Annotation of /alx-src/branches/alxconf_20060908/skel/samba/smb3.conf
Parent Directory | Revision Log
Revision 1626 -
(hide annotations)
(download)
Thu Dec 9 13:52:27 2010 UTC (13 years, 9 months ago) by niro
File size: 13757 byte(s)
Thu Dec 9 13:52:27 2010 UTC (13 years, 9 months ago) by niro
File size: 13757 byte(s)
-fixed printcap, all printers should be shown on windows
1 | niro | 288 | # This is the main Samba configuration file. You should read the |
2 | # smb.conf(5) manual page in order to understand the options listed | ||
3 | # here. Samba has a huge number of configurable options (perhaps too | ||
4 | # many!) most of which are not shown in this example | ||
5 | # | ||
6 | # Any line which starts with a ; (semi-colon) or a # (hash) | ||
7 | # is a comment and is ignored. In this example we will use a # | ||
8 | # for commentry and a ; for parts of the config file that you | ||
9 | # may wish to enable | ||
10 | # | ||
11 | # NOTE: Whenever you modify this file you should run the command "testparm" | ||
12 | # to check that you have not many any basic syntactic errors. | ||
13 | # | ||
14 | #======================= Global Settings ===================================== | ||
15 | [global] | ||
16 | |||
17 | ## | ||
18 | ## Basic Server Settings | ||
19 | ## | ||
20 | |||
21 | # workgroup = NT-Domain-Name or Workgroup-Name | ||
22 | workgroup = WORKGROUP | ||
23 | |||
24 | # server string is the equivalent of the NT Description field | ||
25 | server string = Samba Server | ||
26 | |||
27 | # netbios name is the name you will see in "Network Neighbourhood", | ||
28 | # but defaults to your hostname | ||
29 | ; netbios name = <name_of_this_server> | ||
30 | |||
31 | # This option is important for security. It allows you to restrict | ||
32 | # connections to machines which are on your local network. The | ||
33 | # following example restricts access to two C class networks and | ||
34 | # the "loopback" interface. For more examples of the syntax see | ||
35 | # the smb.conf man page | ||
36 | ; hosts allow = 192.168.1. 192.168.2.0./24 192.168.3.0/255.255.255.0 127.0.0.1 | ||
37 | |||
38 | # Uncomment this if you want a guest account, you must add this to /etc/passwd | ||
39 | # otherwise the user "nobody" is used | ||
40 | ; guest account = pcguest | ||
41 | |||
42 | # this tells Samba to use a separate log file for each machine | ||
43 | # that connects | ||
44 | log file = /var/log/samba/log.%m | ||
45 | |||
46 | # How much information do you want to see in the logs? | ||
47 | # default is only to log critical messages | ||
48 | ; log level = 3 | ||
49 | |||
50 | # Put a capping on the size of the log files (in Kb). | ||
51 | max log size = 50 | ||
52 | |||
53 | # Security mode. Most people will want user level security. See | ||
54 | # security_level.txt for details. | ||
55 | security = user | ||
56 | |||
57 | # Using the following line enables you to customise your configuration | ||
58 | # on a per machine basis. The %m gets replaced with the netbios name | ||
59 | # of the machine that is connecting. | ||
60 | ; include = /etc/samba/smb.conf.%m | ||
61 | |||
62 | # Most people will find that this option gives better performance. | ||
63 | # See speed.txt and the manual pages for details | ||
64 | socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 | ||
65 | |||
66 | # Configure Samba to use multiple interfaces | ||
67 | # If you have multiple network interfaces and want to limit smbd will | ||
68 | # use, list the ones desired here. Otherwise smbd & nmbd will bind to all | ||
69 | # active interfaces on the system. See the man page for details. | ||
70 | ; interfaces = 192.168.12.2/24 192.168.13.2/24 | ||
71 | |||
72 | # Should smbd report that it has MS-DFS Capabilities? Only available | ||
73 | # if --with-msdfs was passed to ./configure | ||
74 | ; host msdfs = yes | ||
75 | |||
76 | ## | ||
77 | ## Network Browsing | ||
78 | ## | ||
79 | # set local master to no if you don't want Samba to become a master | ||
80 | # browser on your network. Otherwise the normal election rules apply | ||
81 | ; local master = no | ||
82 | |||
83 | # OS Level determines the precedence of this server in master browser | ||
84 | # elections. The default value (33) should be reasonable | ||
85 | ; os level = 33 | ||
86 | |||
87 | # Domain Master specifies Samba to be the Domain Master Browser. This | ||
88 | # allows Samba to collate browse lists between subnets. Don't use this | ||
89 | # if you already have a Windows NT domain controller doing this job | ||
90 | ; domain master = yes | ||
91 | |||
92 | # Preferred Master causes Samba to force a local browser election on startup | ||
93 | # and gives it a slightly higher chance of winning the election | ||
94 | ; preferred master = yes | ||
95 | |||
96 | |||
97 | ## | ||
98 | ## WINS & Name Resolution | ||
99 | ## | ||
100 | # All NetBIOS names must be resolved to IP Addresses | ||
101 | # 'Name Resolve Order' allows the named resolution mechanism to be specified | ||
102 | # the default order is "host lmhosts wins bcast". "host" means use the unix | ||
103 | # system gethostbyname() function call that will use either /etc/hosts OR | ||
104 | # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf | ||
105 | # and the /etc/resolv.conf file. "host" therefore is system configuration | ||
106 | # dependant. This parameter is most often of use to prevent DNS lookups | ||
107 | # in order to resolve NetBIOS names to IP Addresses. Use with care! | ||
108 | # The example below excludes use of name resolution for machines that are NOT | ||
109 | # on the local network segment | ||
110 | # - OR - are not deliberately to be known via lmhosts or via WINS. | ||
111 | ; name resolve order = wins lmhosts bcast | ||
112 | |||
113 | # Windows Internet Name Serving Support Section: | ||
114 | # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server | ||
115 | ; wins support = yes | ||
116 | |||
117 | # WINS Server - Tells the NMBD components of Samba to be a WINS Client | ||
118 | # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both | ||
119 | ; wins server = w.x.y.z | ||
120 | |||
121 | # WINS Proxy - Tells Samba to answer name resolution queries on | ||
122 | # behalf of a non WINS capable client, for this to work there must be | ||
123 | # at least one WINS Server on the network. The default is NO. | ||
124 | ; wins proxy = yes | ||
125 | |||
126 | # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names | ||
127 | # via DNS nslookups. | ||
128 | dns proxy = no | ||
129 | |||
130 | |||
131 | ## | ||
132 | ## Passwords & Authentication | ||
133 | ## | ||
134 | # Use password server option only with security = server | ||
135 | # The argument list may include: | ||
136 | # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] | ||
137 | # or to auto-locate the domain controller/s | ||
138 | # When using security = domain, you should use password server = * | ||
139 | ; password server = * | ||
140 | ; password server = <NT-Server-Name> | ||
141 | |||
142 | # You may wish to use password encryption. Please read | ||
143 | # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. | ||
144 | # Do not enable this option unless you have read those documents | ||
145 | # Encrypted passwords are required to samba in a Windows NT domain | ||
146 | encrypt passwords = yes | ||
147 | |||
148 | # The smbpasswd file is only required by a server doing authentication, thus | ||
149 | # members of a domain do not need one. | ||
150 | smb passwd file = /var/lib/samba/private/smbpasswd | ||
151 | |||
152 | # Should smbd obey the session and account lines in /etc/pam.d/samba ? | ||
153 | # only available if --with-pam was used at compile time | ||
154 | ; obey pam restrictions = yes | ||
155 | |||
156 | # When using encrypted passwords, Samba can synchronize the local | ||
157 | # UNIX password as well. You will also need the "passwd chat" parameters | ||
158 | ; unix password sync = yes | ||
159 | |||
160 | # how should smbd talk to the local system when changing a UNIX | ||
161 | # password? See smb.conf(5) for details | ||
162 | # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. | ||
163 | # NOTE2: You do NOT need these to allow workstations to change only | ||
164 | # the encrypted SMB passwords. They allow the Unix password | ||
165 | # to be kept in sync with the SMB password. | ||
166 | # passwd chat = <custom chat string> | ||
167 | ; unix password sync = Yes | ||
168 | ; passwd program = /usr/bin/passwd %u | ||
169 | ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n | ||
170 | ;*passwd:*all*authentication*tokens*updated*successfully* | ||
171 | |||
172 | |||
173 | # This is only available if you compiled Samba to include --with-pam | ||
174 | # Use PAM for changing the password | ||
175 | ; pam password change = yes | ||
176 | |||
177 | # Unix users can map to different SMB User names | ||
178 | ; username map = /etc/samba/smbusers | ||
179 | |||
180 | |||
181 | ## | ||
182 | ## Domain Control | ||
183 | ## | ||
184 | # Enable this if you want Samba act as a domain controller. | ||
185 | # make sure you have read the Samba-PDC-HOWTO included in the documentation | ||
186 | # before enabling this parameter | ||
187 | ; domain logons = yes | ||
188 | |||
189 | # if you enable domain logons then you may want a per-machine or | ||
190 | # per user logon script | ||
191 | # run a specific logon batch file per workstation (machine) | ||
192 | ; logon script = %m.bat | ||
193 | # run a specific logon batch file per username | ||
194 | ; logon script = %U.bat | ||
195 | |||
196 | # Where to store roving profiles (only for Win95 and WinNT) | ||
197 | # %L substitutes for this servers netbios name, %U is username | ||
198 | # You must uncomment the [Profiles] share below | ||
199 | ; logon path = \\%L\Profiles\%U | ||
200 | |||
201 | # UNC path specifying the network location of the user's home directory | ||
202 | # only used when acting as a DC for WinNT/2k/XP. Ignored by Win9x clients | ||
203 | ; logon home = \\%L\%U\.profile | ||
204 | |||
205 | # The add user script is used by a domain member to add local user accounts | ||
206 | # that have been authenticated by the domain controller, or by the domain | ||
207 | # controller to add local machine accounts when adding machines to the domain. | ||
208 | # The script must work from the command line when replacing the macros, | ||
209 | # or the operation will fail. Check that groups exist if forcing a group. | ||
210 | # Script for domain controller for adding machines: | ||
211 | ; add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Accoun$ | ||
212 | # Script for domain member for adding local accounts for authenticated users: | ||
213 | ; add user script = /usr/sbin/useradd -s /bin/false %u | ||
214 | |||
215 | # These scripts are used on a domain controller or stand-alone | ||
216 | # machine to add or delete corresponding unix accounts | ||
217 | ; add user script = /usr/sbin/useradd %u | ||
218 | ; add group script = /usr/sbin/groupadd %g | ||
219 | ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u | ||
220 | ; delete user script = /usr/sbin/userdel %u | ||
221 | ; delete user from group script = /usr/sbin/deluser %u %g | ||
222 | ; delete group script = /usr/sbin/groupdel %g | ||
223 | |||
224 | # domain admin group is a list of unix users or groups who are made members | ||
225 | # of the Domain Admin group | ||
226 | ; domain admin group = root @wheel | ||
227 | # | ||
228 | # domain guest groups is a list of unix users or groups who are made members | ||
229 | # of the Domain Guests group | ||
230 | ; domain guest group = nobody @guest | ||
231 | |||
232 | # What drive should the "logon home" be mounted at upon login ? | ||
233 | # only used when acting as a DC for WinNT/2k/XP. Ignored by Win9x clients | ||
234 | ; logon drive = H: | ||
235 | |||
236 | ## | ||
237 | ## Printing | ||
238 | ## | ||
239 | |||
240 | # If you want to automatically load your printer list rather | ||
241 | # than setting them up individually then you'll need this | ||
242 | load printers = yes | ||
243 | |||
244 | # you may wish to override the location of the printcap file | ||
245 | # cups printing is the default | ||
246 | niro | 1626 | printcap name = /etc/printcap |
247 | niro | 288 | |
248 | # It should not be necessary to specify the print system type unless | ||
249 | # it is non-standard. Currently supported print systems include: | ||
250 | # bsd, sysv, plp, lprng, aix, hpux, qnxm, cups | ||
251 | printing = cups | ||
252 | |||
253 | # list of users and groups which should be able to remotely manage | ||
254 | # printer drivers installed on the server | ||
255 | # printer admin = @<group> <user> | ||
256 | ; printer admin = @adm | ||
257 | |||
258 | |||
259 | ## | ||
260 | ## Winbind | ||
261 | ## | ||
262 | |||
263 | # specify the uid range which can be used by winbindd | ||
264 | # to allocate uids for Windows users as necessary | ||
265 | ; winbind uid = 10000-20000 | ||
266 | |||
267 | # specify the uid range which can be used by winbindd | ||
268 | # to allocate uids for Windows users as necessary | ||
269 | ; winbind gid = 10000-20000 | ||
270 | |||
271 | # Define a home directory to be given to passwd(5) style entries | ||
272 | # generated by libnss_winbind.so. You can use variables here | ||
273 | ; winbind template homedir = /home/%D/%U | ||
274 | |||
275 | # Specify a shell for all winbind user entries return by the | ||
276 | # libnss_winbind.so library. | ||
277 | ; winbind template shell = /bin/bash | ||
278 | |||
279 | # What character should be used to separate the DOMAIN and Username | ||
280 | # for a Windows user. The default is DOMAIN\user, but many people | ||
281 | # prefer DOMAIN+user | ||
282 | ; winbind separator = + | ||
283 | |||
284 | |||
285 | |||
286 | ### | ||
287 | ### File Naming | ||
288 | ### | ||
289 | # Case Preservation can be handy - system default is _no_ | ||
290 | # NOTE: These can be set on a per share basis | ||
291 | ; preserve case = no | ||
292 | ; short preserve case = no | ||
293 | # Default case is normally upper case for all DOS files | ||
294 | ; default case = lower | ||
295 | # Be very careful with case sensitivity - it can break things! | ||
296 | ; case sensitive = no | ||
297 | |||
298 | # you can match a Windows code page with a UNIX character set. | ||
299 | # Windows: 437 (US), 737 (GREEK), 850 (Latin1 - Western European), | ||
300 | # 852 (Eastern Eu.), 861 (Icelandic), 932 (Cyrillic - Russian), | ||
301 | # 936 (Japanese - Shift-JIS), 936 (Simpl. Chinese), 949 (Korean Hangul), | ||
302 | # 950 (Trad. Chin.). | ||
303 | # UNIX: ISO8859-1 (Western European), ISO8859-2 (Eastern Eu.), | ||
304 | # ISO8859-5 (Russian Cyrillic), KOI8-R (Alt-Russ. Cyril.) | ||
305 | # This is an example for french users: | ||
306 | ; client code page = 850 | ||
307 | ; character set = ISO8859-1 | ||
308 | |||
309 | #============================ Share Definitions ============================== | ||
310 | [homes] | ||
311 | comment = Home Directories | ||
312 | browseable = no | ||
313 | writable = yes | ||
314 | |||
315 | # NOTE: If you have a CUPS or BSD-style print system there is no need to | ||
316 | # specifically define each individual printer | ||
317 | [printers] | ||
318 | comment = All Printers | ||
319 | path = /var/spool/samba | ||
320 | browseable = no | ||
321 | |||
322 | # Set guest ok = yes to allow user 'guest account' to print | ||
323 | guest ok = yes | ||
324 | |||
325 | writable = no | ||
326 | printable = yes | ||
327 | create mode = 0700 | ||
328 | |||
329 | # You must configure the samba printers with the appropriate Windows | ||
330 | # drivers on your Windows clients. On the Samba server no filtering is | ||
331 | # done. If you wish that the server provides the driver and the clients | ||
332 | # send PostScript ("Generic PostScript Printer" under Windows), you have | ||
333 | # to swap the 'print command' line below with the commented one. | ||
334 | print command = lpr -P %p -o raw %s -r # using client side printer drivers. | ||
335 | ; print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients). | ||
336 | |||
337 | # The following two commands are the samba defaults for printing=cups | ||
338 | # change them only if you need different options: | ||
339 | ; lpq command = lpq -P %p | ||
340 | ; lprm command = cancel %p-%j | ||
341 | |||
342 | |||
343 | # This share is used for Windows NT-style point-and-print support. | ||
344 | # To be able to install drivers, you need to be either root, or listed | ||
345 | # in the printer admin parameter above. Note that you also need write access | ||
346 | # to the directory and share definition to be able to upload the drivers. | ||
347 | # For more information on this, please see the Printing Support Section of | ||
348 | # /usr/share/doc/samba-<version>/docs/Samba-HOWTO-Collection.pdf | ||
349 | [print$] | ||
350 | path = /var/lib/samba/printers | ||
351 | browseable = yes | ||
352 | read only = yes | ||
353 | write list = @adm root | ||
354 | |||
355 | |||
356 | [ica-sessions] | ||
357 | comment = ICA-Sessions on this host | ||
358 | path = /etc/alxconfig-ng/ica-sessions | ||
359 | valid users = root | ||
360 | writable = yes | ||
361 | browseable = yes |