由 sarla 在 03-20-2004 20:49 发表:
我希望那位朋友的samba在windows下能访问了
如果那位朋友的samba在windows下能互访了,能不能把你的smb.conf作成文件发给我,谢谢了。为什么我的老是做不成。
在windows下访问,它老是说我没有权限,不管我是user模式,还是share模式的。
自由是一种精神,我爱自由.
由 pinkme005 在 03-23-2004 01:18 发表:
我的可以
由 pinkme005 在 03-23-2004 01:22 发表:
smb.conf 正使用中的
This is the main Samba configuration file. You should read the
smb.conf(5) manual page in order to understand the options listed
here. Samba has a huge number of configurable options (perhaps too
many!) most of which are not shown in this example
Any line which starts with a ; (semi-colon) or a # (hash)
is a comment and is ignored. In this example we will use a
for commentry and a ; for parts of the config file that you
may wish to enable
NOTE: Whenever you modify this file you should run the command "testparm"
to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
[global]
workgroup = NT-Domain-Name or Workgroup-Name
workgroup = WORKGROUP
server string is the equivalent of the NT Description field
server string =Linux Server
This option is important for security. It allows you to restrict
connections to machines which are on your local network. The
following example restricts access to two C class networks and
the "loopback" interface. For more examples of the syntax see
the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
if you want to automatically load your printer list rather
than setting them up individually then you'll need this
printcap name = /etc/printcap
load printers = yes
It should not be necessary to spell out the print system type unless
yours is non-standard. Currently supported print systems include:
bsd, sysv, plp, lprng, aix, hpux, qnx, cups
printing = cups
Uncomment this if you want a guest account, you must add this to /etc/passwd
otherwise the user "nobody" is used
guest account = nobody
this tells Samba to use a separate log file for each machine
that connects
log file = /var/log/samba/%m.log
Put a capping on the size of the log files (in Kb).
max log size = 8
Security mode. Most people will want user level security. See
security_level.txt for details.
security = share
Use password server option only with security = server
The argument list may include:
password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
or to auto-locate the domain controller/s
password server = *
; password server =
1<nt-server-name>
2
3
4
5# Password Level allows matching of _n_ characters of the password for
6
7# all combinations of upper and lower case.
8
9; password level = 8
10
11; username level = 8
12
13
14
15# You may wish to use password encryption. Please read
16
17# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
18
19# Do not enable this option unless you have read those documents
20
21# encrypt passwords = yes
22
23# smb passwd file = /etc/samba/smbpasswd
24
25
26
27# The following is needed to keep smbclient from spouting spurious errors
28
29# when Samba is built with support for SSL.
30
31; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
32
33
34
35# The following are needed to allow password changing from Windows to
36
37# update the Linux system password also.
38
39# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
40
41# NOTE2: You do NOT need these to allow workstations to change only
42
43# the encrypted SMB passwords. They allow the Unix password
44
45# to be kept in sync with the SMB password.
46
47unix password sync = Yes
48
49passwd program = /usr/bin/passwd %u
50
51passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
52
53
54
55# You can use PAM's password change control flag for Samba. If
56
57# enabled, then PAM will be used for password changes when requested
58
59# by an SMB client instead of the program listed in passwd program.
60
61# It should be possible to enable this without changing your passwd
62
63# chat parameter for most setups.
64
65
66
67pam password change = yes
68
69
70
71# Unix users can map to different SMB User names
72
73; username map = /etc/samba/smbusers
74
75
76
77# Using the following line enables you to customise your configuration
78
79# on a per machine basis. The %m gets replaced with the netbios name
80
81# of the machine that is connecting
82
83; include = /etc/samba/smb.conf.%m
84
85
86
87# This parameter will control whether or not Samba should obey PAM's
88
89# account and session management directives. The default behavior is
90
91# to use PAM for clear text authentication only and to ignore any
92
93# account or session management. Note that Samba always ignores PAM
94
95# for authentication in the case of encrypt passwords = yes
96
97
98
99obey pam restrictions = yes
100
101
102
103# Most people will find that this option gives better performance.
104
105# See speed.txt and the manual pages for details
106
107socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
108
109
110
111# Configure Samba to use multiple interfaces
112
113# If you have multiple network interfaces then you must list them
114
115# here. See the man page for details.
116
117; interfaces = 192.168.12.2/24 192.168.13.2/24
118
119
120
121# Configure remote browse list synchronisation here
122
123# request announcement to, or browse list sync from:
124
125# a specific host or from / to a whole subnet (see below)
126
127; remote browse sync = 192.168.3.25 192.168.5.255
128
129# Cause this host to announce itself to local subnets here
130
131; remote announce = 192.168.1.255 192.168.2.44
132
133
134
135# Browser Control Options:
136
137# set local master to no if you don't want Samba to become a master
138
139# browser on your network. Otherwise the normal election rules apply
140
141; local master = no
142
143
144
145# OS Level determines the precedence of this server in master browser
146
147# elections. The default value should be reasonable
148
149; os level = 33
150
151
152
153# Domain Master specifies Samba to be the Domain Master Browser. This
154
155# allows Samba to collate browse lists between subnets. Don't use this
156
157# if you already have a Windows NT domain controller doing this job
158
159domain master = yes
160
161
162
163# Preferred Master causes Samba to force a local browser election on startup
164
165# and gives it a slightly higher chance of winning the election
166
167preferred master = yes
168
169
170
171# Enable this if you want Samba to be a domain logon server for
172
173# Windows95 workstations.
174
175domain logons = yes
176
177
178
179# if you enable domain logons then you may want a per-machine or
180
181# per user logon script
182
183# run a specific logon batch file per workstation (machine)
184
185; logon script = %m.bat
186
187# run a specific logon batch file per username
188
189; logon script = %U.bat
190
191
192
193# Where to store roving profiles (only for Win95 and WinNT)
194
195# %L substitutes for this servers netbios name, %U is username
196
197# You must uncomment the [Profiles] share below
198
199; logon path = \\\%L\Profiles\%U
200
201
202
203# Windows Internet Name Serving Support Section:
204
205# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
206
207wins support = yes
208
209
210
211# WINS Server - Tells the NMBD components of Samba to be a WINS Client
212
213# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
214
215; wins server = w.x.y.z
216
217
218
219# WINS Proxy - Tells Samba to answer name resolution queries on
220
221# behalf of a non WINS capable client, for this to work there must be
222
223# at least one WINS Server on the network. The default is NO.
224
225; wins proxy = yes
226
227
228
229# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
230
231# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
232
233# this has been changed in version 1.9.18 to no.
234
235dns proxy = no
236
237
238
239# Case Preservation can be handy - system default is _no_
240
241# NOTE: These can be set on a per share basis
242
243; preserve case = no
244
245; short preserve case = no
246
247# Default case is normally upper case for all DOS files
248
249; default case = lower
250
251# Be very careful with case sensitivity - it can break things!
252
253; case sensitive = no
254
255
256
257#============================ Share Definitions ==============================
258
259[homes]
260
261comment = Home Directories
262
263path=/home
264
265browseable =yes
266
267writable =no
268
269valid users = %S
270
271create mode = 0664
272
273directory mode = 0775
274
275# If you want users samba doesn't recognize to be mapped to a guest user
276
277; map to guest = bad user
278
279
280
281
282
283# Un-comment the following and create the netlogon directory for Domain Logons
284
285; [netlogon]
286
287; comment = Network Logon Service
288
289; path = /usr/local/samba/lib/netlogon
290
291; guest ok = yes
292
293; writable = no
294
295; share modes = no
296
297
298
299
300
301# Un-comment the following to provide a specific roving profile share
302
303# the default is to use the user's home directory
304
305;[Profiles]
306
307; path = /usr/local/samba/profiles
308
309; browseable = no
310
311; guest ok = yes
312
313
314
315
316
317# NOTE: If you have a BSD-style print system there is no need to
318
319# specifically define each individual printer
320
321#[printers]
322
323# comment = All Printers
324
325# path = /var/spool/samba
326
327# browseable = no
328
329# Set public = yes to allow user 'guest account' to print
330
331guest ok = yes
332
333writable = no
334
335printable = yes
336
337
338
339# This one is useful for people to share files
340
341;[tmp]
342
343; comment = Temporary file space
344
345; path = /tmp
346
347; read only = no
348
349; public = yes
350
351
352
353# A publicly accessible directory, but read only, except for people in
354
355# the "staff" group
356
357;[public]
358
359; comment = Public Stuff
360
361; path = /home/samba
362
363; public = yes
364
365; writable = yes
366
367; printable = no
368
369; write list = @staff
370
371
372
373# Other examples.
374
375#
376
377# A private printer, usable only by fred. Spool data will be placed in fred's
378
379# home directory. Note that fred must have write access to the spool directory,
380
381# wherever it is.
382
383;[fredsprn]
384
385; comment = Fred's Printer
386
387; valid users = fred
388
389; path = /home/fred
390
391; printer = freds_printer
392
393; public = no
394
395; writable = no
396
397; printable = yes
398
399
400
401# A private directory, usable only by fred. Note that fred requires write
402
403# access to the directory.
404
405;[fredsdir]
406
407; comment = Fred's Service
408
409; path = /usr/somewhere/private
410
411; valid users = fred
412
413; public = no
414
415; writable = yes
416
417; printable = no
418
419
420
421# a service which has a different directory for each machine that connects
422
423# this allows you to tailor configurations to incoming machines. You could
424
425# also use the %U option to tailor it by user name.
426
427# The %m gets replaced with the machine name that is connecting.
428
429;[pchome]
430
431; comment = PC Directories
432
433; path = /usr/local/pc/%m
434
435; public = no
436
437; writable = yes
438
439
440
441# A publicly accessible directory, read/write to all users. Note that all files
442
443# created in the directory by users will be owned by the default user, so
444
445# any user with access can delete any other user's files. Obviously this
446
447# directory must be writable by the default user. Another user could of course
448
449# be specified, in which case all files would be owned by that user instead.
450
451[public]
452
453path = /home
454
455public = yes
456
457guest ok = yes
458
459bowsable =yes
460
461writable = no
462
463directory mode =0755
464
465create mode=0664
466
467printable = no
468
469
470
471# The following two entries demonstrate how to share a directory so that two
472
473# users can place files there that will be owned by the specific users. In this
474
475# setup, the directory should be writable by both users and should have the
476
477# sticky bit set on it to prevent abuse. Obviously this could be extended to
478
479# as many users as required.
480
481;[myshare]
482
483; comment = Mary's and Fred's stuff
484
485; path = /usr/somewhere/shared
486
487; valid users = mary fred
488
489; public = no
490
491; writable = yes
492
493; printable = no
494
495; create mask = 0765
496
497
498
499
500* * *
501
502
503_由 pinkme005 在 03-23-2004 01:24 发表:_
504
505
506
507**smb.conf.bak一个不行再换一个**
508
509
510
511
512
513# This is the main Samba configuration file. You should read the
514
515# smb.conf(5) manual page in order to understand the options listed
516
517# here. Samba has a huge number of configurable options (perhaps too
518
519# many!) most of which are not shown in this example
520
521#
522
523# Any line which starts with a ; (semi-colon) or a # (hash)
524
525# is a comment and is ignored. In this example we will use a #
526
527# for commentry and a ; for parts of the config file that you
528
529# may wish to enable
530
531#
532
533# NOTE: Whenever you modify this file you should run the command "testparm"
534
535# to check that you have not made any basic syntactic errors.
536
537#
538
539#======================= Global Settings =====================================
540
541[global]
542
543
544
545# workgroup = NT-Domain-Name or Workgroup-Name
546
547workgroup = MSHOME
548
549
550
551# server string is the equivalent of the NT Description field
552
553server string =Linux Server
554
555
556
557# This option is important for security. It allows you to restrict
558
559# connections to machines which are on your local network. The
560
561# following example restricts access to two C class networks and
562
563# the "loopback" interface. For more examples of the syntax see
564
565# the smb.conf man page
566
567; hosts allow = 192.168.1. 192.168.2. 127.
568
569
570
571# if you want to automatically load your printer list rather
572
573# than setting them up individually then you'll need this
574
575# printcap name = /etc/printcap
576
577# load printers = yes
578
579
580
581
582
583# It should not be necessary to spell out the print system type unless
584
585# yours is non-standard. Currently supported print systems include:
586
587# bsd, sysv, plp, lprng, aix, hpux, qnx, cups
588
589# printing = cups
590
591
592
593# Uncomment this if you want a guest account, you must add this to /etc/passwd
594
595# otherwise the user "nobody" is used
596
597guest account = nobody
598
599
600
601# this tells Samba to use a separate log file for each machine
602
603# that connects
604
605log file = /var/log/samba/%m.log
606
607
608
609# Put a capping on the size of the log files (in Kb).
610
611max log size = 8
612
613
614
615# Security mode. Most people will want user level security. See
616
617# security_level.txt for details.
618
619security = share
620
621
622
623# Use password server option only with security = server
624
625# The argument list may include:
626
627# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
628
629# or to auto-locate the domain controller/s
630
631# password server = *
632
633; password server = <nt-server-name>
634
635
636
637# Password Level allows matching of _n_ characters of the password for
638
639# all combinations of upper and lower case.
640
641; password level = 8
642
643; username level = 8
644
645
646
647# You may wish to use password encryption. Please read
648
649# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
650
651# Do not enable this option unless you have read those documents
652
653# encrypt passwords = yes
654
655# smb passwd file = /etc/samba/smbpasswd
656
657
658
659# The following is needed to keep smbclient from spouting spurious errors
660
661# when Samba is built with support for SSL.
662
663; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
664
665
666
667# The following are needed to allow password changing from Windows to
668
669# update the Linux system password also.
670
671# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
672
673# NOTE2: You do NOT need these to allow workstations to change only
674
675# the encrypted SMB passwords. They allow the Unix password
676
677# to be kept in sync with the SMB password.
678
679unix password sync = Yes
680
681passwd program = /usr/bin/passwd %u
682
683passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
684
685
686
687# You can use PAM's password change control flag for Samba. If
688
689# enabled, then PAM will be used for password changes when requested
690
691# by an SMB client instead of the program listed in passwd program.
692
693# It should be possible to enable this without changing your passwd
694
695# chat parameter for most setups.
696
697
698
699pam password change = yes
700
701
702
703# Unix users can map to different SMB User names
704
705; username map = /etc/samba/smbusers
706
707
708
709# Using the following line enables you to customise your configuration
710
711# on a per machine basis. The %m gets replaced with the netbios name
712
713# of the machine that is connecting
714
715; include = /etc/samba/smb.conf.%m
716
717
718
719# This parameter will control whether or not Samba should obey PAM's
720
721# account and session management directives. The default behavior is
722
723# to use PAM for clear text authentication only and to ignore any
724
725# account or session management. Note that Samba always ignores PAM
726
727# for authentication in the case of encrypt passwords = yes
728
729
730
731obey pam restrictions = yes
732
733
734
735# Most people will find that this option gives better performance.
736
737# See speed.txt and the manual pages for details
738
739socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
740
741
742
743# Configure Samba to use multiple interfaces
744
745# If you have multiple network interfaces then you must list them
746
747# here. See the man page for details.
748
749; interfaces = 192.168.12.2/24 192.168.13.2/24
750
751
752
753# Configure remote browse list synchronisation here
754
755# request announcement to, or browse list sync from:
756
757# a specific host or from / to a whole subnet (see below)
758
759; remote browse sync = 192.168.3.25 192.168.5.255
760
761# Cause this host to announce itself to local subnets here
762
763; remote announce = 192.168.1.255 192.168.2.44
764
765
766
767# Browser Control Options:
768
769# set local master to no if you don't want Samba to become a master
770
771# browser on your network. Otherwise the normal election rules apply
772
773; local master = no
774
775
776
777# OS Level determines the precedence of this server in master browser
778
779# elections. The default value should be reasonable
780
781; os level = 33
782
783
784
785# Domain Master specifies Samba to be the Domain Master Browser. This
786
787# allows Samba to collate browse lists between subnets. Don't use this
788
789# if you already have a Windows NT domain controller doing this job
790
791; domain master = yes
792
793
794
795# Preferred Master causes Samba to force a local browser election on startup
796
797# and gives it a slightly higher chance o</nt-server-name></nt-server-name>