version 10, including all changes.
.
| Rev |
Author |
# |
Line |
| 7 |
GavinGrieve |
1 |
!I have just realised that I missed some share definitions in this conf file. I will add them when I can. |
| 6 |
CraigBox |
2 |
|
| 1 |
GavinGrieve |
3 |
[[global] |
| 3 |
GavinGrieve |
4 |
# name of this machine on the network (doesn't have to be the same |
| |
|
5 |
# as the hostname |
| 1 |
GavinGrieve |
6 |
netbios name = SERVER |
| |
|
7 |
|
| |
|
8 |
# workgroup = NT-Domain-Name or Workgroup-Name |
| |
|
9 |
workgroup = WLUG |
| |
|
10 |
|
| |
|
11 |
# server string is the equivalent of the NT Description field |
| |
|
12 |
server string = WaikatoLinuxUsersGroup PDC Server |
| |
|
13 |
|
| |
|
14 |
# This option is important for security. It allows you to restrict |
| |
|
15 |
# connections to machines which are on your local network. |
| |
|
16 |
hosts allow = 192.168.0. |
| |
|
17 |
|
| |
|
18 |
# this tells Samba to use a separate log file for each machine |
| |
|
19 |
# that connects |
| |
|
20 |
log file = /var/log/samba/%m.log |
| |
|
21 |
|
| |
|
22 |
# Put a capping on the size of the log files (in Kb). |
| |
|
23 |
max log size = 0 |
| |
|
24 |
|
| |
|
25 |
# Security mode. Most people will want user level security. See |
| |
|
26 |
# security_level.txt for details. |
| |
|
27 |
security = user |
| |
|
28 |
|
| |
|
29 |
# Password Level allows matching of _n_ characters of the password for |
| |
|
30 |
# all combinations of upper and lower case. |
| |
|
31 |
password level = 8 |
| |
|
32 |
username level = 8 |
| |
|
33 |
|
| |
|
34 |
# You may wish to use password encryption. Please read |
| |
|
35 |
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. |
| |
|
36 |
# Do not enable this option unless you have read those documents |
| |
|
37 |
encrypt passwords = yes |
| |
|
38 |
smb passwd file = /etc/samba/smbpasswd |
| |
|
39 |
|
| |
|
40 |
# The following is needed to keep smbclient from spouting spurious errors |
| |
|
41 |
# when Samba is built with support for SSL. |
| |
|
42 |
ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt |
| |
|
43 |
|
| |
|
44 |
# The following are needed to allow password changing from Windows to |
| |
|
45 |
# update the Linux sytsem password also. |
| |
|
46 |
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. |
| |
|
47 |
# NOTE2: You do NOT need these to allow workstations to change only |
| |
|
48 |
# the encrypted SMB passwords. They allow the Unix password |
| |
|
49 |
# to be kept in sync with the SMB password. |
| |
|
50 |
unix password sync = Yes |
| |
|
51 |
passwd program = /usr/bin/passwd %u |
| 2 |
GavinGrieve |
52 |
passwd chat = *New*password* %n\n *Retype*new*password* %n\n \ |
| |
|
53 |
*passwd:*all*authentication*tokens*updated*successfully* |
| 1 |
GavinGrieve |
54 |
|
| |
|
55 |
# You can use PAM's password change control flag for Samba. If |
| |
|
56 |
# enabled, then PAM will be used for password changes when requested |
| |
|
57 |
# by an SMB client instead of the program listed in passwd program. |
| |
|
58 |
# It should be possible to enable this without changing your passwd |
| |
|
59 |
# chat parameter for most setups. |
| |
|
60 |
pam password change = yes |
| |
|
61 |
|
| |
|
62 |
# Unix users can map to different SMB User names |
| |
|
63 |
# username map = /etc/samba/smbusers |
| |
|
64 |
|
| |
|
65 |
# This parameter will control whether or not Samba should obey PAM's |
| |
|
66 |
# account and session management directives. The default behavior is |
| |
|
67 |
# to use PAM for clear text authentication only and to ignore any |
| |
|
68 |
# account or session management. Note that Samba always ignores PAM |
| |
|
69 |
# for authentication in the case of encrypt passwords = yes |
| |
|
70 |
obey pam restrictions = no |
| |
|
71 |
|
| |
|
72 |
# Most people will find that this option gives better performance. |
| |
|
73 |
# See speed.txt and the manual pages for details |
| |
|
74 |
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 |
| |
|
75 |
|
| |
|
76 |
# Configure Samba to use multiple interfaces |
| |
|
77 |
# If you have multiple network interfaces then you must list them |
| |
|
78 |
# here. See the man page for details. |
| 5 |
GavinGrieve |
79 |
interfaces = 192.168.0.254/24 |
| 1 |
GavinGrieve |
80 |
|
| |
|
81 |
# Configure remote browse list synchronisation here |
| |
|
82 |
# request announcement to, or browse list sync from: |
| |
|
83 |
# a specific host or from / to a whole subnet (see below) |
| |
|
84 |
# remote browse sync = 192.168.3.25 192.168.5.255 |
| |
|
85 |
# Cause this host to announce itself to local subnets here |
| 5 |
GavinGrieve |
86 |
remote announce = 192.168.0.255 |
| 1 |
GavinGrieve |
87 |
|
| |
|
88 |
# Browser Control Options: |
| |
|
89 |
# set local master to no if you don't want Samba to become a master |
| |
|
90 |
# browser on your network. Otherwise the normal election rules apply |
| |
|
91 |
local master = yes |
| |
|
92 |
|
| |
|
93 |
# OS Level determines the precedence of this server in master browser |
| |
|
94 |
# elections. The default value should be reasonable |
| |
|
95 |
os level = 64 |
| |
|
96 |
|
| |
|
97 |
# Domain Master specifies Samba to be the Domain Master Browser. This |
| |
|
98 |
# allows Samba to collate browse lists between subnets. Don't use this |
| |
|
99 |
# if you already have a Windows NT domain controller doing this job |
| |
|
100 |
domain master = yes |
| |
|
101 |
|
| 4 |
GavinGrieve |
102 |
# Preferred Master causes Samba to force a local browser election on |
| |
|
103 |
# startup and gives it a slightly higher chance of winning the election |
| 1 |
GavinGrieve |
104 |
preferred master = yes |
| |
|
105 |
|
| |
|
106 |
# Enable this if you want Samba to be a domain logon server for |
| 8 |
CraigBox |
107 |
# Windows workstations. |
| 1 |
GavinGrieve |
108 |
domain logons = yes |
| |
|
109 |
|
| |
|
110 |
# if you enable domain logons then you may want a per-machine or |
| |
|
111 |
# per user logon script |
| |
|
112 |
# run a specific logon batch file per workstation (machine) |
| |
|
113 |
# logon script = %m.bat |
| |
|
114 |
# run a specific logon batch file per username |
| |
|
115 |
# logon script = %U.bat |
| |
|
116 |
|
| |
|
117 |
# Where to store roving profiles (only for Win95 and WinNT) |
| |
|
118 |
# %L substitutes for this servers netbios name, %U is username |
| |
|
119 |
# You must uncomment the [[Profiles] share below |
| |
|
120 |
logon path = \\%L\Profiles\%U |
| |
|
121 |
|
| |
|
122 |
# Windows Internet Name Serving Support Section: |
| 4 |
GavinGrieve |
123 |
# WINS Support - Tells the NMBD component of Samba to enable it's |
| |
|
124 |
# WINS Server |
| 1 |
GavinGrieve |
125 |
wins support = yes |
| |
|
126 |
|
| |
|
127 |
logon drive = Z: |
| 8 |
CraigBox |
128 |
logon home = \\%L\%U |
| 1 |
GavinGrieve |
129 |
|
| |
|
130 |
# WINS Server - Tells the NMBD components of Samba to be a WINS Client |
| 4 |
GavinGrieve |
131 |
# Note: Samba can be either a WINS Server, or a WINS Client, but |
| |
|
132 |
# NOT both |
| 1 |
GavinGrieve |
133 |
# wins server = w.x.y.z |
| |
|
134 |
|
| |
|
135 |
# WINS Proxy - Tells Samba to answer name resolution queries on |
| |
|
136 |
# behalf of a non WINS capable client, for this to work there must be |
| |
|
137 |
# at least one WINS Server on the network. The default is NO. |
| |
|
138 |
# wins proxy = yes |
| |
|
139 |
|
| |
|
140 |
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names |
| |
|
141 |
# via DNS nslookups. The built-in default for versions 1.9.17 is yes, |
| |
|
142 |
# this has been changed in version 1.9.18 to no. |
| |
|
143 |
# dns proxy = no |
| |
|
144 |
|
| |
|
145 |
# Case Preservation can be handy - system default is _no_ |
| |
|
146 |
# NOTE: These can be set on a per share basis |
| |
|
147 |
# preserve case = no |
| |
|
148 |
# short preserve case = no |
| |
|
149 |
# Default case is normally upper case for all DOS files |
| |
|
150 |
default case = lower |
| |
|
151 |
# Be very careful with case sensitivity - it can break things! |
| |
|
152 |
case sensitive = no |
| |
|
153 |
|
| |
|
154 |
# Script to run when adding users/machines to the domain |
| 4 |
GavinGrieve |
155 |
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false \ |
| |
|
156 |
-M %u |
| 8 |
CraigBox |
157 |
|
| |
|
158 |
# If you're on Debian, you can use the following line: |
| |
|
159 |
# add user script = /usr/sbin/adduser --home /dev/null \ |
| 9 |
CraigBox |
160 |
# --ingroup machines --shell /bin/false --no-create-home \ |
| 10 |
CraigBox |
161 |
# --disabled-login --gecos "SAMBA Machine Account" --force-badname %u |
