]>
Commit | Line | Data |
---|---|---|
94610c17 | 1 | # This is the main Samba configuration file. You should read the |
2 | # smb.conf(5) manual page in order to understand the options listed | |
3 | # here. Samba has a huge number of configurable options (perhaps too | |
4 | # many!) most of which are not shown in this example | |
5 | # | |
6 | # Any line which starts with a ; (semi-colon) or a # (hash) | |
7 | # is a comment and is ignored. In this example we will use a # | |
8 | # for commentry and a ; for parts of the config file that you | |
9 | # may wish to enable | |
10 | # | |
11 | # NOTE: Whenever you modify this file you should run the command "testparm" | |
12 | # to check that you have not many any basic syntactic errors. | |
13 | # | |
14 | #======================= Global Settings ===================================== | |
15 | [global] | |
16 | ||
17 | # workgroup = NT-Domain-Name or Workgroup-Name | |
18 | workgroup = MYGROUP | |
19 | ||
20 | # server string is the equivalent of the NT Description field | |
21 | server string = Samba Server | |
22 | ||
23 | # This option is important for security. It allows you to restrict | |
24 | # connections to machines which are on your local network. The | |
25 | # following example restricts access to two C class networks and | |
26 | # the "loopback" interface. For more examples of the syntax see | |
27 | # the smb.conf man page | |
28 | ; hosts allow = 192.168.1. 192.168.2. 127. | |
29 | ||
30 | # if you want to automatically load your printer list rather | |
31 | # than setting them up individually then you'll need this | |
32 | printcap name = /etc/printcap | |
33 | load printers = yes | |
34 | ||
35 | # It should not be necessary to spell out the print system type unless | |
36 | # yours is non-standard. Currently supported print systems include: | |
37 | # bsd, sysv, plp, lprng, aix, hpux, qnx | |
38 | ; printing = bsd | |
39 | ||
40 | # Uncomment this if you want a guest account, you must add this to /etc/passwd | |
41 | # otherwise the user "nobody" is used | |
42 | ; guest account = pcguest | |
43 | ||
44 | # this tells Samba to use a separate log file for each machine | |
45 | # that connects | |
46 | log file = /var/log/samba/log.%m | |
47 | ||
48 | # Put a capping on the size of the log files (in Kb). | |
49 | max log size = 50 | |
50 | ||
51 | # Security mode. Most people will want user level security. See | |
52 | # security_level.txt for details. | |
53 | security = user | |
54 | # Use password server option only with security = server | |
55 | ; password server = <NT-Server-Name> | |
56 | ||
57 | # Password Level allows matching of _n_ characters of the password for | |
58 | # all combinations of upper and lower case. | |
59 | ; password level = 8 | |
60 | ; username level = 8 | |
61 | ||
62 | # You may wish to use password encryption. Please read | |
63 | # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. | |
64 | # Do not enable this option unless you have read those documents | |
65 | ; encrypt passwords = yes | |
66 | ; smb passwd file = /etc/smbpasswd | |
67 | ||
68 | # The following are needed to allow password changing from Windows to | |
69 | # update the Linux sytsem password also. | |
70 | # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. | |
71 | # NOTE2: You do NOT need these to allow workstations to change only | |
72 | # the encrypted SMB passwords. They allow the Unix password | |
73 | # to be kept in sync with the SMB password. | |
74 | ; unix password sync = Yes | |
75 | ; passwd program = /usr/bin/passwd %u | |
76 | ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* | |
77 | ||
78 | # Unix users can map to different SMB User names | |
79 | ; username map = /etc/samba/smbusers | |
80 | ||
81 | # Using the following line enables you to customise your configuration | |
82 | # on a per machine basis. The %m gets replaced with the netbios name | |
83 | # of the machine that is connecting | |
84 | ; include = /etc/samba/smb.conf.%m | |
85 | ||
86 | # Most people will find that this option gives better performance. | |
87 | # See speed.txt and the manual pages for details | |
88 | socket options = TCP_NODELAY | |
89 | ||
90 | # Configure Samba to use multiple interfaces | |
91 | # If you have multiple network interfaces then you must list them | |
92 | # here. See the man page for details. | |
93 | ; interfaces = 192.168.12.2/24 192.168.13.2/24 | |
94 | ||
95 | # Configure remote browse list synchronisation here | |
96 | # request announcement to, or browse list sync from: | |
97 | # a specific host or from / to a whole subnet (see below) | |
98 | ; remote browse sync = 192.168.3.25 192.168.5.255 | |
99 | # Cause this host to announce itself to local subnets here | |
100 | ; remote announce = 192.168.1.255 192.168.2.44 | |
101 | ||
102 | # Browser Control Options: | |
103 | # set local master to no if you don't want Samba to become a master | |
104 | # browser on your network. Otherwise the normal election rules apply | |
105 | ; local master = no | |
106 | ||
107 | # OS Level determines the precedence of this server in master browser | |
108 | # elections. The default value should be reasonable | |
109 | ; os level = 33 | |
110 | ||
111 | # Domain Master specifies Samba to be the Domain Master Browser. This | |
112 | # allows Samba to collate browse lists between subnets. Don't use this | |
113 | # if you already have a Windows NT domain controller doing this job | |
114 | ; domain master = yes | |
115 | ||
116 | # Preferred Master causes Samba to force a local browser election on startup | |
117 | # and gives it a slightly higher chance of winning the election | |
118 | ; preferred master = yes | |
119 | ||
120 | # Use only if you have an NT server on your network that has been | |
121 | # configured at install time to be a primary domain controller. | |
122 | ; domain controller = <NT-Domain-Controller-SMBName> | |
123 | ||
124 | # Enable this if you want Samba to be a domain logon server for | |
125 | # Windows95 workstations. | |
126 | ; domain logons = yes | |
127 | ||
128 | # if you enable domain logons then you may want a per-machine or | |
129 | # per user logon script | |
130 | # run a specific logon batch file per workstation (machine) | |
131 | ; logon script = %m.bat | |
132 | # run a specific logon batch file per username | |
133 | ; logon script = %U.bat | |
134 | ||
135 | # Where to store roving profiles (only for Win95 and WinNT) | |
136 | # %L substitutes for this servers netbios name, %U is username | |
137 | # You must uncomment the [Profiles] share below | |
138 | ; logon path = \\%L\Profiles\%U | |
139 | ||
140 | # All NetBIOS names must be resolved to IP Addresses | |
141 | # 'Name Resolve Order' allows the named resolution mechanism to be specified | |
142 | # the default order is "host lmhosts wins bcast". "host" means use the unix | |
143 | # system gethostbyname() function call that will use either /etc/hosts OR | |
144 | # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf | |
145 | # and the /etc/resolv.conf file. "host" therefore is system configuration | |
146 | # dependant. This parameter is most often of use to prevent DNS lookups | |
147 | # in order to resolve NetBIOS names to IP Addresses. Use with care! | |
148 | # The example below excludes use of name resolution for machines that are NOT | |
149 | # on the local network segment | |
150 | # - OR - are not deliberately to be known via lmhosts or via WINS. | |
151 | ; name resolve order = wins lmhosts bcast | |
152 | ||
153 | # Windows Internet Name Serving Support Section: | |
154 | # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server | |
155 | ; wins support = yes | |
156 | ||
157 | # WINS Server - Tells the NMBD components of Samba to be a WINS Client | |
158 | # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both | |
159 | ; wins server = w.x.y.z | |
160 | ||
161 | # WINS Proxy - Tells Samba to answer name resolution queries on | |
162 | # behalf of a non WINS capable client, for this to work there must be | |
163 | # at least one WINS Server on the network. The default is NO. | |
164 | ; wins proxy = yes | |
165 | ||
166 | # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names | |
167 | # via DNS nslookups. The built-in default for versions 1.9.17 is yes, | |
168 | # this has been changed in version 1.9.18 to no. | |
169 | dns proxy = no | |
170 | ||
171 | # Case Preservation can be handy - system default is _no_ | |
172 | # NOTE: These can be set on a per share basis | |
173 | ; preserve case = no | |
174 | ; short preserve case = no | |
175 | # Default case is normally upper case for all DOS files | |
176 | ; default case = lower | |
177 | # Be very careful with case sensitivity - it can break things! | |
178 | ; case sensitive = no | |
179 | ||
180 | #============================ Share Definitions ============================== | |
181 | [homes] | |
182 | comment = Home Directories | |
183 | browseable = no | |
184 | writable = yes | |
185 | ||
186 | # Un-comment the following and create the netlogon directory for Domain Logons | |
187 | ; [netlogon] | |
188 | ; comment = Network Logon Service | |
189 | ; path = /home/netlogon | |
190 | ; guest ok = yes | |
191 | ; writable = no | |
192 | ; share modes = no | |
193 | ||
194 | ||
195 | # Un-comment the following to provide a specific roving profile share | |
196 | # the default is to use the user's home directory | |
197 | ;[Profiles] | |
198 | ; path = /home/profiles | |
199 | ; browseable = no | |
200 | ; guest ok = yes | |
201 | ||
202 | ||
203 | # NOTE: If you have a BSD-style print system there is no need to | |
204 | # specifically define each individual printer | |
205 | [printers] | |
206 | comment = All Printers | |
207 | path = /var/spool/samba | |
208 | browseable = no | |
209 | # Set public = yes to allow user 'guest account' to print | |
210 | guest ok = no | |
211 | writable = no | |
212 | printable = yes | |
213 | ||
214 | # This one is useful for people to share files | |
215 | ;[tmp] | |
216 | ; comment = Temporary file space | |
217 | ; path = /tmp | |
218 | ; read only = no | |
219 | ; public = yes | |
220 | ||
221 | # A publicly accessible directory, but read only, except for people in | |
222 | # the "staff" group | |
223 | ;[public] | |
224 | ; comment = Public Stuff | |
225 | ; path = /home/samba | |
226 | ; public = yes | |
227 | ; writable = yes | |
228 | ; printable = no | |
229 | ; write list = @staff | |
230 | ||
231 | # Other examples. | |
232 | # | |
233 | # A private printer, usable only by fred. Spool data will be placed in fred's | |
234 | # home directory. Note that fred must have write access to the spool directory, | |
235 | # wherever it is. | |
236 | ;[fredsprn] | |
237 | ; comment = Fred's Printer | |
238 | ; valid users = fred | |
239 | ; path = /homes/fred | |
240 | ; printer = freds_printer | |
241 | ; public = no | |
242 | ; writable = no | |
243 | ; printable = yes | |
244 | ||
245 | # A private directory, usable only by fred. Note that fred requires write | |
246 | # access to the directory. | |
247 | ;[fredsdir] | |
248 | ; comment = Fred's Service | |
249 | ; path = /usr/somewhere/private | |
250 | ; valid users = fred | |
251 | ; public = no | |
252 | ; writable = yes | |
253 | ; printable = no | |
254 | ||
255 | # a service which has a different directory for each machine that connects | |
256 | # this allows you to tailor configurations to incoming machines. You could | |
257 | # also use the %u option to tailor it by user name. | |
258 | # The %m gets replaced with the machine name that is connecting. | |
259 | ;[pchome] | |
260 | ; comment = PC Directories | |
261 | ; path = /usr/pc/%m | |
262 | ; public = no | |
263 | ; writable = yes | |
264 | ||
265 | # A publicly accessible directory, read/write to all users. Note that all files | |
266 | # created in the directory by users will be owned by the default user, so | |
267 | # any user with access can delete any other user's files. Obviously this | |
268 | # directory must be writable by the default user. Another user could of course | |
269 | # be specified, in which case all files would be owned by that user instead. | |
270 | ;[public] | |
271 | ; path = /usr/somewhere/else/public | |
272 | ; public = yes | |
273 | ; only guest = yes | |
274 | ; writable = yes | |
275 | ; printable = no | |
276 | ||
277 | # The following two entries demonstrate how to share a directory so that two | |
278 | # users can place files there that will be owned by the specific users. In this | |
279 | # setup, the directory should be writable by both users and should have the | |
280 | # sticky bit set on it to prevent abuse. Obviously this could be extended to | |
281 | # as many users as required. | |
282 | ;[myshare] | |
283 | ; comment = Mary's and Fred's stuff | |
284 | ; path = /usr/somewhere/shared | |
285 | ; valid users = mary fred | |
286 | ; public = no | |
287 | ; writable = yes | |
288 | ; printable = no | |
289 | ; create mask = 0765 | |
290 | ||
291 |