diff options
Diffstat (limited to 'packaging/RedHat-9')
-rw-r--r-- | packaging/RedHat-9/smb.conf | 137 |
1 files changed, 60 insertions, 77 deletions
diff --git a/packaging/RedHat-9/smb.conf b/packaging/RedHat-9/smb.conf index ba64dad729..971ca19c83 100644 --- a/packaging/RedHat-9/smb.conf +++ b/packaging/RedHat-9/smb.conf @@ -3,6 +3,14 @@ # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you @@ -14,12 +22,17 @@ #======================= Global Settings ===================================== [global] -# workgroup = NT-Domain-Name or Workgroup-Name +# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH workgroup = MYGROUP # server string is the equivalent of the NT Description field server string = Samba Server +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and @@ -27,15 +40,22 @@ # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. -# if you want to automatically load your printer list rather +# If you want to automatically load your printer list rather # than setting them up individually then you'll need this - printcap name = /etc/printcap load printers = yes -# It should not be necessary to spell out the print system type unless -# yours is non-standard. Currently supported print systems include: -# bsd, sysv, plp, lprng, aix, hpux, qnx -; printing = bsd +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used @@ -43,64 +63,39 @@ # this tells Samba to use a separate log file for each machine # that connects - # log file = /var/log/samba/%m.log -# all log information in one file - log file = /var/log/samba/log.smbd + log file = /usr/local/samba/var/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 -# Security mode. Most people will want user level security. See -# security_level.txt for details. - security = user # Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * ; password server = <NT-Server-Name> -# Password Level allows matching of _n_ characters of the password for -# all combinations of upper and lower case. -; password level = 8 -; username level = 8 - -# You may wish to use password encryption. Please read -# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. -# Do not enable this option unless you have read those documents -; encrypt passwords = yes -; smb passwd file = /etc/samba/smbpasswd - -# The following are needed to allow password changing from Windows to -# update the Linux system password also. -# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. -# NOTE2: You do NOT need these to allow workstations to change only -# the encrypted SMB passwords. They allow the Unix password -# to be kept in sync with the SMB password. -; unix password sync = Yes -; passwd program = /usr/bin/passwd %u -; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* - -# Unix users can map to different SMB User names -; username map = /etc/samba/smbusers +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name -# of the machine that is connecting -; include = /etc/samba/smb.conf.%m - -# Most people will find that this option gives better performance. -# See speed.txt and the manual pages for details - socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 -# Configure remote browse list synchronisation here -# request announcement to, or browse list sync from: -# a specific host or from / to a whole subnet (see below) -; remote browse sync = 192.168.3.25 192.168.5.255 -# Cause this host to announce itself to local subnets here -; remote announce = 192.168.1.255 192.168.2.44 - # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply @@ -135,19 +130,6 @@ # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U -# All NetBIOS names must be resolved to IP Addresses -# 'Name Resolve Order' allows the named resolution mechanism to be specified -# the default order is "host lmhosts wins bcast". "host" means use the unix -# system gethostbyname() function call that will use either /etc/hosts OR -# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf -# and the /etc/resolv.conf file. "host" therefore is system configuration -# dependant. This parameter is most often of use to prevent DNS lookups -# in order to resolve NetBIOS names to IP Addresses. Use with care! -# The example below excludes use of name resolution for machines that are NOT -# on the local network segment -# - OR - are not deliberately to be known via lmhosts or via WINS. -; name resolve order = wins lmhosts bcast - # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes @@ -162,18 +144,18 @@ ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names -# via DNS nslookups. The built-in default for versions 1.9.17 is yes, -# this has been changed in version 1.9.18 to no. +# via DNS nslookups. The default is NO. dns proxy = no -# Case Preservation can be handy - system default is _no_ -# NOTE: These can be set on a per share basis -; preserve case = no -; short preserve case = no -# Default case is normally upper case for all DOS files -; default case = lower -# Be very careful with case sensitivity - it can break things! -; case sensitive = no +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + #============================ Share Definitions ============================== [homes] @@ -184,7 +166,7 @@ # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service -; path = /home/netlogon +; path = /usr/local/samba/lib/netlogon ; guest ok = yes ; writable = no ; share modes = no @@ -193,7 +175,7 @@ # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] -; path = /home/profiles +; path = /usr/local/samba/profiles ; browseable = no ; guest ok = yes @@ -202,7 +184,7 @@ # specifically define each individual printer [printers] comment = All Printers - path = /var/spool/samba + path = /usr/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no @@ -222,7 +204,8 @@ ; comment = Public Stuff ; path = /home/samba ; public = yes -; read only = yes +; writable = yes +; printable = no ; write list = @staff # Other examples. @@ -251,7 +234,7 @@ # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could -# also use the %u option to tailor it by user name. +# also use the %U option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories |