SHOW:
|
|
- or go back to the newest paste.
1 | # This is the main Samba configuration file. You should read the | |
2 | # smb.conf(5) manual page in order to understand the options listed | |
3 | # here. Samba has a huge number of configurable options (perhaps too | |
4 | # many!) most of which are not shown in this example | |
5 | # | |
6 | # For a step to step guide on installing, configuring and using samba, | |
7 | # read the Samba-HOWTO-Collection. This may be obtained from: | |
8 | # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf | |
9 | # | |
10 | # Many working examples of smb.conf files can be found in the | |
11 | # Samba-Guide which is generated daily and can be downloaded from: | |
12 | # http://www.samba.org/samba/docs/Samba-Guide.pdf | |
13 | # | |
14 | # Any line which starts with a ; (semi-colon) or a # (hash) | |
15 | # is a comment and is ignored. In this example we will use a # | |
16 | # for commentry and a ; for parts of the config file that you | |
17 | # may wish to enable | |
18 | # | |
19 | # NOTE: Whenever you modify this file you should run the command "testparm" | |
20 | # to check that you have not made any basic syntactic errors. | |
21 | # | |
22 | #======================= Global Settings ===================================== | |
23 | [global] | |
24 | ||
25 | # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH | |
26 | workgroup = MYGROUP | |
27 | ||
28 | # server string is the equivalent of the NT Description field | |
29 | - | server string = Novus |
29 | + | server string = Obfuscated |
30 | ||
31 | # Allow system links | |
32 | ; allow insecure wide links = yes | |
33 | ||
34 | # Enable NTLMv1 | |
35 | ; ntlm auth = yes | |
36 | ||
37 | # Server role. Defines in which mode Samba will operate. Possible | |
38 | # values are "standalone server", "member server", "classic primary | |
39 | # domain controller", "classic backup domain controller", "active | |
40 | # directory domain controller". | |
41 | # | |
42 | # Most people will want "standalone server" or "member server". | |
43 | # Running as "active directory domain controller" will require first | |
44 | # running "samba-tool domain provision" to wipe databases and create a | |
45 | # new domain. | |
46 | server role = standalone server | |
47 | ||
48 | # This option is important for security. It allows you to restrict | |
49 | # connections to machines which are on your local network. The | |
50 | # following example restricts access to two C class networks and | |
51 | # the "loopback" interface. For more examples of the syntax see | |
52 | # the smb.conf man page | |
53 | ; hosts allow = 192.168.1. 192.168.2. 127. | |
54 | ||
55 | # Uncomment this if you want a guest account, you must add this to /etc/passwd | |
56 | # otherwise the user "nobody" is used | |
57 | ; guest account = pcguest | |
58 | ||
59 | # this tells Samba to use a separate log file for each machine | |
60 | # that connects | |
61 | log file = /usr/local/samba/var/log.%m | |
62 | ||
63 | # Put a capping on the size of the log files (in Kb). | |
64 | max log size = 50 | |
65 | ||
66 | # Specifies the Kerberos or Active Directory realm the host is part of | |
67 | ; realm = MY_REALM | |
68 | ||
69 | # Backend to store user information in. New installations should | |
70 | # use either tdbsam or ldapsam. smbpasswd is available for backwards | |
71 | # compatibility. tdbsam requires no further configuration. | |
72 | ; passdb backend = tdbsam | |
73 | ||
74 | # Using the following line enables you to customise your configuration | |
75 | # on a per machine basis. The %m gets replaced with the netbios name | |
76 | # of the machine that is connecting. | |
77 | # Note: Consider carefully the location in the configuration file of | |
78 | # this line. The included file is read at that point. | |
79 | ; include = /usr/local/samba/lib/smb.conf.%m | |
80 | ||
81 | # Configure Samba to use multiple interfaces | |
82 | # If you have multiple network interfaces then you must list them | |
83 | # here. See the man page for details. | |
84 | ; interfaces = 192.168.12.2/24 192.168.13.2/24 | |
85 | ||
86 | # Where to store roving profiles (only for Win95 and WinNT) | |
87 | # %L substitutes for this servers netbios name, %U is username | |
88 | # You must uncomment the [Profiles] share below | |
89 | ; logon path = \\%L\Profiles\%U | |
90 | ||
91 | # Windows Internet Name Serving Support Section: | |
92 | # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server | |
93 | ; wins support = yes | |
94 | ||
95 | # WINS Server - Tells the NMBD components of Samba to be a WINS Client | |
96 | # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both | |
97 | ; wins server = w.x.y.z | |
98 | ||
99 | # WINS Proxy - Tells Samba to answer name resolution queries on | |
100 | # behalf of a non WINS capable client, for this to work there must be | |
101 | # at least one WINS Server on the network. The default is NO. | |
102 | ; wins proxy = yes | |
103 | ||
104 | # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names | |
105 | # via DNS nslookups. The default is NO. | |
106 | dns proxy = no | |
107 | ||
108 | # These scripts are used on a domain controller or stand-alone | |
109 | # machine to add or delete corresponding unix accounts | |
110 | ; add user script = /usr/sbin/useradd %u | |
111 | ; add group script = /usr/sbin/groupadd %g | |
112 | ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u | |
113 | ; delete user script = /usr/sbin/userdel %u | |
114 | ; delete user from group script = /usr/sbin/deluser %u %g | |
115 | ; delete group script = /usr/sbin/groupdel %g | |
116 | ||
117 | ||
118 | #============================ Share Definitions ============================== | |
119 | #[homes] | |
120 | # comment = Home Directories | |
121 | # browseable = no | |
122 | # writable = yes | |
123 | ||
124 | # Un-comment the following and create the netlogon directory for Domain Logons | |
125 | ; [netlogon] | |
126 | ; comment = Network Logon Service | |
127 | ; path = /usr/local/samba/lib/netlogon | |
128 | ; guest ok = yes | |
129 | ; writable = no | |
130 | ; share modes = no | |
131 | ||
132 | ||
133 | # Un-comment the following to provide a specific roving profile share | |
134 | # the default is to use the user's home directory | |
135 | ;[Profiles] | |
136 | ; path = /usr/local/samba/profiles | |
137 | ; browseable = no | |
138 | ; guest ok = yes | |
139 | ||
140 | ||
141 | # NOTE: If you have a BSD-style print system there is no need to | |
142 | # specifically define each individual printer | |
143 | ;[printers] | |
144 | ; comment = All Printers | |
145 | ; path = /usr/spool/samba | |
146 | ; browseable = no | |
147 | # Set public = yes to allow user 'guest account' to print | |
148 | ; guest ok = no | |
149 | ; writable = no | |
150 | ; printable = yes | |
151 | ||
152 | # This one is useful for people to share files | |
153 | ;[tmp] | |
154 | ; comment = Temporary file space | |
155 | ; path = /tmp | |
156 | ; read only = no | |
157 | ; public = yes | |
158 | ||
159 | # A publicly accessible directory, but read only, except for people in | |
160 | # the "staff" group | |
161 | ;[public] | |
162 | ; comment = Public Stuff | |
163 | ; path = /home/samba | |
164 | ; public = yes | |
165 | ; writable = no | |
166 | ; printable = no | |
167 | ; write list = @staff | |
168 | ||
169 | # Other examples. | |
170 | # | |
171 | # A private printer, usable only by fred. Spool data will be placed in fred's | |
172 | # home directory. Note that fred must have write access to the spool directory, | |
173 | # wherever it is. | |
174 | ;[fredsprn] | |
175 | ; comment = Fred's Printer | |
176 | ; valid users = fred | |
177 | ; path = /homes/fred | |
178 | ; printer = freds_printer | |
179 | ; public = no | |
180 | ; writable = no | |
181 | ; printable = yes | |
182 | ||
183 | # A private directory, usable only by fred. Note that fred requires write | |
184 | # access to the directory. | |
185 | ;[fredsdir] | |
186 | ; comment = Fred's Service | |
187 | ; path = /usr/somewhere/private | |
188 | ; valid users = fred | |
189 | ; public = no | |
190 | ; writable = yes | |
191 | ; printable = no | |
192 | ||
193 | # a service which has a different directory for each machine that connects | |
194 | # this allows you to tailor configurations to incoming machines. You could | |
195 | # also use the %U option to tailor it by user name. | |
196 | # The %m gets replaced with the machine name that is connecting. | |
197 | ;[pchome] | |
198 | ; comment = PC Directories | |
199 | ; path = /usr/pc/%m | |
200 | ; public = no | |
201 | ; writable = yes | |
202 | ||
203 | # A publicly accessible directory, read/write to all users. Note that all files | |
204 | # created in the directory by users will be owned by the default user, so | |
205 | # any user with access can delete any other user's files. Obviously this | |
206 | # directory must be writable by the default user. Another user could of course | |
207 | # be specified, in which case all files would be owned by that user instead. | |
208 | ;[public] | |
209 | ; path = /usr/somewhere/else/public | |
210 | ; public = yes | |
211 | ; only guest = yes | |
212 | ; writable = yes | |
213 | ; printable = no | |
214 | ||
215 | # The following two entries demonstrate how to share a directory so that two | |
216 | # users can place files there that will be owned by the specific users. In this | |
217 | # setup, the directory should be writable by both users and should have the | |
218 | # sticky bit set on it to prevent abuse. Obviously this could be extended to | |
219 | # as many users as required. | |
220 | ;[myshare] | |
221 | ; comment = Mary's and Fred's stuff | |
222 | ; path = /usr/somewhere/shared | |
223 | ; valid users = mary fred | |
224 | ; public = no | |
225 | ; writable = yes | |
226 | ; printable = no | |
227 | ; create mask = 0765 | |
228 | ||
229 | [obfuscated] | |
230 | path = obfuscated | |
231 | browsable = yes | |
232 | valid users = obfuscated | |
233 | read only = no | |
234 | writable = yes | |
235 | ||
236 | [obfuscated] | |
237 | path = obfuscated | |
238 | browsable = yes | |
239 | valid users = obfuscated | |
240 | read only = no | |
241 | writable = yes |