summaryrefslogtreecommitdiff
path: root/packaging/RHEL/setup/smb.conf
diff options
context:
space:
mode:
Diffstat (limited to 'packaging/RHEL/setup/smb.conf')
-rw-r--r--packaging/RHEL/setup/smb.conf137
1 files changed, 60 insertions, 77 deletions
diff --git a/packaging/RHEL/setup/smb.conf b/packaging/RHEL/setup/smb.conf
index 133e442b1e..971ca19c83 100644
--- a/packaging/RHEL/setup/smb.conf
+++ b/packaging/RHEL/setup/smb.conf
@@ -3,6 +3,14 @@
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
+# For a step to step guide on installing, configuring and using samba,
+# read the Samba-HOWTO-Collection. This may be obtained from:
+# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
+#
+# Many working examples of smb.conf files can be found in the
+# Samba-Guide which is generated daily and can be downloaded from:
+# http://www.samba.org/samba/docs/Samba-Guide.pdf
+#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
@@ -14,12 +22,17 @@
#======================= Global Settings =====================================
[global]
-# workgroup = NT-Domain-Name or Workgroup-Name
+# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = MYGROUP
# server string is the equivalent of the NT Description field
server string = Samba Server
+# Security mode. Defines in which mode Samba will operate. Possible
+# values are share, user, server, domain and ads. Most people will want
+# user level security. See the Samba-HOWTO-Collection for details.
+ security = user
+
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
@@ -27,15 +40,22 @@
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
-# if you want to automatically load your printer list rather
+# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
- printcap name = /etc/printcap
load printers = yes
-# It should not be necessary to spell out the print system type unless
-# yours is non-standard. Currently supported print systems include:
-# bsd, sysv, plp, lprng, aix, hpux, qnx
-; printing = bsd
+# you may wish to override the location of the printcap file
+; printcap name = /etc/printcap
+
+# on SystemV system setting printcap name to lpstat should allow
+# you to automatically obtain a printer list from the SystemV spool
+# system
+; printcap name = lpstat
+
+# It should not be necessary to specify the print system type unless
+# it is non-standard. Currently supported print systems include:
+# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
+; printing = cups
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
@@ -43,64 +63,39 @@
# this tells Samba to use a separate log file for each machine
# that connects
- #log file = /var/log/samba/%m.log
-# all information in one file
- log file = /var/log/samba/log.smbd
+ log file = /usr/local/samba/var/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
-# Security mode. Most people will want user level security. See
-# security_level.txt for details.
- security = user
# Use password server option only with security = server
+# The argument list may include:
+# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
+# or to auto-locate the domain controller/s
+# password server = *
; password server = <NT-Server-Name>
-# Password Level allows matching of _n_ characters of the password for
-# all combinations of upper and lower case.
-; password level = 8
-; username level = 8
-
-# You may wish to use password encryption. Please read
-# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
-# Do not enable this option unless you have read those documents
-; encrypt passwords = yes
-; smb passwd file = /etc/samba/smbpasswd
-
-# The following are needed to allow password changing from Windows to
-# update the Linux system password also.
-# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
-# NOTE2: You do NOT need these to allow workstations to change only
-# the encrypted SMB passwords. They allow the Unix password
-# to be kept in sync with the SMB password.
-; unix password sync = Yes
-; passwd program = /usr/bin/passwd %u
-; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
-
-# Unix users can map to different SMB User names
-; username map = /etc/samba/smbusers
+# Use the realm option only with security = ads
+# Specifies the Active Directory realm the host is part of
+; realm = MY_REALM
+
+# Backend to store user information in. New installations should
+# use either tdbsam or ldapsam. smbpasswd is available for backwards
+# compatibility. tdbsam requires no further configuration.
+; passdb backend = tdbsam
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
-# of the machine that is connecting
-; include = /etc/samba/smb.conf.%m
-
-# Most people will find that this option gives better performance.
-# See speed.txt and the manual pages for details
- socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
+# of the machine that is connecting.
+# Note: Consider carefully the location in the configuration file of
+# this line. The included file is read at that point.
+; include = /usr/local/samba/lib/smb.conf.%m
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
-# Configure remote browse list synchronisation here
-# request announcement to, or browse list sync from:
-# a specific host or from / to a whole subnet (see below)
-; remote browse sync = 192.168.3.25 192.168.5.255
-# Cause this host to announce itself to local subnets here
-; remote announce = 192.168.1.255 192.168.2.44
-
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
@@ -135,19 +130,6 @@
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
-# All NetBIOS names must be resolved to IP Addresses
-# 'Name Resolve Order' allows the named resolution mechanism to be specified
-# the default order is "host lmhosts wins bcast". "host" means use the unix
-# system gethostbyname() function call that will use either /etc/hosts OR
-# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
-# and the /etc/resolv.conf file. "host" therefore is system configuration
-# dependant. This parameter is most often of use to prevent DNS lookups
-# in order to resolve NetBIOS names to IP Addresses. Use with care!
-# The example below excludes use of name resolution for machines that are NOT
-# on the local network segment
-# - OR - are not deliberately to be known via lmhosts or via WINS.
-; name resolve order = wins lmhosts bcast
-
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
@@ -162,18 +144,18 @@
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
-# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
-# this has been changed in version 1.9.18 to no.
+# via DNS nslookups. The default is NO.
dns proxy = no
-# Case Preservation can be handy - system default is _no_
-# NOTE: These can be set on a per share basis
-; preserve case = no
-; short preserve case = no
-# Default case is normally upper case for all DOS files
-; default case = lower
-# Be very careful with case sensitivity - it can break things!
-; case sensitive = no
+# These scripts are used on a domain controller or stand-alone
+# machine to add or delete corresponding unix accounts
+; add user script = /usr/sbin/useradd %u
+; add group script = /usr/sbin/groupadd %g
+; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
+; delete user script = /usr/sbin/userdel %u
+; delete user from group script = /usr/sbin/deluser %u %g
+; delete group script = /usr/sbin/groupdel %g
+
#============================ Share Definitions ==============================
[homes]
@@ -184,7 +166,7 @@
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
-; path = /home/netlogon
+; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
@@ -193,7 +175,7 @@
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
-; path = /home/profiles
+; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
@@ -202,7 +184,7 @@
# specifically define each individual printer
[printers]
comment = All Printers
- path = /var/spool/samba
+ path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
@@ -222,7 +204,8 @@
; comment = Public Stuff
; path = /home/samba
; public = yes
-; read only = yes
+; writable = yes
+; printable = no
; write list = @staff
# Other examples.
@@ -251,7 +234,7 @@
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
-# also use the %u option to tailor it by user name.
+# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories