17db96d56Sopenharmony_ci# This is the main Samba configuration file. You should read the 27db96d56Sopenharmony_ci# smb.conf(5) manual page in order to understand the options listed 37db96d56Sopenharmony_ci# here. Samba has a huge number of configurable options (perhaps too 47db96d56Sopenharmony_ci# many!) most of which are not shown in this example 57db96d56Sopenharmony_ci# 67db96d56Sopenharmony_ci# Any line which starts with a ; (semi-colon) or a # (hash) 77db96d56Sopenharmony_ci# is a comment and is ignored. In this example we will use a # 87db96d56Sopenharmony_ci# for commentry and a ; for parts of the config file that you 97db96d56Sopenharmony_ci# may wish to enable 107db96d56Sopenharmony_ci# 117db96d56Sopenharmony_ci# NOTE: Whenever you modify this file you should run the command #"testparm" # to check that you have not made any basic syntactic #errors. 127db96d56Sopenharmony_ci# 137db96d56Sopenharmony_ci#======================= Global Settings ===================================== 147db96d56Sopenharmony_ci[global] 157db96d56Sopenharmony_ci 167db96d56Sopenharmony_ci# 1. Server Naming Options: 177db96d56Sopenharmony_ci# workgroup = NT-Domain-Name or Workgroup-Name 187db96d56Sopenharmony_ci 197db96d56Sopenharmony_ci workgroup = MDKGROUP 207db96d56Sopenharmony_ci 217db96d56Sopenharmony_ci# netbios name is the name you will see in "Network Neighbourhood", 227db96d56Sopenharmony_ci# but defaults to your hostname 237db96d56Sopenharmony_ci 247db96d56Sopenharmony_ci; netbios name = <name_of_this_server> 257db96d56Sopenharmony_ci 267db96d56Sopenharmony_ci# server string is the equivalent of the NT Description field 277db96d56Sopenharmony_ci 287db96d56Sopenharmony_ci server string = Samba Server %v 297db96d56Sopenharmony_ci 307db96d56Sopenharmony_ci# Message command is run by samba when a "popup" message is sent to it. 317db96d56Sopenharmony_ci# The example below is for use with LinPopUp: 327db96d56Sopenharmony_ci; message command = /usr/bin/linpopup "%f" "%m" %s; rm %s 337db96d56Sopenharmony_ci 347db96d56Sopenharmony_ci# 2. Printing Options: 357db96d56Sopenharmony_ci# CHANGES TO ENABLE PRINTING ON ALL CUPS PRINTERS IN THE NETWORK 367db96d56Sopenharmony_ci# (as cups is now used in linux-mandrake 7.2 by default) 377db96d56Sopenharmony_ci# if you want to automatically load your printer list rather 387db96d56Sopenharmony_ci# than setting them up individually then you'll need this 397db96d56Sopenharmony_ci 407db96d56Sopenharmony_ci printcap name = lpstat 417db96d56Sopenharmony_ci load printers = yes 427db96d56Sopenharmony_ci 437db96d56Sopenharmony_ci# It should not be necessary to spell out the print system type unless 447db96d56Sopenharmony_ci# yours is non-standard. Currently supported print systems include: 457db96d56Sopenharmony_ci# bsd, sysv, plp, lprng, aix, hpux, qnx, cups 467db96d56Sopenharmony_ci 477db96d56Sopenharmony_ci printing = cups 487db96d56Sopenharmony_ci 497db96d56Sopenharmony_ci# Samba 2.2 supports the Windows NT-style point-and-print feature. To 507db96d56Sopenharmony_ci# use this, you need to be able to upload print drivers to the samba 517db96d56Sopenharmony_ci# server. The printer admins (or root) may install drivers onto samba. 527db96d56Sopenharmony_ci# Note that this feature uses the print$ share, so you will need to 537db96d56Sopenharmony_ci# enable it below. 547db96d56Sopenharmony_ci# This parameter works like domain admin group: 557db96d56Sopenharmony_ci# printer admin = @<group> <user> 567db96d56Sopenharmony_ci; printer admin = @adm 577db96d56Sopenharmony_ci# This should work well for winbind: 587db96d56Sopenharmony_ci; printer admin = @"Domain Admins" 597db96d56Sopenharmony_ci 607db96d56Sopenharmony_ci# 3. Logging Options: 617db96d56Sopenharmony_ci# this tells Samba to use a separate log file for each machine 627db96d56Sopenharmony_ci# that connects 637db96d56Sopenharmony_ci 647db96d56Sopenharmony_ci log file = /var/log/samba/log.%m 657db96d56Sopenharmony_ci 667db96d56Sopenharmony_ci# Put a capping on the size of the log files (in Kb). 677db96d56Sopenharmony_ci max log size = 50 687db96d56Sopenharmony_ci 697db96d56Sopenharmony_ci# Set the log (verbosity) level (0 <= log level <= 10) 707db96d56Sopenharmony_ci; log level = 3 717db96d56Sopenharmony_ci 727db96d56Sopenharmony_ci# 4. Security and Domain Membership Options: 737db96d56Sopenharmony_ci# This option is important for security. It allows you to restrict 747db96d56Sopenharmony_ci# connections to machines which are on your local network. The 757db96d56Sopenharmony_ci# following example restricts access to two C class networks and 767db96d56Sopenharmony_ci# the "loopback" interface. For more examples of the syntax see 777db96d56Sopenharmony_ci# the smb.conf man page. Do not enable this if (tcp/ip) name resolution #does 787db96d56Sopenharmony_ci# not work for all the hosts in your network. 797db96d56Sopenharmony_ci; hosts allow = 192.168.1. 192.168.2. 127. 807db96d56Sopenharmony_ci 817db96d56Sopenharmony_ci hosts allow = 127. //note this is only my private IP address 827db96d56Sopenharmony_ci 837db96d56Sopenharmony_ci# Uncomment this if you want a guest account, you must add this to 847db96d56Sopenharmony_ci# /etc/passwd 857db96d56Sopenharmony_ci# otherwise the user "nobody" is used 867db96d56Sopenharmony_ci; guest account = pcguest 877db96d56Sopenharmony_ci 887db96d56Sopenharmony_ci# Security mode. Most people will want user level security. See 897db96d56Sopenharmony_ci# security_level.txt for details. 907db96d56Sopenharmony_ci 917db96d56Sopenharmony_ci security = user 927db96d56Sopenharmony_ci 937db96d56Sopenharmony_ci# Use password server option only with security = server or security = # domain 947db96d56Sopenharmony_ci# When using security = domain, you should use password server = * 957db96d56Sopenharmony_ci; password server = 967db96d56Sopenharmony_ci; password server = * 977db96d56Sopenharmony_ci 987db96d56Sopenharmony_ci# Password Level allows matching of _n_ characters of the password for 997db96d56Sopenharmony_ci# all combinations of upper and lower case. 1007db96d56Sopenharmony_ci 1017db96d56Sopenharmony_ci password level = 8 1027db96d56Sopenharmony_ci 1037db96d56Sopenharmony_ci; username level = 8 1047db96d56Sopenharmony_ci 1057db96d56Sopenharmony_ci# You may wish to use password encryption. Please read 1067db96d56Sopenharmony_ci# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. 1077db96d56Sopenharmony_ci# Do not enable this option unless you have read those documents 1087db96d56Sopenharmony_ci# Encrypted passwords are required for any use of samba in a Windows NT #domain 1097db96d56Sopenharmony_ci# The smbpasswd file is only required by a server doing authentication, #thus members of a domain do not need one. 1107db96d56Sopenharmony_ci 1117db96d56Sopenharmony_ci encrypt passwords = yes 1127db96d56Sopenharmony_ci smb passwd file = /etc/samba/smbpasswd 1137db96d56Sopenharmony_ci 1147db96d56Sopenharmony_ci# The following are needed to allow password changing from Windows to 1157db96d56Sopenharmony_ci# also update the Linux system password. 1167db96d56Sopenharmony_ci# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. 1177db96d56Sopenharmony_ci# NOTE2: You do NOT need these to allow workstations to change only 1187db96d56Sopenharmony_ci# the encrypted SMB passwords. They allow the Unix password 1197db96d56Sopenharmony_ci# to be kept in sync with the SMB password. 1207db96d56Sopenharmony_ci; unix password sync = Yes 1217db96d56Sopenharmony_ci# You either need to setup a passwd program and passwd chat, or 1227db96d56Sopenharmony_ci# enable pam password change 1237db96d56Sopenharmony_ci; pam password change = yes 1247db96d56Sopenharmony_ci; passwd program = /usr/bin/passwd %u 1257db96d56Sopenharmony_ci; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* 1267db96d56Sopenharmony_ci# %n\n 1277db96d56Sopenharmony_ci;*passwd:*all*authentication*tokens*updated*successfully* 1287db96d56Sopenharmony_ci 1297db96d56Sopenharmony_ci# Unix users can map to different SMB User names 1307db96d56Sopenharmony_ci; username map = /etc/samba/smbusers 1317db96d56Sopenharmony_ci 1327db96d56Sopenharmony_ci# Using the following line enables you to customize your configuration 1337db96d56Sopenharmony_ci# on a per machine basis. The %m gets replaced with the netbios name 1347db96d56Sopenharmony_ci# of the machine that is connecting 1357db96d56Sopenharmony_ci; include = /etc/samba/smb.conf.%m 1367db96d56Sopenharmony_ci 1377db96d56Sopenharmony_ci# Options for using winbind. Winbind allows you to do all account and 1387db96d56Sopenharmony_ci# authentication from a Windows or samba domain controller, creating 1397db96d56Sopenharmony_ci# accounts on the fly, and maintaining a mapping of Windows RIDs to 1407db96d56Sopenharmony_ci# unix uid's 1417db96d56Sopenharmony_ci# and gid's. winbind uid and winbind gid are the only required 1427db96d56Sopenharmony_ci# parameters. 1437db96d56Sopenharmony_ci# 1447db96d56Sopenharmony_ci# winbind uid is the range of uid's winbind can use when mapping RIDs #to uid's 1457db96d56Sopenharmony_ci; winbind uid = 10000-20000 1467db96d56Sopenharmony_ci# 1477db96d56Sopenharmony_ci# winbind gid is the range of uid's winbind can use when mapping RIDs 1487db96d56Sopenharmony_ci# to gid's 1497db96d56Sopenharmony_ci; winbind gid = 10000-20000 1507db96d56Sopenharmony_ci# 1517db96d56Sopenharmony_ci# winbind separator is the character a user must use between their 1527db96d56Sopenharmony_ci# domain name and username, defaults to "\" 1537db96d56Sopenharmony_ci; winbind separator = + 1547db96d56Sopenharmony_ci# 1557db96d56Sopenharmony_ci# winbind use default domain allows you to have winbind return 1567db96d56Sopenharmony_ci# usernames in the form user instead of DOMAIN+user for the domain 1577db96d56Sopenharmony_ci# listed in the workgroup parameter. 1587db96d56Sopenharmony_ci; winbind use default domain = yes 1597db96d56Sopenharmony_ci# 1607db96d56Sopenharmony_ci# template homedir determines the home directory for winbind users, 1617db96d56Sopenharmony_ci# with %D expanding to their domain name and %U expanding to their 1627db96d56Sopenharmony_ci# username: 1637db96d56Sopenharmony_ci; template homedir = /home/%D/%U 1647db96d56Sopenharmony_ci 1657db96d56Sopenharmony_ci# When using winbind, you may want to have samba create home 1667db96d56Sopenharmony_ci# directories on the fly for authenticated users. Ensure that 1677db96d56Sopenharmony_ci# /etc/pam.d/samba is using 'service=system-auth-winbind' in pam_stack 1687db96d56Sopenharmony_ci# modules, and then enable obedience of pam restrictions below: 1697db96d56Sopenharmony_ci; obey pam restrictions = yes 1707db96d56Sopenharmony_ci 1717db96d56Sopenharmony_ci# 1727db96d56Sopenharmony_ci# template shell determines the shell users authenticated by winbind #get 1737db96d56Sopenharmony_ci; template shell = /bin/bash 1747db96d56Sopenharmony_ci 1757db96d56Sopenharmony_ci# 5. Browser Control and Networking Options: 1767db96d56Sopenharmony_ci# Most people will find that this option gives better performance. 1777db96d56Sopenharmony_ci# See speed.txt and the manual pages for details 1787db96d56Sopenharmony_ci 1797db96d56Sopenharmony_ci socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 1807db96d56Sopenharmony_ci 1817db96d56Sopenharmony_ci# Configure Samba to use multiple interfaces 1827db96d56Sopenharmony_ci# If you have multiple network interfaces then you must list them 1837db96d56Sopenharmony_ci# here. See the man page for details. 1847db96d56Sopenharmony_ci; interfaces = 192.168.12.2/24 192.168.13.2/24 1857db96d56Sopenharmony_ci 1867db96d56Sopenharmony_ci# Configure remote browse list synchronisation here 1877db96d56Sopenharmony_ci# request announcement to, or browse list sync from: 1887db96d56Sopenharmony_ci# a specific host or from / to a whole subnet (see below) 1897db96d56Sopenharmony_ci; remote browse sync = 192.168.3.25 192.168.5.255 1907db96d56Sopenharmony_ci# Cause this host to announce itself to local subnets here 1917db96d56Sopenharmony_ci; remote announce = 192.168.1.255 192.168.2.44 1927db96d56Sopenharmony_ci 1937db96d56Sopenharmony_ci# set local master to no if you don't want Samba to become a master 1947db96d56Sopenharmony_ci# browser on your network. Otherwise the normal election rules apply 1957db96d56Sopenharmony_ci; local master = no 1967db96d56Sopenharmony_ci 1977db96d56Sopenharmony_ci# OS Level determines the precedence of this server in master browser 1987db96d56Sopenharmony_ci# elections. The default value should be reasonable 1997db96d56Sopenharmony_ci; os level = 33 2007db96d56Sopenharmony_ci 2017db96d56Sopenharmony_ci# Domain Master specifies Samba to be the Domain Master Browser. This 2027db96d56Sopenharmony_ci# allows Samba to collate browse lists between subnets. Don't use this 2037db96d56Sopenharmony_ci# if you already have a Windows NT domain controller doing this job 2047db96d56Sopenharmony_ci; domain master = yes 2057db96d56Sopenharmony_ci 2067db96d56Sopenharmony_ci# Preferred Master causes Samba to force a local browser election on 2077db96d56Sopenharmony_ci# startup and gives it a slightly higher chance of winning the election 2087db96d56Sopenharmony_ci; preferred master = yes 2097db96d56Sopenharmony_ci 2107db96d56Sopenharmony_ci# 6. Domain Control Options: 2117db96d56Sopenharmony_ci# Enable this if you want Samba to be a domain logon server for 2127db96d56Sopenharmony_ci# Windows95 workstations or Primary Domain Controller for WinNT and 2137db96d56Sopenharmony_ci# Win2k 2147db96d56Sopenharmony_ci 2157db96d56Sopenharmony_ci; domain logons = yes 2167db96d56Sopenharmony_ci 2177db96d56Sopenharmony_ci 2187db96d56Sopenharmony_ci# if you enable domain logons then you may want a per-machine or 2197db96d56Sopenharmony_ci# per user logon script 2207db96d56Sopenharmony_ci# run a specific logon batch file per workstation (machine) 2217db96d56Sopenharmony_ci; logon script = %m.bat 2227db96d56Sopenharmony_ci# run a specific logon batch file per username 2237db96d56Sopenharmony_ci; logon script = %U.bat 2247db96d56Sopenharmony_ci 2257db96d56Sopenharmony_ci# Where to store roaming profiles for WinNT and Win2k 2267db96d56Sopenharmony_ci# %L substitutes for this servers netbios name, %U is username 2277db96d56Sopenharmony_ci# You must uncomment the [Profiles] share below 2287db96d56Sopenharmony_ci; logon path = \\%L\Profiles\%U 2297db96d56Sopenharmony_ci 2307db96d56Sopenharmony_ci# Where to store roaming profiles for Win9x. Be careful with this as it 2317db96d56Sopenharmony_ci# also impacts where Win2k finds it's /HOME share 2327db96d56Sopenharmony_ci; logon home = \\%L\%U\.profile 2337db96d56Sopenharmony_ci 2347db96d56Sopenharmony_ci# The add user script is used by a domain member to add local user 2357db96d56Sopenharmony_ci# accounts that have been authenticated by the domain controller, or by 2367db96d56Sopenharmony_ci# the domain controller to add local machine accounts when adding 2377db96d56Sopenharmony_ci# machines to the domain. 2387db96d56Sopenharmony_ci# The script must work from the command line when replacing the macros, 2397db96d56Sopenharmony_ci# or the operation will fail. Check that groups exist if forcing a 2407db96d56Sopenharmony_ci# group. 2417db96d56Sopenharmony_ci# Script for domain controller for adding machines: 2427db96d56Sopenharmony_ci; add user script = /usr/sbin/useradd -d /dev/null -g machines –c 2437db96d56Sopenharmony_ci# 'Machine Account' -s /bin/false -M %u 2447db96d56Sopenharmony_ci# Script for domain controller with LDAP backend for adding machines 2457db96d56Sopenharmony_ci#(please 2467db96d56Sopenharmony_ci# configure in /etc/samba/smbldap_conf.pm first): 2477db96d56Sopenharmony_ci; add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w –d 2487db96d56Sopenharmony_ci# /dev/null -g machines -c 'Machine Account' -s /bin/false %u 2497db96d56Sopenharmony_ci# Script for domain member for adding local accounts for authenticated 2507db96d56Sopenharmony_ci# users: 2517db96d56Sopenharmony_ci; add user script = /usr/sbin/useradd -s /bin/false %u 2527db96d56Sopenharmony_ci 2537db96d56Sopenharmony_ci# Domain groups: 2547db96d56Sopenharmony_ci# domain admin group is a list of unix users or groups who are made 2557db96d56Sopenharmony_ci# members 2567db96d56Sopenharmony_ci# of the Domain Admin group 2577db96d56Sopenharmony_ci; domain admin group = root @wheel 2587db96d56Sopenharmony_ci# 2597db96d56Sopenharmony_ci# domain guest groups is a list of unix users or groups who are made 2607db96d56Sopenharmony_ci# members 2617db96d56Sopenharmony_ci# of the Domain Guests group 2627db96d56Sopenharmony_ci; domain guest group = nobody @guest 2637db96d56Sopenharmony_ci 2647db96d56Sopenharmony_ci# LDAP configuration for Domain Controlling: 2657db96d56Sopenharmony_ci# The account (dn) that samba uses to access the LDAP server 2667db96d56Sopenharmony_ci# This account needs to have write access to the LDAP tree 2677db96d56Sopenharmony_ci# You will need to give samba the password for this dn, by 2687db96d56Sopenharmony_ci# running 'smbpasswd -w mypassword' 2697db96d56Sopenharmony_ci; ldap admin dn = cn=root,dc=mydomain,dc=com 2707db96d56Sopenharmony_ci; ldap ssl = start_tls 2717db96d56Sopenharmony_ci# start_tls should run on 389, but samba defaults incorrectly to 636 2727db96d56Sopenharmony_ci; ldap port = 389 2737db96d56Sopenharmony_ci; ldap suffix = dc=mydomain,dc=com 2747db96d56Sopenharmony_ci; ldap server = ldap.mydomain.com 2757db96d56Sopenharmony_ci 2767db96d56Sopenharmony_ci 2777db96d56Sopenharmony_ci# 7. Name Resolution Options: 2787db96d56Sopenharmony_ci# All NetBIOS names must be resolved to IP Addresses 2797db96d56Sopenharmony_ci# 'Name Resolve Order' allows the named resolution mechanism to be 2807db96d56Sopenharmony_ci# specified the default order is "host lmhosts wins bcast". "host" 2817db96d56Sopenharmony_ci# means use the unix system gethostbyname() function call that will use 2827db96d56Sopenharmony_ci# either /etc/hosts OR DNS or NIS depending on the settings of 2837db96d56Sopenharmony_ci# /etc/host.config, /etc/nsswitch.conf 2847db96d56Sopenharmony_ci# and the /etc/resolv.conf file. "host" therefore is system 2857db96d56Sopenharmony_ci# configuration dependent. This parameter is most often of use to 2867db96d56Sopenharmony_ci# prevent DNS lookups 2877db96d56Sopenharmony_ci# in order to resolve NetBIOS names to IP Addresses. Use with care! 2887db96d56Sopenharmony_ci# The example below excludes use of name resolution for machines that 2897db96d56Sopenharmony_ci# are NOT on the local network segment - OR - are not deliberately to 2907db96d56Sopenharmony_ci# be known via lmhosts or via WINS. 2917db96d56Sopenharmony_ci; name resolve order = wins lmhosts bcast 2927db96d56Sopenharmony_ci 2937db96d56Sopenharmony_ci# Windows Internet Name Serving Support Section: 2947db96d56Sopenharmony_ci# WINS Support - Tells the NMBD component of Samba to enable it's WINS 2957db96d56Sopenharmony_ci# Server 2967db96d56Sopenharmony_ci; wins support = yes 2977db96d56Sopenharmony_ci 2987db96d56Sopenharmony_ci# WINS Server - Tells the NMBD components of Samba to be a WINS Client 2997db96d56Sopenharmony_ci# Note: Samba can be either a WINS Server, or a WINS Client, but 3007db96d56Sopenharmony_ci# NOT both 3017db96d56Sopenharmony_ci; wins server = w.x.y.z 3027db96d56Sopenharmony_ci 3037db96d56Sopenharmony_ci# WINS Proxy - Tells Samba to answer name resolution queries on 3047db96d56Sopenharmony_ci# behalf of a non WINS capable client, for this to work there must be 3057db96d56Sopenharmony_ci# at least one WINS Server on the network. The default is NO. 3067db96d56Sopenharmony_ci; wins proxy = yes 3077db96d56Sopenharmony_ci 3087db96d56Sopenharmony_ci# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS 3097db96d56Sopenharmony_ci# names via DNS nslookups. The built-in default for versions 1.9.17 is 3107db96d56Sopenharmony_ci# yes, this has been changed in version 1.9.18 to no. 3117db96d56Sopenharmony_ci 3127db96d56Sopenharmony_ci dns proxy = no 3137db96d56Sopenharmony_ci 3147db96d56Sopenharmony_ci# 8. File Naming Options: 3157db96d56Sopenharmony_ci# Case Preservation can be handy - system default is _no_ 3167db96d56Sopenharmony_ci# NOTE: These can be set on a per share basis 3177db96d56Sopenharmony_ci; preserve case = no 3187db96d56Sopenharmony_ci; short preserve case = no 3197db96d56Sopenharmony_ci# Default case is normally upper case for all DOS files 3207db96d56Sopenharmony_ci; default case = lower 3217db96d56Sopenharmony_ci# Be very careful with case sensitivity - it can break things! 3227db96d56Sopenharmony_ci; case sensitive = no 3237db96d56Sopenharmony_ci 3247db96d56Sopenharmony_ci# Enabling internationalization: 3257db96d56Sopenharmony_ci# you can match a Windows code page with a UNIX character set. 3267db96d56Sopenharmony_ci# Windows: 437 (US), 737 (GREEK), 850 (Latin1 - Western European), 3277db96d56Sopenharmony_ci# 852 (Eastern Eu.), 861 (Icelandic), 932 (Cyrillic - Russian), 3287db96d56Sopenharmony_ci# 936 (Japanese - Shift-JIS), 936 (Simpl. Chinese), 949 (Korean 3297db96d56Sopenharmony_ci# Hangul), 3307db96d56Sopenharmony_ci# 950 (Trad. Chin.). 3317db96d56Sopenharmony_ci# UNIX: ISO8859-1 (Western European), ISO8859-2 (Eastern Eu.), 3327db96d56Sopenharmony_ci# ISO8859-5 (Russian Cyrillic), KOI8-R (Alt-Russ. Cyril.) 3337db96d56Sopenharmony_ci# This is an example for french users: 3347db96d56Sopenharmony_ci; client code page = 850 3357db96d56Sopenharmony_ci; character set = ISO8859-1 3367db96d56Sopenharmony_ci 3377db96d56Sopenharmony_ci#============================ Share Definitions ============================== 3387db96d56Sopenharmony_ci 3397db96d56Sopenharmony_ci[homes] 3407db96d56Sopenharmony_ci comment = Home Directories 3417db96d56Sopenharmony_ci browseable = no 3427db96d56Sopenharmony_ci writable = yes 3437db96d56Sopenharmony_ci 3447db96d56Sopenharmony_ci# You can enable VFS recycle bin on a per share basis: 3457db96d56Sopenharmony_ci# Uncomment the next 2 lines (make sure you create a 3467db96d56Sopenharmony_ci# .recycle folder in the base of the share and ensure 3477db96d56Sopenharmony_ci# all users will have write access to it. See 3487db96d56Sopenharmony_ci# examples/VFS/recycle/REAME in samba-doc for details 3497db96d56Sopenharmony_ci; vfs object = /usr/lib/samba/vfs/recycle.so 3507db96d56Sopenharmony_ci; vfs options= /etc/samba/recycle.conf 3517db96d56Sopenharmony_ci 3527db96d56Sopenharmony_ci# Un-comment the following and create the netlogon directory for Domain 3537db96d56Sopenharmony_ci# Logons 3547db96d56Sopenharmony_ci; [netlogon] 3557db96d56Sopenharmony_ci; comment = Network Logon Service 3567db96d56Sopenharmony_ci; path = /var/lib/samba/netlogon 3577db96d56Sopenharmony_ci; guest ok = yes 3587db96d56Sopenharmony_ci; writable = no 3597db96d56Sopenharmony_ci 3607db96d56Sopenharmony_ci#Uncomment the following 2 lines if you would like your login scripts 3617db96d56Sopenharmony_ci# to be created dynamically by ntlogon (check that you have it in the 3627db96d56Sopenharmony_ci# correct location (the default of the ntlogon rpm available in 3637db96d56Sopenharmony_ci# contribs) 3647db96d56Sopenharmony_ci 3657db96d56Sopenharmony_ci;root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba/netlogon 3667db96d56Sopenharmony_ci;root postexec = rm -f /var/lib/samba/netlogon/%U.bat 3677db96d56Sopenharmony_ci 3687db96d56Sopenharmony_ci# Un-comment the following to provide a specific roving profile share 3697db96d56Sopenharmony_ci# the default is to use the user's home directory 3707db96d56Sopenharmony_ci;[Profiles] 3717db96d56Sopenharmony_ci; path = /var/lib/samba/profiles 3727db96d56Sopenharmony_ci; browseable = no 3737db96d56Sopenharmony_ci; guest ok = yes 3747db96d56Sopenharmony_ci 3757db96d56Sopenharmony_ci 3767db96d56Sopenharmony_ci# NOTE: If you have a CUPS print system there is no need to 3777db96d56Sopenharmony_ci# specifically define each individual printer. 3787db96d56Sopenharmony_ci# You must configure the samba printers with the appropriate Windows 3797db96d56Sopenharmony_ci# drivers on your Windows clients. On the Samba server no filtering is 3807db96d56Sopenharmony_ci# done. If you wish that the server provides the driver and the clients 3817db96d56Sopenharmony_ci# send PostScript ("Generic PostScript Printer" under Windows), you 3827db96d56Sopenharmony_ci# have to swap the 'print command' line below with the commented one. 3837db96d56Sopenharmony_ci 3847db96d56Sopenharmony_ci[printers] 3857db96d56Sopenharmony_ci comment = All Printers 3867db96d56Sopenharmony_ci path = /var/spool/samba 3877db96d56Sopenharmony_ci browseable = no 3887db96d56Sopenharmony_ci# to allow user 'guest account' to print. 3897db96d56Sopenharmony_ci guest ok = yes 3907db96d56Sopenharmony_ci writable = no 3917db96d56Sopenharmony_ci printable = yes 3927db96d56Sopenharmony_ci create mode = 0700 3937db96d56Sopenharmony_ci 3947db96d56Sopenharmony_ci# ===================================== 3957db96d56Sopenharmony_ci# print command: see above for details. 3967db96d56Sopenharmony_ci# ===================================== 3977db96d56Sopenharmony_ci 3987db96d56Sopenharmony_ci print command = lpr-cups -P %p -o raw %s -r 3997db96d56Sopenharmony_ci# using client side printer drivers. 4007db96d56Sopenharmony_ci; print command = lpr-cups -P %p %s 4017db96d56Sopenharmony_ci# using cups own drivers (use generic PostScript on clients). 4027db96d56Sopenharmony_ci# The following two commands are the samba defaults for printing=cups 4037db96d56Sopenharmony_ci# change them only if you need different options: 4047db96d56Sopenharmony_ci; lpq command = lpq -P %p 4057db96d56Sopenharmony_ci; lprm command = cancel %p-%j 4067db96d56Sopenharmony_ci 4077db96d56Sopenharmony_ci# This share is used for Windows NT-style point-and-print support. 4087db96d56Sopenharmony_ci# To be able to install drivers, you need to be either root, or listed 4097db96d56Sopenharmony_ci# in the printer admin parameter above. Note that you also need write 4107db96d56Sopenharmony_ci# access to the directory and share definition to be able to upload the 4117db96d56Sopenharmony_ci# drivers. 4127db96d56Sopenharmony_ci# For more information on this, please see the Printing Support Section 4137db96d56Sopenharmony_ci# of /usr/share/doc/samba-/docs/Samba-HOWTO-Collection.pdf 4147db96d56Sopenharmony_ci 4157db96d56Sopenharmony_ci[print$] 4167db96d56Sopenharmony_ci path = /var/lib/samba/printers 4177db96d56Sopenharmony_ci browseable = yes 4187db96d56Sopenharmony_ci read only = yes 4197db96d56Sopenharmony_ci write list = @adm root 4207db96d56Sopenharmony_ci 4217db96d56Sopenharmony_ci# A useful application of samba is to make a PDF-generation service 4227db96d56Sopenharmony_ci# To streamline this, install windows postscript drivers (preferably 4237db96d56Sopenharmony_ci# colour)on the samba server, so that clients can automatically install 4247db96d56Sopenharmony_ci# them. 4257db96d56Sopenharmony_ci 4267db96d56Sopenharmony_ci[pdf-generator] 4277db96d56Sopenharmony_ci path = /var/tmp 4287db96d56Sopenharmony_ci guest ok = No 4297db96d56Sopenharmony_ci printable = Yes 4307db96d56Sopenharmony_ci comment = PDF Generator (only valid users) 4317db96d56Sopenharmony_ci #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP & 4327db96d56Sopenharmony_ci print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L\\\\%u %m %I & 4337db96d56Sopenharmony_ci 4347db96d56Sopenharmony_ci# This one is useful for people to share files 4357db96d56Sopenharmony_ci[tmp] 4367db96d56Sopenharmony_ci comment = Temporary file space 4377db96d56Sopenharmony_ci path = /tmp 4387db96d56Sopenharmony_ci read only = no 4397db96d56Sopenharmony_ci public = yes 4407db96d56Sopenharmony_ci echo command = cat %s; rm %s 4417db96d56Sopenharmony_ci 4427db96d56Sopenharmony_ci# A publicly accessible directory, but read only, except for people in 4437db96d56Sopenharmony_ci# the "staff" group 4447db96d56Sopenharmony_ci 4457db96d56Sopenharmony_ci 4467db96d56Sopenharmony_ci 4477db96d56Sopenharmony_ci 4487db96d56Sopenharmony_ci;[public] 4497db96d56Sopenharmony_ci; comment = Public Stuff 4507db96d56Sopenharmony_ci; path = /home/samba/public 4517db96d56Sopenharmony_ci; public = yes 4527db96d56Sopenharmony_ci; writable = no 4537db96d56Sopenharmony_ci; write list = @staff 4547db96d56Sopenharmony_ci# Audited directory through experimental VFS audit.so module: 4557db96d56Sopenharmony_ci# Uncomment next line. 4567db96d56Sopenharmony_ci; vfs object = /usr/lib/samba/vfs/audit.so 4577db96d56Sopenharmony_ci 4587db96d56Sopenharmony_ci# Other examples. 4597db96d56Sopenharmony_ci# 4607db96d56Sopenharmony_ci# A private printer, usable only by Fred. Spool data will be placed in 4617db96d56Sopenharmony_ci# Fred's 4627db96d56Sopenharmony_ci# home directory. Note that fred must have write access to the spool 4637db96d56Sopenharmony_ci# directory, 4647db96d56Sopenharmony_ci# wherever it is. 4657db96d56Sopenharmony_ci;[fredsprn] 4667db96d56Sopenharmony_ci; comment = Fred's Printer 4677db96d56Sopenharmony_ci; valid users = fred 4687db96d56Sopenharmony_ci; path = /homes/fred 4697db96d56Sopenharmony_ci; printer = freds_printer 4707db96d56Sopenharmony_ci; public = no 4717db96d56Sopenharmony_ci; writable = no 4727db96d56Sopenharmony_ci; printable = yes 4737db96d56Sopenharmony_ci 4747db96d56Sopenharmony_ci 4757db96d56Sopenharmony_ci----------------------------------------------------------- 4767db96d56Sopenharmony_ci# A private directory, usable only by Fred. Note that Fred requires 4777db96d56Sopenharmony_ci# write access to the directory. 4787db96d56Sopenharmony_ci 4797db96d56Sopenharmony_ci;[fredsdir] 4807db96d56Sopenharmony_ci 4817db96d56Sopenharmony_ci [Agustin] 4827db96d56Sopenharmony_ci; comment = Fred's Service 4837db96d56Sopenharmony_ci comment = Agustin Private Files 4847db96d56Sopenharmony_ci; path = /usr/somewhere/private 4857db96d56Sopenharmony_ci path = /home/agustin/Documents 4867db96d56Sopenharmony_ci; valid users = fred 4877db96d56Sopenharmony_ci valid users = agustin 4887db96d56Sopenharmony_ci; public = no 4897db96d56Sopenharmony_ci; writable = yes 4907db96d56Sopenharmony_ci writable = yes 4917db96d56Sopenharmony_ci; printable = no 4927db96d56Sopenharmony_ci 4937db96d56Sopenharmony_ci 4947db96d56Sopenharmony_ci----------------------------------------------------------- 4957db96d56Sopenharmony_ci 4967db96d56Sopenharmony_ci# a service which has a different directory for each machine that 4977db96d56Sopenharmony_ci# connects this allows you to tailor configurations to incoming 4987db96d56Sopenharmony_ci# machines. You could also use the %u option to tailor it by user name. 4997db96d56Sopenharmony_ci# The %m gets replaced with the machine name that is connecting. 5007db96d56Sopenharmony_ci;[pchome] 5017db96d56Sopenharmony_ci; comment = PC Directories 5027db96d56Sopenharmony_ci; path = /usr/pc/%m 5037db96d56Sopenharmony_ci; public = no 5047db96d56Sopenharmony_ci; writable = yes 5057db96d56Sopenharmony_ci 5067db96d56Sopenharmony_ci 5077db96d56Sopenharmony_ci----------------------------------------------------------- 5087db96d56Sopenharmony_ci# A publicly accessible directory, read/write to all users. Note that 5097db96d56Sopenharmony_ci# all files created in the directory by users will be owned by the 5107db96d56Sopenharmony_ci# default user, so any user with access can delete any other user's 5117db96d56Sopenharmony_ci# files. Obviously this directory must be writable by the default user. 5127db96d56Sopenharmony_ci# Another user could of course be specified, in which case all files 5137db96d56Sopenharmony_ci# would be owned by that user instead. 5147db96d56Sopenharmony_ci 5157db96d56Sopenharmony_ci;[public] 5167db96d56Sopenharmony_ci; path = /usr/somewhere/else/public 5177db96d56Sopenharmony_ci; public = yes 5187db96d56Sopenharmony_ci; only guest = yes 5197db96d56Sopenharmony_ci; writable = yes 5207db96d56Sopenharmony_ci; printable = no 5217db96d56Sopenharmony_ci 5227db96d56Sopenharmony_ci----------------------------------------------------------- 5237db96d56Sopenharmony_ci 5247db96d56Sopenharmony_ci# The following two entries demonstrate how to share a directory so 5257db96d56Sopenharmony_ci# that two users can place files there that will be owned by the 5267db96d56Sopenharmony_ci# specific users. In this setup, the directory should be writable by 5277db96d56Sopenharmony_ci# both users and should have the sticky bit set on it to prevent abuse. 5287db96d56Sopenharmony_ci# Obviously this could be extended to as many users as required. 5297db96d56Sopenharmony_ci 5307db96d56Sopenharmony_ci;[myshare] 5317db96d56Sopenharmony_ci; comment = Mary's and Fred's stuff 5327db96d56Sopenharmony_ci; path = /usr/somewhere/shared 5337db96d56Sopenharmony_ci; valid users = mary fred 5347db96d56Sopenharmony_ci; public = no 5357db96d56Sopenharmony_ci; writable = yes 5367db96d56Sopenharmony_ci; printable = no 5377db96d56Sopenharmony_ci; create mask = 0765 538