Ferramentas do usuário

Ferramentas do site


espec:smb.conf

Diferenças

Aqui você vê as diferenças entre duas revisões dessa página.

Link para esta página de comparações

espec:smb.conf [2008/07/14 20:06]
maziero created
espec:smb.conf [2008/07/14 20:06] (atual)
maziero created
Linha 1: Linha 1:
 +====== Arquivo smb.conf ======
 +
 +<​code>​
 +# This is the main Samba configuration file. You should read the
 +# smb.conf(5) manual page in order to understand the options listed
 +# here. Samba has a huge number of configurable options (perhaps too
 +# many!) most of which are not shown in this example
 +#
 +# Any line which starts with a ; (semi-colon) or a # (hash) ​
 +# is a comment and is ignored. In this example we will use a #
 +# for commentry and a ; for parts of the config file that you
 +# may wish to enable
 +#
 +# NOTE: Whenever you modify this file you should run the command "​testparm"​
 +# to check that you have not made any basic syntactic errors. ​
 +#
 +#​======================= Global Settings =====================================
 +[global]
 +
 +# workgroup = NT-Domain-Name or Workgroup-Name
 +   ​workgroup = MYGROUP
 +
 +# server string is the equivalent of the NT Description field
 +   ​server string = Samba Server
 +
 +# This option is important for security. It allows you to restrict
 +# connections to machines which are on your local network. The
 +# following example restricts access to two C class networks and
 +# the "​loopback"​ interface. For more examples of the syntax see
 +# the smb.conf man page
 +;   hosts allow = 192.168.1. 192.168.2. 127.
 +
 +# if you want to automatically load your printer list rather
 +# than setting them up individually then you'll need this
 +   ​printcap name = /​etc/​printcap
 +   load printers = yes
 +
 +# It should not be necessary to spell out the print system type unless
 +# yours is non-standard. Currently supported print systems include:
 +# bsd, sysv, plp, lprng, aix, hpux, qnx, cups
 +   ​printing = cups
 +
 +# Uncomment this if you want a guest account, you must add this to /etc/passwd
 +# otherwise the user "​nobody"​ is used
 +;  guest account = pcguest
 +
 +# this tells Samba to use a separate log file for each machine
 +# that connects
 +   log file = /​var/​log/​samba/​%m.log
 +
 +# Put a capping on the size of the log files (in Kb).
 +   max log size = 0
 +
 +# Security mode. Most people will want user level security. See
 +# security_level.txt for details.
 +   ​security = user
 +
 +# Use password server option only with security = server
 +# The argument list may include:
 +#   ​password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
 +# or to auto-locate the domain controller/​s
 +#   ​password server = *
 +;   ​password server = <​NT-Server-Name>​
 +
 +# Password Level allows matching of _n_ characters of the password for
 +# all combinations of upper and lower case.
 +;  password level = 8
 +;  username level = 8
 +
 +# You may wish to use password encryption. Please read
 +# ENCRYPTION.txt,​ Win95.txt and WinNT.txt in the Samba documentation.
 +# Do not enable this option unless you have read those documents
 +   ​encrypt passwords = yes
 +   smb passwd file = /​etc/​samba/​smbpasswd
 +
 +# The following is needed to keep smbclient from spouting spurious errors
 +# when Samba is built with support for SSL.
 +;   ssl CA certFile = /​usr/​share/​ssl/​certs/​ca-bundle.crt
 +
 +# The following are needed to allow password changing from Windows to
 +# update the Linux system password also.
 +# NOTE: Use these with '​encrypt passwords'​ and 'smb passwd file' above.
 +# NOTE2: You do NOT need these to allow workstations to change only
 +#        the encrypted SMB passwords. They allow the Unix password
 +#        to be kept in sync with the SMB password.
 +   unix password sync = Yes
 +   ​passwd program = /​usr/​bin/​passwd %u
 +   ​passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:​*all*authentication*tokens*updated*successfully*
 +
 +# You can use PAM's password change control flag for Samba. If
 +# enabled, then PAM will be used for password changes when requested
 +# by an SMB client instead of the program listed in passwd program.
 +# It should be possible to enable this without changing your passwd
 +# chat parameter for most setups.
 +
 +   pam password change = yes
 +
 +# Unix users can map to different SMB User names
 +;  username map = /​etc/​samba/​smbusers
 +
 +# Using the following line enables you to customise your configuration
 +# on a per machine basis. The %m gets replaced with the netbios name
 +# of the machine that is connecting
 +;   ​include = /​etc/​samba/​smb.conf.%m
 +
 +# This parameter will control whether or not Samba should obey PAM's
 +# account and session management directives. The default behavior is
 +# to use PAM for clear text authentication only and to ignore any
 +# account or session management. Note that Samba always ignores PAM
 +# for authentication in the case of encrypt passwords = yes
 +
 +  obey pam restrictions = yes
 +
 +# Most people will find that this option gives better performance.
 +# See speed.txt and the manual pages for details
 +   ​socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 +
 +# Configure Samba to use multiple interfaces
 +# If you have multiple network interfaces then you must list them
 +# here. See the man page for details.
 +;   ​interfaces = 192.168.12.2/​24 192.168.13.2/​24 ​
 +
 +# Configure remote browse list synchronisation here
 +#  request announcement to, or browse list sync from:
 +# a specific host or from / to a whole subnet (see below)
 +;   ​remote browse sync = 192.168.3.25 192.168.5.255
 +# Cause this host to announce itself to local subnets here
 +;   ​remote announce = 192.168.1.255 192.168.2.44
 +
 +# Browser Control Options:
 +# set local master to no if you don't want Samba to become a master
 +# browser on your network. Otherwise the normal election rules apply
 +;   local master = no
 +
 +# OS Level determines the precedence of this server in master browser
 +# elections. The default value should be reasonable
 +;   os level = 33
 +
 +# Domain Master specifies Samba to be the Domain Master Browser. This
 +# allows Samba to collate browse lists between subnets. Don't use this
 +# if you already have a Windows NT domain controller doing this job
 +;   ​domain master = yes 
 +
 +# Preferred Master causes Samba to force a local browser election on startup
 +# and gives it a slightly higher chance of winning the election
 +;   ​preferred master = yes
 +
 +# Enable this if you want Samba to be a domain logon server for 
 +# Windows95 workstations. ​
 +;   ​domain logons = yes
 +
 +# if you enable domain logons then you may want a per-machine or
 +# per user logon script
 +# run a specific logon batch file per workstation (machine)
 +;   logon script = %m.bat
 +# run a specific logon batch file per username
 +;   logon script = %U.bat
 +
 +# Where to store roving profiles (only for Win95 and WinNT)
 +#        %L substitutes for this servers netbios name, %U is username
 +#        You must uncomment the [Profiles] share below
 +;   logon path = \\%L\Profiles\%U
 +
 +# Windows Internet Name Serving Support Section:
 +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
 +;   wins support = yes
 +
 +# WINS Server - Tells the NMBD components of Samba to be a WINS Client
 +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
 +;   wins server = w.x.y.z
 +
 +# WINS Proxy - Tells Samba to answer name resolution queries on
 +# behalf of a non WINS capable client, for this to work there must be
 +# at least one WINS Server on the network. The default is NO.
 +;   wins proxy = yes
 +
 +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
 +# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
 +# this has been changed in version 1.9.18 to no.
 +   dns proxy = no 
 +
 +# Case Preservation can be handy - system default is _no_
 +# NOTE: These can be set on a per share basis
 +;  preserve case = no
 +;  short preserve case = no
 +# Default case is normally upper case for all DOS files
 +;  default case = lower
 +# Be very careful with case sensitivity - it can break things!
 +;  case sensitive = no
 +
 +#​============================ Share Definitions ==============================
 +[homes]
 +   ​comment = Home Directories
 +   ​browseable = no
 +   ​writable = yes
 +   valid users = %S
 +   ​create mode = 0664
 +   ​directory mode = 0775
 +# If you want users samba doesn'​t recognize to be mapped to a guest user
 +; map to guest = bad user
 +
 +
 +# Un-comment the following and create the netlogon directory for Domain Logons
 +; [netlogon]
 +;   ​comment = Network Logon Service
 +;   path = /​usr/​local/​samba/​lib/​netlogon
 +;   guest ok = yes
 +;   ​writable = no
 +;   share modes = no
 +
 +
 +# Un-comment the following to provide a specific roving profile share
 +# the default is to use the user's home directory
 +;[Profiles]
 +;    path = /​usr/​local/​samba/​profiles
 +;    browseable = no
 +;    guest ok = yes
 +
 +
 +# NOTE: If you have a BSD-style print system there is no need to 
 +# specifically define each individual printer
 +[printers]
 +   ​comment = All Printers
 +   path = /​var/​spool/​samba
 +   ​browseable = no
 +# Set public = yes to allow user 'guest account'​ to print
 +   guest ok = no
 +   ​writable = no
 +   ​printable = yes
 +
 +# This one is useful for people to share files
 +;[tmp]
 +;   ​comment = Temporary file space
 +;   path = /tmp
 +;   read only = no
 +;   ​public = yes
 +
 +# A publicly accessible directory, but read only, except for people in
 +# the "​staff"​ group
 +;[public]
 +;   ​comment = Public Stuff
 +;   path = /home/samba
 +;   ​public = yes
 +;   ​writable = yes
 +;   ​printable = no
 +;   write list = @staff
 +
 +# Other examples. ​
 +#
 +# A private printer, usable only by fred. Spool data will be placed in fred's
 +# home directory. Note that fred must have write access to the spool directory,
 +# wherever it is.
 +;[fredsprn]
 +;   ​comment = Fred's Printer
 +;   valid users = fred
 +;   path = /home/fred
 +;   ​printer = freds_printer
 +;   ​public = no
 +;   ​writable = no
 +;   ​printable = yes
 +
 +# A private directory, usable only by fred. Note that fred requires write
 +# access to the directory.
 +;[fredsdir]
 +;   ​comment = Fred's Service
 +;   path = /​usr/​somewhere/​private
 +;   valid users = fred
 +;   ​public = no
 +;   ​writable = yes
 +;   ​printable = no
 +
 +# a service which has a different directory for each machine that connects
 +# this allows you to tailor configurations to incoming machines. You could
 +# also use the %U option to tailor it by user name.
 +# The %m gets replaced with the machine name that is connecting.
 +;[pchome]
 +;  comment = PC Directories
 +;  path = /​usr/​local/​pc/​%m
 +;  public = no
 +;  writable = yes
 +
 +# A publicly accessible directory, read/write to all users. Note that all files
 +# created in the directory by users will be owned by the default user, so
 +# any user with access can delete any other user's files. Obviously this
 +# directory must be writable by the default user. Another user could of course
 +# be specified, in which case all files would be owned by that user instead.
 +;[public]
 +;   path = /​usr/​somewhere/​else/​public
 +;   ​public = yes
 +;   only guest = yes
 +;   ​writable = yes
 +;   ​printable = no
 +
 +</​code>​
  
espec/smb.conf.txt · Última modificação: 2008/07/14 20:06 por maziero