## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
bind interfaces only = yes
bind interfaces only = yes
## time for inactive connections to-be closed in minutes
## time for inactive connections to-be closed in minutes
deadtime = 15
deadtime = 15
## disable core dumps
## disable core dumps
enable core files = no
enable core files = no
## set security (auto, user, domain, ads)
## set security (auto, user, domain, ads)
security = user
security = user
## This parameter controls whether a remote client is allowed or required to use SMB encryption.
## This parameter controls whether a remote client is allowed or required to use SMB encryption.
## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer:
## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer:
## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions.
## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions.
## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer.
## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer.
##(default/auto,desired,required,off)
##(default/auto,desired,required,off)
#smb encrypt = default
#smb encrypt = default
## set invalid users
## set invalid users
invalid users = root
invalid users = root
## map unknow users to guest
## map unknow users to guest
map to guest = Bad User
map to guest = Bad User
## allow client access to accounts that have null passwords.
## allow client access to accounts that have null passwords.
null passwords = yes
null passwords = yes
## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons)
## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons)
## (tdbsam,smbpasswd,ldapsam)
## (tdbsam,smbpasswd,ldapsam)
passdb backend = smbpasswd
passdb backend = smbpasswd
## Set location of smbpasswd ('smbd -b' will show default compiled location)
## Set location of smbpasswd ('smbd -b' will show default compiled location)
#smb passwd file = /etc/samba/smbpasswd
#smb passwd file = /etc/samba/smbpasswd
## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT)
## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT)
socket options = IPTOS_LOWDELAY TCP_NODELAY
socket options = IPTOS_LOWDELAY TCP_NODELAY
## lower CPU useage if supported
use sendfile = yes
## If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value.
## Note that it happens only for non-chained and non-chaining reads and when not using write cache.
## The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O).
## (1/0)
#aio read size = 0
#aio write size = 0
## If Samba has been built with asynchronous I/O support, Samba will not wait until write requests are finished before returning the result to the client for files listed in this parameter.
## Instead, Samba will immediately return that the write request has been finished successfully, no matter if the operation will succeed or not.
## This might speed up clients without aio support, but is really dangerous, because data could be lost and files could be damaged.
#aio write behind = /*.tmp/
## lower CPU useage if supported and aio is disabled (aio read size = 0 ; aio write size = 0)
## currently broken (NOTE: see https://bugzilla.samba.org/show_bug.cgi?id=14095 )
## (no, yes)
#use sendfile = yes
## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.
## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.
#blocking locks = No
#blocking locks = No
## disable loading of all printcap printers by default (iprint, cups, lpstat)
## disable loading of all printcap printers by default (iprint, cups, lpstat)
load printers = No
load printers = No
printcap name = /dev/null
printcap name = /dev/null
## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's.
## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's.
disable spoolss = yes
disable spoolss = yes
## This parameters controls how printer status information is interpreted on your system.
## This parameters controls how printer status information is interpreted on your system.
## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ)
## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ)
printing = bsd
printing = bsd
## Disable that nmbd is acting as a WINS server for unknow netbios names
## Disable that nmbd is acting as a WINS server for unknow netbios names
#dns proxy = No
#dns proxy = No
## win/unix user mapping backend
## win/unix user mapping backend
#idmap config * : backend = tdb
#idmap config * : backend = tdb
## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name.
## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name.
## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals.
## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals.
## (netbios, mdns)
## (netbios, mdns)
mdns name = mdns
mdns name = mdns
## Clients that only support netbios won't be able to see your samba server when netbios support is disabled.
## Clients that only support netbios won't be able to see your samba server when netbios support is disabled.
#disable netbios = Yes
#disable netbios = Yes
## Setting this value to no will cause nmbd never to become a local master browser.
## Setting this value to no will cause nmbd never to become a local master browser.
#local master = no
#local master = no
@ -83,21 +97,21 @@
## (445 139) Specifies which ports the server should listen on for SMB traffic.
## (445 139) Specifies which ports the server should listen on for SMB traffic.
## 139 is netbios/nmbd
## 139 is netbios/nmbd
#smb ports = 445 139
#smb ports = 445 139
## This is a list of files and directories that are neither visible nor accessible.
## This is a list of files and directories that are neither visible nor accessible.
## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards.
## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards.
## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes.
## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes.
delete veto files = yes
delete veto files = yes
################ Filesystem and creation rules ################
################ Filesystem and creation rules ################
## reported filesystem type (NTFS,Samba,FAT)
## reported filesystem type (NTFS,Samba,FAT)
#fstype = FAT
#fstype = FAT
## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it.
## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it.