used for Samba VFS I/O operations. By default, normal - disk I/O operations are used but these can be overloaded - with one or more VFS objects. </p><p>Default: <span class="emphasis"><em>no value</em></span></p><p>Example: <b class="command">vfs objects = extd_audit recycle</b></p></dd><dt><span class="term"><a name="VOLUME"></a>volume (S)</span></dt><dd><p> This allows you to override the volume label + </p></dd><dt><span class="term"><a name="VOLUME"></a>volume (S)</span></dt><dd><p> This allows you to override the volume label returned for a share. Useful for CDROMs with installation programs that insist on a particular volume label.</p><p>Default: <span class="emphasis"><em>the name of the share</em></span></p></dd><dt><span class="term"><a name="WIDELINKS"></a>wide links (S)</span></dt><dd><p>This parameter controls whether or not links in the UNIX file system may be followed by the server. Links |