]>
Commit | Line | Data |
---|---|---|
94610c17 | 1 | # This is the main Samba configuration file. You should read the |
2 | # smb.conf(5) manual page in order to understand the options listed | |
3 | # here. Samba has a huge number of configurable options (perhaps too | |
4 | # many!) most of which are not shown in this example | |
5 | # | |
6 | # Any line which starts with a ; (semi-colon) or a # (hash) | |
7 | # is a comment and is ignored. In this example we will use a # | |
8 | # for commentry and a ; for parts of the config file that you | |
9 | # may wish to enable | |
10 | # | |
11 | # NOTE: Whenever you modify this file you should run the command "testparm" | |
12 | # to check that you have not many any basic syntactic errors. | |
13 | # | |
14 | #======================= Global Settings ===================================== | |
15 | [global] | |
16 | ||
17 | # workgroup = NT-Domain-Name or Workgroup-Name | |
18 | workgroup = MYGROUP | |
19 | ||
20 | # server string is the equivalent of the NT Description field | |
21 | server string = Samba Server | |
22 | ||
23 | # This option is important for security. It allows you to restrict | |
24 | # connections to machines which are on your local network. The | |
25 | # following example restricts access to two C class networks and | |
26 | # the "loopback" interface. For more examples of the syntax see | |
27 | # the smb.conf man page | |
28 | ; hosts allow = 192.168.1. 192.168.2. 127. | |
29 | ||
30 | # if you want to automatically load your printer list rather | |
31 | # than setting them up individually then you'll need this | |
32 | printcap name = /etc/printcap | |
33 | load printers = yes | |
34 | ||
35 | # It should not be necessary to spell out the print system type unless | |
36 | # yours is non-standard. Currently supported print systems include: | |
7c4ff631 | 37 | # bsd, sysv, plp, lprng, aix, hpux, qnx, cups |
9a0c1290 | 38 | printing = lprng |
94610c17 | 39 | |
40 | # Uncomment this if you want a guest account, you must add this to /etc/passwd | |
41 | # otherwise the user "nobody" is used | |
42 | ; guest account = pcguest | |
43 | ||
44 | # this tells Samba to use a separate log file for each machine | |
45 | # that connects | |
3df908aa | 46 | log file = /var/log/samba/log.%I |
94610c17 | 47 | |
48 | # Put a capping on the size of the log files (in Kb). | |
49 | max log size = 50 | |
50 | ||
51 | # Security mode. Most people will want user level security. See | |
52 | # security_level.txt for details. | |
53 | security = user | |
54 | # Use password server option only with security = server | |
55 | ; password server = <NT-Server-Name> | |
56 | ||
57 | # Password Level allows matching of _n_ characters of the password for | |
58 | # all combinations of upper and lower case. | |
59 | ; password level = 8 | |
60 | ; username level = 8 | |
61 | ||
6474fc1b | 62 | # You may wish to use password encryption. Please read Samba documentation. |
94610c17 | 63 | # Do not enable this option unless you have read those documents |
64 | ; encrypt passwords = yes | |
65 | ; smb passwd file = /etc/smbpasswd | |
66 | ||
67 | # The following are needed to allow password changing from Windows to | |
7c4ff631 | 68 | # update the Linux system password also. |
94610c17 | 69 | # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. |
70 | # NOTE2: You do NOT need these to allow workstations to change only | |
71 | # the encrypted SMB passwords. They allow the Unix password | |
72 | # to be kept in sync with the SMB password. | |
73 | ; unix password sync = Yes | |
74 | ; passwd program = /usr/bin/passwd %u | |
75 | ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* | |
76 | ||
77 | # Unix users can map to different SMB User names | |
78 | ; username map = /etc/samba/smbusers | |
79 | ||
80 | # Using the following line enables you to customise your configuration | |
81 | # on a per machine basis. The %m gets replaced with the netbios name | |
82 | # of the machine that is connecting | |
83 | ; include = /etc/samba/smb.conf.%m | |
84 | ||
85 | # Most people will find that this option gives better performance. | |
86 | # See speed.txt and the manual pages for details | |
87 | socket options = TCP_NODELAY | |
88 | ||
89 | # Configure Samba to use multiple interfaces | |
90 | # If you have multiple network interfaces then you must list them | |
91 | # here. See the man page for details. | |
92 | ; interfaces = 192.168.12.2/24 192.168.13.2/24 | |
93 | ||
94 | # Configure remote browse list synchronisation here | |
95 | # request announcement to, or browse list sync from: | |
96 | # a specific host or from / to a whole subnet (see below) | |
97 | ; remote browse sync = 192.168.3.25 192.168.5.255 | |
98 | # Cause this host to announce itself to local subnets here | |
99 | ; remote announce = 192.168.1.255 192.168.2.44 | |
100 | ||
101 | # Browser Control Options: | |
102 | # set local master to no if you don't want Samba to become a master | |
103 | # browser on your network. Otherwise the normal election rules apply | |
104 | ; local master = no | |
105 | ||
106 | # OS Level determines the precedence of this server in master browser | |
107 | # elections. The default value should be reasonable | |
108 | ; os level = 33 | |
109 | ||
110 | # Domain Master specifies Samba to be the Domain Master Browser. This | |
111 | # allows Samba to collate browse lists between subnets. Don't use this | |
112 | # if you already have a Windows NT domain controller doing this job | |
113 | ; domain master = yes | |
114 | ||
115 | # Preferred Master causes Samba to force a local browser election on startup | |
116 | # and gives it a slightly higher chance of winning the election | |
117 | ; preferred master = yes | |
118 | ||
119 | # Use only if you have an NT server on your network that has been | |
120 | # configured at install time to be a primary domain controller. | |
121 | ; domain controller = <NT-Domain-Controller-SMBName> | |
122 | ||
123 | # Enable this if you want Samba to be a domain logon server for | |
124 | # Windows95 workstations. | |
125 | ; domain logons = yes | |
126 | ||
7c4ff631 | 127 | # If you enable domain logons then you may want a per-machine or |
94610c17 | 128 | # per user logon script |
129 | # run a specific logon batch file per workstation (machine) | |
130 | ; logon script = %m.bat | |
131 | # run a specific logon batch file per username | |
132 | ; logon script = %U.bat | |
133 | ||
134 | # Where to store roving profiles (only for Win95 and WinNT) | |
135 | # %L substitutes for this servers netbios name, %U is username | |
136 | # You must uncomment the [Profiles] share below | |
137 | ; logon path = \\%L\Profiles\%U | |
138 | ||
139 | # All NetBIOS names must be resolved to IP Addresses | |
140 | # 'Name Resolve Order' allows the named resolution mechanism to be specified | |
141 | # the default order is "host lmhosts wins bcast". "host" means use the unix | |
142 | # system gethostbyname() function call that will use either /etc/hosts OR | |
143 | # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf | |
144 | # and the /etc/resolv.conf file. "host" therefore is system configuration | |
145 | # dependant. This parameter is most often of use to prevent DNS lookups | |
146 | # in order to resolve NetBIOS names to IP Addresses. Use with care! | |
147 | # The example below excludes use of name resolution for machines that are NOT | |
148 | # on the local network segment | |
149 | # - OR - are not deliberately to be known via lmhosts or via WINS. | |
150 | ; name resolve order = wins lmhosts bcast | |
151 | ||
152 | # Windows Internet Name Serving Support Section: | |
153 | # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server | |
154 | ; wins support = yes | |
155 | ||
156 | # WINS Server - Tells the NMBD components of Samba to be a WINS Client | |
157 | # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both | |
158 | ; wins server = w.x.y.z | |
159 | ||
160 | # WINS Proxy - Tells Samba to answer name resolution queries on | |
161 | # behalf of a non WINS capable client, for this to work there must be | |
162 | # at least one WINS Server on the network. The default is NO. | |
163 | ; wins proxy = yes | |
164 | ||
165 | # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names | |
166 | # via DNS nslookups. The built-in default for versions 1.9.17 is yes, | |
167 | # this has been changed in version 1.9.18 to no. | |
168 | dns proxy = no | |
169 | ||
170 | # Case Preservation can be handy - system default is _no_ | |
171 | # NOTE: These can be set on a per share basis | |
172 | ; preserve case = no | |
173 | ; short preserve case = no | |
174 | # Default case is normally upper case for all DOS files | |
175 | ; default case = lower | |
176 | # Be very careful with case sensitivity - it can break things! | |
177 | ; case sensitive = no | |
178 | ||
08fef0bf | 179 | # Setting this to yes may cause problems when using kernel < 2.6 |
180 | # This option is ignored when Windows 9x client connects | |
181 | use sendfile = no | |
182 | ||
94610c17 | 183 | #============================ Share Definitions ============================== |
184 | [homes] | |
185 | comment = Home Directories | |
186 | browseable = no | |
187 | writable = yes | |
188 | ||
189 | # Un-comment the following and create the netlogon directory for Domain Logons | |
190 | ; [netlogon] | |
191 | ; comment = Network Logon Service | |
192 | ; path = /home/netlogon | |
193 | ; guest ok = yes | |
194 | ; writable = no | |
195 | ; share modes = no | |
196 | ||
197 | ||
198 | # Un-comment the following to provide a specific roving profile share | |
199 | # the default is to use the user's home directory | |
200 | ;[Profiles] | |
201 | ; path = /home/profiles | |
202 | ; browseable = no | |
203 | ; guest ok = yes | |
204 | ||
205 | ||
206 | # NOTE: If you have a BSD-style print system there is no need to | |
207 | # specifically define each individual printer | |
208 | [printers] | |
209 | comment = All Printers | |
210 | path = /var/spool/samba | |
211 | browseable = no | |
212 | # Set public = yes to allow user 'guest account' to print | |
213 | guest ok = no | |
214 | writable = no | |
215 | printable = yes | |
216 | ||
217 | # This one is useful for people to share files | |
218 | ;[tmp] | |
219 | ; comment = Temporary file space | |
220 | ; path = /tmp | |
221 | ; read only = no | |
222 | ; public = yes | |
223 | ||
224 | # A publicly accessible directory, but read only, except for people in | |
225 | # the "staff" group | |
226 | ;[public] | |
227 | ; comment = Public Stuff | |
bbf7ec7d | 228 | ; path = /home/services/samba |
94610c17 | 229 | ; public = yes |
230 | ; writable = yes | |
231 | ; printable = no | |
232 | ; write list = @staff | |
233 | ||
234 | # Other examples. | |
235 | # | |
236 | # A private printer, usable only by fred. Spool data will be placed in fred's | |
237 | # home directory. Note that fred must have write access to the spool directory, | |
238 | # wherever it is. | |
239 | ;[fredsprn] | |
240 | ; comment = Fred's Printer | |
241 | ; valid users = fred | |
242 | ; path = /homes/fred | |
243 | ; printer = freds_printer | |
244 | ; public = no | |
245 | ; writable = no | |
246 | ; printable = yes | |
247 | ||
248 | # A private directory, usable only by fred. Note that fred requires write | |
249 | # access to the directory. | |
250 | ;[fredsdir] | |
251 | ; comment = Fred's Service | |
252 | ; path = /usr/somewhere/private | |
253 | ; valid users = fred | |
254 | ; public = no | |
255 | ; writable = yes | |
256 | ; printable = no | |
257 | ||
7c4ff631 | 258 | # A service which has a different directory for each machine that connects |
94610c17 | 259 | # this allows you to tailor configurations to incoming machines. You could |
260 | # also use the %u option to tailor it by user name. | |
261 | # The %m gets replaced with the machine name that is connecting. | |
262 | ;[pchome] | |
263 | ; comment = PC Directories | |
264 | ; path = /usr/pc/%m | |
265 | ; public = no | |
266 | ; writable = yes | |
267 | ||
268 | # A publicly accessible directory, read/write to all users. Note that all files | |
269 | # created in the directory by users will be owned by the default user, so | |
270 | # any user with access can delete any other user's files. Obviously this | |
271 | # directory must be writable by the default user. Another user could of course | |
272 | # be specified, in which case all files would be owned by that user instead. | |
273 | ;[public] | |
274 | ; path = /usr/somewhere/else/public | |
275 | ; public = yes | |
276 | ; only guest = yes | |
277 | ; writable = yes | |
278 | ; printable = no | |
279 | ||
280 | # The following two entries demonstrate how to share a directory so that two | |
281 | # users can place files there that will be owned by the specific users. In this | |
282 | # setup, the directory should be writable by both users and should have the | |
283 | # sticky bit set on it to prevent abuse. Obviously this could be extended to | |
284 | # as many users as required. | |
285 | ;[myshare] | |
286 | ; comment = Mary's and Fred's stuff | |
287 | ; path = /usr/somewhere/shared | |
288 | ; valid users = mary fred | |
289 | ; public = no | |
290 | ; writable = yes | |
291 | ; printable = no | |
292 | ; create mask = 0765 | |
293 | ||
294 |