1# This is the main Samba configuration file. You should read the
2# smb.conf(5) manual page in order to understand the options listed
3# here. Samba has a huge number of configurable options (perhaps too
4# many!) most of which are not shown in this example
5#
6# Any line which starts with a ; (semi-colon) or a # (hash) 
7# is a comment and is ignored. In this example we will use a #
8# for commentry and a ; for parts of the config file that you
9# may wish to enable
10#
11# NOTE: Whenever you modify this file you should run the command "testparm"
12# to check that you have not made any basic syntactic errors. 
13#
14#======================= Global Settings =====================================
15[global]
16
17# workgroup = NT-Domain-Name or Workgroup-Name
18   workgroup = MYGROUP
19
20# server string is the equivalent of the NT Description field
21   server string = Samba Server
22
23# This option is important for security. It allows you to restrict
24# connections to machines which are on your local network. The
25# following example restricts access to two C class networks and
26# the "loopback" interface. For more examples of the syntax see
27# the smb.conf man page
28;   hosts allow = 192.168.1. 192.168.2. 127.
29
30# if you want to automatically load your printer list rather
31# than setting them up individually then you'll need this
32   printcap name = /etc/printcap
33   load printers = yes
34
35# It should not be necessary to spell out the print system type unless
36# yours is non-standard. Currently supported print systems include:
37# bsd, sysv, plp, lprng, aix, hpux, qnx
38;   printing = bsd
39
40# Uncomment this if you want a guest account, you must add this to /etc/passwd
41# otherwise the user "nobody" is used
42;  guest account = pcguest
43
44# this tells Samba to use a separate log file for each machine
45# that connects
46   #log file = /var/log/samba/%m.log
47# all information in one file
48   log file = /var/log/samba/log.smbd
49
50# Put a capping on the size of the log files (in Kb).
51   max log size = 50
52
53# Security mode. Most people will want user level security. See
54# security_level.txt for details.
55   security = user
56# Use password server option only with security = server
57;   password server = <NT-Server-Name>
58
59# Password Level allows matching of _n_ characters of the password for
60# all combinations of upper and lower case.
61;  password level = 8
62;  username level = 8
63
64# You may wish to use password encryption. Please read
65# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
66# Do not enable this option unless you have read those documents
67;  encrypt passwords = yes
68;  smb passwd file = /etc/samba/smbpasswd
69
70# The following are needed to allow password changing from Windows to
71# update the Linux system password also.
72# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
73# NOTE2: You do NOT need these to allow workstations to change only
74#        the encrypted SMB passwords. They allow the Unix password
75#        to be kept in sync with the SMB password.
76;  unix password sync = Yes
77;  passwd program = /usr/bin/passwd %u
78;  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
79
80# Unix users can map to different SMB User names
81;  username map = /etc/samba/smbusers
82
83# Using the following line enables you to customise your configuration
84# on a per machine basis. The %m gets replaced with the netbios name
85# of the machine that is connecting
86;   include = /etc/samba/smb.conf.%m
87
88# Most people will find that this option gives better performance.
89# See speed.txt and the manual pages for details
90   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
91
92# Configure Samba to use multiple interfaces
93# If you have multiple network interfaces then you must list them
94# here. See the man page for details.
95;   interfaces = 192.168.12.2/24 192.168.13.2/24 
96
97# Configure remote browse list synchronisation here
98#  request announcement to, or browse list sync from:
99#	a specific host or from / to a whole subnet (see below)
100;   remote browse sync = 192.168.3.25 192.168.5.255
101# Cause this host to announce itself to local subnets here
102;   remote announce = 192.168.1.255 192.168.2.44
103
104# Browser Control Options:
105# set local master to no if you don't want Samba to become a master
106# browser on your network. Otherwise the normal election rules apply
107;   local master = no
108
109# OS Level determines the precedence of this server in master browser
110# elections. The default value should be reasonable
111;   os level = 33
112
113# Domain Master specifies Samba to be the Domain Master Browser. This
114# allows Samba to collate browse lists between subnets. Don't use this
115# if you already have a Windows NT domain controller doing this job
116;   domain master = yes 
117
118# Preferred Master causes Samba to force a local browser election on startup
119# and gives it a slightly higher chance of winning the election
120;   preferred master = yes
121
122# Enable this if you want Samba to be a domain logon server for 
123# Windows95 workstations. 
124;   domain logons = yes
125
126# if you enable domain logons then you may want a per-machine or
127# per user logon script
128# run a specific logon batch file per workstation (machine)
129;   logon script = %m.bat
130# run a specific logon batch file per username
131;   logon script = %U.bat
132
133# Where to store roving profiles (only for Win95 and WinNT)
134#        %L substitutes for this servers netbios name, %U is username
135#        You must uncomment the [Profiles] share below
136;   logon path = \\%L\Profiles\%U
137
138# All NetBIOS names must be resolved to IP Addresses
139# 'Name Resolve Order' allows the named resolution mechanism to be specified
140# the default order is "host lmhosts wins bcast". "host" means use the unix
141# system gethostbyname() function call that will use either /etc/hosts OR
142# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
143# and the /etc/resolv.conf file. "host" therefore is system configuration
144# dependant. This parameter is most often of use to prevent DNS lookups
145# in order to resolve NetBIOS names to IP Addresses. Use with care!
146# The example below excludes use of name resolution for machines that are NOT
147# on the local network segment
148# - OR - are not deliberately to be known via lmhosts or via WINS.
149; name resolve order = wins lmhosts bcast
150
151# Windows Internet Name Serving Support Section:
152# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
153;   wins support = yes
154
155# WINS Server - Tells the NMBD components of Samba to be a WINS Client
156#	Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
157;   wins server = w.x.y.z
158
159# WINS Proxy - Tells Samba to answer name resolution queries on
160# behalf of a non WINS capable client, for this to work there must be
161# at least one	WINS Server on the network. The default is NO.
162;   wins proxy = yes
163
164# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
165# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
166# this has been changed in version 1.9.18 to no.
167   dns proxy = no 
168
169# Case Preservation can be handy - system default is _no_
170# NOTE: These can be set on a per share basis
171;  preserve case = no
172;  short preserve case = no
173# Default case is normally upper case for all DOS files
174;  default case = lower
175# Be very careful with case sensitivity - it can break things!
176;  case sensitive = no
177
178#============================ Share Definitions ==============================
179[homes]
180   comment = Home Directories
181   browseable = no
182   writable = yes
183
184# Un-comment the following and create the netlogon directory for Domain Logons
185; [netlogon]
186;   comment = Network Logon Service
187;   path = /home/netlogon
188;   guest ok = yes
189;   writable = no
190;   share modes = no
191
192
193# Un-comment the following to provide a specific roving profile share
194# the default is to use the user's home directory
195;[Profiles]
196;    path = /home/profiles
197;    browseable = no
198;    guest ok = yes
199
200
201# NOTE: If you have a BSD-style print system there is no need to 
202# specifically define each individual printer
203[printers]
204   comment = All Printers
205   path = /var/spool/samba
206   browseable = no
207# Set public = yes to allow user 'guest account' to print
208   guest ok = no
209   writable = no
210   printable = yes
211
212# This one is useful for people to share files
213;[tmp]
214;   comment = Temporary file space
215;   path = /tmp
216;   read only = no
217;   public = yes
218
219# A publicly accessible directory, but read only, except for people in
220# the "staff" group
221;[public]
222;   comment = Public Stuff
223;   path = /home/samba
224;   public = yes
225;   read only = yes
226;   write list = @staff
227
228# Other examples. 
229#
230# A private printer, usable only by fred. Spool data will be placed in fred's
231# home directory. Note that fred must have write access to the spool directory,
232# wherever it is.
233;[fredsprn]
234;   comment = Fred's Printer
235;   valid users = fred
236;   path = /homes/fred
237;   printer = freds_printer
238;   public = no
239;   writable = no
240;   printable = yes
241
242# A private directory, usable only by fred. Note that fred requires write
243# access to the directory.
244;[fredsdir]
245;   comment = Fred's Service
246;   path = /usr/somewhere/private
247;   valid users = fred
248;   public = no
249;   writable = yes
250;   printable = no
251
252# a service which has a different directory for each machine that connects
253# this allows you to tailor configurations to incoming machines. You could
254# also use the %u option to tailor it by user name.
255# The %m gets replaced with the machine name that is connecting.
256;[pchome]
257;  comment = PC Directories
258;  path = /usr/pc/%m
259;  public = no
260;  writable = yes
261
262# A publicly accessible directory, read/write to all users. Note that all files
263# created in the directory by users will be owned by the default user, so
264# any user with access can delete any other user's files. Obviously this
265# directory must be writable by the default user. Another user could of course
266# be specified, in which case all files would be owned by that user instead.
267;[public]
268;   path = /usr/somewhere/else/public
269;   public = yes
270;   only guest = yes
271;   writable = yes
272;   printable = no
273
274# The following two entries demonstrate how to share a directory so that two
275# users can place files there that will be owned by the specific users. In this
276# setup, the directory should be writable by both users and should have the
277# sticky bit set on it to prevent abuse. Obviously this could be extended to
278# as many users as required.
279;[myshare]
280;   comment = Mary's and Fred's stuff
281;   path = /usr/somewhere/shared
282;   valid users = mary fred
283;   public = no
284;   writable = yes
285;   printable = no
286;   create mask = 0765
287
288
289