NoPaste

smb

von jue
Beschreibung:
smb
Snippet erstellt:
05.02.2019 09:16:20
Snippet wird automatisch gelöscht:
Niemals

Dein Code:
  1. #
  2. # Sample configuration file for the Samba suite for Debian GNU/Linux.
  3. #
  4. #
  5. # This is the main Samba configuration file. You should read the
  6. # smb.conf(5) manual page in order to understand the options listed
  7. # here. Samba has a huge number of configurable options most of which
  8. # are not shown in this example
  9. #
  10. # Some options that are often worth tuning have been included as
  11. # commented-out examples in this file.
  12. #  - When such options are commented with ";", the proposed setting
  13. #    differs from the default Samba behaviour
  14. #  - When commented with "#", the proposed setting is the default
  15. #    behaviour of Samba but the option is considered important
  16. #    enough to be mentioned here
  17. #
  18. # NOTE: Whenever you modify this file you should run the command
  19. # "testparm" to check that you have not made any basic syntactic
  20. # errors.
  21.  
  22. #======================= Global Settings =======================
  23.  
  24. [global]
  25.  
  26. ## Browsing/Identification ###
  27.  
  28. # Change this to the workgroup/NT-domain name your Samba server will part of
  29.   workgroup = WORKGROUP
  30.  
  31. #### Networking ####
  32.  
  33. # The specific set of interfaces / networks to bind to
  34. # This can be either the interface name or an IP address/netmask;
  35. # interface names are normally preferred
  36. ;   interfaces = 127.0.0.0/8 eth0
  37.  
  38. # Only bind to the named interfaces and/or networks; you must use the
  39. # 'interfaces' option above to use this.
  40. # It is recommended that you enable this feature if your Samba machine is
  41. # not protected by a firewall or is a firewall itself.  However, this
  42. # option cannot handle dynamic or non-broadcast interfaces correctly.
  43. ;   bind interfaces only = yes
  44.  
  45.  
  46.  
  47. #### Debugging/Accounting ####
  48.  
  49. # This tells Samba to use a separate log file for each machine
  50. # that connects
  51.   log file = /var/log/samba/log.%m
  52.  
  53. # Cap the size of the individual log files (in KiB).
  54.   max log size = 1000
  55.  
  56. # We want Samba to only log to /var/log/samba/log.{smbd,nmbd}.
  57. # Append syslog@1 if you want important messages to be sent to syslog too.
  58.   logging = file
  59.  
  60. # Do something sensible when Samba crashes: mail the admin a backtrace
  61.   panic action = /usr/share/samba/panic-action %d
  62.  
  63.  
  64. ####### Authentication #######
  65.  
  66. # Server role. Defines in which mode Samba will operate. Possible
  67. # values are "standalone server", "member server", "classic primary
  68. # domain controller", "classic backup domain controller", "active
  69. # directory domain controller".
  70. #
  71. # Most people will want "standalone server" or "member server".
  72. # Running as "active directory domain controller" will require first
  73. # running "samba-tool domain provision" to wipe databases and create a
  74. # new domain.
  75.   server role = standalone server
  76.  
  77.    obey pam restrictions = yes
  78.  
  79. # This boolean parameter controls whether Samba attempts to sync the Unix
  80. # password with the SMB password when the encrypted SMB password in the
  81. # passdb is changed.
  82.   unix password sync = yes
  83.  
  84. # For Unix password sync to work on a Debian GNU/Linux system, the following
  85. # parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for
  86. # sending the correct chat script for the passwd program in Debian Sarge).
  87.   passwd program = /usr/bin/passwd %u
  88.    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
  89.  
  90. # This boolean controls whether PAM will be used for password changes
  91. # when requested by an SMB client instead of the program listed in
  92. # 'passwd program'. The default is 'no'.
  93.   pam password change = yes
  94.  
  95. # This option controls how unsuccessful authentication attempts are mapped
  96. # to anonymous connections
  97.   map to guest = bad user
  98.  
  99. ########## Domains ###########
  100.  
  101. #
  102. # The following settings only takes effect if 'server role = primary
  103. # classic domain controller', 'server role = backup domain controller'
  104. # or 'domain logons' is set
  105. #
  106.  
  107. # It specifies the location of the user's
  108. # profile directory from the client point of view) The following
  109. # required a [profiles] share to be setup on the samba server (see
  110. # below)
  111. ;   logon path = \\%N\profiles\%U
  112. # Another common choice is storing the profile in the user's home directory
  113. # (this is Samba's default)
  114. #   logon path = \\%N\%U\profile
  115.  
  116. # The following setting only takes effect if 'domain logons' is set
  117. # It specifies the location of a user's home directory (from the client
  118. # point of view)
  119. ;   logon drive = H:
  120. #   logon home = \\%N\%U
  121.  
  122. # The following setting only takes effect if 'domain logons' is set
  123. # It specifies the script to run during logon. The script must be stored
  124. # in the [netlogon] share
  125. # NOTE: Must be store in 'DOS' file format convention
  126. ;   logon script = logon.cmd
  127.  
  128. # This allows Unix users to be created on the domain controller via the SAMR
  129. # RPC pipe.  The example command creates a user account with a disabled Unix
  130. # password; please adapt to your needs
  131. ; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
  132.  
  133. # This allows machine accounts to be created on the domain controller via the
  134. # SAMR RPC pipe.  
  135. # The following assumes a "machines" group exists on the system
  136. ; add machine script  = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
  137.  
  138. # This allows Unix groups to be created on the domain controller via the SAMR
  139. # RPC pipe.  
  140. ; add group script = /usr/sbin/addgroup --force-badname %g
  141.  
  142. ############ Misc ############
  143.  
  144. # Using the following line enables you to customise your configuration
  145. # on a per machine basis. The %m gets replaced with the netbios name
  146. # of the machine that is connecting
  147. ;   include = /home/samba/etc/smb.conf.%m
  148.  
  149. # Some defaults for winbind (make sure you're not using the ranges
  150. # for something else.)
  151. ;   idmap config * :              backend = tdb
  152. ;   idmap config * :              range   = 3000-7999
  153. ;   idmap config YOURDOMAINHERE : backend = tdb
  154. ;   idmap config YOURDOMAINHERE : range   = 100000-999999
  155. ;   template shell = /bin/bash
  156.  
  157. # Setup usershare options to enable non-root users to share folders
  158. # with the net usershare command.
  159.  
  160. # Maximum number of usershare. 0 means that usershare is disabled.
  161. #   usershare max shares = 100
  162.  
  163. # Allow users who've been granted usershare privileges to create
  164. # public shares, not just authenticated ones
  165.   usershare allow guests = yes
  166.  
  167. #======================= Share Definitions =======================
  168.  
  169. [homes]
  170.    comment = Home Directories
  171.    browseable = no
  172.  
  173. # By default, the home directories are exported read-only. Change the
  174. # next parameter to 'no' if you want to be able to write to them.
  175.   read only = yes
  176.  
  177. # File creation mask is set to 0700 for security reasons. If you want to
  178. # create files with group=rw permissions, set next parameter to 0775.
  179.   create mask = 0700
  180.  
  181. # Directory creation mask is set to 0700 for security reasons. If you want to
  182. # create dirs. with group=rw permissions, set next parameter to 0775.
  183.   directory mask = 0700
  184.  
  185. # By default, \\server\username shares can be connected to by anyone
  186. # with access to the samba server.
  187. # The following parameter makes sure that only "username" can connect
  188. # to \\server\username
  189. # This might need tweaking when using external authentication schemes
  190.   valid users = %S
  191.  
  192. # Un-comment the following and create the netlogon directory for Domain Logons
  193. # (you need to configure Samba to act as a domain controller too.)
  194. ;[netlogon]
  195. ;   comment = Network Logon Service
  196. ;   path = /home/samba/netlogon
  197. ;   guest ok = yes
  198. ;   read only = yes
  199.  
  200. # Un-comment the following and create the profiles directory to store
  201. # users profiles (see the "logon path" option above)
  202. # (you need to configure Samba to act as a domain controller too.)
  203. # The path below should be writable by all users so that their
  204. # profile directory may be created the first time they log on
  205. ;[profiles]
  206. ;   comment = Users profiles
  207. ;   path = /home/samba/profiles
  208. ;   guest ok = no
  209. ;   browseable = no
  210. ;   create mask = 0600
  211. ;   directory mask = 0700
  212.  
  213. [printers]
  214.    comment = All Printers
  215.    browseable = no
  216.    path = /var/spool/samba
  217.    printable = yes
  218.    guest ok = no
  219.    read only = yes
  220.    create mask = 0700
  221.  
  222. # Windows clients look for this share name as a source of downloadable
  223. # printer drivers
  224. [print$]
  225.    comment = Printer Drivers
  226.    path = /var/lib/samba/printers
  227.    browseable = yes
  228.    read only = yes
  229.    guest ok = no
  230. # Uncomment to allow remote administration of Windows print drivers.
  231. # You may need to replace 'lpadmin' with the name of the group your
  232. # admin users are members of.
  233. # Please note that you also need to set appropriate Unix permissions
  234. # to the drivers directory for these users to have write rights in it
  235. ;   write list = root, @lpadmin

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. Alternativ kannst du den gesamten Eintrag auch als Datei herunterladen.