- Timestamp:
- Jan 15, 2010, 8:21:06 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.3.x/docs/htmldocs/manpages/smb.conf.5.html
r309 r368 1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smb.conf</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.7 4.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smb.conf.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smb.conf — The configuration file for the Samba suite</p></div><div class="refsect1" lang="en"><a name="id2522916"></a><h2>SYNOPSIS</h2><p>1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smb.conf</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" title="smb.conf"><a name="smb.conf.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smb.conf — The configuration file for the Samba suite</p></div><div class="refsect1" title="SYNOPSIS"><a name="id2528887"></a><h2>SYNOPSIS</h2><p> 2 2 The <code class="filename">smb.conf</code> file is a configuration file for the Samba suite. <code class="filename">smb.conf</code> contains runtime configuration information for the Samba programs. The 3 3 <code class="filename">smb.conf</code> file is designed to be configured and administered by the 4 4 <a class="citerefentry" href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a> program. The 5 5 complete description of the file format and possible parameters held within are here for reference purposes. 6 </p></div><div class="refsect1" lang="en"><a name="FILEFORMATSECT"></a><h2>FILE FORMAT</h2><p>6 </p></div><div class="refsect1" title="FILE FORMAT"><a name="FILEFORMATSECT"></a><h2>FILE FORMAT</h2><p> 7 7 The file consists of sections and parameters. A section begins with the name of the section in square brackets 8 8 and continues until the next section begins. Sections contain parameters of the form: … … 19 19 retained verbatim. 20 20 </p><p> 21 Any line beginning with a semicolon ( “<span class="quote">;</span>”) or a hash (“<span class="quote">#</span>”)21 Any line beginning with a semicolon (<span class="quote">“<span class="quote">;</span>”</span>) or a hash (<span class="quote">“<span class="quote">#</span>”</span>) 22 22 character is ignored, as are lines containing only whitespace. 23 23 </p><p> 24 Any line ending in a “<span class="quote"><code class="literal">\</code></span>”is continued on the next line in the customary UNIX fashion.24 Any line ending in a <span class="quote">“<span class="quote"><code class="literal">\</code></span>”</span> is continued on the next line in the customary UNIX fashion. 25 25 </p><p> 26 26 The values following the equals sign in parameters are all either a string (no quotes needed) or a boolean, 27 27 which may be given as yes/no, 1/0 or true/false. Case is not significant in boolean values, but is preserved 28 28 in string values. Some items such as create masks are numeric. 29 </p></div><div class="refsect1" lang="en"><a name="id2483409"></a><h2>SECTION DESCRIPTIONS</h2><p>29 </p></div><div class="refsect1" title="SECTION DESCRIPTIONS"><a name="id2489374"></a><h2>SECTION DESCRIPTIONS</h2><p> 30 30 Each section in the configuration file (except for the [global] section) describes a shared resource (known as 31 a “<span class="quote">share</span>”). The section name is the name of the shared resource and the parameters within the31 a <span class="quote">“<span class="quote">share</span>”</span>). The section name is the name of the shared resource and the parameters within the 32 32 section define the shares attributes. 33 33 </p><p> … … 70 70 <a class="link" href="smb.conf.5.html#GUESTOK" target="_top">guest ok = yes</a> 71 71 </pre><p> 72 </p></div><div class="refsect1" lang="en"><a name="id2481485"></a><h2>SPECIAL SECTIONS</h2><div class="refsect2" lang="en"><a name="id2481491"></a><h3>The [global] section</h3><p>72 </p></div><div class="refsect1" title="SPECIAL SECTIONS"><a name="id2487452"></a><h2>SPECIAL SECTIONS</h2><div class="refsect2" title="The [global] section"><a name="id2487457"></a><h3>The [global] section</h3><p> 73 73 Parameters in this section apply to the server as a whole, or are defaults for sections that do not 74 74 specifically define certain items. See the notes under PARAMETERS for more information. 75 </p></div><div class="refsect2" lang="en"><a name="HOMESECT"></a><h3>The [homes] section</h3><p>75 </p></div><div class="refsect2" title="The [homes] section"><a name="HOMESECT"></a><h3>The [homes] section</h3><p> 76 76 If a section called [homes] is included in the configuration file, services connecting clients 77 77 to their home directories can be created on the fly by the server. … … 83 83 </p><p> 84 84 Some modifications are then made to the newly created share: 85 </p><div class="itemizedlist"><ul type="disc"><li><p>85 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p> 86 86 The share name is changed from homes to the located username. 87 </p></li><li ><p>87 </p></li><li class="listitem"><p> 88 88 If no path was given, the path is set to the user's home directory. 89 89 </p></li></ul></div><p> … … 98 98 of fuss. 99 99 </p><p> 100 A similar process occurs if the requested section name is “<span class="quote">homes</span>”, except that the share100 A similar process occurs if the requested section name is <span class="quote">“<span class="quote">homes</span>”</span>, except that the share 101 101 name is not changed to that of the requesting user. This method of using the [homes] section works well if 102 102 different users share a client PC. … … 116 116 flag, not the [homes] browseable flag. This is useful as it means setting <span class="emphasis"><em>browseable = no</em></span> in 117 117 the [homes] section will hide the [homes] share but make any auto home directories visible. 118 </p></div><div class="refsect2" lang="en"><a name="PRINTERSSECT"></a><h3>The [printers] section</h3><p>118 </p></div><div class="refsect2" title="The [printers] section"><a name="PRINTERSSECT"></a><h3>The [printers] section</h3><p> 119 119 This section works like [homes], but for printers. 120 120 </p><p> … … 129 129 </p><p> 130 130 A few modifications are then made to the newly created share: 131 </p><div class="itemizedlist"><ul type="disc"><li><p>The share name is set to the located printer name</p></li><li><p>If no printer name was given, the printer name is set to the located printer name</p></li><li><p>If the share does not permit guest access and no username was given, the username is set131 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>The share name is set to the located printer name</p></li><li class="listitem"><p>If no printer name was given, the printer name is set to the located printer name</p></li><li class="listitem"><p>If the share does not permit guest access and no username was given, the username is set 132 132 to the located printer name.</p></li></ul></div><p> 133 133 The [printers] service MUST be printable - if you specify otherwise, the server will refuse … … 157 157 An alias, by the way, is defined as any component of the first entry of a printcap record. Records are separated by newlines, 158 158 components (if there are more than one) are separated by vertical bar symbols (<code class="literal">|</code>). 159 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>159 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 160 160 On SYSV systems which use lpstat to determine what printers are defined on the system you may be able to use 161 161 <code class="literal">printcap name = lpstat</code> to automatically obtain a list of printers. See the 162 162 <code class="literal">printcap name</code> option for more details. 163 </p></div></div></div><div class="refsect1" lang="en"><a name="id2481804"></a><h2>USERSHARES</h2><p>Starting with Samba version 3.0.23 the capability for non-root users to add, modify, and delete163 </p></div></div></div><div class="refsect1" title="USERSHARES"><a name="id2487774"></a><h2>USERSHARES</h2><p>Starting with Samba version 3.0.23 the capability for non-root users to add, modify, and delete 164 164 their own share definitions has been added. This capability is called <span class="emphasis"><em>usershares</em></span> and 165 165 is controlled by a set of parameters in the [global] section of the smb.conf. … … 185 185 to the global 186 186 section of your <code class="filename">smb.conf</code>. Members of the group foo may then manipulate the user defined shares 187 using the following commands.</p><div class="variablelist"><dl><dt><span class="term">net usershare add sharename path [comment] [acl] [guest_ok=[y|n]]</span></dt><dd><p>To create or modify (overwrite) a user defined share.</p></dd><dt><span class="term">net usershare delete sharename</span></dt><dd><p>To delete a user defined share.</p></dd><dt><span class="term">net usershare list wildcard-sharename</span></dt><dd><p>To list user defined shares.</p></dd><dt><span class="term">net usershare info wildcard-sharename</span></dt><dd><p>To print information about user defined shares.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2482031"></a><h2>PARAMETERS</h2><p>Parameters define the specific attributes of sections.</p><p>187 using the following commands.</p><div class="variablelist"><dl><dt><span class="term">net usershare add sharename path [comment] [acl] [guest_ok=[y|n]]</span></dt><dd><p>To create or modify (overwrite) a user defined share.</p></dd><dt><span class="term">net usershare delete sharename</span></dt><dd><p>To delete a user defined share.</p></dd><dt><span class="term">net usershare list wildcard-sharename</span></dt><dd><p>To list user defined shares.</p></dd><dt><span class="term">net usershare info wildcard-sharename</span></dt><dd><p>To print information about user defined shares.</p></dd></dl></div></div><div class="refsect1" title="PARAMETERS"><a name="id2488001"></a><h2>PARAMETERS</h2><p>Parameters define the specific attributes of sections.</p><p> 188 188 Some parameters are specific to the [global] section (e.g., <span class="emphasis"><em>security</em></span>). Some parameters 189 189 are usable in all sections (e.g., <span class="emphasis"><em>create mask</em></span>). All others are permissible only in normal … … 197 197 find them! Where there are synonyms, the preferred synonym is described, others refer to the preferred 198 198 synonym. 199 </p></div><div class="refsect1" lang="en"><a name="id2532544"></a><h2>VARIABLE SUBSTITUTIONS</h2><p>199 </p></div><div class="refsect1" title="VARIABLE SUBSTITUTIONS"><a name="id2538515"></a><h2>VARIABLE SUBSTITUTIONS</h2><p> 200 200 Many of the strings that are settable in the config file can take substitutions. For example the option 201 “<span class="quote">path = /tmp/%u</span>” is interpreted as “<span class="quote">path = /tmp/john</span>”if the user connected with the201 <span class="quote">“<span class="quote">path = /tmp/%u</span>”</span> is interpreted as <span class="quote">“<span class="quote">path = /tmp/john</span>”</span> if the user connected with the 202 202 username john. 203 203 </p><p> … … 211 211 functionality to function as it did with Samba 2.x. 212 212 </p></dd><dt><span class="term">%L</span></dt><dd><p>the NetBIOS name of the server. This allows you to change your config based on what 213 the client calls you. Your server can have a “<span class="quote">dual personality</span>”.213 the client calls you. Your server can have a <span class="quote">“<span class="quote">dual personality</span>”</span>. 214 214 </p></dd><dt><span class="term">%M</span></dt><dd><p>the Internet name of the client machine. 215 215 </p></dd><dt><span class="term">%R</span></dt><dd><p>the selected protocol level after protocol negotiation. It can be one of CORE, COREPLUS, … … 239 239 There are some quite creative things that can be done with these substitutions and other 240 240 <code class="filename">smb.conf</code> options. 241 </p></div><div class="refsect1" lang="en"><a name="NAMEMANGLINGSECT"></a><h2>NAME MANGLING</h2><p>241 </p></div><div class="refsect1" title="NAME MANGLING"><a name="NAMEMANGLINGSECT"></a><h2>NAME MANGLING</h2><p> 242 242 Samba supports <code class="literal">name mangling</code> so that DOS and Windows clients can use files that don't 243 243 conform to the 8.3 format. It can also be set to adjust the case of 8.3 format filenames. … … 277 277 then the "default case" option will be applied and will modify all filenames sent from the client 278 278 when accessing this share. 279 </p></div><div class="refsect1" lang="en"><a name="VALIDATIONSECT"></a><h2>NOTE ABOUT USERNAME/PASSWORD VALIDATION</h2><p>279 </p></div><div class="refsect1" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION"><a name="VALIDATIONSECT"></a><h2>NOTE ABOUT USERNAME/PASSWORD VALIDATION</h2><p> 280 280 There are a number of ways in which a user can connect to a service. The server uses the following steps 281 281 in determining if it will allow a connection to a specified service. If all the steps fail, the connection 282 282 request is rejected. However, if one of the steps succeeds, the following steps are not checked. 283 283 </p><p> 284 If the service is marked “<span class="quote">guest only = yes</span>”and the server is running with share-level285 security ( “<span class="quote">security = share</span>”, steps 1 to 5 are skipped.286 </p><div class="orderedlist"><ol type="1"><li><p>284 If the service is marked <span class="quote">“<span class="quote">guest only = yes</span>”</span> and the server is running with share-level 285 security (<span class="quote">“<span class="quote">security = share</span>”</span>, steps 1 to 5 are skipped. 286 </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p> 287 287 If the client has passed a username/password pair and that username/password pair is validated by the UNIX 288 288 system's password programs, the connection is made as that username. This includes the 289 289 <code class="literal">\\server\service</code>%<em class="replaceable"><code>username</code></em> method of passing a username. 290 </p></li><li ><p>290 </p></li><li class="listitem"><p> 291 291 If the client has previously registered a username with the system and now supplies a correct password for that 292 292 username, the connection is allowed. 293 </p></li><li ><p>293 </p></li><li class="listitem"><p> 294 294 The client's NetBIOS name and any previously used usernames are checked against the supplied password. If 295 295 they match, the connection is allowed as the corresponding user. 296 </p></li><li ><p>296 </p></li><li class="listitem"><p> 297 297 If the client has previously validated a username/password pair with the server and the client has passed 298 298 the validation token, that username is used. 299 </p></li><li ><p>299 </p></li><li class="listitem"><p> 300 300 If a <code class="literal">user = </code> field is given in the <code class="filename">smb.conf</code> file for the 301 301 service and the client has supplied a password, and that password matches (according to the UNIX system's … … 303 303 the username in the <code class="literal">user =</code> line. If one of the usernames in the <code class="literal">user =</code> list 304 304 begins with a <code class="literal">@</code>, that name expands to a list of names in the group of the same name. 305 </p></li><li ><p>305 </p></li><li class="listitem"><p> 306 306 If the service is a guest service, a connection is made as the username given in the <code class="literal">guest account 307 307 =</code> for the service, irrespective of the supplied password. 308 </p></li></ol></div></div><div class="refsect1" lang="en"><a name="id2533244"></a><h2>REGISTRY-BASED CONFIGURATION</h2><p>308 </p></li></ol></div></div><div class="refsect1" title="REGISTRY-BASED CONFIGURATION"><a name="id2539216"></a><h2>REGISTRY-BASED CONFIGURATION</h2><p> 309 309 Starting with Samba version 3.2.0, the capability to 310 310 store Samba configuration in the registry is available. … … 312 312 <span class="emphasis"><em><code class="literal">HKLM\Software\Samba\smbconf</code></em></span>. 313 313 There are two levels of registry configuration: 314 </p><div class="orderedlist"><ol type="1"><li><p>Share definitions stored in registry are used.314 </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p>Share definitions stored in registry are used. 315 315 This is triggered by setting the global 316 316 parameter <em class="parameter"><code>registry shares</code></em> 317 to “<span class="quote">yes</span>”in <span class="emphasis"><em>smb.conf</em></span>.317 to <span class="quote">“<span class="quote">yes</span>”</span> in <span class="emphasis"><em>smb.conf</em></span>. 318 318 </p><p>The registry shares are loaded not at startup but 319 319 on demand at runtime by <span class="emphasis"><em>smbd</em></span>. 320 320 Shares defined in <span class="emphasis"><em>smb.conf</em></span> take 321 321 priority over shares of the same name defined in 322 registry.</p></li><li ><p>Global <span class="emphasis"><em>smb.conf</em></span>322 registry.</p></li><li class="listitem"><p>Global <span class="emphasis"><em>smb.conf</em></span> 323 323 options stored in registry are used. This can be activated 324 324 in two different ways:</p><p>Firstly, a registry only configuration is triggered … … 361 361 accessing the database file, circumventing the 362 362 server. 363 </p></div><div class="refsect1" lang="en"><a name="id2533420"></a><h2>EXPLANATION OF EACH PARAMETER</h2><div class="section" lang="en"><div class="titlepage"></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533430"></a>363 </p></div><div class="refsect1" title="EXPLANATION OF EACH PARAMETER"><a name="id2539391"></a><h2>EXPLANATION OF EACH PARAMETER</h2><div class="section"><div class="titlepage"></div><div class="section" title="abort shutdown script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2539402"></a> 364 364 365 365 abort shutdown script (G) 366 </h3></div></div></div><a class="indexterm" name="id253 3432"></a><a name="ABORTSHUTDOWNSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This a full path name to a script called by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that366 </h3></div></div></div><a class="indexterm" name="id2539403"></a><a name="ABORTSHUTDOWNSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This a full path name to a script called by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that 367 367 should stop a shutdown procedure issued by the <a class="link" href="smb.conf.5.html#SHUTDOWNSCRIPT" target="_top">shutdown script</a>.</p><p>If the connected user posseses the <code class="constant">SeRemoteShutdownPrivilege</code>, 368 368 right, this command will be run as root.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>abort shutdown script</code></em> = <code class="literal">""</code> … … 370 370 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>abort shutdown script</code></em> = <code class="literal">/sbin/shutdown -c</code> 371 371 </em></span> 372 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533510"></a>372 </p></dd></dl></div></div><div class="section" title="acl check permissions (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2539481"></a> 373 373 374 374 acl check permissions (S) 375 </h3></div></div></div><a class="indexterm" name="id253 3511"></a><a name="ACLCHECKPERMISSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls what <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>does on receiving a protocol request of "open for delete"375 </h3></div></div></div><a class="indexterm" name="id2539482"></a><a name="ACLCHECKPERMISSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls what <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>does on receiving a protocol request of "open for delete" 376 376 from a Windows client. If a Windows client doesn't have permissions to delete a file then they 377 377 expect this to be denied at open time. POSIX systems normally only detect restrictions on delete by … … 393 393 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>acl check permissions</code></em> = <code class="literal">True</code> 394 394 </em></span> 395 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2481367"></a>395 </p></dd></dl></div></div><div class="section" title="acl compatibility (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2487333"></a> 396 396 397 397 acl compatibility (G) 398 </h3></div></div></div><a class="indexterm" name="id248 1368"></a><a name="ACLCOMPATIBILITY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies what OS ACL semantics should398 </h3></div></div></div><a class="indexterm" name="id2487334"></a><a name="ACLCOMPATIBILITY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies what OS ACL semantics should 399 399 be compatible with. Possible values are <span class="emphasis"><em>winnt</em></span> for Windows NT 4, 400 400 <span class="emphasis"><em>win2k</em></span> for Windows 2000 and above and <span class="emphasis"><em>auto</em></span>. … … 405 405 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>acl compatibility</code></em> = <code class="literal">win2k</code> 406 406 </em></span> 407 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2481444"></a>407 </p></dd></dl></div></div><div class="section" title="acl group control (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2487409"></a> 408 408 409 409 acl group control (S) 410 </h3></div></div></div><a class="indexterm" name="id248 1445"></a><a name="ACLGROUPCONTROL"></a><div class="variablelist"><dl><dt></dt><dd><p>410 </h3></div></div></div><a class="indexterm" name="id2487410"></a><a name="ACLGROUPCONTROL"></a><div class="variablelist"><dl><dt></dt><dd><p> 411 411 In a POSIX filesystem, only the owner of a file or directory and the superuser can modify the permissions 412 412 and ACLs on a file. If this parameter is set, then Samba overrides this restriction, and also allows the … … 435 435 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>acl group control</code></em> = <code class="literal">no</code> 436 436 </em></span> 437 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533901"></a>437 </p></dd></dl></div></div><div class="section" title="acl map full control (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2539872"></a> 438 438 439 439 acl map full control (S) 440 </h3></div></div></div><a class="indexterm" name="id253 3902"></a><a name="ACLMAPFULLCONTROL"></a><div class="variablelist"><dl><dt></dt><dd><p>440 </h3></div></div></div><a class="indexterm" name="id2539873"></a><a name="ACLMAPFULLCONTROL"></a><div class="variablelist"><dl><dt></dt><dd><p> 441 441 This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>maps a POSIX ACE entry of "rwx" (read/write/execute), the maximum 442 442 allowed POSIX permission set, into a Windows ACL of "FULL CONTROL". If this parameter is set to true any POSIX … … 446 446 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>acl map full control</code></em> = <code class="literal">True</code> 447 447 </em></span> 448 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533952"></a>448 </p></dd></dl></div></div><div class="section" title="add group script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2539923"></a> 449 449 450 450 add group script (G) 451 </h3></div></div></div><a class="indexterm" name="id253 3953"></a><a name="ADDGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>451 </h3></div></div></div><a class="indexterm" name="id2539924"></a><a name="ADDGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 452 452 This is the full pathname to a script that will be run <span class="emphasis"><em>AS ROOT</em></span> by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when a new group is requested. It 453 453 will expand any <em class="parameter"><code>%g</code></em> to the group name passed. This script is only useful … … 459 459 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add group script</code></em> = <code class="literal">/usr/sbin/groupadd %g</code> 460 460 </em></span> 461 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534027"></a>461 </p></dd></dl></div></div><div class="section" title="add machine script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2539998"></a> 462 462 463 463 add machine script (G) 464 </h3></div></div></div><a class="indexterm" name="id253 4028"></a><a name="ADDMACHINESCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>464 </h3></div></div></div><a class="indexterm" name="id2539999"></a><a name="ADDMACHINESCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 465 465 This is the full pathname to a script that will be run by 466 466 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when a machine is … … 473 473 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add machine script</code></em> = <code class="literal">/usr/sbin/adduser -n -g machines -c Machine -d /var/lib/nobody -s /bin/false %u</code> 474 474 </em></span> 475 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534106"></a>475 </p></dd></dl></div></div><div class="section" title="add port command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540077"></a> 476 476 477 477 add port command (G) 478 </h3></div></div></div><a class="indexterm" name="id25 34107"></a><a name="ADDPORTCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>Samba 3.0.23 introduced support for adding printer ports478 </h3></div></div></div><a class="indexterm" name="id2540078"></a><a name="ADDPORTCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>Samba 3.0.23 introduced support for adding printer ports 479 479 remotely using the Windows "Add Standard TCP/IP Port Wizard". 480 480 This option defines an external program to be executed when 481 481 smbd receives a request to add a new Port to the system. 482 The script is passed two parameters:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>port name</code></em></p></li><li><p><em class="parameter"><code>device URI</code></em></p></li></ul></div><p>The deviceURI is in the for of socket://<hostname>[:<portnumber>]482 The script is passed two parameters:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>port name</code></em></p></li><li class="listitem"><p><em class="parameter"><code>device URI</code></em></p></li></ul></div><p>The deviceURI is in the for of socket://<hostname>[:<portnumber>] 483 483 or lpd://<hostname>/<queuename>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>add port command</code></em> = <code class="literal"></code> 484 484 </em></span> 485 485 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add port command</code></em> = <code class="literal">/etc/samba/scripts/addport.sh</code> 486 486 </em></span> 487 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534189"></a>487 </p></dd></dl></div></div><div class="section" title="addprinter command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540161"></a> 488 488 489 489 addprinter command (G) 490 </h3></div></div></div><a class="indexterm" name="id25 34190"></a><a name="ADDPRINTERCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printing490 </h3></div></div></div><a class="indexterm" name="id2540162"></a><a name="ADDPRINTERCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printing 491 491 support for Windows NT/2000 clients in Samba 2.2, The MS Add 492 492 Printer Wizard (APW) icon is now also available in the … … 502 502 shared by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>.</p><p>The <em class="parameter"><code>addprinter command</code></em> is 503 503 automatically invoked with the following parameter (in 504 order):</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>printer name</code></em></p></li><li><p><em class="parameter"><code>share name</code></em></p></li><li><p><em class="parameter"><code>port name</code></em></p></li><li><p><em class="parameter"><code>driver name</code></em></p></li><li><p><em class="parameter"><code>location</code></em></p></li><li><p><em class="parameter"><code>Windows 9x driver location</code></em></p></li></ul></div><p>All parameters are filled in from the PRINTER_INFO_2 structure sent504 order):</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>printer name</code></em></p></li><li class="listitem"><p><em class="parameter"><code>share name</code></em></p></li><li class="listitem"><p><em class="parameter"><code>port name</code></em></p></li><li class="listitem"><p><em class="parameter"><code>driver name</code></em></p></li><li class="listitem"><p><em class="parameter"><code>location</code></em></p></li><li class="listitem"><p><em class="parameter"><code>Windows 9x driver location</code></em></p></li></ul></div><p>All parameters are filled in from the PRINTER_INFO_2 structure sent 505 505 by the Windows NT/2000 client with one exception. The "Windows 9x 506 506 driver location" parameter is included for backwards compatibility … … 519 519 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>addprinter command</code></em> = <code class="literal">/usr/bin/addprinter</code> 520 520 </em></span> 521 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534377"></a>521 </p></dd></dl></div></div><div class="section" title="add share command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540350"></a> 522 522 523 523 add share command (G) 524 </h3></div></div></div><a class="indexterm" name="id25 34378"></a><a name="ADDSHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>524 </h3></div></div></div><a class="indexterm" name="id2540351"></a><a name="ADDSHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p> 525 525 Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server 526 526 Manager. The <em class="parameter"><code>add share command</code></em> is used to define an external program … … 538 538 When executed, <code class="literal">smbd</code> will automatically invoke the 539 539 <em class="parameter"><code>add share command</code></em> with five parameters. 540 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>configFile</code></em> - the location of the global <code class="filename">smb.conf</code> file.541 </p></li><li ><p><em class="parameter"><code>shareName</code></em> - the name of the new share.542 </p></li><li ><p><em class="parameter"><code>pathName</code></em> - path to an **existing**540 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>configFile</code></em> - the location of the global <code class="filename">smb.conf</code> file. 541 </p></li><li class="listitem"><p><em class="parameter"><code>shareName</code></em> - the name of the new share. 542 </p></li><li class="listitem"><p><em class="parameter"><code>pathName</code></em> - path to an **existing** 543 543 directory on disk. 544 </p></li><li ><p><em class="parameter"><code>comment</code></em> - comment string to associate with the new544 </p></li><li class="listitem"><p><em class="parameter"><code>comment</code></em> - comment string to associate with the new 545 545 share. 546 </p></li><li ><p><em class="parameter"><code>max546 </p></li><li class="listitem"><p><em class="parameter"><code>max 547 547 connections</code></em> 548 548 Number of maximum simultaneous connections to this … … 554 554 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add share command</code></em> = <code class="literal">/usr/local/bin/addshare</code> 555 555 </em></span> 556 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534563"></a>556 </p></dd></dl></div></div><div class="section" title="add user script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540535"></a> 557 557 558 558 add user script (G) 559 </h3></div></div></div><a class="indexterm" name="id25 34564"></a><a name="ADDUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>559 </h3></div></div></div><a class="indexterm" name="id2540536"></a><a name="ADDUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 560 560 This is the full pathname to a script that will be run <span class="emphasis"><em>AS ROOT</em></span> by 561 561 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> … … 592 592 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add user script</code></em> = <code class="literal">/usr/local/samba/bin/add_user %u</code> 593 593 </em></span> 594 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534774"></a>594 </p></dd></dl></div></div><div class="section" title="add user to group script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540746"></a> 595 595 596 596 add user to group script (G) 597 </h3></div></div></div><a class="indexterm" name="id25 34775"></a><a name="ADDUSERTOGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>597 </h3></div></div></div><a class="indexterm" name="id2540747"></a><a name="ADDUSERTOGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 598 598 Full path to the script that will be called when a user is added to a group using the Windows NT domain administration 599 599 tools. It will be run by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> … … 607 607 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>add user to group script</code></em> = <code class="literal">/usr/sbin/adduser %u %g</code> 608 608 </em></span> 609 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534861"></a>609 </p></dd></dl></div></div><div class="section" title="administrative share (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540833"></a> 610 610 611 611 administrative share (S) 612 </h3></div></div></div><a class="indexterm" name="id25 34862"></a><a name="ADMINISTRATIVESHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is set to <code class="constant">yes</code> for612 </h3></div></div></div><a class="indexterm" name="id2540834"></a><a name="ADMINISTRATIVESHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is set to <code class="constant">yes</code> for 613 613 a share, then the share will be an administrative share. The Administrative 614 614 Shares are the default network shares created by all Windows NT-based … … 617 617 information about this option.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>administrative share</code></em> = <code class="literal">no</code> 618 618 </em></span> 619 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534920"></a>619 </p></dd></dl></div></div><div class="section" title="admin users (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540891"></a> 620 620 621 621 admin users (S) 622 </h3></div></div></div><a class="indexterm" name="id25 34921"></a><a name="ADMINUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of users who will be granted622 </h3></div></div></div><a class="indexterm" name="id2540892"></a><a name="ADMINUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of users who will be granted 623 623 administrative privileges on the share. This means that they 624 624 will do all file operations as the super-user (root).</p><p>You should use this option very carefully, as any user in … … 629 629 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>admin users</code></em> = <code class="literal">jason</code> 630 630 </em></span> 631 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2534992"></a>631 </p></dd></dl></div></div><div class="section" title="afs share (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2540963"></a> 632 632 633 633 afs share (S) 634 </h3></div></div></div><a class="indexterm" name="id25 34993"></a><a name="AFSSHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether special AFS features are enabled634 </h3></div></div></div><a class="indexterm" name="id2540964"></a><a name="AFSSHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether special AFS features are enabled 635 635 for this share. If enabled, it assumes that the directory exported via 636 636 the <em class="parameter"><code>path</code></em> parameter is a local AFS import. The … … 639 639 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>afs share</code></em> = <code class="literal">no</code> 640 640 </em></span> 641 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535039"></a>641 </p></dd></dl></div></div><div class="section" title="afs username map (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541011"></a> 642 642 643 643 afs username map (G) 644 </h3></div></div></div><a class="indexterm" name="id25 35040"></a><a name="AFSUSERNAMEMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>If you are using the fake kaserver AFS feature, you might644 </h3></div></div></div><a class="indexterm" name="id2541012"></a><a name="AFSUSERNAMEMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>If you are using the fake kaserver AFS feature, you might 645 645 want to hand-craft the usernames you are creating tokens for. 646 646 For example this is necessary if you have users from several domain … … 652 652 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>afs username map</code></em> = <code class="literal">%u@afs.samba.org</code> 653 653 </em></span> 654 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535102"></a>654 </p></dd></dl></div></div><div class="section" title="aio read size (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541073"></a> 655 655 656 656 aio read size (S) 657 </h3></div></div></div><a class="indexterm" name="id25 35103"></a><a name="AIOREADSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba has been built with asynchronous I/O support and this657 </h3></div></div></div><a class="indexterm" name="id2541074"></a><a name="AIOREADSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba has been built with asynchronous I/O support and this 658 658 integer parameter is set to non-zero value, 659 659 Samba will read from file asynchronously when size of request is bigger … … 666 666 request size</code> 667 667 </em></span> 668 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535188"></a> 668 </p></dd></dl></div></div><div class="section" title="aio write behind (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541160"></a> 669 670 aio write behind (S) 671 </h3></div></div></div><a class="indexterm" name="id2541161"></a><a name="AIOWRITEBEHIND"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba has been built with asynchronous I/O support, 672 Samba will not wait until write requests are finished before returning 673 the result to the client for files listed in this parameter. 674 Instead, Samba will immediately return that the write 675 request has been finished successfully, no matter if the 676 operation will succeed or not. This might speed up clients without 677 aio support, but is really dangerous, because data could be lost 678 and files could be damaged. 679 </p><p> 680 The syntax is identical to the <a class="link" href="smb.conf.5.html#VETOFILES" target="_top">veto files</a> 681 parameter. 682 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>aio write behind</code></em> = <code class="literal"></code> 683 </em></span> 684 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>aio write behind</code></em> = <code class="literal">/*.tmp/</code> 685 </em></span> 686 </p></dd></dl></div></div><div class="section" title="aio write size (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541231"></a> 669 687 670 688 aio write size (S) 671 </h3></div></div></div><a class="indexterm" name="id25 35189"></a><a name="AIOWRITESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba has been built with asynchronous I/O support and this689 </h3></div></div></div><a class="indexterm" name="id2541232"></a><a name="AIOWRITESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba has been built with asynchronous I/O support and this 672 690 integer parameter is set to non-zero value, 673 691 Samba will write to file asynchronously when size of request is bigger … … 680 698 request size</code> 681 699 </em></span> 682 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535274"></a>700 </p></dd></dl></div></div><div class="section" title="algorithmic rid base (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541317"></a> 683 701 684 702 algorithmic rid base (G) 685 </h3></div></div></div><a class="indexterm" name="id25 35275"></a><a name="ALGORITHMICRIDBASE"></a><div class="variablelist"><dl><dt></dt><dd><p>This determines how Samba will use its703 </h3></div></div></div><a class="indexterm" name="id2541318"></a><a name="ALGORITHMICRIDBASE"></a><div class="variablelist"><dl><dt></dt><dd><p>This determines how Samba will use its 686 704 algorithmic mapping from uids/gid to the RIDs needed to construct 687 705 NT Security Identifiers. … … 698 716 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>algorithmic rid base</code></em> = <code class="literal">100000</code> 699 717 </em></span> 700 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535345"></a>718 </p></dd></dl></div></div><div class="section" title="allocation roundup size (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541387"></a> 701 719 702 720 allocation roundup size (S) 703 </h3></div></div></div><a class="indexterm" name="id25 35346"></a><a name="ALLOCATIONROUNDUPSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows an administrator to tune the721 </h3></div></div></div><a class="indexterm" name="id2541388"></a><a name="ALLOCATIONROUNDUPSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows an administrator to tune the 704 722 allocation size reported to Windows clients. The default 705 723 size of 1Mb generally results in improved Windows client … … 713 731 # (to disable roundups)</code> 714 732 </em></span> 715 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535409"></a>733 </p></dd></dl></div></div><div class="section" title="allow trusted domains (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541452"></a> 716 734 717 735 allow trusted domains (G) 718 </h3></div></div></div><a class="indexterm" name="id25 35410"></a><a name="ALLOWTRUSTEDDOMAINS"></a><div class="variablelist"><dl><dt></dt><dd><p>736 </h3></div></div></div><a class="indexterm" name="id2541453"></a><a name="ALLOWTRUSTEDDOMAINS"></a><div class="variablelist"><dl><dt></dt><dd><p> 719 737 This option only takes effect when the <a class="link" href="smb.conf.5.html#SECURITY" target="_top">security</a> option is set to 720 738 <code class="constant">server</code>, <code class="constant">domain</code> or <code class="constant">ads</code>. … … 731 749 can make implementing a security boundary difficult.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>allow trusted domains</code></em> = <code class="literal">yes</code> 732 750 </em></span> 733 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535482"></a>751 </p></dd></dl></div></div><div class="section" title="announce as (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541524"></a> 734 752 735 753 announce as (G) 736 </h3></div></div></div><a class="indexterm" name="id25 35483"></a><a name="ANNOUNCEAS"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies what type of server <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will announce itself as, to a network neighborhood browse754 </h3></div></div></div><a class="indexterm" name="id2541525"></a><a name="ANNOUNCEAS"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies what type of server <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will announce itself as, to a network neighborhood browse 737 755 list. By default this is set to Windows NT. The valid options 738 756 are : "NT Server" (which can also be written as "NT"), … … 746 764 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>announce as</code></em> = <code class="literal">Win95</code> 747 765 </em></span> 748 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535551"></a>766 </p></dd></dl></div></div><div class="section" title="announce version (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541593"></a> 749 767 750 768 announce version (G) 751 </h3></div></div></div><a class="indexterm" name="id25 35552"></a><a name="ANNOUNCEVERSION"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies the major and minor version numbers769 </h3></div></div></div><a class="indexterm" name="id2541594"></a><a name="ANNOUNCEVERSION"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies the major and minor version numbers 752 770 that nmbd will use when announcing itself as a server. The default 753 771 is 4.9. Do not change this parameter unless you have a specific … … 756 774 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>announce version</code></em> = <code class="literal">2.0</code> 757 775 </em></span> 758 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535607"></a>776 </p></dd></dl></div></div><div class="section" title="auth methods (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541650"></a> 759 777 760 778 auth methods (G) 761 </h3></div></div></div><a class="indexterm" name="id25 35608"></a><a name="AUTHMETHODS"></a><div class="variablelist"><dl><dt></dt><dd><p>779 </h3></div></div></div><a class="indexterm" name="id2541651"></a><a name="AUTHMETHODS"></a><div class="variablelist"><dl><dt></dt><dd><p> 762 780 This option allows the administrator to chose what authentication methods <code class="literal">smbd</code> 763 781 will use when authenticating a user. This option defaults to sensible values based on <a class="link" href="smb.conf.5.html#SECURITY" target="_top">security</a>. … … 780 798 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>auth methods</code></em> = <code class="literal">guest sam winbind</code> 781 799 </em></span> 782 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535713"></a>800 </p></dd></dl></div></div><div class="section" title="available (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541755"></a> 783 801 784 802 available (S) 785 </h3></div></div></div><a class="indexterm" name="id25 35714"></a><a name="AVAILABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter lets you "turn off" a service. If803 </h3></div></div></div><a class="indexterm" name="id2541756"></a><a name="AVAILABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter lets you "turn off" a service. If 786 804 <em class="parameter"><code>available = no</code></em>, then <span class="emphasis"><em>ALL</em></span> 787 805 attempts to connect to the service will fail. Such failures are 788 806 logged.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>available</code></em> = <code class="literal">yes</code> 789 807 </em></span> 790 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2535761"></a>808 </p></dd></dl></div></div><div class="section" title="bind interfaces only (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2541803"></a> 791 809 792 810 bind interfaces only (G) 793 </h3></div></div></div><a class="indexterm" name="id25 35762"></a><a name="BINDINTERFACESONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This global parameter allows the Samba admin811 </h3></div></div></div><a class="indexterm" name="id2541804"></a><a name="BINDINTERFACESONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This global parameter allows the Samba admin 794 812 to limit what interfaces on a machine will serve SMB requests. It 795 813 affects file service <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> and name service <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> in a slightly different ways.</p><p> … … 832 850 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>bind interfaces only</code></em> = <code class="literal">no</code> 833 851 </em></span> 834 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536088"></a>852 </p></dd></dl></div></div><div class="section" title="blocking locks (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542130"></a> 835 853 836 854 blocking locks (S) 837 </h3></div></div></div><a class="indexterm" name="id25 36089"></a><a name="BLOCKINGLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls the behavior855 </h3></div></div></div><a class="indexterm" name="id2542131"></a><a name="BLOCKINGLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls the behavior 838 856 of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when given a request by a client 839 857 to obtain a byte range lock on a region of an open file, and the … … 846 864 cannot be obtained.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>blocking locks</code></em> = <code class="literal">yes</code> 847 865 </em></span> 848 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536152"></a>866 </p></dd></dl></div></div><div class="section" title="block size (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542194"></a> 849 867 850 868 block size (S) 851 </h3></div></div></div><a class="indexterm" name="id25 36153"></a><a name="BLOCKSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls the behavior of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when reporting disk free869 </h3></div></div></div><a class="indexterm" name="id2542195"></a><a name="BLOCKSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls the behavior of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when reporting disk free 852 870 sizes. By default, this reports a disk block size of 1024 bytes. 853 871 </p><p>Changing this parameter may have some effect on the … … 863 881 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>block size</code></em> = <code class="literal">4096</code> 864 882 </em></span> 865 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536230"></a>883 </p></dd></dl></div></div><div class="section" title="browsable"><div class="titlepage"><div><div><h3 class="title"><a name="id2542279"></a> 866 884 867 885 <a name="BROWSABLE"></a>browsable 868 </h3></div></div></div><a class="indexterm" name="id25 36231"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#BROWSEABLE">browseable</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536257"></a>886 </h3></div></div></div><a class="indexterm" name="id2542280"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#BROWSEABLE">browseable</a>.</p></dd></dl></div></div><div class="section" title="browseable (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542306"></a> 869 887 870 888 browseable (S) 871 </h3></div></div></div><a class="indexterm" name="id25 36258"></a><a name="BROWSEABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether this share is seen in889 </h3></div></div></div><a class="indexterm" name="id2542307"></a><a name="BROWSEABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether this share is seen in 872 890 the list of available shares in a net view and in the browse list.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>browseable</code></em> = <code class="literal">yes</code> 873 891 </em></span> 874 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536296"></a>892 </p></dd></dl></div></div><div class="section" title="browse list (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542345"></a> 875 893 876 894 browse list (G) 877 </h3></div></div></div><a class="indexterm" name="id25 36297"></a><a name="BROWSELIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will serve a browse list to895 </h3></div></div></div><a class="indexterm" name="id2542346"></a><a name="BROWSELIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will serve a browse list to 878 896 a client doing a <code class="literal">NetServerEnum</code> call. Normally 879 897 set to <code class="constant">yes</code>. You should never need to change 880 898 this.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>browse list</code></em> = <code class="literal">yes</code> 881 899 </em></span> 882 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536350"></a>900 </p></dd></dl></div></div><div class="section" title="casesignames"><div class="titlepage"><div><div><h3 class="title"><a name="id2542399"></a> 883 901 884 902 <a name="CASESIGNAMES"></a>casesignames 885 </h3></div></div></div><a class="indexterm" name="id25 36351"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#CASESENSITIVE">case sensitive</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536377"></a>903 </h3></div></div></div><a class="indexterm" name="id2542400"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#CASESENSITIVE">case sensitive</a>.</p></dd></dl></div></div><div class="section" title="case sensitive (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542426"></a> 886 904 887 905 case sensitive (S) 888 </h3></div></div></div><a class="indexterm" name="id25 36378"></a><a name="CASESENSITIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>See the discussion in the section <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>case sensitive</code></em> = <code class="literal">no</code>889 </em></span> 890 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536424"></a>906 </h3></div></div></div><a class="indexterm" name="id2542427"></a><a name="CASESENSITIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>See the discussion in the section <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>case sensitive</code></em> = <code class="literal">no</code> 907 </em></span> 908 </p></dd></dl></div></div><div class="section" title="change notify (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542473"></a> 891 909 892 910 change notify (S) 893 </h3></div></div></div><a class="indexterm" name="id25 36425"></a><a name="CHANGENOTIFY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should reply911 </h3></div></div></div><a class="indexterm" name="id2542474"></a><a name="CHANGENOTIFY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should reply 894 912 to a client's file change notify requests. 895 913 </p><p>You should never need to change this parameter</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>change notify</code></em> = <code class="literal">yes</code> 896 914 </em></span> 897 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536466"></a>915 </p></dd></dl></div></div><div class="section" title="change share command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542515"></a> 898 916 899 917 change share command (G) 900 </h3></div></div></div><a class="indexterm" name="id25 36468"></a><a name="CHANGESHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>918 </h3></div></div></div><a class="indexterm" name="id2542516"></a><a name="CHANGESHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p> 901 919 Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server 902 920 Manager. The <em class="parameter"><code>change share command</code></em> is used to define an external … … 913 931 When executed, <code class="literal">smbd</code> will automatically invoke the 914 932 <em class="parameter"><code>change share command</code></em> with five parameters. 915 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>configFile</code></em> - the location933 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>configFile</code></em> - the location 916 934 of the global <code class="filename">smb.conf</code> file. 917 </p></li><li ><p><em class="parameter"><code>shareName</code></em> - the name of the new935 </p></li><li class="listitem"><p><em class="parameter"><code>shareName</code></em> - the name of the new 918 936 share. 919 </p></li><li ><p><em class="parameter"><code>pathName</code></em> - path to an **existing**937 </p></li><li class="listitem"><p><em class="parameter"><code>pathName</code></em> - path to an **existing** 920 938 directory on disk. 921 </p></li><li ><p><em class="parameter"><code>comment</code></em> - comment string to associate939 </p></li><li class="listitem"><p><em class="parameter"><code>comment</code></em> - comment string to associate 922 940 with the new share. 923 </p></li><li ><p><em class="parameter"><code>max941 </p></li><li class="listitem"><p><em class="parameter"><code>max 924 942 connections</code></em> 925 943 Number of maximum simultaneous connections to this … … 933 951 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>change share command</code></em> = <code class="literal">/usr/local/bin/changeshare</code> 934 952 </em></span> 935 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536645"></a>953 </p></dd></dl></div></div><div class="section" title="check password script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542694"></a> 936 954 937 955 check password script (G) 938 </h3></div></div></div><a class="indexterm" name="id25 36646"></a><a name="CHECKPASSWORDSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>The name of a program that can be used to check password956 </h3></div></div></div><a class="indexterm" name="id2542695"></a><a name="CHECKPASSWORDSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>The name of a program that can be used to check password 939 957 complexity. The password is sent to the program's standard input.</p><p>The program must return 0 on a good password, or any other value 940 958 if the password is bad. … … 945 963 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>check password script</code></em> = <code class="literal">/usr/local/sbin/crackcheck</code> 946 964 </em></span> 947 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536718"></a>965 </p></dd></dl></div></div><div class="section" title="client lanman auth (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542767"></a> 948 966 949 967 client lanman auth (G) 950 </h3></div></div></div><a class="indexterm" name="id25 36719"></a><a name="CLIENTLANMANAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbclient.8.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(8)</span></a> and other samba client968 </h3></div></div></div><a class="indexterm" name="id2542768"></a><a name="CLIENTLANMANAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbclient.8.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(8)</span></a> and other samba client 951 969 tools will attempt to authenticate itself to servers using the 952 970 weaker LANMAN password hash. If disabled, only server which support NT … … 959 977 attempted.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client lanman auth</code></em> = <code class="literal">no</code> 960 978 </em></span> 961 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536794"></a>979 </p></dd></dl></div></div><div class="section" title="client ldap sasl wrapping (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542843"></a> 962 980 963 981 client ldap sasl wrapping (G) 964 </h3></div></div></div><a class="indexterm" name="id25 36795"></a><a name="CLIENTLDAPSASLWRAPPING"></a><div class="variablelist"><dl><dt></dt><dd><p>982 </h3></div></div></div><a class="indexterm" name="id2542844"></a><a name="CLIENTLDAPSASLWRAPPING"></a><div class="variablelist"><dl><dt></dt><dd><p> 965 983 The <a class="link" href="smb.conf.5.html#CLIENTLDAPSASLWRAPPING" target="_top">client ldap sasl wrapping</a> defines whether 966 984 ldap traffic will be signed or signed and encrypted (sealed). … … 990 1008 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client ldap sasl wrapping</code></em> = <code class="literal">plain</code> 991 1009 </em></span> 992 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536910"></a>1010 </p></dd></dl></div></div><div class="section" title="client ntlmv2 auth (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2542959"></a> 993 1011 994 1012 client ntlmv2 auth (G) 995 </h3></div></div></div><a class="indexterm" name="id25 36911"></a><a name="CLIENTNTLMV2AUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbclient.8.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(8)</span></a> will attempt to1013 </h3></div></div></div><a class="indexterm" name="id2542960"></a><a name="CLIENTNTLMV2AUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbclient.8.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(8)</span></a> will attempt to 996 1014 authenticate itself to servers using the NTLMv2 encrypted password 997 1015 response.</p><p>If enabled, only an NTLMv2 and LMv2 response (both much more … … 1005 1023 responses, and not the weaker LM or NTLM.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client ntlmv2 auth</code></em> = <code class="literal">no</code> 1006 1024 </em></span> 1007 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2536997"></a>1025 </p></dd></dl></div></div><div class="section" title="client plaintext auth (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543046"></a> 1008 1026 1009 1027 client plaintext auth (G) 1010 </h3></div></div></div><a class="indexterm" name="id25 36998"></a><a name="CLIENTPLAINTEXTAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies whether a client should send a plaintext1028 </h3></div></div></div><a class="indexterm" name="id2543047"></a><a name="CLIENTPLAINTEXTAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies whether a client should send a plaintext 1011 1029 password if the server does not support encrypted passwords.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client plaintext auth</code></em> = <code class="literal">no</code> 1012 1030 </em></span> 1013 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537037"></a>1031 </p></dd></dl></div></div><div class="section" title="client schannel (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543086"></a> 1014 1032 1015 1033 client schannel (G) 1016 </h3></div></div></div><a class="indexterm" name="id25 37038"></a><a name="CLIENTSCHANNEL"></a><div class="variablelist"><dl><dt></dt><dd><p>1034 </h3></div></div></div><a class="indexterm" name="id2543087"></a><a name="CLIENTSCHANNEL"></a><div class="variablelist"><dl><dt></dt><dd><p> 1017 1035 This controls whether the client offers or even demands the use of the netlogon schannel. 1018 1036 <a class="link" href="smb.conf.5.html#CLIENTSCHANNEL" target="_top">client schannel = no</a> does not offer the schannel, … … 1024 1042 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>client schannel</code></em> = <code class="literal">yes</code> 1025 1043 </em></span> 1026 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537121"></a>1044 </p></dd></dl></div></div><div class="section" title="client signing (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543170"></a> 1027 1045 1028 1046 client signing (G) 1029 </h3></div></div></div><a class="indexterm" name="id25 37122"></a><a name="CLIENTSIGNING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether the client is allowed or required to use SMB signing. Possible values1047 </h3></div></div></div><a class="indexterm" name="id2543171"></a><a name="CLIENTSIGNING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether the client is allowed or required to use SMB signing. Possible values 1030 1048 are <span class="emphasis"><em>auto</em></span>, <span class="emphasis"><em>mandatory</em></span> 1031 1049 and <span class="emphasis"><em>disabled</em></span>. … … 1035 1053 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client signing</code></em> = <code class="literal">auto</code> 1036 1054 </em></span> 1037 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537175"></a>1055 </p></dd></dl></div></div><div class="section" title="client use spnego (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543224"></a> 1038 1056 1039 1057 client use spnego (G) 1040 </h3></div></div></div><a class="indexterm" name="id25 37176"></a><a name="CLIENTUSESPNEGO"></a><div class="variablelist"><dl><dt></dt><dd><p> This variable controls whether Samba clients will try1058 </h3></div></div></div><a class="indexterm" name="id2543225"></a><a name="CLIENTUSESPNEGO"></a><div class="variablelist"><dl><dt></dt><dd><p> This variable controls whether Samba clients will try 1041 1059 to use Simple and Protected NEGOciation (as specified by rfc2478) with 1042 1060 supporting servers (including WindowsXP, Windows2000 and Samba … … 1044 1062 mechanism. This enables Kerberos authentication in particular.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client use spnego</code></em> = <code class="literal">yes</code> 1045 1063 </em></span> 1046 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537217"></a>1064 </p></dd></dl></div></div><div class="section" title="cluster addresses (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543266"></a> 1047 1065 1048 1066 cluster addresses (G) 1049 </h3></div></div></div><a class="indexterm" name="id25 37218"></a><a name="CLUSTERADDRESSES"></a><div class="variablelist"><dl><dt></dt><dd><p>With this parameter you can add additional addresses1067 </h3></div></div></div><a class="indexterm" name="id2543267"></a><a name="CLUSTERADDRESSES"></a><div class="variablelist"><dl><dt></dt><dd><p>With this parameter you can add additional addresses 1050 1068 nmbd will register with a WINS server. These addresses are not 1051 1069 necessarily present on all nodes simultaneously, but they will … … 1056 1074 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>cluster addresses</code></em> = <code class="literal">10.0.0.1 10.0.0.2 10.0.0.3</code> 1057 1075 </em></span> 1058 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537273"></a>1076 </p></dd></dl></div></div><div class="section" title="clustering (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543322"></a> 1059 1077 1060 1078 clustering (G) 1061 </h3></div></div></div><a class="indexterm" name="id25 37274"></a><a name="CLUSTERING"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should contact1079 </h3></div></div></div><a class="indexterm" name="id2543323"></a><a name="CLUSTERING"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should contact 1062 1080 ctdb for accessing its tdb files and use ctdb as a backend 1063 1081 for its messaging backend. … … 1066 1084 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>clustering</code></em> = <code class="literal">no</code> 1067 1085 </em></span> 1068 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537322"></a>1086 </p></dd></dl></div></div><div class="section" title="comment (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543371"></a> 1069 1087 1070 1088 comment (S) 1071 </h3></div></div></div><a class="indexterm" name="id25 37323"></a><a name="COMMENT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a text field that is seen next to a share1089 </h3></div></div></div><a class="indexterm" name="id2543372"></a><a name="COMMENT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a text field that is seen next to a share 1072 1090 when a client does a queries the server, either via the network 1073 1091 neighborhood or via <code class="literal">net view</code> to list what shares … … 1078 1096 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>comment</code></em> = <code class="literal">Fred's Files</code> 1079 1097 </em></span> 1080 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537396"></a>1098 </p></dd></dl></div></div><div class="section" title="config backend (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543445"></a> 1081 1099 1082 1100 config backend (G) 1083 </h3></div></div></div><a class="indexterm" name="id25 37397"></a><a name="CONFIGBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p>1101 </h3></div></div></div><a class="indexterm" name="id2543446"></a><a name="CONFIGBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p> 1084 1102 This controls the backend for storing the configuration. 1085 1103 Possible values are <span class="emphasis"><em>file</em></span> (the default) … … 1099 1117 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>config backend</code></em> = <code class="literal">registry</code> 1100 1118 </em></span> 1101 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537486"></a>1119 </p></dd></dl></div></div><div class="section" title="config file (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543534"></a> 1102 1120 1103 1121 config file (G) 1104 </h3></div></div></div><a class="indexterm" name="id25 37487"></a><a name="CONFIGFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>This allows you to override the config file1122 </h3></div></div></div><a class="indexterm" name="id2543535"></a><a name="CONFIGFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>This allows you to override the config file 1105 1123 to use, instead of the default (usually <code class="filename">smb.conf</code>). 1106 1124 There is a chicken and egg problem here as this option is set … … 1112 1130 clients).</p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>config file</code></em> = <code class="literal">/usr/local/samba/lib/smb.conf.%m</code> 1113 1131 </em></span> 1114 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537552"></a>1132 </p></dd></dl></div></div><div class="section" title="copy (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543600"></a> 1115 1133 1116 1134 copy (S) 1117 </h3></div></div></div><a class="indexterm" name="id25 37553"></a><a name="COPY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows you to "clone" service1135 </h3></div></div></div><a class="indexterm" name="id2543601"></a><a name="COPY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows you to "clone" service 1118 1136 entries. The specified service is simply duplicated under the 1119 1137 current service's name. Any parameters specified in the current … … 1125 1143 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>copy</code></em> = <code class="literal">otherservice</code> 1126 1144 </em></span> 1127 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537614"></a>1145 </p></dd></dl></div></div><div class="section" title="create mode"><div class="titlepage"><div><div><h3 class="title"><a name="id2543662"></a> 1128 1146 1129 1147 <a name="CREATEMODE"></a>create mode 1130 </h3></div></div></div><a class="indexterm" name="id25 37615"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#CREATEMASK">create mask</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537641"></a>1148 </h3></div></div></div><a class="indexterm" name="id2543663"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#CREATEMASK">create mask</a>.</p></dd></dl></div></div><div class="section" title="create mask (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543689"></a> 1131 1149 1132 1150 create mask (S) 1133 </h3></div></div></div><a class="indexterm" name="id25 37642"></a><a name="CREATEMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>1151 </h3></div></div></div><a class="indexterm" name="id2543690"></a><a name="CREATEMASK"></a><div class="variablelist"><dl><dt></dt><dd><p> 1134 1152 When a file is created, the necessary permissions are calculated according to the mapping from DOS modes to 1135 1153 UNIX permissions, and the resulting UNIX mode is then bit-wise 'AND'ed with this parameter. This parameter may … … 1152 1170 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>create mask</code></em> = <code class="literal">0775</code> 1153 1171 </em></span> 1154 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537761"></a>1172 </p></dd></dl></div></div><div class="section" title="csc policy (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543810"></a> 1155 1173 1156 1174 csc policy (S) 1157 </h3></div></div></div><a class="indexterm" name="id25 37762"></a><a name="CSCPOLICY"></a><div class="variablelist"><dl><dt></dt><dd><p>1175 </h3></div></div></div><a class="indexterm" name="id2543811"></a><a name="CSCPOLICY"></a><div class="variablelist"><dl><dt></dt><dd><p> 1158 1176 This stands for <span class="emphasis"><em>client-side caching policy</em></span>, and specifies how clients capable of offline 1159 1177 caching will cache the files in the share. The valid values are: manual, documents, programs, disable. … … 1167 1185 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>csc policy</code></em> = <code class="literal">programs</code> 1168 1186 </em></span> 1169 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537837"></a>1187 </p></dd></dl></div></div><div class="section" title="ctdbd socket (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543886"></a> 1170 1188 1171 1189 ctdbd socket (G) 1172 </h3></div></div></div><a class="indexterm" name="id25 37838"></a><a name="CTDBDSOCKET"></a><div class="variablelist"><dl><dt></dt><dd><p>If you set <code class="literal">clustering=yes</code>,1190 </h3></div></div></div><a class="indexterm" name="id2543887"></a><a name="CTDBDSOCKET"></a><div class="variablelist"><dl><dt></dt><dd><p>If you set <code class="literal">clustering=yes</code>, 1173 1191 you need to tell Samba where ctdbd listens on its unix domain 1174 1192 socket. The default path as of ctdb 1.0 is /tmp/ctdb.socket which … … 1178 1196 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ctdbd socket</code></em> = <code class="literal">/tmp/ctdb.socket</code> 1179 1197 </em></span> 1180 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537897"></a>1198 </p></dd></dl></div></div><div class="section" title="cups connection timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2543946"></a> 1181 1199 1182 1200 cups connection timeout (G) 1183 </h3></div></div></div><a class="indexterm" name="id25 37898"></a><a name="CUPSCONNECTIONTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>1201 </h3></div></div></div><a class="indexterm" name="id2543947"></a><a name="CUPSCONNECTIONTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p> 1184 1202 This parameter is only applicable if <a class="link" href="smb.conf.5.html#PRINTING" target="_top">printing</a> is set to <code class="constant">cups</code>. 1185 1203 </p><p> … … 1191 1209 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>cups connection timeout</code></em> = <code class="literal">60</code> 1192 1210 </em></span> 1193 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2537968"></a>1211 </p></dd></dl></div></div><div class="section" title="cups options (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544018"></a> 1194 1212 1195 1213 cups options (S) 1196 </h3></div></div></div><a class="indexterm" name="id25 37970"></a><a name="CUPSOPTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>1214 </h3></div></div></div><a class="indexterm" name="id2544019"></a><a name="CUPSOPTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p> 1197 1215 This parameter is only applicable if <a class="link" href="smb.conf.5.html#PRINTING" target="_top">printing</a> is 1198 1216 set to <code class="constant">cups</code>. Its value is a free form string of options … … 1216 1234 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>cups options</code></em> = <code class="literal">"raw media=a4"</code> 1217 1235 </em></span> 1218 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538067"></a>1236 </p></dd></dl></div></div><div class="section" title="cups server (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544116"></a> 1219 1237 1220 1238 cups server (G) 1221 </h3></div></div></div><a class="indexterm" name="id25 38068"></a><a name="CUPSSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>1239 </h3></div></div></div><a class="indexterm" name="id2544117"></a><a name="CUPSSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p> 1222 1240 This parameter is only applicable if <a class="link" href="smb.conf.5.html#PRINTING" target="_top">printing</a> is set to <code class="constant">cups</code>. 1223 1241 </p><p> … … 1233 1251 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>cups server</code></em> = <code class="literal">mycupsserver:1631</code> 1234 1252 </em></span> 1235 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538164"></a>1253 </p></dd></dl></div></div><div class="section" title="deadtime (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544214"></a> 1236 1254 1237 1255 deadtime (G) 1238 </h3></div></div></div><a class="indexterm" name="id25 38166"></a><a name="DEADTIME"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a decimal integer)1256 </h3></div></div></div><a class="indexterm" name="id2544215"></a><a name="DEADTIME"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a decimal integer) 1239 1257 represents the number of minutes of inactivity before a connection 1240 1258 is considered dead, and it is disconnected. The deadtime only takes … … 1248 1266 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>deadtime</code></em> = <code class="literal">15</code> 1249 1267 </em></span> 1250 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538241"></a>1268 </p></dd></dl></div></div><div class="section" title="debug class (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544290"></a> 1251 1269 1252 1270 debug class (G) 1253 </h3></div></div></div><a class="indexterm" name="id25 38242"></a><a name="DEBUGCLASS"></a><div class="variablelist"><dl><dt></dt><dd><p>1271 </h3></div></div></div><a class="indexterm" name="id2544292"></a><a name="DEBUGCLASS"></a><div class="variablelist"><dl><dt></dt><dd><p> 1254 1272 With this boolean parameter enabled, the debug class (DBGC_CLASS) 1255 1273 will be displayed in the debug header. … … 1259 1277 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug class</code></em> = <code class="literal">no</code> 1260 1278 </em></span> 1261 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538293"></a>1279 </p></dd></dl></div></div><div class="section" title="debug hires timestamp (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544342"></a> 1262 1280 1263 1281 debug hires timestamp (G) 1264 </h3></div></div></div><a class="indexterm" name="id25 38294"></a><a name="DEBUGHIRESTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p>1282 </h3></div></div></div><a class="indexterm" name="id2544343"></a><a name="DEBUGHIRESTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p> 1265 1283 Sometimes the timestamps in the log messages are needed with a resolution of higher that seconds, this 1266 1284 boolean parameter adds microsecond resolution to the timestamp message header when turned on. … … 1269 1287 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug hires timestamp</code></em> = <code class="literal">no</code> 1270 1288 </em></span> 1271 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538348"></a>1289 </p></dd></dl></div></div><div class="section" title="debug pid (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544397"></a> 1272 1290 1273 1291 debug pid (G) 1274 </h3></div></div></div><a class="indexterm" name="id25 38349"></a><a name="DEBUGPID"></a><div class="variablelist"><dl><dt></dt><dd><p>1292 </h3></div></div></div><a class="indexterm" name="id2544398"></a><a name="DEBUGPID"></a><div class="variablelist"><dl><dt></dt><dd><p> 1275 1293 When using only one log file for more then one forked <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>-process there may be hard to follow which process outputs which 1276 1294 message. This boolean parameter is adds the process-id to the timestamp message headers in the … … 1280 1298 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug pid</code></em> = <code class="literal">no</code> 1281 1299 </em></span> 1282 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538410"></a>1300 </p></dd></dl></div></div><div class="section" title="debug prefix timestamp (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544459"></a> 1283 1301 1284 1302 debug prefix timestamp (G) 1285 </h3></div></div></div><a class="indexterm" name="id25 38411"></a><a name="DEBUGPREFIXTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p>1303 </h3></div></div></div><a class="indexterm" name="id2544460"></a><a name="DEBUGPREFIXTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p> 1286 1304 With this option enabled, the timestamp message header is prefixed to the debug message without the 1287 1305 filename and function information that is included with the <a class="link" href="smb.conf.5.html#DEBUGTIMESTAMP" target="_top">debug timestamp</a> … … 1291 1309 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug prefix timestamp</code></em> = <code class="literal">no</code> 1292 1310 </em></span> 1293 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538473"></a>1311 </p></dd></dl></div></div><div class="section" title="timestamp logs"><div class="titlepage"><div><div><h3 class="title"><a name="id2544522"></a> 1294 1312 1295 1313 <a name="TIMESTAMPLOGS"></a>timestamp logs 1296 </h3></div></div></div><a class="indexterm" name="id25 38474"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DEBUGTIMESTAMP">debug timestamp</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538500"></a>1314 </h3></div></div></div><a class="indexterm" name="id2544523"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DEBUGTIMESTAMP">debug timestamp</a>.</p></dd></dl></div></div><div class="section" title="debug timestamp (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544549"></a> 1297 1315 1298 1316 debug timestamp (G) 1299 </h3></div></div></div><a class="indexterm" name="id25 38501"></a><a name="DEBUGTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p>1317 </h3></div></div></div><a class="indexterm" name="id2544550"></a><a name="DEBUGTIMESTAMP"></a><div class="variablelist"><dl><dt></dt><dd><p> 1300 1318 Samba debug log messages are timestamped by default. If you are running at a high 1301 1319 <a class="link" href="smb.conf.5.html#DEBUGLEVEL" target="_top">debug level</a> these timestamps can be distracting. This … … 1303 1321 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug timestamp</code></em> = <code class="literal">yes</code> 1304 1322 </em></span> 1305 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538548"></a>1323 </p></dd></dl></div></div><div class="section" title="debug uid (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544597"></a> 1306 1324 1307 1325 debug uid (G) 1308 </h3></div></div></div><a class="indexterm" name="id25 38549"></a><a name="DEBUGUID"></a><div class="variablelist"><dl><dt></dt><dd><p>1326 </h3></div></div></div><a class="indexterm" name="id2544598"></a><a name="DEBUGUID"></a><div class="variablelist"><dl><dt></dt><dd><p> 1309 1327 Samba is sometimes run as root and sometime run as the connected user, this boolean parameter inserts the 1310 1328 current euid, egid, uid and gid to the timestamp message headers in the log file if turned on. … … 1313 1331 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug uid</code></em> = <code class="literal">no</code> 1314 1332 </em></span> 1315 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538602"></a>1333 </p></dd></dl></div></div><div class="section" title="default case (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544651"></a> 1316 1334 1317 1335 default case (S) 1318 </h3></div></div></div><a class="indexterm" name="id25 38603"></a><a name="DEFAULTCASE"></a><div class="variablelist"><dl><dt></dt><dd><p>See the section on <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a>.1336 </h3></div></div></div><a class="indexterm" name="id2544652"></a><a name="DEFAULTCASE"></a><div class="variablelist"><dl><dt></dt><dd><p>See the section on <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a>. 1319 1337 Also note the <a class="link" href="smb.conf.5.html#SHORTPRESERVECASE" target="_top">short preserve case</a> parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>default case</code></em> = <code class="literal">lower</code> 1320 1338 </em></span> 1321 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538656"></a>1339 </p></dd></dl></div></div><div class="section" title="default devmode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544705"></a> 1322 1340 1323 1341 default devmode (S) 1324 </h3></div></div></div><a class="indexterm" name="id25 38657"></a><a name="DEFAULTDEVMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only applicable to <a class="link" href="smb.conf.5.html#PRINTABLE" target="_top">printable</a> services.1342 </h3></div></div></div><a class="indexterm" name="id2544706"></a><a name="DEFAULTDEVMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only applicable to <a class="link" href="smb.conf.5.html#PRINTABLE" target="_top">printable</a> services. 1325 1343 When smbd is serving Printer Drivers to Windows NT/2k/XP clients, each printer on the Samba 1326 1344 server has a Device Mode which defines things such as paper size and … … 1345 1363 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>default devmode</code></em> = <code class="literal">yes</code> 1346 1364 </em></span> 1347 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538744"></a>1365 </p></dd></dl></div></div><div class="section" title="default"><div class="titlepage"><div><div><h3 class="title"><a name="id2544801"></a> 1348 1366 1349 1367 <a name="DEFAULT"></a>default 1350 </h3></div></div></div><a class="indexterm" name="id25 38745"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DEFAULTSERVICE">default service</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538771"></a>1368 </h3></div></div></div><a class="indexterm" name="id2544802"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DEFAULTSERVICE">default service</a>.</p></dd></dl></div></div><div class="section" title="default service (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544828"></a> 1351 1369 1352 1370 default service (G) 1353 </h3></div></div></div><a class="indexterm" name="id25 38772"></a><a name="DEFAULTSERVICE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the name of a service1371 </h3></div></div></div><a class="indexterm" name="id2544829"></a><a name="DEFAULTSERVICE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the name of a service 1354 1372 which will be connected to if the service actually requested cannot 1355 1373 be found. Note that the square brackets are <span class="emphasis"><em>NOT</em></span> … … 1365 1383 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>default service</code></em> = <code class="literal">pub</code> 1366 1384 </em></span> 1367 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538873"></a>1385 </p></dd></dl></div></div><div class="section" title="defer sharing violations (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544930"></a> 1368 1386 1369 1387 defer sharing violations (G) 1370 </h3></div></div></div><a class="indexterm" name="id25 38874"></a><a name="DEFERSHARINGVIOLATIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>1388 </h3></div></div></div><a class="indexterm" name="id2544931"></a><a name="DEFERSHARINGVIOLATIONS"></a><div class="variablelist"><dl><dt></dt><dd><p> 1371 1389 Windows allows specifying how a file will be shared with 1372 1390 other processes when it is opened. Sharing violations occur when … … 1381 1399 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>defer sharing violations</code></em> = <code class="literal">True</code> 1382 1400 </em></span> 1383 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538928"></a>1401 </p></dd></dl></div></div><div class="section" title="delete group script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2544985"></a> 1384 1402 1385 1403 delete group script (G) 1386 </h3></div></div></div><a class="indexterm" name="id25 38929"></a><a name="DELETEGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the full pathname to a script that will1404 </h3></div></div></div><a class="indexterm" name="id2544986"></a><a name="DELETEGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the full pathname to a script that will 1387 1405 be run <span class="emphasis"><em>AS ROOT</em></span> <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when a group is requested to be deleted. 1388 1406 It will expand any <em class="parameter"><code>%g</code></em> to the group name passed. … … 1390 1408 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>delete group script</code></em> = <code class="literal"></code> 1391 1409 </em></span> 1392 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2538984"></a>1410 </p></dd></dl></div></div><div class="section" title="deleteprinter command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545041"></a> 1393 1411 1394 1412 deleteprinter command (G) 1395 </h3></div></div></div><a class="indexterm" name="id25 38985"></a><a name="DELETEPRINTERCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printer1413 </h3></div></div></div><a class="indexterm" name="id2545042"></a><a name="DELETEPRINTERCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printer 1396 1414 support for Windows NT/2000 clients in Samba 2.2, it is now 1397 1415 possible to delete a printer at run time by issuing the … … 1411 1429 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>deleteprinter command</code></em> = <code class="literal">/usr/bin/removeprinter</code> 1412 1430 </em></span> 1413 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539111"></a>1431 </p></dd></dl></div></div><div class="section" title="delete readonly (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545168"></a> 1414 1432 1415 1433 delete readonly (S) 1416 </h3></div></div></div><a class="indexterm" name="id25 39112"></a><a name="DELETEREADONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows readonly files to be deleted.1434 </h3></div></div></div><a class="indexterm" name="id2545169"></a><a name="DELETEREADONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows readonly files to be deleted. 1417 1435 This is not normal DOS semantics, but is allowed by UNIX.</p><p>This option may be useful for running applications such 1418 1436 as rcs, where UNIX file ownership prevents changing file 1419 1437 permissions, and DOS semantics prevent deletion of a read only file.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>delete readonly</code></em> = <code class="literal">no</code> 1420 1438 </em></span> 1421 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539156"></a>1439 </p></dd></dl></div></div><div class="section" title="delete share command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545214"></a> 1422 1440 1423 1441 delete share command (G) 1424 </h3></div></div></div><a class="indexterm" name="id25 39157"></a><a name="DELETESHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>1442 </h3></div></div></div><a class="indexterm" name="id2545215"></a><a name="DELETESHARECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p> 1425 1443 Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server 1426 1444 Manager. The <em class="parameter"><code>delete share command</code></em> is used to define an external … … 1437 1455 When executed, <code class="literal">smbd</code> will automatically invoke the 1438 1456 <em class="parameter"><code>delete share command</code></em> with two parameters. 1439 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>configFile</code></em> - the location1457 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>configFile</code></em> - the location 1440 1458 of the global <code class="filename">smb.conf</code> file. 1441 </p></li><li ><p><em class="parameter"><code>shareName</code></em> - the name of1459 </p></li><li class="listitem"><p><em class="parameter"><code>shareName</code></em> - the name of 1442 1460 the existing service. 1443 1461 </p></li></ul></div><p> … … 1448 1466 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>delete share command</code></em> = <code class="literal">/usr/local/bin/delshare</code> 1449 1467 </em></span> 1450 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539308"></a>1468 </p></dd></dl></div></div><div class="section" title="delete user from group script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545365"></a> 1451 1469 1452 1470 delete user from group script (G) 1453 </h3></div></div></div><a class="indexterm" name="id25 39309"></a><a name="DELETEUSERFROMGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>Full path to the script that will be called when1471 </h3></div></div></div><a class="indexterm" name="id2545366"></a><a name="DELETEUSERFROMGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>Full path to the script that will be called when 1454 1472 a user is removed from a group using the Windows NT domain administration 1455 1473 tools. It will be run by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> <span class="emphasis"><em>AS ROOT</em></span>. … … 1460 1478 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>delete user from group script</code></em> = <code class="literal">/usr/sbin/deluser %u %g</code> 1461 1479 </em></span> 1462 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539388"></a>1480 </p></dd></dl></div></div><div class="section" title="delete user script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545445"></a> 1463 1481 1464 1482 delete user script (G) 1465 </h3></div></div></div><a class="indexterm" name="id25 39389"></a><a name="DELETEUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the full pathname to a script that will1483 </h3></div></div></div><a class="indexterm" name="id2545446"></a><a name="DELETEUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the full pathname to a script that will 1466 1484 be run by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when managing users 1467 1485 with remote RPC (NT) tools. … … 1472 1490 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>delete user script</code></em> = <code class="literal">/usr/local/samba/bin/del_user %u</code> 1473 1491 </em></span> 1474 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539464"></a>1492 </p></dd></dl></div></div><div class="section" title="delete veto files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545522"></a> 1475 1493 1476 1494 delete veto files (S) 1477 </h3></div></div></div><a class="indexterm" name="id25 39465"></a><a name="DELETEVETOFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used when Samba is attempting to1495 </h3></div></div></div><a class="indexterm" name="id2545523"></a><a name="DELETEVETOFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used when Samba is attempting to 1478 1496 delete a directory that contains one or more vetoed directories 1479 1497 (see the <a class="link" href="smb.conf.5.html#VETOFILES" target="_top">veto files</a> … … 1489 1507 is deleted (so long as the user has permissions to do so).</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>delete veto files</code></em> = <code class="literal">no</code> 1490 1508 </em></span> 1491 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539550"></a>1509 </p></dd></dl></div></div><div class="section" title="dfree cache time (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545607"></a> 1492 1510 1493 1511 dfree cache time (S) 1494 </h3></div></div></div><a class="indexterm" name="id25 39551"></a><a name="DFREECACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>1512 </h3></div></div></div><a class="indexterm" name="id2545608"></a><a name="DFREECACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p> 1495 1513 The <em class="parameter"><code>dfree cache time</code></em> should only be used on systems where a problem 1496 1514 occurs with the internal disk space calculations. This has been known to happen with Ultrix, but may occur … … 1505 1523 </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>dfree cache time</code></em> = <code class="literal">dfree cache time = 60</code> 1506 1524 </em></span> 1507 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539622"></a>1525 </p></dd></dl></div></div><div class="section" title="dfree command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545680"></a> 1508 1526 1509 1527 dfree command (S) 1510 </h3></div></div></div><a class="indexterm" name="id25 39623"></a><a name="DFREECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>1528 </h3></div></div></div><a class="indexterm" name="id2545681"></a><a name="DFREECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p> 1511 1529 The <em class="parameter"><code>dfree command</code></em> setting should only be used on systems where a 1512 1530 problem occurs with the internal disk space calculations. This has been known to happen with Ultrix, but may … … 1546 1564 </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>dfree command</code></em> = <code class="literal">/usr/local/samba/bin/dfree</code> 1547 1565 </em></span> 1548 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539744"></a>1566 </p></dd></dl></div></div><div class="section" title="directory mode"><div class="titlepage"><div><div><h3 class="title"><a name="id2545801"></a> 1549 1567 1550 1568 <a name="DIRECTORYMODE"></a>directory mode 1551 </h3></div></div></div><a class="indexterm" name="id25 39745"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DIRECTORYMASK">directory mask</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539771"></a>1569 </h3></div></div></div><a class="indexterm" name="id2545802"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#DIRECTORYMASK">directory mask</a>.</p></dd></dl></div></div><div class="section" title="directory mask (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545828"></a> 1552 1570 1553 1571 directory mask (S) 1554 </h3></div></div></div><a class="indexterm" name="id25 39772"></a><a name="DIRECTORYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is the octal modes which are1572 </h3></div></div></div><a class="indexterm" name="id2545829"></a><a name="DIRECTORYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is the octal modes which are 1555 1573 used when converting DOS modes to UNIX modes when creating UNIX 1556 1574 directories.</p><p>When a directory is created, the necessary permissions are … … 1570 1588 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>directory mask</code></em> = <code class="literal">0775</code> 1571 1589 </em></span> 1572 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539876"></a>1590 </p></dd></dl></div></div><div class="section" title="directory security mask (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2545933"></a> 1573 1591 1574 1592 directory security mask (S) 1575 </h3></div></div></div><a class="indexterm" name="id25 39877"></a><a name="DIRECTORYSECURITYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls what UNIX permission bits1593 </h3></div></div></div><a class="indexterm" name="id2545934"></a><a name="DIRECTORYSECURITYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls what UNIX permission bits 1576 1594 will be set when a Windows NT client is manipulating the UNIX 1577 1595 permission on a directory using the native NT security dialog … … 1593 1611 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>directory security mask</code></em> = <code class="literal">0700</code> 1594 1612 </em></span> 1595 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2539976"></a>1613 </p></dd></dl></div></div><div class="section" title="disable netbios (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546034"></a> 1596 1614 1597 1615 disable netbios (G) 1598 </h3></div></div></div><a class="indexterm" name="id25 39977"></a><a name="DISABLENETBIOS"></a><div class="variablelist"><dl><dt></dt><dd><p>Enabling this parameter will disable netbios support1616 </h3></div></div></div><a class="indexterm" name="id2546035"></a><a name="DISABLENETBIOS"></a><div class="variablelist"><dl><dt></dt><dd><p>Enabling this parameter will disable netbios support 1599 1617 in Samba. Netbios is the only available form of browsing in 1600 all windows versions except for 2000 and XP. </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Clients that only support netbios won't be able to1618 all windows versions except for 2000 and XP. </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Clients that only support netbios won't be able to 1601 1619 see your samba server when netbios support is disabled. 1602 1620 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>disable netbios</code></em> = <code class="literal">no</code> 1603 1621 </em></span> 1604 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540022"></a>1622 </p></dd></dl></div></div><div class="section" title="disable spoolss (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546080"></a> 1605 1623 1606 1624 disable spoolss (G) 1607 </h3></div></div></div><a class="indexterm" name="id254 0023"></a><a name="DISABLESPOOLSS"></a><div class="variablelist"><dl><dt></dt><dd><p>Enabling this parameter will disable Samba's support1625 </h3></div></div></div><a class="indexterm" name="id2546081"></a><a name="DISABLESPOOLSS"></a><div class="variablelist"><dl><dt></dt><dd><p>Enabling this parameter will disable Samba's support 1608 1626 for the SPOOLSS set of MS-RPC's and will yield identical behavior 1609 1627 as Samba 2.0.x. Windows NT/2000 clients will downgrade to using … … 1617 1635 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>disable spoolss</code></em> = <code class="literal">no</code> 1618 1636 </em></span> 1619 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540074"></a>1637 </p></dd></dl></div></div><div class="section" title="display charset (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546131"></a> 1620 1638 1621 1639 display charset (G) 1622 </h3></div></div></div><a class="indexterm" name="id254 0075"></a><a name="DISPLAYCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p>1640 </h3></div></div></div><a class="indexterm" name="id2546132"></a><a name="DISPLAYCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p> 1623 1641 Specifies the charset that samba will use to print messages to stdout and stderr. 1624 1642 The default value is "LOCALE", which means automatically set, depending on the … … 1629 1647 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>display charset</code></em> = <code class="literal">UTF8</code> 1630 1648 </em></span> 1631 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540140"></a>1649 </p></dd></dl></div></div><div class="section" title="dmapi support (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546197"></a> 1632 1650 1633 1651 dmapi support (S) 1634 </h3></div></div></div><a class="indexterm" name="id254 0141"></a><a name="DMAPISUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should use DMAPI to1652 </h3></div></div></div><a class="indexterm" name="id2546198"></a><a name="DMAPISUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should use DMAPI to 1635 1653 determine whether a file is offline or not. This would typically 1636 1654 be used in conjunction with a hierarchical storage system that … … 1647 1665 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>dmapi support</code></em> = <code class="literal">no</code> 1648 1666 </em></span> 1649 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540199"></a>1667 </p></dd></dl></div></div><div class="section" title="dns proxy (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546256"></a> 1650 1668 1651 1669 dns proxy (G) 1652 </h3></div></div></div><a class="indexterm" name="id254 0200"></a><a name="DNSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies that <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> when acting as a WINS server and1670 </h3></div></div></div><a class="indexterm" name="id2546257"></a><a name="DNSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies that <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> when acting as a WINS server and 1653 1671 finding that a NetBIOS name has not been registered, should treat the 1654 1672 NetBIOS name word-for-word as a DNS name and do a lookup with the DNS server … … 1659 1677 action.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>dns proxy</code></em> = <code class="literal">yes</code> 1660 1678 </em></span> 1661 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540262"></a>1679 </p></dd></dl></div></div><div class="section" title="domain logons (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546320"></a> 1662 1680 1663 1681 domain logons (G) 1664 </h3></div></div></div><a class="indexterm" name="id254 0263"></a><a name="DOMAINLOGONS"></a><div class="variablelist"><dl><dt></dt><dd><p>1682 </h3></div></div></div><a class="indexterm" name="id2546321"></a><a name="DOMAINLOGONS"></a><div class="variablelist"><dl><dt></dt><dd><p> 1665 1683 If set to <code class="constant">yes</code>, the Samba server will 1666 1684 provide the netlogon service for Windows 9X network logons for the … … 1672 1690 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>domain logons</code></em> = <code class="literal">no</code> 1673 1691 </em></span> 1674 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540316"></a>1692 </p></dd></dl></div></div><div class="section" title="domain master (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546373"></a> 1675 1693 1676 1694 domain master (G) 1677 </h3></div></div></div><a class="indexterm" name="id254 0317"></a><a name="DOMAINMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p>1695 </h3></div></div></div><a class="indexterm" name="id2546374"></a><a name="DOMAINMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p> 1678 1696 Tell <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> to enable 1679 1697 WAN-wide browse list collation. Setting this option causes <code class="literal">nmbd</code> to claim a … … 1701 1719 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>domain master</code></em> = <code class="literal">auto</code> 1702 1720 </em></span> 1703 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540507"></a>1721 </p></dd></dl></div></div><div class="section" title="dont descend (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546564"></a> 1704 1722 1705 1723 dont descend (S) 1706 </h3></div></div></div><a class="indexterm" name="id254 0508"></a><a name="DONTDESCEND"></a><div class="variablelist"><dl><dt></dt><dd><p>There are certain directories on some systems1724 </h3></div></div></div><a class="indexterm" name="id2546565"></a><a name="DONTDESCEND"></a><div class="variablelist"><dl><dt></dt><dd><p>There are certain directories on some systems 1707 1725 (e.g., the <code class="filename">/proc</code> tree under Linux) that are either not 1708 1726 of interest to clients or are infinitely deep (recursive). This … … 1715 1733 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>dont descend</code></em> = <code class="literal">/proc,/dev</code> 1716 1734 </em></span> 1717 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540585"></a>1735 </p></dd></dl></div></div><div class="section" title="dos charset (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546642"></a> 1718 1736 1719 1737 dos charset (G) 1720 </h3></div></div></div><a class="indexterm" name="id254 0586"></a><a name="DOSCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p>DOS SMB clients assume the server has1738 </h3></div></div></div><a class="indexterm" name="id2546643"></a><a name="DOSCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p>DOS SMB clients assume the server has 1721 1739 the same charset as they do. This option specifies which 1722 1740 charset Samba should talk to DOS clients. 1723 1741 </p><p>The default depends on which charsets you have installed. 1724 1742 Samba tries to use charset 850 but falls back to ASCII in 1725 case it is not available. Run <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a> to check the default on your system.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540626"></a>1743 case it is not available. Run <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a> to check the default on your system.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="dos filemode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546684"></a> 1726 1744 1727 1745 dos filemode (S) 1728 </h3></div></div></div><a class="indexterm" name="id254 0627"></a><a name="DOSFILEMODE"></a><div class="variablelist"><dl><dt></dt><dd><p> The default behavior in Samba is to provide1746 </h3></div></div></div><a class="indexterm" name="id2546685"></a><a name="DOSFILEMODE"></a><div class="variablelist"><dl><dt></dt><dd><p> The default behavior in Samba is to provide 1729 1747 UNIX-like behavior where only the owner of a file/directory is 1730 1748 able to change the permissions on it. However, this behavior … … 1737 1755 file/directory may also be changed.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>dos filemode</code></em> = <code class="literal">no</code> 1738 1756 </em></span> 1739 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540683"></a>1757 </p></dd></dl></div></div><div class="section" title="dos filetime resolution (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546730"></a> 1740 1758 1741 1759 dos filetime resolution (S) 1742 </h3></div></div></div><a class="indexterm" name="id254 0684"></a><a name="DOSFILETIMERESOLUTION"></a><div class="variablelist"><dl><dt></dt><dd><p>Under the DOS and Windows FAT filesystem, the finest1760 </h3></div></div></div><a class="indexterm" name="id2546731"></a><a name="DOSFILETIMERESOLUTION"></a><div class="variablelist"><dl><dt></dt><dd><p>Under the DOS and Windows FAT filesystem, the finest 1743 1761 granularity on time resolution is two seconds. Setting this parameter 1744 1762 for a share causes Samba to round the reported time down to the … … 1755 1773 happy.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>dos filetime resolution</code></em> = <code class="literal">no</code> 1756 1774 </em></span> 1757 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540746"></a>1775 </p></dd></dl></div></div><div class="section" title="dos filetimes (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546794"></a> 1758 1776 1759 1777 dos filetimes (S) 1760 </h3></div></div></div><a class="indexterm" name="id254 0747"></a><a name="DOSFILETIMES"></a><div class="variablelist"><dl><dt></dt><dd><p>Under DOS and Windows, if a user can write to a1778 </h3></div></div></div><a class="indexterm" name="id2546795"></a><a name="DOSFILETIMES"></a><div class="variablelist"><dl><dt></dt><dd><p>Under DOS and Windows, if a user can write to a 1761 1779 file they can change the timestamp on it. Under POSIX semantics, 1762 1780 only the owner of the file or root may change the timestamp. By … … 1772 1790 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>dos filetimes</code></em> = <code class="literal">yes</code> 1773 1791 </em></span> 1774 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540812"></a>1792 </p></dd></dl></div></div><div class="section" title="ea support (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546859"></a> 1775 1793 1776 1794 ea support (S) 1777 </h3></div></div></div><a class="indexterm" name="id254 0813"></a><a name="EASUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will allow clients to attempt to store OS/2 style Extended1795 </h3></div></div></div><a class="indexterm" name="id2546860"></a><a name="EASUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will allow clients to attempt to store OS/2 style Extended 1778 1796 attributes on a share. In order to enable this parameter the underlying filesystem exported by 1779 1797 the share must support extended attributes (such as provided on XFS and EXT3 on Linux, with the … … 1782 1800 extended attributes must be compiled into the Linux kernel.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ea support</code></em> = <code class="literal">no</code> 1783 1801 </em></span> 1784 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540865"></a>1802 </p></dd></dl></div></div><div class="section" title="enable asu support (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546913"></a> 1785 1803 1786 1804 enable asu support (G) 1787 </h3></div></div></div><a class="indexterm" name="id254 0866"></a><a name="ENABLEASUSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>Hosts running the "Advanced Server for Unix (ASU)" product1805 </h3></div></div></div><a class="indexterm" name="id2546914"></a><a name="ENABLEASUSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>Hosts running the "Advanced Server for Unix (ASU)" product 1788 1806 require some special accomodations such as creating a builtin [ADMIN$] 1789 1807 share that only supports IPC connections. The has been the default … … 1793 1811 an [ADMIN$] file share in smb.conf.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>enable asu support</code></em> = <code class="literal">no</code> 1794 1812 </em></span> 1795 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540910"></a> 1813 </p></dd></dl></div></div><div class="section" title="enable core files (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2546957"></a> 1814 1815 enable core files (G) 1816 </h3></div></div></div><a class="indexterm" name="id2546958"></a><a name="ENABLECOREFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether core dumps should be written 1817 on internal exits. Normally set to <code class="constant">yes</code>. 1818 You should never need to change this. 1819 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>enable core files</code></em> = <code class="literal">yes</code> 1820 </em></span> 1821 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>enable core files</code></em> = <code class="literal">no</code> 1822 </em></span> 1823 </p></dd></dl></div></div><div class="section" title="enable privileges (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547016"></a> 1796 1824 1797 1825 enable privileges (G) 1798 </h3></div></div></div><a class="indexterm" name="id254 0911"></a><a name="ENABLEPRIVILEGES"></a><div class="variablelist"><dl><dt></dt><dd><p>1826 </h3></div></div></div><a class="indexterm" name="id2547017"></a><a name="ENABLEPRIVILEGES"></a><div class="variablelist"><dl><dt></dt><dd><p> 1799 1827 This parameter controls whether or not smbd will honor privileges assigned to specific SIDs via either 1800 1828 <code class="literal">net rpc rights</code> or one of the Windows user and group manager tools. This parameter is … … 1809 1837 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>enable privileges</code></em> = <code class="literal">yes</code> 1810 1838 </em></span> 1811 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2540970"></a>1839 </p></dd></dl></div></div><div class="section" title="encrypt passwords (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547076"></a> 1812 1840 1813 1841 encrypt passwords (G) 1814 </h3></div></div></div><a class="indexterm" name="id254 0971"></a><a name="ENCRYPTPASSWORDS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean controls whether encrypted passwords1842 </h3></div></div></div><a class="indexterm" name="id2547077"></a><a name="ENCRYPTPASSWORDS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean controls whether encrypted passwords 1815 1843 will be negotiated with the client. Note that Windows NT 4.0 SP3 and 1816 1844 above and also Windows 98 will by default expect encrypted passwords … … 1835 1863 server.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>encrypt passwords</code></em> = <code class="literal">yes</code> 1836 1864 </em></span> 1837 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541075"></a>1865 </p></dd></dl></div></div><div class="section" title="enhanced browsing (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547180"></a> 1838 1866 1839 1867 enhanced browsing (G) 1840 </h3></div></div></div><a class="indexterm" name="id254 1076"></a><a name="ENHANCEDBROWSING"></a><div class="variablelist"><dl><dt></dt><dd><p>This option enables a couple of enhancements to1868 </h3></div></div></div><a class="indexterm" name="id2547182"></a><a name="ENHANCEDBROWSING"></a><div class="variablelist"><dl><dt></dt><dd><p>This option enables a couple of enhancements to 1841 1869 cross-subnet browse propagation that have been added in Samba 1842 1870 but which are not standard in Microsoft implementations. … … 1851 1879 cross-subnet browse propagation much more reliable.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>enhanced browsing</code></em> = <code class="literal">yes</code> 1852 1880 </em></span> 1853 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541136"></a>1881 </p></dd></dl></div></div><div class="section" title="enumports command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547242"></a> 1854 1882 1855 1883 enumports command (G) 1856 </h3></div></div></div><a class="indexterm" name="id254 1137"></a><a name="ENUMPORTSCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The concept of a "port" is fairly foreign1884 </h3></div></div></div><a class="indexterm" name="id2547243"></a><a name="ENUMPORTSCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The concept of a "port" is fairly foreign 1857 1885 to UNIX hosts. Under Windows NT/2000 print servers, a port 1858 1886 is associated with a port monitor and generally takes the form of … … 1871 1899 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>enumports command</code></em> = <code class="literal">/usr/bin/listports</code> 1872 1900 </em></span> 1873 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541217"></a>1901 </p></dd></dl></div></div><div class="section" title="eventlog list (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547323"></a> 1874 1902 1875 1903 eventlog list (G) 1876 </h3></div></div></div><a class="indexterm" name="id254 1218"></a><a name="EVENTLOGLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This option defines a list of log names that Samba will1904 </h3></div></div></div><a class="indexterm" name="id2547324"></a><a name="EVENTLOGLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This option defines a list of log names that Samba will 1877 1905 report to the Microsoft EventViewer utility. The listed 1878 1906 eventlogs will be associated with tdb file on disk in the … … 1887 1915 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>eventlog list</code></em> = <code class="literal">Security Application Syslog Apache</code> 1888 1916 </em></span> 1889 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541290"></a>1917 </p></dd></dl></div></div><div class="section" title="fake directory create times (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547396"></a> 1890 1918 1891 1919 fake directory create times (S) 1892 </h3></div></div></div><a class="indexterm" name="id254 1291"></a><a name="FAKEDIRECTORYCREATETIMES"></a><div class="variablelist"><dl><dt></dt><dd><p>NTFS and Windows VFAT file systems keep a create1920 </h3></div></div></div><a class="indexterm" name="id2547397"></a><a name="FAKEDIRECTORYCREATETIMES"></a><div class="variablelist"><dl><dt></dt><dd><p>NTFS and Windows VFAT file systems keep a create 1893 1921 time for all files and directories. This is not the same as the 1894 1922 ctime - status change time - that Unix keeps, so Samba by default … … 1912 1940 will proceed as expected.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>fake directory create times</code></em> = <code class="literal">no</code> 1913 1941 </em></span> 1914 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541357"></a>1942 </p></dd></dl></div></div><div class="section" title="fake oplocks (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547463"></a> 1915 1943 1916 1944 fake oplocks (S) 1917 </h3></div></div></div><a class="indexterm" name="id254 1358"></a><a name="FAKEOPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>Oplocks are the way that SMB clients get permission1945 </h3></div></div></div><a class="indexterm" name="id2547464"></a><a name="FAKEOPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>Oplocks are the way that SMB clients get permission 1918 1946 from a server to locally cache file operations. If a server grants 1919 1947 an oplock (opportunistic lock) then the client is free to assume … … 1931 1959 this option carefully!</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>fake oplocks</code></em> = <code class="literal">no</code> 1932 1960 </em></span> 1933 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541441"></a>1961 </p></dd></dl></div></div><div class="section" title="follow symlinks (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547554"></a> 1934 1962 1935 1963 follow symlinks (S) 1936 </h3></div></div></div><a class="indexterm" name="id254 1442"></a><a name="FOLLOWSYMLINKS"></a><div class="variablelist"><dl><dt></dt><dd><p>1964 </h3></div></div></div><a class="indexterm" name="id2547555"></a><a name="FOLLOWSYMLINKS"></a><div class="variablelist"><dl><dt></dt><dd><p> 1937 1965 This parameter allows the Samba administrator to stop <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> from following symbolic links in a particular share. Setting this 1938 1966 parameter to <code class="constant">no</code> prevents any file or directory that is a symbolic link from being … … 1944 1972 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>follow symlinks</code></em> = <code class="literal">yes</code> 1945 1973 </em></span> 1946 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541511"></a>1974 </p></dd></dl></div></div><div class="section" title="force create mode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547624"></a> 1947 1975 1948 1976 force create mode (S) 1949 </h3></div></div></div><a class="indexterm" name="id254 1512"></a><a name="FORCECREATEMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a set of UNIX mode bit1977 </h3></div></div></div><a class="indexterm" name="id2547625"></a><a name="FORCECREATEMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a set of UNIX mode bit 1950 1978 permissions that will <span class="emphasis"><em>always</em></span> be set on a 1951 1979 file created by Samba. This is done by bitwise 'OR'ing these bits onto … … 1959 1987 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force create mode</code></em> = <code class="literal">0755</code> 1960 1988 </em></span> 1961 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541585"></a>1989 </p></dd></dl></div></div><div class="section" title="force directory mode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547698"></a> 1962 1990 1963 1991 force directory mode (S) 1964 </h3></div></div></div><a class="indexterm" name="id254 1586"></a><a name="FORCEDIRECTORYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a set of UNIX mode bit1992 </h3></div></div></div><a class="indexterm" name="id2547699"></a><a name="FORCEDIRECTORYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a set of UNIX mode bit 1965 1993 permissions that will <span class="emphasis"><em>always</em></span> be set on a directory 1966 1994 created by Samba. This is done by bitwise 'OR'ing these bits onto the … … 1975 2003 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force directory mode</code></em> = <code class="literal">0755</code> 1976 2004 </em></span> 1977 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541659"></a>2005 </p></dd></dl></div></div><div class="section" title="force directory security mode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547778"></a> 1978 2006 1979 2007 force directory security mode (S) 1980 </h3></div></div></div><a class="indexterm" name="id254 1660"></a><a name="FORCEDIRECTORYSECURITYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>2008 </h3></div></div></div><a class="indexterm" name="id2547779"></a><a name="FORCEDIRECTORYSECURITYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p> 1981 2009 This parameter controls what UNIX permission bits can be modified when a Windows NT client is manipulating 1982 2010 the UNIX permission on a directory using the native NT security dialog box. … … 1991 2019 If not set explicitly this parameter is 0000, which allows a user to modify all the user/group/world 1992 2020 permissions on a directory without restrictions. 1993 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>2021 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 1994 2022 Users who can access the Samba server through other means can easily bypass this restriction, so it is 1995 2023 primarily useful for standalone "appliance" systems. Administrators of most normal systems will … … 1999 2027 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force directory security mode</code></em> = <code class="literal">700</code> 2000 2028 </em></span> 2001 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541756"></a>2029 </p></dd></dl></div></div><div class="section" title="group"><div class="titlepage"><div><div><h3 class="title"><a name="id2547874"></a> 2002 2030 2003 2031 <a name="GROUP"></a>group 2004 </h3></div></div></div><a class="indexterm" name="id254 1757"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#FORCEGROUP">force group</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541783"></a>2032 </h3></div></div></div><a class="indexterm" name="id2547875"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#FORCEGROUP">force group</a>.</p></dd></dl></div></div><div class="section" title="force group (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2547903"></a> 2005 2033 2006 2034 force group (S) 2007 </h3></div></div></div><a class="indexterm" name="id254 1784"></a><a name="FORCEGROUP"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies a UNIX group name that will be2035 </h3></div></div></div><a class="indexterm" name="id2547904"></a><a name="FORCEGROUP"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies a UNIX group name that will be 2008 2036 assigned as the default primary group for all users connecting 2009 2037 to this service. This is useful for sharing files by ensuring … … 2029 2057 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force group</code></em> = <code class="literal">agroup</code> 2030 2058 </em></span> 2031 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541888"></a>2059 </p></dd></dl></div></div><div class="section" title="force printername (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548027"></a> 2032 2060 2033 2061 force printername (S) 2034 </h3></div></div></div><a class="indexterm" name="id254 1889"></a><a name="FORCEPRINTERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>When printing from Windows NT (or later),2062 </h3></div></div></div><a class="indexterm" name="id2548028"></a><a name="FORCEPRINTERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>When printing from Windows NT (or later), 2035 2063 each printer in <code class="filename">smb.conf</code> has two 2036 2064 associated names which can be used by the client. The first … … 2055 2083 folder.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>force printername</code></em> = <code class="literal">no</code> 2056 2084 </em></span> 2057 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2541979"></a>2085 </p></dd></dl></div></div><div class="section" title="force security mode (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548119"></a> 2058 2086 2059 2087 force security mode (S) 2060 </h3></div></div></div><a class="indexterm" name="id254 1980"></a><a name="FORCESECURITYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p>2088 </h3></div></div></div><a class="indexterm" name="id2548120"></a><a name="FORCESECURITYMODE"></a><div class="variablelist"><dl><dt></dt><dd><p> 2061 2089 This parameter controls what UNIX permission bits can be modified when a Windows NT client is manipulating 2062 2090 the UNIX permission on a file using the native NT security dialog box. … … 2078 2106 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force security mode</code></em> = <code class="literal">700</code> 2079 2107 </em></span> 2080 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542081"></a>2108 </p></dd></dl></div></div><div class="section" title="force unknown acl user (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548221"></a> 2081 2109 2082 2110 force unknown acl user (S) 2083 </h3></div></div></div><a class="indexterm" name="id254 2082"></a><a name="FORCEUNKNOWNACLUSER"></a><div class="variablelist"><dl><dt></dt><dd><p>2111 </h3></div></div></div><a class="indexterm" name="id2548222"></a><a name="FORCEUNKNOWNACLUSER"></a><div class="variablelist"><dl><dt></dt><dd><p> 2084 2112 If this parameter is set, a Windows NT ACL that contains an unknown SID (security descriptor, or 2085 2113 representation of a user or group id) as the owner or group owner of the file will be silently … … 2095 2123 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>force unknown acl user</code></em> = <code class="literal">no</code> 2096 2124 </em></span> 2097 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542144"></a>2125 </p></dd></dl></div></div><div class="section" title="force user (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548284"></a> 2098 2126 2099 2127 force user (S) 2100 </h3></div></div></div><a class="indexterm" name="id254 2145"></a><a name="FORCEUSER"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies a UNIX user name that will be2128 </h3></div></div></div><a class="indexterm" name="id2548285"></a><a name="FORCEUSER"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies a UNIX user name that will be 2101 2129 assigned as the default user for all users connecting to this service. 2102 2130 This is useful for sharing files. You should also use it carefully … … 2112 2140 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>force user</code></em> = <code class="literal">auser</code> 2113 2141 </em></span> 2114 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542220"></a>2142 </p></dd></dl></div></div><div class="section" title="fstype (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548360"></a> 2115 2143 2116 2144 fstype (S) 2117 </h3></div></div></div><a class="indexterm" name="id254 2221"></a><a name="FSTYPE"></a><div class="variablelist"><dl><dt></dt><dd><p>2145 </h3></div></div></div><a class="indexterm" name="id2548361"></a><a name="FSTYPE"></a><div class="variablelist"><dl><dt></dt><dd><p> 2118 2146 This parameter allows the administrator to configure the string that specifies the type of filesystem a share 2119 2147 is using that is reported by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> … … 2125 2153 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>fstype</code></em> = <code class="literal">Samba</code> 2126 2154 </em></span> 2127 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542302"></a>2155 </p></dd></dl></div></div><div class="section" title="get quota command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548442"></a> 2128 2156 2129 2157 get quota command (G) 2130 </h3></div></div></div><a class="indexterm" name="id254 2303"></a><a name="GETQUOTACOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The <code class="literal">get quota command</code> should only be used2158 </h3></div></div></div><a class="indexterm" name="id2548443"></a><a name="GETQUOTACOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The <code class="literal">get quota command</code> should only be used 2131 2159 whenever there is no operating system API available from the OS that 2132 2160 samba can use.</p><p>This option is only available you have compiled Samba with the … … 2136 2164 queries the quota information for the specified 2137 2165 user/group for the partition that 2138 the specified directory is on.</p><p>Such a script should take 3 arguments:</p><div class="itemizedlist"><ul type="disc"><li><p>directory</p></li><li><p>type of query</p></li><li><p>uid of user or gid of group</p></li></ul></div><p>The type of query can be one of :</p><div class="itemizedlist"><ul type="disc"><li><p>1 - user quotas</p></li><li><p>2 - user default quotas (uid = -1)</p></li><li><p>3 - group quotas</p></li><li><p>4 - group default quotas (gid = -1)</p></li></ul></div><p>This script should print one line as output with spaces between the arguments. The arguments are:2139 </p><div class="itemizedlist"><ul type="disc"><li><p>Arg 1 - quota flags (0 = no quotas, 1 = quotas enabled, 2 = quotas enabled and enforced)</p></li><li><p>Arg 2 - number of currently used blocks</p></li><li><p>Arg 3 - the softlimit number of blocks</p></li><li><p>Arg 4 - the hardlimit number of blocks</p></li><li><p>Arg 5 - currently used number of inodes</p></li><li><p>Arg 6 - the softlimit number of inodes</p></li><li><p>Arg 7 - the hardlimit number of inodes</p></li><li><p>Arg 8(optional) - the number of bytes in a block(default is 1024)</p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>get quota command</code></em> = <code class="literal"></code>2166 the specified directory is on.</p><p>Such a script should take 3 arguments:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>directory</p></li><li class="listitem"><p>type of query</p></li><li class="listitem"><p>uid of user or gid of group</p></li></ul></div><p>The type of query can be one of :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>1 - user quotas</p></li><li class="listitem"><p>2 - user default quotas (uid = -1)</p></li><li class="listitem"><p>3 - group quotas</p></li><li class="listitem"><p>4 - group default quotas (gid = -1)</p></li></ul></div><p>This script should print one line as output with spaces between the arguments. The arguments are: 2167 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>Arg 1 - quota flags (0 = no quotas, 1 = quotas enabled, 2 = quotas enabled and enforced)</p></li><li class="listitem"><p>Arg 2 - number of currently used blocks</p></li><li class="listitem"><p>Arg 3 - the softlimit number of blocks</p></li><li class="listitem"><p>Arg 4 - the hardlimit number of blocks</p></li><li class="listitem"><p>Arg 5 - currently used number of inodes</p></li><li class="listitem"><p>Arg 6 - the softlimit number of inodes</p></li><li class="listitem"><p>Arg 7 - the hardlimit number of inodes</p></li><li class="listitem"><p>Arg 8(optional) - the number of bytes in a block(default is 1024)</p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>get quota command</code></em> = <code class="literal"></code> 2140 2168 </em></span> 2141 2169 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>get quota command</code></em> = <code class="literal">/usr/local/sbin/query_quota</code> 2142 2170 </em></span> 2143 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542489"></a>2171 </p></dd></dl></div></div><div class="section" title="getwd cache (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548628"></a> 2144 2172 2145 2173 getwd cache (G) 2146 </h3></div></div></div><a class="indexterm" name="id254 2490"></a><a name="GETWDCACHE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a tuning option. When this is enabled a2174 </h3></div></div></div><a class="indexterm" name="id2548630"></a><a name="GETWDCACHE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a tuning option. When this is enabled a 2147 2175 caching algorithm will be used to reduce the time taken for getwd() 2148 2176 calls. This can have a significant impact on performance, especially 2149 2177 when the <a class="link" href="smb.conf.5.html#WIDESMBCONFOPTIONS" target="_top">wide smbconfoptions</a> parameter is set to <code class="constant">no</code>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>getwd cache</code></em> = <code class="literal">yes</code> 2150 2178 </em></span> 2151 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542549"></a>2179 </p></dd></dl></div></div><div class="section" title="guest account (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548689"></a> 2152 2180 2153 2181 guest account (G) 2154 </h3></div></div></div><a class="indexterm" name="id254 2550"></a><a name="GUESTACCOUNT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a username which will be used for access2182 </h3></div></div></div><a class="indexterm" name="id2548690"></a><a name="GUESTACCOUNT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a username which will be used for access 2155 2183 to services which are specified as <a class="link" href="smb.conf.5.html#GUESTOK" target="_top">guest ok</a> (see below). Whatever privileges this 2156 2184 user has will be available to any client connecting to the guest service. … … 2170 2198 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>guest account</code></em> = <code class="literal">ftp</code> 2171 2199 </em></span> 2172 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542657"></a>2200 </p></dd></dl></div></div><div class="section" title="public"><div class="titlepage"><div><div><h3 class="title"><a name="id2548797"></a> 2173 2201 2174 2202 <a name="PUBLIC"></a>public 2175 </h3></div></div></div><a class="indexterm" name="id254 2658"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#GUESTOK">guest ok</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542688"></a>2203 </h3></div></div></div><a class="indexterm" name="id2548798"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#GUESTOK">guest ok</a>.</p></dd></dl></div></div><div class="section" title="guest ok (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548828"></a> 2176 2204 2177 2205 guest ok (S) 2178 </h3></div></div></div><a class="indexterm" name="id254 2689"></a><a name="GUESTOK"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code> for2206 </h3></div></div></div><a class="indexterm" name="id2548829"></a><a name="GUESTOK"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code> for 2179 2207 a service, then no password is required to connect to the service. 2180 2208 Privileges will be those of the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a>.</p><p>This paramater nullifies the benifits of setting … … 2183 2211 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>guest ok</code></em> = <code class="literal">no</code> 2184 2212 </em></span> 2185 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542776"></a>2213 </p></dd></dl></div></div><div class="section" title="only guest"><div class="titlepage"><div><div><h3 class="title"><a name="id2548916"></a> 2186 2214 2187 2215 <a name="ONLYGUEST"></a>only guest 2188 </h3></div></div></div><a class="indexterm" name="id254 2778"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#GUESTONLY">guest only</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542809"></a>2216 </h3></div></div></div><a class="indexterm" name="id2548917"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#GUESTONLY">guest only</a>.</p></dd></dl></div></div><div class="section" title="guest only (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2548949"></a> 2189 2217 2190 2218 guest only (S) 2191 </h3></div></div></div><a class="indexterm" name="id254 2810"></a><a name="GUESTONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code> for2219 </h3></div></div></div><a class="indexterm" name="id2548950"></a><a name="GUESTONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code> for 2192 2220 a service, then only guest connections to the service are permitted. 2193 2221 This parameter will have no effect if <a class="link" href="smb.conf.5.html#GUESTOK" target="_top">guest ok</a> is not set for the service.</p><p>See the section below on <a class="link" href="smb.conf.5.html#SECURITY" target="_top">security</a> for more information about this option. 2194 2222 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>guest only</code></em> = <code class="literal">no</code> 2195 2223 </em></span> 2196 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542882"></a>2224 </p></dd></dl></div></div><div class="section" title="hide dot files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549021"></a> 2197 2225 2198 2226 hide dot files (S) 2199 </h3></div></div></div><a class="indexterm" name="id254 2883"></a><a name="HIDEDOTFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean parameter that controls whether2227 </h3></div></div></div><a class="indexterm" name="id2549022"></a><a name="HIDEDOTFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean parameter that controls whether 2200 2228 files starting with a dot appear as hidden files.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hide dot files</code></em> = <code class="literal">yes</code> 2201 2229 </em></span> 2202 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2542924"></a>2230 </p></dd></dl></div></div><div class="section" title="hide files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549064"></a> 2203 2231 2204 2232 hide files (S) 2205 </h3></div></div></div><a class="indexterm" name="id254 2926"></a><a name="HIDEFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of files or directories that are not2233 </h3></div></div></div><a class="indexterm" name="id2549065"></a><a name="HIDEFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of files or directories that are not 2206 2234 visible but are accessible. The DOS 'hidden' attribute is applied 2207 2235 to any files or directories that match.</p><p>Each entry in the list must be separated by a '/', … … 2225 2253 # no file are hidden</code> 2226 2254 </em></span> 2227 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543013"></a>2255 </p></dd></dl></div></div><div class="section" title="hide special files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549152"></a> 2228 2256 2229 2257 hide special files (S) 2230 </h3></div></div></div><a class="indexterm" name="id254 3014"></a><a name="HIDESPECIALFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>2258 </h3></div></div></div><a class="indexterm" name="id2549153"></a><a name="HIDESPECIALFILES"></a><div class="variablelist"><dl><dt></dt><dd><p> 2231 2259 This parameter prevents clients from seeing special files such as sockets, devices and 2232 2260 fifo's in directory listings. 2233 2261 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hide special files</code></em> = <code class="literal">no</code> 2234 2262 </em></span> 2235 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543056"></a>2263 </p></dd></dl></div></div><div class="section" title="hide unreadable (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549195"></a> 2236 2264 2237 2265 hide unreadable (S) 2238 </h3></div></div></div><a class="indexterm" name="id254 3057"></a><a name="HIDEUNREADABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter prevents clients from seeing the2266 </h3></div></div></div><a class="indexterm" name="id2549196"></a><a name="HIDEUNREADABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter prevents clients from seeing the 2239 2267 existance of files that cannot be read. Defaults to off.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hide unreadable</code></em> = <code class="literal">no</code> 2240 2268 </em></span> 2241 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543098"></a>2269 </p></dd></dl></div></div><div class="section" title="hide unwriteable files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549238"></a> 2242 2270 2243 2271 hide unwriteable files (S) 2244 </h3></div></div></div><a class="indexterm" name="id254 3099"></a><a name="HIDEUNWRITEABLEFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>2272 </h3></div></div></div><a class="indexterm" name="id2549239"></a><a name="HIDEUNWRITEABLEFILES"></a><div class="variablelist"><dl><dt></dt><dd><p> 2245 2273 This parameter prevents clients from seeing the existance of files that cannot be written to. 2246 2274 Defaults to off. Note that unwriteable directories are shown as usual. 2247 2275 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hide unwriteable files</code></em> = <code class="literal">no</code> 2248 2276 </em></span> 2249 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543143"></a>2277 </p></dd></dl></div></div><div class="section" title="homedir map (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549282"></a> 2250 2278 2251 2279 homedir map (G) 2252 </h3></div></div></div><a class="indexterm" name="id254 3144"></a><a name="HOMEDIRMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>2280 </h3></div></div></div><a class="indexterm" name="id2549284"></a><a name="HOMEDIRMAP"></a><div class="variablelist"><dl><dt></dt><dd><p> 2253 2281 If <a class="link" href="smb.conf.5.html#NISHOMEDIR" target="_top">nis homedir</a> is <code class="constant">yes</code>, and <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> is also acting as a Win95/98 <em class="parameter"><code>logon server</code></em> 2254 2282 then this parameter specifies the NIS (or YP) map from which the server for the user's home directory should be extracted. … … 2259 2287 and the program will extract the servername from before the first ':'. There should probably be a better parsing system 2260 2288 that copes with different map formats and also Amd (another automounter) maps. 2261 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>2289 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 2262 2290 A working NIS client is required on the system for this option to work. 2263 2291 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>homedir map</code></em> = <code class="literal"></code> … … 2265 2293 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>homedir map</code></em> = <code class="literal">amd.homedir</code> 2266 2294 </em></span> 2267 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543256"></a>2295 </p></dd></dl></div></div><div class="section" title="host msdfs (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549395"></a> 2268 2296 2269 2297 host msdfs (G) 2270 </h3></div></div></div><a class="indexterm" name="id254 3257"></a><a name="HOSTMSDFS"></a><div class="variablelist"><dl><dt></dt><dd><p>2298 </h3></div></div></div><a class="indexterm" name="id2549396"></a><a name="HOSTMSDFS"></a><div class="variablelist"><dl><dt></dt><dd><p> 2271 2299 If set to <code class="constant">yes</code>, Samba will act as a Dfs server, and allow Dfs-aware clients to browse 2272 2300 Dfs trees hosted on the server. … … 2276 2304 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>host msdfs</code></em> = <code class="literal">yes</code> 2277 2305 </em></span> 2278 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543320"></a>2306 </p></dd></dl></div></div><div class="section" title="hostname lookups (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549459"></a> 2279 2307 2280 2308 hostname lookups (G) 2281 </h3></div></div></div><a class="indexterm" name="id254 3321"></a><a name="HOSTNAMELOOKUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies whether samba should use (expensive)2309 </h3></div></div></div><a class="indexterm" name="id2549460"></a><a name="HOSTNAMELOOKUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies whether samba should use (expensive) 2282 2310 hostname lookups or use the ip addresses instead. An example place 2283 2311 where hostname lookups are currently used is when checking … … 2287 2315 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>hostname lookups</code></em> = <code class="literal">yes</code> 2288 2316 </em></span> 2289 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543393"></a>2317 </p></dd></dl></div></div><div class="section" title="allow hosts"><div class="titlepage"><div><div><h3 class="title"><a name="id2549533"></a> 2290 2318 2291 2319 <a name="ALLOWHOSTS"></a>allow hosts 2292 </h3></div></div></div><a class="indexterm" name="id254 3394"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#HOSTSALLOW">hosts allow</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543426"></a>2320 </h3></div></div></div><a class="indexterm" name="id2549534"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#HOSTSALLOW">hosts allow</a>.</p></dd></dl></div></div><div class="section" title="hosts allow (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549565"></a> 2293 2321 2294 2322 hosts allow (S) 2295 </h3></div></div></div><a class="indexterm" name="id254 3427"></a><a name="HOSTSALLOW"></a><div class="variablelist"><dl><dt></dt><dd><p>A synonym for this parameter is <a class="link" href="smb.conf.5.html#ALLOWHOSTS" target="_top">allow hosts</a>.</p><p>This parameter is a comma, space, or tab delimited2323 </h3></div></div></div><a class="indexterm" name="id2549566"></a><a name="HOSTSALLOW"></a><div class="variablelist"><dl><dt></dt><dd><p>A synonym for this parameter is <a class="link" href="smb.conf.5.html#ALLOWHOSTS" target="_top">allow hosts</a>.</p><p>This parameter is a comma, space, or tab delimited 2296 2324 set of hosts which are permitted to access a service.</p><p>If specified in the [global] section then it will 2297 2325 apply to all services, regardless of whether the individual … … 2307 2335 <span class="emphasis"><em>EXCEPT</em></span> keyword can also be used to limit a 2308 2336 wildcard list. The following examples may provide some help:</p><p>Example 1: allow all IPs in 150.203.*.*; except one</p><p><code class="literal">hosts allow = 150.203. EXCEPT 150.203.6.66</code></p><p>Example 2: allow hosts that match the given network/netmask</p><p><code class="literal">hosts allow = 150.203.15.0/255.255.255.0</code></p><p>Example 3: allow a couple of hosts</p><p><code class="literal">hosts allow = lapland, arvidsjaur</code></p><p>Example 4: allow only hosts in NIS netgroup "foonet", but 2309 deny access from one particular host</p><p><code class="literal">hosts allow = @foonet</code></p><p><code class="literal">hosts deny = pirate</code></p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Note that access still requires suitable user-level passwords.</p></div><p>See <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a> for a way of testing your host access2337 deny access from one particular host</p><p><code class="literal">hosts allow = @foonet</code></p><p><code class="literal">hosts deny = pirate</code></p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Note that access still requires suitable user-level passwords.</p></div><p>See <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a> for a way of testing your host access 2310 2338 to see if it does what you expect.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hosts allow</code></em> = <code class="literal"> 2311 2339 # none (i.e., all hosts permitted access)</code> … … 2313 2341 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>hosts allow</code></em> = <code class="literal">150.203.5. myhost.mynet.edu.au</code> 2314 2342 </em></span> 2315 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543628"></a>2343 </p></dd></dl></div></div><div class="section" title="deny hosts"><div class="titlepage"><div><div><h3 class="title"><a name="id2549767"></a> 2316 2344 2317 2345 <a name="DENYHOSTS"></a>deny hosts 2318 </h3></div></div></div><a class="indexterm" name="id254 3629"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#HOSTSDENY">hosts deny</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543659"></a>2346 </h3></div></div></div><a class="indexterm" name="id2549768"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#HOSTSDENY">hosts deny</a>.</p></dd></dl></div></div><div class="section" title="hosts deny (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549799"></a> 2319 2347 2320 2348 hosts deny (S) 2321 </h3></div></div></div><a class="indexterm" name="id254 3660"></a><a name="HOSTSDENY"></a><div class="variablelist"><dl><dt></dt><dd><p>The opposite of <em class="parameter"><code>hosts allow</code></em>2349 </h3></div></div></div><a class="indexterm" name="id2549800"></a><a name="HOSTSDENY"></a><div class="variablelist"><dl><dt></dt><dd><p>The opposite of <em class="parameter"><code>hosts allow</code></em> 2322 2350 - hosts listed here are <span class="emphasis"><em>NOT</em></span> permitted access to 2323 2351 services unless the specific services have their own lists to override … … 2333 2361 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>hosts deny</code></em> = <code class="literal">150.203.4. badhost.mynet.edu.au</code> 2334 2362 </em></span> 2335 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543761"></a>2363 </p></dd></dl></div></div><div class="section" title="idmap alloc backend (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2549901"></a> 2336 2364 2337 2365 idmap alloc backend (G) 2338 </h3></div></div></div><a class="indexterm" name="id254 3762"></a><a name="IDMAPALLOCBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p>2366 </h3></div></div></div><a class="indexterm" name="id2549902"></a><a name="IDMAPALLOCBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p> 2339 2367 The idmap alloc backend provides a plugin interface for Winbind to use 2340 2368 when allocating Unix uids/gids for Windows SIDs. This option refers … … 2353 2381 </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>idmap alloc backend</code></em> = <code class="literal">tdb</code> 2354 2382 </em></span> 2355 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543867"></a>2383 </p></dd></dl></div></div><div class="section" title="idmap alloc config (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550006"></a> 2356 2384 2357 2385 idmap alloc config (G) 2358 </h3></div></div></div><a class="indexterm" name="id25 43868"></a><a name="IDMAPALLOCCONFIG"></a><div class="variablelist"><dl><dt></dt><dd><p>2386 </h3></div></div></div><a class="indexterm" name="id2550007"></a><a name="IDMAPALLOCCONFIG"></a><div class="variablelist"><dl><dt></dt><dd><p> 2359 2387 The idmap alloc config prefix provides a means of managing settings 2360 2388 for the backend defined by the <a class="link" href="smb.conf.5.html#IDMAPALLOCBACKEND" target="_top">idmap alloc backend</a> 2361 2389 parameter. Refer to the man page for each idmap plugin regarding 2362 2390 specific configuration details. 2363 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2543911"></a>2391 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="idmap backend (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550051"></a> 2364 2392 2365 2393 idmap backend (G) 2366 </h3></div></div></div><a class="indexterm" name="id25 43912"></a><a name="IDMAPBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p>2394 </h3></div></div></div><a class="indexterm" name="id2550052"></a><a name="IDMAPBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p> 2367 2395 The idmap backend provides a plugin interface for Winbind to use 2368 2396 varying backends to store SID/uid/gid mapping tables. … … 2385 2413 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>idmap backend</code></em> = <code class="literal">tdb</code> 2386 2414 </em></span> 2387 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544083"></a>2415 </p></dd></dl></div></div><div class="section" title="idmap cache time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550222"></a> 2388 2416 2389 2417 idmap cache time (G) 2390 </h3></div></div></div><a class="indexterm" name="id25 44084"></a><a name="IDMAPCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of seconds that Winbind's2418 </h3></div></div></div><a class="indexterm" name="id2550224"></a><a name="IDMAPCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of seconds that Winbind's 2391 2419 idmap interface will cache positive SID/uid/gid query results. 2392 2420 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>idmap cache time</code></em> = <code class="literal">604800 (one week)</code> 2393 2421 </em></span> 2394 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544127"></a>2422 </p></dd></dl></div></div><div class="section" title="idmap config (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550266"></a> 2395 2423 2396 2424 idmap config (G) 2397 </h3></div></div></div><a class="indexterm" name="id25 44128"></a><a name="IDMAPCONFIG"></a><div class="variablelist"><dl><dt></dt><dd><p>2425 </h3></div></div></div><a class="indexterm" name="id2550267"></a><a name="IDMAPCONFIG"></a><div class="variablelist"><dl><dt></dt><dd><p> 2398 2426 The idmap config prefix provides a means of managing each trusted 2399 2427 domain separately. The idmap config prefix should be followed by the … … 2427 2455 idmap config CORP : backend = ad 2428 2456 idmap config CORP : range = 1000-999999 2429 </pre><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544260"></a>2457 </pre><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="winbind gid"><div class="titlepage"><div><div><h3 class="title"><a name="id2550400"></a> 2430 2458 2431 2459 <a name="WINBINDGID"></a>winbind gid 2432 </h3></div></div></div><a class="indexterm" name="id25 44261"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#IDMAPGID">idmap gid</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544292"></a>2460 </h3></div></div></div><a class="indexterm" name="id2550401"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#IDMAPGID">idmap gid</a>.</p></dd></dl></div></div><div class="section" title="idmap gid (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550431"></a> 2433 2461 2434 2462 idmap gid (G) 2435 </h3></div></div></div><a class="indexterm" name="id25 44293"></a><a name="IDMAPGID"></a><div class="variablelist"><dl><dt></dt><dd><p>The idmap gid parameter specifies the range of group ids2463 </h3></div></div></div><a class="indexterm" name="id2550432"></a><a name="IDMAPGID"></a><div class="variablelist"><dl><dt></dt><dd><p>The idmap gid parameter specifies the range of group ids 2436 2464 that are allocated for the purpose of mapping UNX groups to NT group 2437 2465 SIDs. This range of group ids should have no … … 2443 2471 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>idmap gid</code></em> = <code class="literal">10000-20000</code> 2444 2472 </em></span> 2445 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544378"></a>2473 </p></dd></dl></div></div><div class="section" title="idmap negative cache time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550518"></a> 2446 2474 2447 2475 idmap negative cache time (G) 2448 </h3></div></div></div><a class="indexterm" name="id25 44379"></a><a name="IDMAPNEGATIVECACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of seconds that Winbind's2476 </h3></div></div></div><a class="indexterm" name="id2550519"></a><a name="IDMAPNEGATIVECACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of seconds that Winbind's 2449 2477 idmap interface will cache negative SID/uid/gid query results. 2450 2478 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>idmap negative cache time</code></em> = <code class="literal">120</code> 2451 2479 </em></span> 2452 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544422"></a>2480 </p></dd></dl></div></div><div class="section" title="winbind uid"><div class="titlepage"><div><div><h3 class="title"><a name="id2550562"></a> 2453 2481 2454 2482 <a name="WINBINDUID"></a>winbind uid 2455 </h3></div></div></div><a class="indexterm" name="id25 44423"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#IDMAPUID">idmap uid</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544453"></a>2483 </h3></div></div></div><a class="indexterm" name="id2550563"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#IDMAPUID">idmap uid</a>.</p></dd></dl></div></div><div class="section" title="idmap uid (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550593"></a> 2456 2484 2457 2485 idmap uid (G) 2458 </h3></div></div></div><a class="indexterm" name="id25 44454"></a><a name="IDMAPUID"></a><div class="variablelist"><dl><dt></dt><dd><p>2486 </h3></div></div></div><a class="indexterm" name="id2550594"></a><a name="IDMAPUID"></a><div class="variablelist"><dl><dt></dt><dd><p> 2459 2487 The idmap uid parameter specifies the range of user ids that are 2460 2488 allocated for use in mapping UNIX users to NT user SIDs. This … … 2466 2494 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>idmap uid</code></em> = <code class="literal">10000-20000</code> 2467 2495 </em></span> 2468 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544539"></a>2496 </p></dd></dl></div></div><div class="section" title="include (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550679"></a> 2469 2497 2470 2498 include (G) 2471 </h3></div></div></div><a class="indexterm" name="id25 44540"></a><a name="INCLUDE"></a><div class="variablelist"><dl><dt></dt><dd><p>2499 </h3></div></div></div><a class="indexterm" name="id2550680"></a><a name="INCLUDE"></a><div class="variablelist"><dl><dt></dt><dd><p> 2472 2500 This allows you to include one config file inside another. The file is included literally, as though typed 2473 2501 in place. … … 2487 2515 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>include</code></em> = <code class="literal">/usr/local/samba/lib/admin_smb.conf</code> 2488 2516 </em></span> 2489 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544640"></a>2517 </p></dd></dl></div></div><div class="section" title="inherit acls (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550780"></a> 2490 2518 2491 2519 inherit acls (S) 2492 </h3></div></div></div><a class="indexterm" name="id25 44641"></a><a name="INHERITACLS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter can be used to ensure that if default acls2520 </h3></div></div></div><a class="indexterm" name="id2550781"></a><a name="INHERITACLS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter can be used to ensure that if default acls 2493 2521 exist on parent directories, they are always honored when creating a 2494 2522 new file or subdirectory in these parent directories. The default … … 2498 2526 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>inherit acls</code></em> = <code class="literal">no</code> 2499 2527 </em></span> 2500 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544687"></a>2528 </p></dd></dl></div></div><div class="section" title="inherit owner (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550827"></a> 2501 2529 2502 2530 inherit owner (S) 2503 </h3></div></div></div><a class="indexterm" name="id25 44688"></a><a name="INHERITOWNER"></a><div class="variablelist"><dl><dt></dt><dd><p>The ownership of new files and directories2531 </h3></div></div></div><a class="indexterm" name="id2550828"></a><a name="INHERITOWNER"></a><div class="variablelist"><dl><dt></dt><dd><p>The ownership of new files and directories 2504 2532 is normally governed by effective uid of the connected user. 2505 2533 This option allows the Samba administrator to specify that … … 2510 2538 roaming profile directory are actually owner by the user.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>inherit owner</code></em> = <code class="literal">no</code> 2511 2539 </em></span> 2512 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544740"></a>2540 </p></dd></dl></div></div><div class="section" title="inherit permissions (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2550880"></a> 2513 2541 2514 2542 inherit permissions (S) 2515 </h3></div></div></div><a class="indexterm" name="id25 44742"></a><a name="INHERITPERMISSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>2543 </h3></div></div></div><a class="indexterm" name="id2550881"></a><a name="INHERITPERMISSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p> 2516 2544 The permissions on new files and directories are normally governed by <a class="link" href="smb.conf.5.html#CREATEMASK" target="_top">create mask</a>, 2517 2545 <a class="link" href="smb.conf.5.html#DIRECTORYMASK" target="_top">directory mask</a>, <a class="link" href="smb.conf.5.html#FORCECREATEMODE" target="_top">force create mode</a> and <a class="link" href="smb.conf.5.html#FORCEDIRECTORYMODE" target="_top">force directory mode</a> but the boolean inherit permissions parameter overrides this. … … 2525 2553 share to be used flexibly by each user.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>inherit permissions</code></em> = <code class="literal">no</code> 2526 2554 </em></span> 2527 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544890"></a>2555 </p></dd></dl></div></div><div class="section" title="init logon delayed hosts (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551029"></a> 2528 2556 2529 2557 init logon delayed hosts (G) 2530 </h3></div></div></div><a class="indexterm" name="id25 44891"></a><a name="INITLOGONDELAYEDHOSTS"></a><div class="variablelist"><dl><dt></dt><dd><p>2558 </h3></div></div></div><a class="indexterm" name="id2551030"></a><a name="INITLOGONDELAYEDHOSTS"></a><div class="variablelist"><dl><dt></dt><dd><p> 2531 2559 This parameter takes a list of host names, addresses or networks for 2532 2560 which the initial samlogon reply should be delayed (so other DCs get … … 2539 2567 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>init logon delayed hosts</code></em> = <code class="literal">150.203.5. myhost.mynet.de</code> 2540 2568 </em></span> 2541 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2544967"></a>2569 </p></dd></dl></div></div><div class="section" title="init logon delay (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551107"></a> 2542 2570 2543 2571 init logon delay (G) 2544 </h3></div></div></div><a class="indexterm" name="id25 44968"></a><a name="INITLOGONDELAY"></a><div class="variablelist"><dl><dt></dt><dd><p>2572 </h3></div></div></div><a class="indexterm" name="id2551108"></a><a name="INITLOGONDELAY"></a><div class="variablelist"><dl><dt></dt><dd><p> 2545 2573 This parameter specifies a delay in milliseconds for the hosts configured 2546 2574 for delayed initial samlogon with … … 2548 2576 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>init logon delay</code></em> = <code class="literal">100</code> 2549 2577 </em></span> 2550 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545022"></a>2578 </p></dd></dl></div></div><div class="section" title="interfaces (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551162"></a> 2551 2579 2552 2580 interfaces (G) 2553 </h3></div></div></div><a class="indexterm" name="id25 45023"></a><a name="INTERFACES"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to override the default2581 </h3></div></div></div><a class="indexterm" name="id2551163"></a><a name="INTERFACES"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to override the default 2554 2582 network interfaces list that Samba will use for browsing, name 2555 2583 registration and other NetBIOS over TCP/IP (NBT) traffic. By default Samba will query 2556 2584 the kernel for the list of all active interfaces and use any 2557 2585 interfaces except 127.0.0.1 that are broadcast capable.</p><p>The option takes a list of interface strings. Each string 2558 can be in any of the following forms:</p><div class="itemizedlist"><ul type="disc"><li><p>a network interface name (such as eth0).2586 can be in any of the following forms:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>a network interface name (such as eth0). 2559 2587 This may include shell-like wildcards so eth* will match 2560 any interface starting with the substring "eth"</p></li><li ><p>an IP address. In this case the netmask is2588 any interface starting with the substring "eth"</p></li><li class="listitem"><p>an IP address. In this case the netmask is 2561 2589 determined from the list of interfaces obtained from the 2562 kernel</p></li><li ><p>an IP/mask pair. </p></li><li><p>a broadcast/mask pair.</p></li></ul></div><p>The "mask" parameters can either be a bit length (such2590 kernel</p></li><li class="listitem"><p>an IP/mask pair. </p></li><li class="listitem"><p>a broadcast/mask pair.</p></li></ul></div><p>The "mask" parameters can either be a bit length (such 2563 2591 as 24 for a C class network) or a full netmask in dotted 2564 2592 decimal form.</p><p>The "IP" parameters above can either be a full dotted … … 2575 2603 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>interfaces</code></em> = <code class="literal">eth0 192.168.2.10/24 192.168.3.10/255.255.255.0</code> 2576 2604 </em></span> 2577 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545139"></a>2605 </p></dd></dl></div></div><div class="section" title="invalid users (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551279"></a> 2578 2606 2579 2607 invalid users (S) 2580 </h3></div></div></div><a class="indexterm" name="id25 45140"></a><a name="INVALIDUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of users that should not be allowed2608 </h3></div></div></div><a class="indexterm" name="id2551280"></a><a name="INVALIDUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of users that should not be allowed 2581 2609 to login to this service. This is really a <span class="emphasis"><em>paranoid</em></span> 2582 2610 check to absolutely ensure an improper setting does not breach … … 2598 2626 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>invalid users</code></em> = <code class="literal">root fred admin @wheel</code> 2599 2627 </em></span> 2600 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545254"></a>2628 </p></dd></dl></div></div><div class="section" title="iprint server (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551393"></a> 2601 2629 2602 2630 iprint server (G) 2603 </h3></div></div></div><a class="indexterm" name="id25 45255"></a><a name="IPRINTSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>2631 </h3></div></div></div><a class="indexterm" name="id2551394"></a><a name="IPRINTSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p> 2604 2632 This parameter is only applicable if <a class="link" href="smb.conf.5.html#PRINTING" target="_top">printing</a> is set to <code class="constant">iprint</code>. 2605 2633 </p><p> … … 2610 2638 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>iprint server</code></em> = <code class="literal">MYCUPSSERVER</code> 2611 2639 </em></span> 2612 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545340"></a>2640 </p></dd></dl></div></div><div class="section" title="keepalive (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551480"></a> 2613 2641 2614 2642 keepalive (G) 2615 </h3></div></div></div><a class="indexterm" name="id25 45341"></a><a name="KEEPALIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (an integer) represents2643 </h3></div></div></div><a class="indexterm" name="id2551481"></a><a name="KEEPALIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (an integer) represents 2616 2644 the number of seconds between <em class="parameter"><code>keepalive</code></em> 2617 2645 packets. If this parameter is zero, no keepalive packets will be … … 2623 2651 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>keepalive</code></em> = <code class="literal">600</code> 2624 2652 </em></span> 2625 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545427"></a>2653 </p></dd></dl></div></div><div class="section" title="kernel change notify (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551567"></a> 2626 2654 2627 2655 kernel change notify (S) 2628 </h3></div></div></div><a class="indexterm" name="id25 45428"></a><a name="KERNELCHANGENOTIFY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should ask the2656 </h3></div></div></div><a class="indexterm" name="id2551568"></a><a name="KERNELCHANGENOTIFY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether Samba should ask the 2629 2657 kernel for change notifications in directories so that 2630 2658 SMB clients can refresh whenever the data on the server changes. … … 2633 2661 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>kernel change notify</code></em> = <code class="literal">yes</code> 2634 2662 </em></span> 2635 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545477"></a>2663 </p></dd></dl></div></div><div class="section" title="kernel oplocks (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551617"></a> 2636 2664 2637 2665 kernel oplocks (G) 2638 </h3></div></div></div><a class="indexterm" name="id25 45478"></a><a name="KERNELOPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>For UNIXes that support kernel based <a class="link" href="smb.conf.5.html#OPLOCKS" target="_top">oplocks</a>2666 </h3></div></div></div><a class="indexterm" name="id2551618"></a><a name="KERNELOPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>For UNIXes that support kernel based <a class="link" href="smb.conf.5.html#OPLOCKS" target="_top">oplocks</a> 2639 2667 (currently only IRIX and the Linux 2.4 kernel), this parameter 2640 2668 allows the use of them to be turned on or off.</p><p>Kernel oplocks support allows Samba <em class="parameter"><code>oplocks … … 2646 2674 You should never need to touch this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>kernel oplocks</code></em> = <code class="literal">yes</code> 2647 2675 </em></span> 2648 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545566"></a>2676 </p></dd></dl></div></div><div class="section" title="lanman auth (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551706"></a> 2649 2677 2650 2678 lanman auth (G) 2651 </h3></div></div></div><a class="indexterm" name="id25 45567"></a><a name="LANMANAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to2679 </h3></div></div></div><a class="indexterm" name="id2551707"></a><a name="LANMANAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to 2652 2680 authenticate users or permit password changes 2653 2681 using the LANMAN password hash. If disabled, only clients which support NT … … 2666 2694 special configuration to use it.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lanman auth</code></em> = <code class="literal">no</code> 2667 2695 </em></span> 2668 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545658"></a>2696 </p></dd></dl></div></div><div class="section" title="large readwrite (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551798"></a> 2669 2697 2670 2698 large readwrite (G) 2671 </h3></div></div></div><a class="indexterm" name="id25 45659"></a><a name="LARGEREADWRITE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not2699 </h3></div></div></div><a class="indexterm" name="id2551799"></a><a name="LARGEREADWRITE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not 2672 2700 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> supports the new 64k 2673 2701 streaming read and write varient SMB requests introduced with … … 2678 2706 tested as some other Samba code paths.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>large readwrite</code></em> = <code class="literal">yes</code> 2679 2707 </em></span> 2680 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545715"></a>2708 </p></dd></dl></div></div><div class="section" title="ldap admin dn (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551855"></a> 2681 2709 2682 2710 ldap admin dn (G) 2683 </h3></div></div></div><a class="indexterm" name="id25 45716"></a><a name="LDAPADMINDN"></a><div class="variablelist"><dl><dt></dt><dd><p>2711 </h3></div></div></div><a class="indexterm" name="id2551856"></a><a name="LDAPADMINDN"></a><div class="variablelist"><dl><dt></dt><dd><p> 2684 2712 The <a class="link" href="smb.conf.5.html#LDAPADMINDN" target="_top">ldap admin dn</a> defines the Distinguished Name (DN) name used by Samba to contact 2685 2713 the ldap server when retreiving user account information. The <a class="link" href="smb.conf.5.html#LDAPADMINDN" target="_top">ldap admin dn</a> is used … … 2689 2717 </p><p> 2690 2718 The <a class="link" href="smb.conf.5.html#LDAPADMINDN" target="_top">ldap admin dn</a> requires a fully specified DN. The <a class="link" href="smb.conf.5.html#LDAPSUFFIX" target="_top">ldap suffix</a> is not appended to the <a class="link" href="smb.conf.5.html#LDAPADMINDN" target="_top">ldap admin dn</a>. 2691 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545824"></a>2719 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="ldap connection timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2551964"></a> 2692 2720 2693 2721 ldap connection timeout (G) 2694 </h3></div></div></div><a class="indexterm" name="id25 45825"></a><a name="LDAPCONNECTIONTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>2722 </h3></div></div></div><a class="indexterm" name="id2551965"></a><a name="LDAPCONNECTIONTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p> 2695 2723 This parameter tells the LDAP library calls which timeout in seconds 2696 2724 they should honor during initial connection establishments to LDAP servers. … … 2704 2732 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap connection timeout</code></em> = <code class="literal">2</code> 2705 2733 </em></span> 2706 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545889"></a>2734 </p></dd></dl></div></div><div class="section" title="ldap debug level (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552029"></a> 2707 2735 2708 2736 ldap debug level (G) 2709 </h3></div></div></div><a class="indexterm" name="id25 45890"></a><a name="LDAPDEBUGLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>2737 </h3></div></div></div><a class="indexterm" name="id2552030"></a><a name="LDAPDEBUGLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p> 2710 2738 This parameter controls the debug level of the LDAP library 2711 2739 calls. In the case of OpenLDAP, it is the same … … 2724 2752 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap debug level</code></em> = <code class="literal">1</code> 2725 2753 </em></span> 2726 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2545977"></a>2754 </p></dd></dl></div></div><div class="section" title="ldap debug threshold (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552117"></a> 2727 2755 2728 2756 ldap debug threshold (G) 2729 </h3></div></div></div><a class="indexterm" name="id25 45978"></a><a name="LDAPDEBUGTHRESHOLD"></a><div class="variablelist"><dl><dt></dt><dd><p>2757 </h3></div></div></div><a class="indexterm" name="id2552118"></a><a name="LDAPDEBUGTHRESHOLD"></a><div class="variablelist"><dl><dt></dt><dd><p> 2730 2758 This parameter controls the Samba debug level at which 2731 2759 the ldap library debug output is … … 2736 2764 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap debug threshold</code></em> = <code class="literal">5</code> 2737 2765 </em></span> 2738 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546045"></a>2766 </p></dd></dl></div></div><div class="section" title="ldap delete dn (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552184"></a> 2739 2767 2740 2768 ldap delete dn (G) 2741 </h3></div></div></div><a class="indexterm" name="id25 46046"></a><a name="LDAPDELETEDN"></a><div class="variablelist"><dl><dt></dt><dd><p> This parameter specifies whether a delete2769 </h3></div></div></div><a class="indexterm" name="id2552186"></a><a name="LDAPDELETEDN"></a><div class="variablelist"><dl><dt></dt><dd><p> This parameter specifies whether a delete 2742 2770 operation in the ldapsam deletes the complete entry or only the attributes 2743 2771 specific to Samba. 2744 2772 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap delete dn</code></em> = <code class="literal">no</code> 2745 2773 </em></span> 2746 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546089"></a>2774 </p></dd></dl></div></div><div class="section" title="ldap group suffix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552228"></a> 2747 2775 2748 2776 ldap group suffix (G) 2749 </h3></div></div></div><a class="indexterm" name="id25 46090"></a><a name="LDAPGROUPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the suffix that is2777 </h3></div></div></div><a class="indexterm" name="id2552230"></a><a name="LDAPGROUPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the suffix that is 2750 2778 used for groups when these are added to the LDAP directory. 2751 2779 If this parameter is unset, the value of <a class="link" href="smb.conf.5.html#LDAPSUFFIX" target="_top">ldap suffix</a> will be used instead. The suffix string is pre-pended to the … … 2754 2782 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap group suffix</code></em> = <code class="literal">ou=Groups</code> 2755 2783 </em></span> 2756 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546172"></a>2784 </p></dd></dl></div></div><div class="section" title="ldap idmap suffix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552312"></a> 2757 2785 2758 2786 ldap idmap suffix (G) 2759 </h3></div></div></div><a class="indexterm" name="id25 46173"></a><a name="LDAPIDMAPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>2787 </h3></div></div></div><a class="indexterm" name="id2552313"></a><a name="LDAPIDMAPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p> 2760 2788 This parameters specifies the suffix that is used when storing idmap mappings. If this parameter 2761 2789 is unset, the value of <a class="link" href="smb.conf.5.html#LDAPSUFFIX" target="_top">ldap suffix</a> will be used instead. The suffix … … 2765 2793 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap idmap suffix</code></em> = <code class="literal">ou=Idmap</code> 2766 2794 </em></span> 2767 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546255"></a>2795 </p></dd></dl></div></div><div class="section" title="ldap machine suffix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552395"></a> 2768 2796 2769 2797 ldap machine suffix (G) 2770 </h3></div></div></div><a class="indexterm" name="id25 46256"></a><a name="LDAPMACHINESUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>2798 </h3></div></div></div><a class="indexterm" name="id2552396"></a><a name="LDAPMACHINESUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p> 2771 2799 It specifies where machines should be added to the ldap tree. If this parameter is unset, the value of 2772 2800 <a class="link" href="smb.conf.5.html#LDAPSUFFIX" target="_top">ldap suffix</a> will be used instead. The suffix string is pre-pended to the … … 2776 2804 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap machine suffix</code></em> = <code class="literal">ou=Computers</code> 2777 2805 </em></span> 2778 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546337"></a> 2806 </p></dd></dl></div></div><div class="section" title="ldap page size (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552477"></a> 2807 2808 ldap page size (G) 2809 </h3></div></div></div><a class="indexterm" name="id2552478"></a><a name="LDAPPAGESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p> 2810 This parameter specifies the number of entries per page. 2811 </p><p>If the LDAP server supports paged results, clients can 2812 request subsets of search results (pages) instead of the entire list. 2813 This parameter specifies the size of these pages. 2814 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap page size</code></em> = <code class="literal">1024</code> 2815 </em></span> 2816 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap page size</code></em> = <code class="literal">512</code> 2817 </em></span> 2818 </p></dd></dl></div></div><div class="section" title="ldap passwd sync (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552543"></a> 2779 2819 2780 2820 ldap passwd sync (G) 2781 </h3></div></div></div><a class="indexterm" name="id25 46338"></a><a name="LDAPPASSWDSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>2821 </h3></div></div></div><a class="indexterm" name="id2552544"></a><a name="LDAPPASSWDSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p> 2782 2822 This option is used to define whether or not Samba should sync the LDAP password with the NT 2783 2823 and LM hashes for normal accounts (NOT for workstation, server or domain trusts) on a password … … 2785 2825 </p><p> 2786 2826 The <a class="link" href="smb.conf.5.html#LDAPPASSWDSYNC" target="_top">ldap passwd sync</a> can be set to one of three values: 2787 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>Yes</code></em> = Try2788 to update the LDAP, NT and LM passwords and update the pwdLastSet time.</p></li><li ><p><em class="parameter"><code>No</code></em> = Update NT and2789 LM passwords and update the pwdLastSet time.</p></li><li ><p><em class="parameter"><code>Only</code></em> = Only update2827 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>Yes</code></em> = Try 2828 to update the LDAP, NT and LM passwords and update the pwdLastSet time.</p></li><li class="listitem"><p><em class="parameter"><code>No</code></em> = Update NT and 2829 LM passwords and update the pwdLastSet time.</p></li><li class="listitem"><p><em class="parameter"><code>Only</code></em> = Only update 2790 2830 the LDAP password and let the LDAP server do the rest.</p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap passwd sync</code></em> = <code class="literal">no</code> 2791 2831 </em></span> 2792 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546438"></a>2832 </p></dd></dl></div></div><div class="section" title="ldap replication sleep (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552645"></a> 2793 2833 2794 2834 ldap replication sleep (G) 2795 </h3></div></div></div><a class="indexterm" name="id25 46440"></a><a name="LDAPREPLICATIONSLEEP"></a><div class="variablelist"><dl><dt></dt><dd><p>2835 </h3></div></div></div><a class="indexterm" name="id2552646"></a><a name="LDAPREPLICATIONSLEEP"></a><div class="variablelist"><dl><dt></dt><dd><p> 2796 2836 When Samba is asked to write to a read-only LDAP replica, we are redirected to talk to the read-write master server. 2797 2837 This server then replicates our changes back to the 'local' server, however the replication might take some seconds, … … 2806 2846 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap replication sleep</code></em> = <code class="literal">1000</code> 2807 2847 </em></span> 2808 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546502"></a>2848 </p></dd></dl></div></div><div class="section" title="ldapsam:editposix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552708"></a> 2809 2849 2810 2850 ldapsam:editposix (G) 2811 </h3></div></div></div><a class="indexterm" name="id25 46503"></a><a name="LDAPSAM:EDITPOSIX"></a><div class="variablelist"><dl><dt></dt><dd><p>2851 </h3></div></div></div><a class="indexterm" name="id2552709"></a><a name="LDAPSAM:EDITPOSIX"></a><div class="variablelist"><dl><dt></dt><dd><p> 2812 2852 Editposix is an option that leverages ldapsam:trusted to make it simpler to manage a domain controller 2813 2853 eliminating the need to set up custom scripts to add and manage the posix users and groups. This option … … 2887 2927 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldapsam:editposix</code></em> = <code class="literal">no</code> 2888 2928 </em></span> 2889 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546636"></a>2929 </p></dd></dl></div></div><div class="section" title="ldapsam:trusted (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552841"></a> 2890 2930 2891 2931 ldapsam:trusted (G) 2892 </h3></div></div></div><a class="indexterm" name="id25 46637"></a><a name="LDAPSAM:TRUSTED"></a><div class="variablelist"><dl><dt></dt><dd><p>2932 </h3></div></div></div><a class="indexterm" name="id2552842"></a><a name="LDAPSAM:TRUSTED"></a><div class="variablelist"><dl><dt></dt><dd><p> 2893 2933 By default, Samba as a Domain Controller with an LDAP backend needs to use the Unix-style NSS subsystem to 2894 2934 access user and group information. Due to the way Unix stores user information in /etc/passwd and /etc/group … … 2908 2948 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldapsam:trusted</code></em> = <code class="literal">no</code> 2909 2949 </em></span> 2910 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546725"></a>2950 </p></dd></dl></div></div><div class="section" title="ldap ssl ads (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2552930"></a> 2911 2951 2912 2952 ldap ssl ads (G) 2913 </h3></div></div></div><a class="indexterm" name="id25 46726"></a><a name="LDAPSSLADS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used to define whether or not Samba should2953 </h3></div></div></div><a class="indexterm" name="id2552931"></a><a name="LDAPSSLADS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used to define whether or not Samba should 2914 2954 use SSL when connecting to the ldap server using 2915 2955 <span class="emphasis"><em>ads</em></span> methods. … … 2921 2961 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap ssl ads</code></em> = <code class="literal">no</code> 2922 2962 </em></span> 2923 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2546810"></a>2963 </p></dd></dl></div></div><div class="section" title="ldap ssl (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553016"></a> 2924 2964 2925 2965 ldap ssl (G) 2926 </h3></div></div></div><a class="indexterm" name="id25 46812"></a><a name="LDAPSSL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used to define whether or not Samba should2966 </h3></div></div></div><a class="indexterm" name="id2553017"></a><a name="LDAPSSL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used to define whether or not Samba should 2927 2967 use SSL when connecting to the ldap server 2928 2968 This is <span class="emphasis"><em>NOT</em></span> related to … … 2935 2975 <span class="emphasis"><em>or</em></span> by specifying <em class="parameter"><code>ldaps://</code></em> in 2936 2976 the URL argument of <a class="link" href="smb.conf.5.html#PASSDBBACKEND" target="_top">passdb backend</a>.</p><p>The <a class="link" href="smb.conf.5.html#LDAPSSL" target="_top">ldap ssl</a> can be set to one of 2937 two values:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>Off</code></em> = Never2938 use SSL when querying the directory.</p></li><li ><p><em class="parameter"><code>start tls</code></em> = Use2977 two values:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>Off</code></em> = Never 2978 use SSL when querying the directory.</p></li><li class="listitem"><p><em class="parameter"><code>start tls</code></em> = Use 2939 2979 the LDAPv3 StartTLS extended operation (RFC2830) for 2940 2980 communicating with the directory server.</p></li></ul></div><p> … … 2949 2989 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap ssl</code></em> = <code class="literal">start tls</code> 2950 2990 </em></span> 2951 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547004"></a>2991 </p></dd></dl></div></div><div class="section" title="ldap suffix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553209"></a> 2952 2992 2953 2993 ldap suffix (G) 2954 </h3></div></div></div><a class="indexterm" name="id25 47005"></a><a name="LDAPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the base for all ldap suffixes and for storing the sambaDomain object.</p><p>2994 </h3></div></div></div><a class="indexterm" name="id2553210"></a><a name="LDAPSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the base for all ldap suffixes and for storing the sambaDomain object.</p><p> 2955 2995 The ldap suffix will be appended to the values specified for the <a class="link" href="smb.conf.5.html#LDAPUSERSUFFIX" target="_top">ldap user suffix</a>, 2956 2996 <a class="link" href="smb.conf.5.html#LDAPGROUPSUFFIX" target="_top">ldap group suffix</a>, <a class="link" href="smb.conf.5.html#LDAPMACHINESUFFIX" target="_top">ldap machine suffix</a>, and the … … 2961 3001 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap suffix</code></em> = <code class="literal">dc=samba,dc=org</code> 2962 3002 </em></span> 2963 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547126"></a>3003 </p></dd></dl></div></div><div class="section" title="ldap timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553331"></a> 2964 3004 2965 3005 ldap timeout (G) 2966 </h3></div></div></div><a class="indexterm" name="id25 47127"></a><a name="LDAPTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>3006 </h3></div></div></div><a class="indexterm" name="id2553332"></a><a name="LDAPTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p> 2967 3007 This parameter defines the number of seconds that Samba should use as timeout for LDAP operations. 2968 3008 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap timeout</code></em> = <code class="literal">15</code> 2969 3009 </em></span> 2970 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547168"></a>3010 </p></dd></dl></div></div><div class="section" title="ldap user suffix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553374"></a> 2971 3011 2972 3012 ldap user suffix (G) 2973 </h3></div></div></div><a class="indexterm" name="id25 47170"></a><a name="LDAPUSERSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p>3013 </h3></div></div></div><a class="indexterm" name="id2553375"></a><a name="LDAPUSERSUFFIX"></a><div class="variablelist"><dl><dt></dt><dd><p> 2974 3014 This parameter specifies where users are added to the tree. If this parameter is unset, 2975 3015 the value of <a class="link" href="smb.conf.5.html#LDAPSUFFIX" target="_top">ldap suffix</a> will be used instead. The suffix … … 2979 3019 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap user suffix</code></em> = <code class="literal">ou=people</code> 2980 3020 </em></span> 2981 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547250"></a>3021 </p></dd></dl></div></div><div class="section" title="level2 oplocks (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553455"></a> 2982 3022 2983 3023 level2 oplocks (S) 2984 </h3></div></div></div><a class="indexterm" name="id25 47251"></a><a name="LEVEL2OPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether Samba supports3024 </h3></div></div></div><a class="indexterm" name="id2553456"></a><a name="LEVEL2OPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether Samba supports 2985 3025 level2 (read-only) oplocks on a share.</p><p>Level2, or read-only oplocks allow Windows NT clients 2986 3026 that have an oplock on a file to downgrade from a read-write oplock … … 3002 3042 this parameter to have any effect.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>level2 oplocks</code></em> = <code class="literal">yes</code> 3003 3043 </em></span> 3004 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547357"></a>3044 </p></dd></dl></div></div><div class="section" title="lm announce (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553562"></a> 3005 3045 3006 3046 lm announce (G) 3007 </h3></div></div></div><a class="indexterm" name="id25 47358"></a><a name="LMANNOUNCE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will produce Lanman announce3047 </h3></div></div></div><a class="indexterm" name="id2553563"></a><a name="LMANNOUNCE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will produce Lanman announce 3008 3048 broadcasts that are needed by OS/2 clients in order for them to see 3009 3049 the Samba server in their browse list. This parameter can have three … … 3021 3061 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lm announce</code></em> = <code class="literal">yes</code> 3022 3062 </em></span> 3023 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547479"></a>3063 </p></dd></dl></div></div><div class="section" title="lm interval (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553684"></a> 3024 3064 3025 3065 lm interval (G) 3026 </h3></div></div></div><a class="indexterm" name="id25 47480"></a><a name="LMINTERVAL"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba is set to produce Lanman announce3066 </h3></div></div></div><a class="indexterm" name="id2553685"></a><a name="LMINTERVAL"></a><div class="variablelist"><dl><dt></dt><dd><p>If Samba is set to produce Lanman announce 3027 3067 broadcasts needed by OS/2 clients (see the 3028 3068 <a class="link" href="smb.conf.5.html#LMANNOUNCE" target="_top">lm announce</a> parameter) then this … … 3034 3074 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lm interval</code></em> = <code class="literal">120</code> 3035 3075 </em></span> 3036 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547564"></a>3076 </p></dd></dl></div></div><div class="section" title="load printers (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553769"></a> 3037 3077 3038 3078 load printers (G) 3039 </h3></div></div></div><a class="indexterm" name="id25 47565"></a><a name="LOADPRINTERS"></a><div class="variablelist"><dl><dt></dt><dd><p>A boolean variable that controls whether all3079 </h3></div></div></div><a class="indexterm" name="id2553770"></a><a name="LOADPRINTERS"></a><div class="variablelist"><dl><dt></dt><dd><p>A boolean variable that controls whether all 3040 3080 printers in the printcap will be loaded for browsing by default. 3041 3081 See the <a class="link" href="smb.conf.5.html#PRINTERS" target="_top">printers</a> section for 3042 3082 more details.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>load printers</code></em> = <code class="literal">yes</code> 3043 3083 </em></span> 3044 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547620"></a>3084 </p></dd></dl></div></div><div class="section" title="local master (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553825"></a> 3045 3085 3046 3086 local master (G) 3047 </h3></div></div></div><a class="indexterm" name="id25 47621"></a><a name="LOCALMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> to try and become a local master browser3087 </h3></div></div></div><a class="indexterm" name="id2553826"></a><a name="LOCALMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> to try and become a local master browser 3048 3088 on a subnet. If set to <code class="constant">no</code> then <code class="literal"> 3049 3089 nmbd</code> will not attempt to become a local master browser … … 3055 3095 master browser.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>local master</code></em> = <code class="literal">yes</code> 3056 3096 </em></span> 3057 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547720"></a>3097 </p></dd></dl></div></div><div class="section" title="lock dir"><div class="titlepage"><div><div><h3 class="title"><a name="id2553925"></a> 3058 3098 3059 3099 <a name="LOCKDIR"></a>lock dir 3060 </h3></div></div></div><a class="indexterm" name="id25 47721"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#LOCKDIRECTORY">lock directory</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547752"></a>3100 </h3></div></div></div><a class="indexterm" name="id2553926"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#LOCKDIRECTORY">lock directory</a>.</p></dd></dl></div></div><div class="section" title="lock directory (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2553957"></a> 3061 3101 3062 3102 lock directory (G) 3063 </h3></div></div></div><a class="indexterm" name="id25 47753"></a><a name="LOCKDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the directory where lock3103 </h3></div></div></div><a class="indexterm" name="id2553958"></a><a name="LOCKDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the directory where lock 3064 3104 files will be placed. The lock files are used to implement the 3065 3105 <a class="link" href="smb.conf.5.html#MAXCONNECTIONS" target="_top">max connections</a> option. … … 3071 3111 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lock directory</code></em> = <code class="literal">/var/run/samba/locks</code> 3072 3112 </em></span> 3073 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547830"></a>3113 </p></dd></dl></div></div><div class="section" title="locking (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554035"></a> 3074 3114 3075 3115 locking (S) 3076 </h3></div></div></div><a class="indexterm" name="id25 47831"></a><a name="LOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether or not locking will be3116 </h3></div></div></div><a class="indexterm" name="id2554036"></a><a name="LOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether or not locking will be 3077 3117 performed by the server in response to lock requests from the 3078 3118 client.</p><p>If <code class="literal">locking = no</code>, all lock and unlock … … 3084 3124 is not really recommended even in this case.</p><p>Be careful about disabling locking either globally or in a 3085 3125 specific service, as lack of locking may result in data corruption. 3086 You should never need to set this parameter.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547906"></a>3126 You should never need to set this parameter.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="lock spin count (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554111"></a> 3087 3127 3088 3128 lock spin count (G) 3089 </h3></div></div></div><a class="indexterm" name="id25 47907"></a><a name="LOCKSPINCOUNT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter has been made inoperative in Samba 3.0.24.3129 </h3></div></div></div><a class="indexterm" name="id2554112"></a><a name="LOCKSPINCOUNT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter has been made inoperative in Samba 3.0.24. 3090 3130 The functionality it contolled is now controlled by the parameter 3091 3131 <a class="link" href="smb.conf.5.html#LOCKSPINTIME" target="_top">lock spin time</a>. 3092 3132 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lock spin count</code></em> = <code class="literal">0</code> 3093 3133 </em></span> 3094 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2547961"></a>3134 </p></dd></dl></div></div><div class="section" title="lock spin time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554166"></a> 3095 3135 3096 3136 lock spin time (G) 3097 </h3></div></div></div><a class="indexterm" name="id25 47962"></a><a name="LOCKSPINTIME"></a><div class="variablelist"><dl><dt></dt><dd><p>The time in microseconds that smbd should3137 </h3></div></div></div><a class="indexterm" name="id2554168"></a><a name="LOCKSPINTIME"></a><div class="variablelist"><dl><dt></dt><dd><p>The time in microseconds that smbd should 3098 3138 keep waiting to see if a failed lock request can 3099 3139 be granted. This parameter has changed in default … … 3103 3143 to change the value of this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lock spin time</code></em> = <code class="literal">200</code> 3104 3144 </em></span> 3105 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548019"></a>3145 </p></dd></dl></div></div><div class="section" title="log file (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554225"></a> 3106 3146 3107 3147 log file (G) 3108 </h3></div></div></div><a class="indexterm" name="id25 48020"></a><a name="LOGFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>3148 </h3></div></div></div><a class="indexterm" name="id2554226"></a><a name="LOGFILE"></a><div class="variablelist"><dl><dt></dt><dd><p> 3109 3149 This option allows you to override the name of the Samba log file (also known as the debug file). 3110 3150 </p><p> … … 3112 3152 </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>log file</code></em> = <code class="literal">/usr/local/samba/var/log.%m</code> 3113 3153 </em></span> 3114 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548072"></a>3154 </p></dd></dl></div></div><div class="section" title="debuglevel"><div class="titlepage"><div><div><h3 class="title"><a name="id2554277"></a> 3115 3155 3116 3156 <a name="DEBUGLEVEL"></a>debuglevel 3117 </h3></div></div></div><a class="indexterm" name="id25 48073"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#LOGLEVEL">log level</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548103"></a>3157 </h3></div></div></div><a class="indexterm" name="id2554278"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#LOGLEVEL">log level</a>.</p></dd></dl></div></div><div class="section" title="log level (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554308"></a> 3118 3158 3119 3159 log level (G) 3120 </h3></div></div></div><a class="indexterm" name="id25 48104"></a><a name="LOGLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>3160 </h3></div></div></div><a class="indexterm" name="id2554309"></a><a name="LOGLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p> 3121 3161 The value of the parameter (a astring) allows the debug level (logging level) to be specified in the 3122 3162 <code class="filename">smb.conf</code> file. … … 3125 3165 debug classes. This is to give greater flexibility in the configuration 3126 3166 of the system. The following debug classes are currently implemented: 3127 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>all</code></em></p></li><li><p><em class="parameter"><code>tdb</code></em></p></li><li><p><em class="parameter"><code>printdrivers</code></em></p></li><li><p><em class="parameter"><code>lanman</code></em></p></li><li><p><em class="parameter"><code>smb</code></em></p></li><li><p><em class="parameter"><code>rpc_parse</code></em></p></li><li><p><em class="parameter"><code>rpc_srv</code></em></p></li><li><p><em class="parameter"><code>rpc_cli</code></em></p></li><li><p><em class="parameter"><code>passdb</code></em></p></li><li><p><em class="parameter"><code>sam</code></em></p></li><li><p><em class="parameter"><code>auth</code></em></p></li><li><p><em class="parameter"><code>winbind</code></em></p></li><li><p><em class="parameter"><code>vfs</code></em></p></li><li><p><em class="parameter"><code>idmap</code></em></p></li><li><p><em class="parameter"><code>quota</code></em></p></li><li><p><em class="parameter"><code>acls</code></em></p></li><li><p><em class="parameter"><code>locking</code></em></p></li><li><p><em class="parameter"><code>msdfs</code></em></p></li><li><p><em class="parameter"><code>dmapi</code></em></p></li><li><p><em class="parameter"><code>registry</code></em></p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>log level</code></em> = <code class="literal">0</code>3167 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>all</code></em></p></li><li class="listitem"><p><em class="parameter"><code>tdb</code></em></p></li><li class="listitem"><p><em class="parameter"><code>printdrivers</code></em></p></li><li class="listitem"><p><em class="parameter"><code>lanman</code></em></p></li><li class="listitem"><p><em class="parameter"><code>smb</code></em></p></li><li class="listitem"><p><em class="parameter"><code>rpc_parse</code></em></p></li><li class="listitem"><p><em class="parameter"><code>rpc_srv</code></em></p></li><li class="listitem"><p><em class="parameter"><code>rpc_cli</code></em></p></li><li class="listitem"><p><em class="parameter"><code>passdb</code></em></p></li><li class="listitem"><p><em class="parameter"><code>sam</code></em></p></li><li class="listitem"><p><em class="parameter"><code>auth</code></em></p></li><li class="listitem"><p><em class="parameter"><code>winbind</code></em></p></li><li class="listitem"><p><em class="parameter"><code>vfs</code></em></p></li><li class="listitem"><p><em class="parameter"><code>idmap</code></em></p></li><li class="listitem"><p><em class="parameter"><code>quota</code></em></p></li><li class="listitem"><p><em class="parameter"><code>acls</code></em></p></li><li class="listitem"><p><em class="parameter"><code>locking</code></em></p></li><li class="listitem"><p><em class="parameter"><code>msdfs</code></em></p></li><li class="listitem"><p><em class="parameter"><code>dmapi</code></em></p></li><li class="listitem"><p><em class="parameter"><code>registry</code></em></p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>log level</code></em> = <code class="literal">0</code> 3128 3168 </em></span> 3129 3169 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>log level</code></em> = <code class="literal">3 passdb:5 auth:10 winbind:2</code> 3130 3170 </em></span> 3131 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548336"></a>3171 </p></dd></dl></div></div><div class="section" title="logon drive (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554542"></a> 3132 3172 3133 3173 logon drive (G) 3134 </h3></div></div></div><a class="indexterm" name="id25 48338"></a><a name="LOGONDRIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>3174 </h3></div></div></div><a class="indexterm" name="id2554543"></a><a name="LOGONDRIVE"></a><div class="variablelist"><dl><dt></dt><dd><p> 3135 3175 This parameter specifies the local path to which the home directory will be 3136 3176 connected (see <a class="link" href="smb.conf.5.html#LOGONHOME" target="_top">logon home</a>) and is only used by NT … … 3142 3182 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>logon drive</code></em> = <code class="literal">h:</code> 3143 3183 </em></span> 3144 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548412"></a>3184 </p></dd></dl></div></div><div class="section" title="logon home (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554617"></a> 3145 3185 3146 3186 logon home (G) 3147 </h3></div></div></div><a class="indexterm" name="id25 48413"></a><a name="LOGONHOME"></a><div class="variablelist"><dl><dt></dt><dd><p>3187 </h3></div></div></div><a class="indexterm" name="id2554618"></a><a name="LOGONHOME"></a><div class="variablelist"><dl><dt></dt><dd><p> 3148 3188 This parameter specifies the home directory location when a Win95/98 or NT Workstation logs into a Samba PDC. 3149 3189 It allows you to do … … 3176 3216 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>logon home</code></em> = <code class="literal">\\remote_smb_server\%U</code> 3177 3217 </em></span> 3178 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548576"></a>3218 </p></dd></dl></div></div><div class="section" title="logon path (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554781"></a> 3179 3219 3180 3220 logon path (G) 3181 </h3></div></div></div><a class="indexterm" name="id25 48577"></a><a name="LOGONPATH"></a><div class="variablelist"><dl><dt></dt><dd><p>3221 </h3></div></div></div><a class="indexterm" name="id2554782"></a><a name="LOGONPATH"></a><div class="variablelist"><dl><dt></dt><dd><p> 3182 3222 This parameter specifies the directory where roaming profiles (Desktop, NTuser.dat, etc) are 3183 3223 stored. Contrary to previous versions of these manual pages, it has nothing to do with Win 9X roaming … … 3201 3241 </p><p> 3202 3242 This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. 3203 </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>3204 Do not quote the value. Setting this as “<span class="quote">\\%N\profile\%U</span>”3243 </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p> 3244 Do not quote the value. Setting this as <span class="quote">“<span class="quote">\\%N\profile\%U</span>”</span> 3205 3245 will break profile handling. Where the tdbsam or ldapsam passdb backend 3206 3246 is used, at the time the user account is created the value configured … … 3223 3263 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>logon path</code></em> = <code class="literal">\\%N\%U\profile</code> 3224 3264 </em></span> 3225 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548745"></a>3265 </p></dd></dl></div></div><div class="section" title="logon script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2554950"></a> 3226 3266 3227 3267 logon script (G) 3228 </h3></div></div></div><a class="indexterm" name="id25 48746"></a><a name="LOGONSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>3268 </h3></div></div></div><a class="indexterm" name="id2554951"></a><a name="LOGONSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 3229 3269 This parameter specifies the batch file (<code class="filename">.bat</code>) or NT command file 3230 3270 (<code class="filename">.cmd</code>) to be downloaded and run on a machine when a user successfully logs in. The file … … 3257 3297 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>logon script</code></em> = <code class="literal">scripts\%U.bat</code> 3258 3298 </em></span> 3259 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2548914"></a>3299 </p></dd></dl></div></div><div class="section" title="lppause command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555120"></a> 3260 3300 3261 3301 lppause command (S) 3262 </h3></div></div></div><a class="indexterm" name="id25 48916"></a><a name="LPPAUSECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be3302 </h3></div></div></div><a class="indexterm" name="id2555121"></a><a name="LPPAUSECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 3263 3303 executed on the server host in order to stop printing or spooling 3264 3304 a specific print job.</p><p>This command should be a program or script which takes … … 3284 3324 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lppause command</code></em> = <code class="literal">/usr/bin/lpalt %p-%j -p0</code> 3285 3325 </em></span> 3286 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549062"></a>3326 </p></dd></dl></div></div><div class="section" title="lpq cache time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555268"></a> 3287 3327 3288 3328 lpq cache time (G) 3289 </h3></div></div></div><a class="indexterm" name="id25 49064"></a><a name="LPQCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls how long lpq info will be cached3329 </h3></div></div></div><a class="indexterm" name="id2555269"></a><a name="LPQCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls how long lpq info will be cached 3290 3330 for to prevent the <code class="literal">lpq</code> command being called too 3291 3331 often. A separate cache is kept for each variation of the <code class="literal"> … … 3300 3340 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lpq cache time</code></em> = <code class="literal">10</code> 3301 3341 </em></span> 3302 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549181"></a>3342 </p></dd></dl></div></div><div class="section" title="lpq command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555386"></a> 3303 3343 3304 3344 lpq command (S) 3305 </h3></div></div></div><a class="indexterm" name="id25 49182"></a><a name="LPQCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be3345 </h3></div></div></div><a class="indexterm" name="id2555387"></a><a name="LPQCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 3306 3346 executed on the server host in order to obtain <code class="literal">lpq 3307 3347 </code>-style printer status information.</p><p>This command should be a program or script which … … 3325 3365 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lpq command</code></em> = <code class="literal">/usr/bin/lpq -P%p</code> 3326 3366 </em></span> 3327 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549308"></a>3367 </p></dd></dl></div></div><div class="section" title="lpresume command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555513"></a> 3328 3368 3329 3369 lpresume command (S) 3330 </h3></div></div></div><a class="indexterm" name="id25 49309"></a><a name="LPRESUMECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be3370 </h3></div></div></div><a class="indexterm" name="id2555514"></a><a name="LPRESUMECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 3331 3371 executed on the server host in order to restart or continue 3332 3372 printing or spooling a specific print job.</p><p>This command should be a program or script which takes … … 3341 3381 is <code class="constant">SOFTQ</code>, then the default is:</p><p><code class="literal">qstat -s -j%j -r</code></p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lpresume command</code></em> = <code class="literal">/usr/bin/lpalt %p-%j -p2</code> 3342 3382 </em></span> 3343 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549461"></a>3383 </p></dd></dl></div></div><div class="section" title="lprm command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555666"></a> 3344 3384 3345 3385 lprm command (S) 3346 </h3></div></div></div><a class="indexterm" name="id25 49462"></a><a name="LPRMCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be3386 </h3></div></div></div><a class="indexterm" name="id2555667"></a><a name="LPRMCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 3347 3387 executed on the server host in order to delete a print job.</p><p>This command should be a program or script which takes 3348 3388 a printer name and job number, and deletes the print job.</p><p>If a <em class="parameter"><code>%p</code></em> is given then the printer name … … 3361 3401 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lprm command</code></em> = <code class="literal"> determined by printing parameter</code> 3362 3402 </em></span> 3363 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549548"></a>3403 </p></dd></dl></div></div><div class="section" title="machine password timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555753"></a> 3364 3404 3365 3405 machine password timeout (G) 3366 </h3></div></div></div><a class="indexterm" name="id25 49549"></a><a name="MACHINEPASSWORDTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>3406 </h3></div></div></div><a class="indexterm" name="id2555754"></a><a name="MACHINEPASSWORDTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p> 3367 3407 If a Samba server is a member of a Windows NT Domain (see the <a class="link" href="smb.conf.5.html#SECURITY" target="_top">security = domain</a> parameter) then periodically a running smbd process will try and change 3368 3408 the MACHINE ACCOUNT PASSWORD stored in the TDB called <code class="filename">private/secrets.tdb … … 3374 3414 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>machine password timeout</code></em> = <code class="literal">604800</code> 3375 3415 </em></span> 3376 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549636"></a>3416 </p></dd></dl></div></div><div class="section" title="magic output (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555841"></a> 3377 3417 3378 3418 magic output (S) 3379 </h3></div></div></div><a class="indexterm" name="id25 49637"></a><a name="MAGICOUTPUT"></a><div class="variablelist"><dl><dt></dt><dd><p>3419 </h3></div></div></div><a class="indexterm" name="id2555842"></a><a name="MAGICOUTPUT"></a><div class="variablelist"><dl><dt></dt><dd><p> 3380 3420 This parameter specifies the name of a file which will contain output created by a magic script (see the 3381 3421 <a class="link" href="smb.conf.5.html#MAGICSCRIPT" target="_top">magic script</a> parameter below). 3382 </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>If two clients use the same <em class="parameter"><code>magic script3422 </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>If two clients use the same <em class="parameter"><code>magic script 3383 3423 </code></em> in the same directory the output file content is undefined. 3384 3424 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>magic output</code></em> = <code class="literal"><magic script name>.out</code> … … 3386 3426 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>magic output</code></em> = <code class="literal">myfile.txt</code> 3387 3427 </em></span> 3388 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549720"></a>3428 </p></dd></dl></div></div><div class="section" title="magic script (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2555925"></a> 3389 3429 3390 3430 magic script (S) 3391 </h3></div></div></div><a class="indexterm" name="id25 49721"></a><a name="MAGICSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the name of a file which,3431 </h3></div></div></div><a class="indexterm" name="id2555926"></a><a name="MAGICSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the name of a file which, 3392 3432 if opened, will be executed by the server when the file is closed. 3393 3433 This allows a UNIX script to be sent to the Samba host and … … 3405 3445 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>magic script</code></em> = <code class="literal">user.csh</code> 3406 3446 </em></span> 3407 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549825"></a>3447 </p></dd></dl></div></div><div class="section" title="mangled names (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556030"></a> 3408 3448 3409 3449 mangled names (S) 3410 </h3></div></div></div><a class="indexterm" name="id25 49826"></a><a name="MANGLEDNAMES"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether non-DOS names under UNIX3450 </h3></div></div></div><a class="indexterm" name="id2556031"></a><a name="MANGLEDNAMES"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether non-DOS names under UNIX 3411 3451 should be mapped to DOS-compatible names ("mangled") and made visible, 3412 3452 or whether non-DOS names should simply be ignored.</p><p>See the section on <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a> for 3413 details on how to control the mangling process.</p><p>If mangling is used then the mangling algorithm is as follows:</p><div class="itemizedlist"><ul type="disc"><li><p>The first (up to) five alphanumeric characters3453 details on how to control the mangling process.</p><p>If mangling is used then the mangling algorithm is as follows:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>The first (up to) five alphanumeric characters 3414 3454 before the rightmost dot of the filename are preserved, forced 3415 3455 to upper case, and appear as the first (up to) five characters 3416 of the mangled name.</p></li><li ><p>A tilde "~" is appended to the first part of the mangled3456 of the mangled name.</p></li><li class="listitem"><p>A tilde "~" is appended to the first part of the mangled 3417 3457 name, followed by a two-character unique sequence, based on the 3418 3458 original root name (i.e., the original filename minus its final … … 3421 3461 characters.</p><p>Note that the character to use may be specified using 3422 3462 the <a class="link" href="smb.conf.5.html#MANGLINGCHAR" target="_top">mangling char</a> 3423 option, if you don't like '~'.</p></li><li ><p>Files whose UNIX name begins with a dot will be3463 option, if you don't like '~'.</p></li><li class="listitem"><p>Files whose UNIX name begins with a dot will be 3424 3464 presented as DOS hidden files. The mangled name will be created as 3425 3465 for other filenames, but with the leading dot removed and "___" as … … 3433 3473 do not change between sessions.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>mangled names</code></em> = <code class="literal">yes</code> 3434 3474 </em></span> 3435 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2549962"></a>3475 </p></dd></dl></div></div><div class="section" title="mangle prefix (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556167"></a> 3436 3476 3437 3477 mangle prefix (G) 3438 </h3></div></div></div><a class="indexterm" name="id25 49963"></a><a name="MANGLEPREFIX"></a><div class="variablelist"><dl><dt></dt><dd><p> controls the number of prefix3478 </h3></div></div></div><a class="indexterm" name="id2556168"></a><a name="MANGLEPREFIX"></a><div class="variablelist"><dl><dt></dt><dd><p> controls the number of prefix 3439 3479 characters from the original name used when generating 3440 3480 the mangled names. A larger value will give a weaker … … 3446 3486 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>mangle prefix</code></em> = <code class="literal">4</code> 3447 3487 </em></span> 3448 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550029"></a>3488 </p></dd></dl></div></div><div class="section" title="mangling char (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556234"></a> 3449 3489 3450 3490 mangling char (S) 3451 </h3></div></div></div><a class="indexterm" name="id255 0030"></a><a name="MANGLINGCHAR"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what character is used as3491 </h3></div></div></div><a class="indexterm" name="id2556235"></a><a name="MANGLINGCHAR"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what character is used as 3452 3492 the <span class="emphasis"><em>magic</em></span> character in <a class="link" href="smb.conf.5.html#NAMEMANGLING" target="_top">name mangling</a>. The 3453 3493 default is a '~' but this may interfere with some software. Use this option to set … … 3456 3496 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>mangling char</code></em> = <code class="literal">^</code> 3457 3497 </em></span> 3458 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550106"></a>3498 </p></dd></dl></div></div><div class="section" title="mangling method (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556312"></a> 3459 3499 3460 3500 mangling method (G) 3461 </h3></div></div></div><a class="indexterm" name="id255 0108"></a><a name="MANGLINGMETHOD"></a><div class="variablelist"><dl><dt></dt><dd><p> controls the algorithm used for the generating3501 </h3></div></div></div><a class="indexterm" name="id2556313"></a><a name="MANGLINGMETHOD"></a><div class="variablelist"><dl><dt></dt><dd><p> controls the algorithm used for the generating 3462 3502 the mangled names. Can take two different values, "hash" and 3463 3503 "hash2". "hash" is the algorithm that was used … … 3470 3510 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>mangling method</code></em> = <code class="literal">hash</code> 3471 3511 </em></span> 3472 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550174"></a>3512 </p></dd></dl></div></div><div class="section" title="map acl inherit (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556379"></a> 3473 3513 3474 3514 map acl inherit (S) 3475 </h3></div></div></div><a class="indexterm" name="id255 0175"></a><a name="MAPACLINHERIT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to map the 'inherit' and 'protected'3515 </h3></div></div></div><a class="indexterm" name="id2556380"></a><a name="MAPACLINHERIT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to map the 'inherit' and 'protected' 3476 3516 access control entry flags stored in Windows ACLs into an extended attribute 3477 3517 called user.SAMBA_PAI. This parameter only takes effect if Samba is being run … … 3481 3521 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>map acl inherit</code></em> = <code class="literal">no</code> 3482 3522 </em></span> 3483 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550231"></a>3523 </p></dd></dl></div></div><div class="section" title="map archive (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556436"></a> 3484 3524 3485 3525 map archive (S) 3486 </h3></div></div></div><a class="indexterm" name="id255 0232"></a><a name="MAPARCHIVE"></a><div class="variablelist"><dl><dt></dt><dd><p>3526 </h3></div></div></div><a class="indexterm" name="id2556437"></a><a name="MAPARCHIVE"></a><div class="variablelist"><dl><dt></dt><dd><p> 3487 3527 This controls whether the DOS archive attribute 3488 3528 should be mapped to the UNIX owner execute bit. The DOS archive bit … … 3497 3537 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>map archive</code></em> = <code class="literal">yes</code> 3498 3538 </em></span> 3499 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550306"></a>3539 </p></dd></dl></div></div><div class="section" title="map hidden (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556511"></a> 3500 3540 3501 3541 map hidden (S) 3502 </h3></div></div></div><a class="indexterm" name="id255 0307"></a><a name="MAPHIDDEN"></a><div class="variablelist"><dl><dt></dt><dd><p>3542 </h3></div></div></div><a class="indexterm" name="id2556512"></a><a name="MAPHIDDEN"></a><div class="variablelist"><dl><dt></dt><dd><p> 3503 3543 This controls whether DOS style hidden files should be mapped to the UNIX world execute bit. 3504 3544 </p><p> … … 3506 3546 bit is not masked out (i.e. it must include 001). See the parameter <a class="link" href="smb.conf.5.html#CREATEMASK" target="_top">create mask</a> 3507 3547 for details. 3508 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550364"></a>3548 </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="map read only (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556569"></a> 3509 3549 3510 3550 map read only (S) 3511 </h3></div></div></div><a class="indexterm" name="id255 0365"></a><a name="MAPREADONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>3551 </h3></div></div></div><a class="indexterm" name="id2556570"></a><a name="MAPREADONLY"></a><div class="variablelist"><dl><dt></dt><dd><p> 3512 3552 This controls how the DOS read only attribute should be mapped from a UNIX filesystem. 3513 3553 </p><p> … … 3516 3556 present. If <a class="link" href="smb.conf.5.html#STOREDOSATTRIBUTES" target="_top">store dos attributes</a> is set to <code class="constant">yes</code> then this 3517 3557 parameter is <span class="emphasis"><em>ignored</em></span>. This is a new parameter introduced in Samba version 3.0.21. 3518 </p><p>The three settings are :</p><div class="itemizedlist"><ul type="disc"><li><p>3558 </p><p>The three settings are :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p> 3519 3559 <code class="constant">Yes</code> - The read only DOS attribute is mapped to the inverse of the user 3520 3560 or owner write bit in the unix permission mode set. If the owner write bit is not set, the … … 3524 3564 If the read only DOS attribute is unset, Samba simply sets the write bit of the 3525 3565 owner to one. 3526 </p></li><li ><p>3566 </p></li><li class="listitem"><p> 3527 3567 <code class="constant">Permissions</code> - The read only DOS attribute is mapped to the effective permissions of 3528 3568 the connecting user, as evaluated by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> by reading the unix permissions and POSIX ACL (if present). 3529 3569 If the connecting user does not have permission to modify the file, the read only attribute 3530 3570 is reported as being set on the file. 3531 </p></li><li ><p>3571 </p></li><li class="listitem"><p> 3532 3572 <code class="constant">No</code> - The read only DOS attribute is unaffected by permissions, and can only be set by 3533 3573 the <a class="link" href="smb.conf.5.html#STOREDOSATTRIBUTES" target="_top">store dos attributes</a> method. This may be useful for exporting mounted CDs. 3534 3574 </p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>map read only</code></em> = <code class="literal">yes</code> 3535 3575 </em></span> 3536 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550520"></a>3576 </p></dd></dl></div></div><div class="section" title="map system (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556725"></a> 3537 3577 3538 3578 map system (S) 3539 </h3></div></div></div><a class="indexterm" name="id255 0521"></a><a name="MAPSYSTEM"></a><div class="variablelist"><dl><dt></dt><dd><p>3579 </h3></div></div></div><a class="indexterm" name="id2556726"></a><a name="MAPSYSTEM"></a><div class="variablelist"><dl><dt></dt><dd><p> 3540 3580 This controls whether DOS style system files should be mapped to the UNIX group execute bit. 3541 3581 </p><p> … … 3545 3585 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>map system</code></em> = <code class="literal">no</code> 3546 3586 </em></span> 3547 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550589"></a>3587 </p></dd></dl></div></div><div class="section" title="map to guest (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2556795"></a> 3548 3588 3549 3589 map to guest (G) 3550 </h3></div></div></div><a class="indexterm" name="id255 0590"></a><a name="MAPTOGUEST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only useful in <a class="link" href="smb.conf.5.html#SECURITY" target="_top">SECURITY =3590 </h3></div></div></div><a class="indexterm" name="id2556796"></a><a name="MAPTOGUEST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only useful in <a class="link" href="smb.conf.5.html#SECURITY" target="_top">SECURITY = 3551 3591 security</a> modes other than <em class="parameter"><code>security = share</code></em> 3552 3592 and <em class="parameter"><code>security = server</code></em> 3553 3593 - i.e. <code class="constant">user</code>, and <code class="constant">domain</code>.</p><p>This parameter can take four different values, which tell 3554 3594 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> what to do with user 3555 login requests that don't match a valid UNIX user in some way.</p><p>The four settings are :</p><div class="itemizedlist"><ul type="disc"><li><p><code class="constant">Never</code> - Means user login3595 login requests that don't match a valid UNIX user in some way.</p><p>The four settings are :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><code class="constant">Never</code> - Means user login 3556 3596 requests with an invalid password are rejected. This is the 3557 default.</p></li><li ><p><code class="constant">Bad User</code> - Means user3597 default.</p></li><li class="listitem"><p><code class="constant">Bad User</code> - Means user 3558 3598 logins with an invalid password are rejected, unless the username 3559 3599 does not exist, in which case it is treated as a guest login and 3560 mapped into the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a>.</p></li><li ><p><code class="constant">Bad Password</code> - Means user logins3600 mapped into the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a>.</p></li><li class="listitem"><p><code class="constant">Bad Password</code> - Means user logins 3561 3601 with an invalid password are treated as a guest login and mapped 3562 3602 into the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a>. Note that … … 3567 3607 that they got their password wrong. Helpdesk services will 3568 3608 <span class="emphasis"><em>hate</em></span> you if you set the <em class="parameter"><code>map to 3569 guest</code></em> parameter this way :-).</p></li><li ><p><code class="constant">Bad Uid</code> - Is only applicable when Samba is configured3609 guest</code></em> parameter this way :-).</p></li><li class="listitem"><p><code class="constant">Bad Uid</code> - Is only applicable when Samba is configured 3570 3610 in some type of domain mode security (security = {domain|ads}) and means that 3571 3611 user logins which are successfully authenticated but which have no valid Unix … … 3590 3630 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>map to guest</code></em> = <code class="literal">Bad User</code> 3591 3631 </em></span> 3592 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550829"></a>3632 </p></dd></dl></div></div><div class="section" title="max connections (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557035"></a> 3593 3633 3594 3634 max connections (S) 3595 </h3></div></div></div><a class="indexterm" name="id255 0830"></a><a name="MAXCONNECTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows the number of simultaneous connections to a service to be limited.3635 </h3></div></div></div><a class="indexterm" name="id2557036"></a><a name="MAXCONNECTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows the number of simultaneous connections to a service to be limited. 3596 3636 If <em class="parameter"><code>max connections</code></em> is greater than 0 then connections 3597 3637 will be refused if this number of connections to the service are already open. A value … … 3601 3641 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max connections</code></em> = <code class="literal">10</code> 3602 3642 </em></span> 3603 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2550915"></a>3643 </p></dd></dl></div></div><div class="section" title="max disk size (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557121"></a> 3604 3644 3605 3645 max disk size (G) 3606 </h3></div></div></div><a class="indexterm" name="id255 0916"></a><a name="MAXDISKSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to put an upper limit3646 </h3></div></div></div><a class="indexterm" name="id2557122"></a><a name="MAXDISKSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to put an upper limit 3607 3647 on the apparent size of disks. If you set this option to 100 3608 3648 then all shares will appear to be not larger than 100 MB in … … 3618 3658 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max disk size</code></em> = <code class="literal">1000</code> 3619 3659 </em></span> 3620 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533629"></a>3660 </p></dd></dl></div></div><div class="section" title="max log size (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557213"></a> 3621 3661 3622 3662 max log size (G) 3623 </h3></div></div></div><a class="indexterm" name="id25 33630"></a><a name="MAXLOGSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>3663 </h3></div></div></div><a class="indexterm" name="id2557214"></a><a name="MAXLOGSIZE"></a><div class="variablelist"><dl><dt></dt><dd><p> 3624 3664 This option (an integer in kilobytes) specifies the max size the log file should grow to. 3625 3665 Samba periodically checks the size and if it is exceeded it will rename the file, adding … … 3630 3670 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max log size</code></em> = <code class="literal">1000</code> 3631 3671 </em></span> 3632 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533700"></a>3672 </p></dd></dl></div></div><div class="section" title="max mux (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557284"></a> 3633 3673 3634 3674 max mux (G) 3635 </h3></div></div></div><a class="indexterm" name="id25 33701"></a><a name="MAXMUX"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum number of3675 </h3></div></div></div><a class="indexterm" name="id2557285"></a><a name="MAXMUX"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum number of 3636 3676 outstanding simultaneous SMB operations that Samba tells the client 3637 3677 it will allow. You should never need to set this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max mux</code></em> = <code class="literal">50</code> 3638 3678 </em></span> 3639 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533743"></a>3679 </p></dd></dl></div></div><div class="section" title="max open files (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557327"></a> 3640 3680 3641 3681 max open files (G) 3642 </h3></div></div></div><a class="indexterm" name="id25 33744"></a><a name="MAXOPENFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of3682 </h3></div></div></div><a class="indexterm" name="id2557328"></a><a name="MAXOPENFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of 3643 3683 open files that one <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> file 3644 3684 serving process may have open for a client at any one time. The … … 3648 3688 this parameter so you should never need to touch this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max open files</code></em> = <code class="literal">10000</code> 3649 3689 </em></span> 3650 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2533803"></a>3690 </p></dd></dl></div></div><div class="section" title="max print jobs (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557387"></a> 3651 3691 3652 3692 max print jobs (S) 3653 </h3></div></div></div><a class="indexterm" name="id25 33804"></a><a name="MAXPRINTJOBS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of3693 </h3></div></div></div><a class="indexterm" name="id2557388"></a><a name="MAXPRINTJOBS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of 3654 3694 jobs allowable in a Samba printer queue at any given moment. 3655 3695 If this number is exceeded, <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will remote "Out of Space" to the client. … … 3658 3698 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max print jobs</code></em> = <code class="literal">5000</code> 3659 3699 </em></span> 3660 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551524"></a>3700 </p></dd></dl></div></div><div class="section" title="protocol"><div class="titlepage"><div><div><h3 class="title"><a name="id2557457"></a> 3661 3701 3662 3702 <a name="PROTOCOL"></a>protocol 3663 </h3></div></div></div><a class="indexterm" name="id255 1526"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#MAXPROTOCOL">max protocol</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551557"></a>3703 </h3></div></div></div><a class="indexterm" name="id2557458"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#MAXPROTOCOL">max protocol</a>.</p></dd></dl></div></div><div class="section" title="max protocol (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557490"></a> 3664 3704 3665 3705 max protocol (G) 3666 </h3></div></div></div><a class="indexterm" name="id255 1558"></a><a name="MAXPROTOCOL"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a string) is the highest3667 protocol level that will be supported by the server.</p><p>Possible values are :</p><div class="itemizedlist"><ul type="disc"><li><p><code class="constant">CORE</code>: Earliest version. No3668 concept of user names.</p></li><li ><p><code class="constant">COREPLUS</code>: Slight improvements on3669 CORE for efficiency.</p></li><li ><p><code class="constant">LANMAN1</code>: First <span class="emphasis"><em>3706 </h3></div></div></div><a class="indexterm" name="id2557491"></a><a name="MAXPROTOCOL"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a string) is the highest 3707 protocol level that will be supported by the server.</p><p>Possible values are :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><code class="constant">CORE</code>: Earliest version. No 3708 concept of user names.</p></li><li class="listitem"><p><code class="constant">COREPLUS</code>: Slight improvements on 3709 CORE for efficiency.</p></li><li class="listitem"><p><code class="constant">LANMAN1</code>: First <span class="emphasis"><em> 3670 3710 modern</em></span> version of the protocol. Long filename 3671 support.</p></li><li ><p><code class="constant">LANMAN2</code>: Updates to Lanman1 protocol.</p></li><li><p><code class="constant">NT1</code>: Current up to date version of the protocol.3711 support.</p></li><li class="listitem"><p><code class="constant">LANMAN2</code>: Updates to Lanman1 protocol.</p></li><li class="listitem"><p><code class="constant">NT1</code>: Current up to date version of the protocol. 3672 3712 Used by Windows NT. Known as CIFS.</p></li></ul></div><p>Normally this option should not be set as the automatic 3673 3713 negotiation phase in the SMB protocol takes care of choosing … … 3676 3716 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max protocol</code></em> = <code class="literal">LANMAN1</code> 3677 3717 </em></span> 3678 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551682"></a>3718 </p></dd></dl></div></div><div class="section" title="max reported print jobs (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557615"></a> 3679 3719 3680 3720 max reported print jobs (S) 3681 </h3></div></div></div><a class="indexterm" name="id255 1684"></a><a name="MAXREPORTEDPRINTJOBS"></a><div class="variablelist"><dl><dt></dt><dd><p>3721 </h3></div></div></div><a class="indexterm" name="id2557616"></a><a name="MAXREPORTEDPRINTJOBS"></a><div class="variablelist"><dl><dt></dt><dd><p> 3682 3722 This parameter limits the maximum number of jobs displayed in a port monitor for 3683 3723 Samba printer queue at any given moment. If this number is exceeded, the excess … … 3688 3728 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max reported print jobs</code></em> = <code class="literal">1000</code> 3689 3729 </em></span> 3690 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551746"></a>3730 </p></dd></dl></div></div><div class="section" title="max smbd processes (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557679"></a> 3691 3731 3692 3732 max smbd processes (G) 3693 </h3></div></div></div><a class="indexterm" name="id255 1748"></a><a name="MAXSMBDPROCESSES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> processes concurrently running on a system and is intended3733 </h3></div></div></div><a class="indexterm" name="id2557680"></a><a name="MAXSMBDPROCESSES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the maximum number of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> processes concurrently running on a system and is intended 3694 3734 as a stopgap to prevent degrading service to clients in the event that the server has insufficient 3695 3735 resources to handle more than this number of connections. Remember that under normal operating … … 3699 3739 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max smbd processes</code></em> = <code class="literal">1000</code> 3700 3740 </em></span> 3701 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551828"></a>3741 </p></dd></dl></div></div><div class="section" title="max stat cache size (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557760"></a> 3702 3742 3703 3743 max stat cache size (G) 3704 </h3></div></div></div><a class="indexterm" name="id255 1829"></a><a name="MAXSTATCACHESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the size in memory of any3744 </h3></div></div></div><a class="indexterm" name="id2557762"></a><a name="MAXSTATCACHESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter limits the size in memory of any 3705 3745 <em class="parameter"><code>stat cache</code></em> being used 3706 3746 to speed up case insensitive name mappings. It represents … … 3713 3753 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max stat cache size</code></em> = <code class="literal">100</code> 3714 3754 </em></span> 3715 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551897"></a>3755 </p></dd></dl></div></div><div class="section" title="max ttl (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557830"></a> 3716 3756 3717 3757 max ttl (G) 3718 </h3></div></div></div><a class="indexterm" name="id255 1898"></a><a name="MAXTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> what the default 'time to live'3758 </h3></div></div></div><a class="indexterm" name="id2557831"></a><a name="MAXTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> what the default 'time to live' 3719 3759 of NetBIOS names should be (in seconds) when <code class="literal">nmbd</code> is 3720 3760 requesting a name using either a broadcast packet or from a WINS server. You should 3721 3761 never need to change this parameter. The default is 3 days.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max ttl</code></em> = <code class="literal">259200</code> 3722 3762 </em></span> 3723 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2551956"></a>3763 </p></dd></dl></div></div><div class="section" title="max wins ttl (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557889"></a> 3724 3764 3725 3765 max wins ttl (G) 3726 </h3></div></div></div><a class="indexterm" name="id255 1957"></a><a name="MAXWINSTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when acting as a WINS server3766 </h3></div></div></div><a class="indexterm" name="id2557890"></a><a name="MAXWINSTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when acting as a WINS server 3727 3767 (<a class="link" href="smb.conf.5.html#WINSSUPPORT" target="_top">wins support = yes</a>) what the maximum 3728 3768 'time to live' of NetBIOS names that <code class="literal">nmbd</code> … … 3730 3770 parameter. The default is 6 days (518400 seconds).</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max wins ttl</code></em> = <code class="literal">518400</code> 3731 3771 </em></span> 3732 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552028"></a>3772 </p></dd></dl></div></div><div class="section" title="max xmit (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2557960"></a> 3733 3773 3734 3774 max xmit (G) 3735 </h3></div></div></div><a class="indexterm" name="id255 2029"></a><a name="MAXXMIT"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum packet size3775 </h3></div></div></div><a class="indexterm" name="id2557961"></a><a name="MAXXMIT"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum packet size 3736 3776 that will be negotiated by Samba. The default is 16644, which 3737 3777 matches the behavior of Windows 2000. A value below 2048 is likely to cause problems. … … 3741 3781 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max xmit</code></em> = <code class="literal">8192</code> 3742 3782 </em></span> 3743 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552091"></a>3783 </p></dd></dl></div></div><div class="section" title="message command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558023"></a> 3744 3784 3745 3785 message command (G) 3746 </h3></div></div></div><a class="indexterm" name="id255 2092"></a><a name="MESSAGECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies what command to run when the3786 </h3></div></div></div><a class="indexterm" name="id2558024"></a><a name="MESSAGECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies what command to run when the 3747 3787 server receives a WinPopup style message.</p><p>This would normally be a command that would 3748 3788 deliver the message somehow. How this is to be done is … … 3760 3800 %u</code></em> won't work (<em class="parameter"><code>%U</code></em> may be better 3761 3801 in this case).</p><p>Apart from the standard substitutions, some additional 3762 ones apply. In particular:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>%s</code></em> = the filename containing3763 the message.</p></li><li ><p><em class="parameter"><code>%t</code></em> = the destination that3764 the message was sent to (probably the server name).</p></li><li ><p><em class="parameter"><code>%f</code></em> = who the message3802 ones apply. In particular:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>%s</code></em> = the filename containing 3803 the message.</p></li><li class="listitem"><p><em class="parameter"><code>%t</code></em> = the destination that 3804 the message was sent to (probably the server name).</p></li><li class="listitem"><p><em class="parameter"><code>%f</code></em> = who the message 3765 3805 is from.</p></li></ul></div><p>You could make this command send mail, or whatever else 3766 3806 takes your fancy. Please let us know of any really interesting … … 3783 3823 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>message command</code></em> = <code class="literal">csh -c 'xedit %s; rm %s' &</code> 3784 3824 </em></span> 3785 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552301"></a>3825 </p></dd></dl></div></div><div class="section" title="min print space (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558233"></a> 3786 3826 3787 3827 min print space (S) 3788 </h3></div></div></div><a class="indexterm" name="id255 2302"></a><a name="MINPRINTSPACE"></a><div class="variablelist"><dl><dt></dt><dd><p>This sets the minimum amount of free disk3828 </h3></div></div></div><a class="indexterm" name="id2558234"></a><a name="MINPRINTSPACE"></a><div class="variablelist"><dl><dt></dt><dd><p>This sets the minimum amount of free disk 3789 3829 space that must be available before a user will be able to spool 3790 3830 a print job. It is specified in kilobytes. The default is 0, which … … 3793 3833 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>min print space</code></em> = <code class="literal">2000</code> 3794 3834 </em></span> 3795 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552363"></a>3835 </p></dd></dl></div></div><div class="section" title="min protocol (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558295"></a> 3796 3836 3797 3837 min protocol (G) 3798 </h3></div></div></div><a class="indexterm" name="id255 2364"></a><a name="MINPROTOCOL"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a string) is the3838 </h3></div></div></div><a class="indexterm" name="id2558296"></a><a name="MINPROTOCOL"></a><div class="variablelist"><dl><dt></dt><dd><p>The value of the parameter (a string) is the 3799 3839 lowest SMB protocol dialect than Samba will support. Please refer 3800 3840 to the <a class="link" href="smb.conf.5.html#MAXPROTOCOL" target="_top">max protocol</a> … … 3808 3848 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>min protocol</code></em> = <code class="literal">NT1</code> 3809 3849 </em></span> 3810 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552462"></a>3850 </p></dd></dl></div></div><div class="section" title="min receivefile size (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558394"></a> 3811 3851 3812 3852 min receivefile size (G) 3813 </h3></div></div></div><a class="indexterm" name="id255 2463"></a><a name="MINRECEIVEFILESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option changes the behavior of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when processing SMBwriteX calls. Any incoming3853 </h3></div></div></div><a class="indexterm" name="id2558395"></a><a name="MINRECEIVEFILESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option changes the behavior of <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when processing SMBwriteX calls. Any incoming 3814 3854 SMBwriteX call on a non-signed SMB/CIFS connection greater than this value will not be processed in the normal way but will 3815 3855 be passed to any underlying kernel recvfile or splice system call (if there is no such … … 3820 3860 nonzero. The maximum value is 128k. Values greater than 128k will be silently set to 128k.</p><p>Note this option will have NO EFFECT if set on a SMB signed connection.</p><p>The default is zero, which diables this option.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>min receivefile size</code></em> = <code class="literal">0</code> 3821 3861 </em></span> 3822 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552543"></a>3862 </p></dd></dl></div></div><div class="section" title="min wins ttl (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558463"></a> 3823 3863 3824 3864 min wins ttl (G) 3825 </h3></div></div></div><a class="indexterm" name="id255 2544"></a><a name="MINWINSTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>3865 </h3></div></div></div><a class="indexterm" name="id2558464"></a><a name="MINWINSTTL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option tells <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> 3826 3866 when acting as a WINS server (<a class="link" href="smb.conf.5.html#WINSSUPPORT" target="_top">wins support = yes</a>) what the minimum 'time to live' 3827 3867 of NetBIOS names that <code class="literal">nmbd</code> will grant will be (in … … 3829 3869 is 6 hours (21600 seconds).</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>min wins ttl</code></em> = <code class="literal">21600</code> 3830 3870 </em></span> 3831 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552614"></a>3871 </p></dd></dl></div></div><div class="section" title="msdfs proxy (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558534"></a> 3832 3872 3833 3873 msdfs proxy (S) 3834 </h3></div></div></div><a class="indexterm" name="id255 2615"></a><a name="MSDFSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter indicates that the share is a3874 </h3></div></div></div><a class="indexterm" name="id2558535"></a><a name="MSDFSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter indicates that the share is a 3835 3875 stand-in for another CIFS share whose location is specified by 3836 3876 the value of the parameter. When clients attempt to connect to … … 3840 3880 options to find out how to set up a Dfs root share.</p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>msdfs proxy</code></em> = <code class="literal">\otherserver\someshare</code> 3841 3881 </em></span> 3842 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552692"></a>3882 </p></dd></dl></div></div><div class="section" title="msdfs root (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558612"></a> 3843 3883 3844 3884 msdfs root (S) 3845 </h3></div></div></div><a class="indexterm" name="id255 2693"></a><a name="MSDFSROOT"></a><div class="variablelist"><dl><dt></dt><dd><p>If set to <code class="constant">yes</code>, Samba treats the3885 </h3></div></div></div><a class="indexterm" name="id2558613"></a><a name="MSDFSROOT"></a><div class="variablelist"><dl><dt></dt><dd><p>If set to <code class="constant">yes</code>, Samba treats the 3846 3886 share as a Dfs root and allows clients to browse the 3847 3887 distributed file system tree rooted at the share directory. … … 3851 3891 Samba, refer to the MSDFS chapter in the Samba3-HOWTO book.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>msdfs root</code></em> = <code class="literal">no</code> 3852 3892 </em></span> 3853 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552747"></a>3893 </p></dd></dl></div></div><div class="section" title="name cache timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558667"></a> 3854 3894 3855 3895 name cache timeout (G) 3856 </h3></div></div></div><a class="indexterm" name="id255 2748"></a><a name="NAMECACHETIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the number of seconds it takes before3896 </h3></div></div></div><a class="indexterm" name="id2558668"></a><a name="NAMECACHETIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the number of seconds it takes before 3857 3897 entries in samba's hostname resolve cache time out. If 3858 3898 the timeout is set to 0. the caching is disabled. … … 3861 3901 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>name cache timeout</code></em> = <code class="literal">0</code> 3862 3902 </em></span> 3863 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2552808"></a>3903 </p></dd></dl></div></div><div class="section" title="name resolve order (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558728"></a> 3864 3904 3865 3905 name resolve order (G) 3866 </h3></div></div></div><a class="indexterm" name="id255 2809"></a><a name="NAMERESOLVEORDER"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used by the programs in the Samba3906 </h3></div></div></div><a class="indexterm" name="id2558729"></a><a name="NAMERESOLVEORDER"></a><div class="variablelist"><dl><dt></dt><dd><p>This option is used by the programs in the Samba 3867 3907 suite to determine what naming services to use and in what order 3868 3908 to resolve host names to IP addresses. Its main purpose to is to … … 3870 3910 separated string of name resolution options.</p><p>The options are: "lmhosts", "host", 3871 3911 "wins" and "bcast". They cause names to be 3872 resolved as follows:</p><div class="itemizedlist"><ul type="disc"><li><p>3912 resolved as follows:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p> 3873 3913 <code class="constant">lmhosts</code> : Lookup an IP address in the Samba lmhosts file. If the line in lmhosts has 3874 3914 no name type attached to the NetBIOS name (see the manpage for lmhosts for details) then 3875 3915 any name type matches for lookup. 3876 </p></li><li ><p>3916 </p></li><li class="listitem"><p> 3877 3917 <code class="constant">host</code> : Do a standard host name to IP address resolution, using the system 3878 3918 <code class="filename">/etc/hosts </code>, NIS, or DNS lookups. This method of name resolution is … … 3881 3921 useful for active directory domains and results in a DNS query for the SRV RR entry matching 3882 3922 _ldap._tcp.domain. 3883 </p></li><li ><p><code class="constant">wins</code> : Query a name with3923 </p></li><li class="listitem"><p><code class="constant">wins</code> : Query a name with 3884 3924 the IP address listed in the <a class="link" href="smb.conf.5.html#WINSSERVER" target="_top">WINSSERVER</a> parameter. If no WINS server has 3885 been specified this method will be ignored.</p></li><li ><p><code class="constant">bcast</code> : Do a broadcast on3925 been specified this method will be ignored.</p></li><li class="listitem"><p><code class="constant">bcast</code> : Do a broadcast on 3886 3926 each of the known local interfaces listed in the <a class="link" href="smb.conf.5.html#INTERFACES" target="_top">interfaces</a> 3887 3927 parameter. This is the least reliable of the name resolution … … 3895 3935 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>name resolve order</code></em> = <code class="literal">lmhosts bcast host</code> 3896 3936 </em></span> 3897 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553010"></a>3937 </p></dd></dl></div></div><div class="section" title="netbios aliases (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558930"></a> 3898 3938 3899 3939 netbios aliases (G) 3900 </h3></div></div></div><a class="indexterm" name="id255 3011"></a><a name="NETBIOSALIASES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of NetBIOS names that nmbd will3940 </h3></div></div></div><a class="indexterm" name="id2558931"></a><a name="NETBIOSALIASES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of NetBIOS names that nmbd will 3901 3941 advertise as additional names by which the Samba server is known. This allows one machine 3902 3942 to appear in browse lists under multiple names. If a machine is acting as a browse server … … 3908 3948 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>netbios aliases</code></em> = <code class="literal">TEST TEST1 TEST2</code> 3909 3949 </em></span> 3910 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553076"></a>3950 </p></dd></dl></div></div><div class="section" title="netbios name (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2558996"></a> 3911 3951 3912 3952 netbios name (G) 3913 </h3></div></div></div><a class="indexterm" name="id255 3077"></a><a name="NETBIOSNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>3953 </h3></div></div></div><a class="indexterm" name="id2558998"></a><a name="NETBIOSNAME"></a><div class="variablelist"><dl><dt></dt><dd><p> 3914 3954 This sets the NetBIOS name by which a Samba server is known. By default it is the same as the first component 3915 3955 of the host's DNS name. If a machine is a browse server or logon server this name (or the first component of … … 3924 3964 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>netbios name</code></em> = <code class="literal">MYNAME</code> 3925 3965 </em></span> 3926 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553158"></a>3966 </p></dd></dl></div></div><div class="section" title="netbios scope (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559078"></a> 3927 3967 3928 3968 netbios scope (G) 3929 </h3></div></div></div><a class="indexterm" name="id255 3159"></a><a name="NETBIOSSCOPE"></a><div class="variablelist"><dl><dt></dt><dd><p>This sets the NetBIOS scope that Samba will3969 </h3></div></div></div><a class="indexterm" name="id2559079"></a><a name="NETBIOSSCOPE"></a><div class="variablelist"><dl><dt></dt><dd><p>This sets the NetBIOS scope that Samba will 3930 3970 operate under. This should not be set unless every machine 3931 3971 on your LAN also sets this value.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>netbios scope</code></em> = <code class="literal"></code> 3932 3972 </em></span> 3933 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553200"></a>3973 </p></dd></dl></div></div><div class="section" title="nis homedir (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559120"></a> 3934 3974 3935 3975 nis homedir (G) 3936 </h3></div></div></div><a class="indexterm" name="id255 3201"></a><a name="NISHOMEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>Get the home share server from a NIS map. For3976 </h3></div></div></div><a class="indexterm" name="id2559121"></a><a name="NISHOMEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>Get the home share server from a NIS map. For 3937 3977 UNIX systems that use an automounter, the user's home directory 3938 3978 will often be mounted on a workstation on demand from a remote … … 3953 3993 be a logon server.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>nis homedir</code></em> = <code class="literal">no</code> 3954 3994 </em></span> 3955 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553280"></a>3995 </p></dd></dl></div></div><div class="section" title="nt acl support (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559200"></a> 3956 3996 3957 3997 nt acl support (S) 3958 </h3></div></div></div><a class="indexterm" name="id255 3281"></a><a name="NTACLSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to map3998 </h3></div></div></div><a class="indexterm" name="id2559201"></a><a name="NTACLSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to map 3959 3999 UNIX permissions into Windows NT access control lists. The UNIX 3960 4000 permissions considered are the the traditional UNIX owner and … … 3963 4003 releases prior to 2.2.2.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>nt acl support</code></em> = <code class="literal">yes</code> 3964 4004 </em></span> 3965 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553335"></a>4005 </p></dd></dl></div></div><div class="section" title="ntlm auth (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559255"></a> 3966 4006 3967 4007 ntlm auth (G) 3968 </h3></div></div></div><a class="indexterm" name="id255 3336"></a><a name="NTLMAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to4008 </h3></div></div></div><a class="indexterm" name="id2559256"></a><a name="NTLMAUTH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines whether or not <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will attempt to 3969 4009 authenticate users using the NTLM encrypted password response. 3970 4010 If disabled, either the lanman password hash or an NTLMv2 response … … 3974 4014 special configuration to use it.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ntlm auth</code></em> = <code class="literal">yes</code> 3975 4015 </em></span> 3976 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553399"></a>4016 </p></dd></dl></div></div><div class="section" title="nt pipe support (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559319"></a> 3977 4017 3978 4018 nt pipe support (G) 3979 </h3></div></div></div><a class="indexterm" name="id255 3400"></a><a name="NTPIPESUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether4019 </h3></div></div></div><a class="indexterm" name="id2559320"></a><a name="NTPIPESUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether 3980 4020 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will allow Windows NT 3981 4021 clients to connect to the NT SMB specific <code class="constant">IPC$</code> … … 3983 4023 alone.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>nt pipe support</code></em> = <code class="literal">yes</code> 3984 4024 </em></span> 3985 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553455"></a>4025 </p></dd></dl></div></div><div class="section" title="nt status support (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559375"></a> 3986 4026 3987 4027 nt status support (G) 3988 </h3></div></div></div><a class="indexterm" name="id255 3456"></a><a name="NTSTATUSSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will negotiate NT specific status4028 </h3></div></div></div><a class="indexterm" name="id2559376"></a><a name="NTSTATUSSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will negotiate NT specific status 3989 4029 support with Windows NT/2k/XP clients. This is a developer debugging option and should be left alone. 3990 4030 If this option is set to <code class="constant">no</code> then Samba offers … … 3992 4032 reported.</p><p>You should not need to ever disable this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>nt status support</code></em> = <code class="literal">yes</code> 3993 4033 </em></span> 3994 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553517"></a>4034 </p></dd></dl></div></div><div class="section" title="null passwords (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559437"></a> 3995 4035 3996 4036 null passwords (G) 3997 </h3></div></div></div><a class="indexterm" name="id255 3518"></a><a name="NULLPASSWORDS"></a><div class="variablelist"><dl><dt></dt><dd><p>Allow or disallow client access to accounts that have null passwords. </p><p>See also <a class="citerefentry" href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>null passwords</code></em> = <code class="literal">no</code>3998 </em></span> 3999 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553570"></a>4037 </h3></div></div></div><a class="indexterm" name="id2559438"></a><a name="NULLPASSWORDS"></a><div class="variablelist"><dl><dt></dt><dd><p>Allow or disallow client access to accounts that have null passwords. </p><p>See also <a class="citerefentry" href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>null passwords</code></em> = <code class="literal">no</code> 4038 </em></span> 4039 </p></dd></dl></div></div><div class="section" title="obey pam restrictions (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559490"></a> 4000 4040 4001 4041 obey pam restrictions (G) 4002 </h3></div></div></div><a class="indexterm" name="id255 3571"></a><a name="OBEYPAMRESTRICTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>When Samba 3.0 is configured to enable PAM support4042 </h3></div></div></div><a class="indexterm" name="id2559491"></a><a name="OBEYPAMRESTRICTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>When Samba 3.0 is configured to enable PAM support 4003 4043 (i.e. --with-pam), this parameter will control whether or not Samba 4004 4044 should obey PAM's account and session management directives. The … … 4010 4050 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>obey pam restrictions</code></em> = <code class="literal">no</code> 4011 4051 </em></span> 4012 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553641"></a>4052 </p></dd></dl></div></div><div class="section" title="only user (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559555"></a> 4013 4053 4014 4054 only user (S) 4015 </h3></div></div></div><a class="indexterm" name="id255 3642"></a><a name="ONLYUSER"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean option that controls whether4055 </h3></div></div></div><a class="indexterm" name="id2559556"></a><a name="ONLYUSER"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean option that controls whether 4016 4056 connections with usernames not in the <em class="parameter"><code>user</code></em> 4017 4057 list will be allowed. By default this option is disabled so that a … … 4026 4066 name of the user.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>only user</code></em> = <code class="literal">no</code> 4027 4067 </em></span> 4028 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553730"></a>4068 </p></dd></dl></div></div><div class="section" title="oplock break wait time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559644"></a> 4029 4069 4030 4070 oplock break wait time (G) 4031 </h3></div></div></div><a class="indexterm" name="id255 3731"></a><a name="OPLOCKBREAKWAITTIME"></a><div class="variablelist"><dl><dt></dt><dd><p>4071 </h3></div></div></div><a class="indexterm" name="id2559645"></a><a name="OPLOCKBREAKWAITTIME"></a><div class="variablelist"><dl><dt></dt><dd><p> 4032 4072 This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too 4033 4073 quickly when that client issues an SMB that can cause an oplock break request, then the network client can 4034 4074 fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount 4035 4075 of time Samba will wait before sending an oplock break request to such (broken) clients. 4036 </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>4076 </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p> 4037 4077 DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. 4038 4078 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>oplock break wait time</code></em> = <code class="literal">0</code> 4039 4079 </em></span> 4040 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553785"></a>4080 </p></dd></dl></div></div><div class="section" title="oplock contention limit (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559698"></a> 4041 4081 4042 4082 oplock contention limit (S) 4043 </h3></div></div></div><a class="indexterm" name="id255 3786"></a><a name="OPLOCKCONTENTIONLIMIT"></a><div class="variablelist"><dl><dt></dt><dd><p>4083 </h3></div></div></div><a class="indexterm" name="id2559700"></a><a name="OPLOCKCONTENTIONLIMIT"></a><div class="variablelist"><dl><dt></dt><dd><p> 4044 4084 This is a <span class="emphasis"><em>very</em></span> advanced <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> tuning option to improve the efficiency of the 4045 4085 granting of oplocks under multiple client contention for the same file. … … 4049 4089 limit. This causes <code class="literal">smbd</code> to behave in a similar 4050 4090 way to Windows NT. 4051 </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>4091 </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p> 4052 4092 DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. 4053 4093 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>oplock contention limit</code></em> = <code class="literal">2</code> 4054 4094 </em></span> 4055 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553867"></a>4095 </p></dd></dl></div></div><div class="section" title="oplocks (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559781"></a> 4056 4096 4057 4097 oplocks (S) 4058 </h3></div></div></div><a class="indexterm" name="id255 3868"></a><a name="OPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p>4098 </h3></div></div></div><a class="indexterm" name="id2559782"></a><a name="OPLOCKS"></a><div class="variablelist"><dl><dt></dt><dd><p> 4059 4099 This boolean option tells <code class="literal">smbd</code> whether to 4060 4100 issue oplocks (opportunistic locks) to file open requests on this … … 4075 4115 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>oplocks</code></em> = <code class="literal">yes</code> 4076 4116 </em></span> 4077 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2553966"></a>4117 </p></dd></dl></div></div><div class="section" title="os2 driver map (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559879"></a> 4078 4118 4079 4119 os2 driver map (G) 4080 </h3></div></div></div><a class="indexterm" name="id255 3967"></a><a name="OS2DRIVERMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>The parameter is used to define the absolute4120 </h3></div></div></div><a class="indexterm" name="id2559880"></a><a name="OS2DRIVERMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>The parameter is used to define the absolute 4081 4121 path to a file containing a mapping of Windows NT printer driver 4082 4122 names to OS/2 printer driver names. The format is:</p><p><nt driver name> = <os2 driver name>.<device name></p><p>For example, a valid entry using the HP LaserJet 5 … … 4088 4128 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>os2 driver map</code></em> = <code class="literal"></code> 4089 4129 </em></span> 4090 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554033"></a>4130 </p></dd></dl></div></div><div class="section" title="os level (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2559947"></a> 4091 4131 4092 4132 os level (G) 4093 </h3></div></div></div><a class="indexterm" name="id255 4034"></a><a name="OSLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>4133 </h3></div></div></div><a class="indexterm" name="id2559948"></a><a name="OSLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p> 4094 4134 This integer value controls what level Samba advertises itself as for browse elections. The value of this 4095 4135 parameter determines whether <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> has a chance of becoming a local master browser for the <a class="link" href="smb.conf.5.html#WORKGROUP" target="_top">workgroup</a> in the local broadcast area. … … 4107 4147 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>os level</code></em> = <code class="literal">65</code> 4108 4148 </em></span> 4109 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554133"></a>4149 </p></dd></dl></div></div><div class="section" title="pam password change (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560046"></a> 4110 4150 4111 4151 pam password change (G) 4112 </h3></div></div></div><a class="indexterm" name="id25 54134"></a><a name="PAMPASSWORDCHANGE"></a><div class="variablelist"><dl><dt></dt><dd><p>With the addition of better PAM support in Samba 2.2,4152 </h3></div></div></div><a class="indexterm" name="id2560047"></a><a name="PAMPASSWORDCHANGE"></a><div class="variablelist"><dl><dt></dt><dd><p>With the addition of better PAM support in Samba 2.2, 4113 4153 this parameter, it is possible to use PAM's password change control 4114 4154 flag for Samba. If enabled, then PAM will be used for password … … 4118 4158 <a class="link" href="smb.conf.5.html#PASSWDCHAT" target="_top">passwd chat</a> parameter for most setups.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>pam password change</code></em> = <code class="literal">no</code> 4119 4159 </em></span> 4120 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554205"></a>4160 </p></dd></dl></div></div><div class="section" title="panic action (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560119"></a> 4121 4161 4122 4162 panic action (G) 4123 </h3></div></div></div><a class="indexterm" name="id25 54206"></a><a name="PANICACTION"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a Samba developer option that allows a4163 </h3></div></div></div><a class="indexterm" name="id2560120"></a><a name="PANICACTION"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a Samba developer option that allows a 4124 4164 system command to be called when either <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> or <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> crashes. This is usually used to 4125 4165 draw attention to the fact that a problem occurred. … … 4128 4168 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>panic action</code></em> = <code class="literal">"/bin/sleep 90000"</code> 4129 4169 </em></span> 4130 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554281"></a>4170 </p></dd></dl></div></div><div class="section" title="paranoid server security (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560195"></a> 4131 4171 4132 4172 paranoid server security (G) 4133 </h3></div></div></div><a class="indexterm" name="id25 54282"></a><a name="PARANOIDSERVERSECURITY"></a><div class="variablelist"><dl><dt></dt><dd><p>Some version of NT 4.x allow non-guest4173 </h3></div></div></div><a class="indexterm" name="id2560196"></a><a name="PARANOIDSERVERSECURITY"></a><div class="variablelist"><dl><dt></dt><dd><p>Some version of NT 4.x allow non-guest 4134 4174 users with a bad passowrd. When this option is enabled, samba will not 4135 4175 use a broken NT 4.x server as password server, but instead complain … … 4139 4179 bad logon to the remote server.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>paranoid server security</code></em> = <code class="literal">yes</code> 4140 4180 </em></span> 4141 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554332"></a>4181 </p></dd></dl></div></div><div class="section" title="passdb backend (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560246"></a> 4142 4182 4143 4183 passdb backend (G) 4144 </h3></div></div></div><a class="indexterm" name="id25 54334"></a><a name="PASSDBBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows the administrator to chose which backend4184 </h3></div></div></div><a class="indexterm" name="id2560247"></a><a name="PASSDBBACKEND"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows the administrator to chose which backend 4145 4185 will be used for storing user and possibly group information. This allows 4146 4186 you to swap between different storage mechanisms without recompile. </p><p>The parameter value is divided into two parts, the backend's name, and a 'location' 4147 4187 string that has meaning only to that particular backed. These are separated 4148 4188 by a : character.</p><p>Available backends can include: 4149 </p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">smbpasswd</code> - The default smbpasswd4189 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><code class="literal">smbpasswd</code> - The default smbpasswd 4150 4190 backend. Takes a path to the smbpasswd file as an optional argument. 4151 </p></li><li ><p><code class="literal">tdbsam</code> - The TDB based password storage4191 </p></li><li class="listitem"><p><code class="literal">tdbsam</code> - The TDB based password storage 4152 4192 backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb 4153 in the <a class="link" href="smb.conf.5.html#PRIVATEDIR" target="_top">private dir</a> directory.</p></li><li ><p><code class="literal">ldapsam</code> - The LDAP based passdb4193 in the <a class="link" href="smb.conf.5.html#PRIVATEDIR" target="_top">private dir</a> directory.</p></li><li class="listitem"><p><code class="literal">ldapsam</code> - The LDAP based passdb 4154 4194 backend. Takes an LDAP URL as an optional argument (defaults to 4155 4195 <code class="literal">ldap://localhost</code>)</p><p>LDAP connections should be secured where possible. This may be done using either … … 4175 4215 </pre><p>Default: <span class="emphasis"><em><em class="parameter"><code>passdb backend</code></em> = <code class="literal">smbpasswd</code> 4176 4216 </em></span> 4177 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554490"></a>4217 </p></dd></dl></div></div><div class="section" title="passdb expand explicit (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560404"></a> 4178 4218 4179 4219 passdb expand explicit (G) 4180 </h3></div></div></div><a class="indexterm" name="id25 54491"></a><a name="PASSDBEXPANDEXPLICIT"></a><div class="variablelist"><dl><dt></dt><dd><p>4220 </h3></div></div></div><a class="indexterm" name="id2560405"></a><a name="PASSDBEXPANDEXPLICIT"></a><div class="variablelist"><dl><dt></dt><dd><p> 4181 4221 This parameter controls whether Samba substitutes %-macros in the passdb fields if they are explicitly set. We 4182 4222 used to expand macros here, but this turned out to be a bug because the Windows client can expand a variable … … 4184 4224 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passdb expand explicit</code></em> = <code class="literal">no</code> 4185 4225 </em></span> 4186 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554537"></a>4226 </p></dd></dl></div></div><div class="section" title="passwd chat debug (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560450"></a> 4187 4227 4188 4228 passwd chat debug (G) 4189 </h3></div></div></div><a class="indexterm" name="id25 54538"></a><a name="PASSWDCHATDEBUG"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean specifies if the passwd chat script4229 </h3></div></div></div><a class="indexterm" name="id2560451"></a><a name="PASSWDCHATDEBUG"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean specifies if the passwd chat script 4190 4230 parameter is run in <span class="emphasis"><em>debug</em></span> mode. In this mode the 4191 4231 strings passed to and received from the passwd chat are printed … … 4200 4240 parameter is set. This parameter is off by default.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat debug</code></em> = <code class="literal">no</code> 4201 4241 </em></span> 4202 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554640"></a>4242 </p></dd></dl></div></div><div class="section" title="passwd chat timeout (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560554"></a> 4203 4243 4204 4244 passwd chat timeout (G) 4205 </h3></div></div></div><a class="indexterm" name="id25 54641"></a><a name="PASSWDCHATTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>This integer specifies the number of seconds smbd will wait for an initial4245 </h3></div></div></div><a class="indexterm" name="id2560555"></a><a name="PASSWDCHATTIMEOUT"></a><div class="variablelist"><dl><dt></dt><dd><p>This integer specifies the number of seconds smbd will wait for an initial 4206 4246 answer from a passwd chat script being run. Once the initial answer is received 4207 4247 the subsequent answers must be received in one tenth of this time. The default it 4208 4248 two seconds.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat timeout</code></em> = <code class="literal">2</code> 4209 4249 </em></span> 4210 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554685"></a>4250 </p></dd></dl></div></div><div class="section" title="passwd chat (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560599"></a> 4211 4251 4212 4252 passwd chat (G) 4213 </h3></div></div></div><a class="indexterm" name="id25 54686"></a><a name="PASSWDCHAT"></a><div class="variablelist"><dl><dt></dt><dd><p>This string controls the <span class="emphasis"><em>"chat"</em></span>4253 </h3></div></div></div><a class="indexterm" name="id2560600"></a><a name="PASSWDCHAT"></a><div class="variablelist"><dl><dt></dt><dd><p>This string controls the <span class="emphasis"><em>"chat"</em></span> 4214 4254 conversation that takes places between <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> and the local password changing 4215 4255 program to change the user's password. The string describes a … … 4242 4282 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>passwd chat</code></em> = <code class="literal">"*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*"</code> 4243 4283 </em></span> 4244 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2554891"></a>4284 </p></dd></dl></div></div><div class="section" title="passwd program (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560804"></a> 4245 4285 4246 4286 passwd program (G) 4247 </h3></div></div></div><a class="indexterm" name="id25 54892"></a><a name="PASSWDPROGRAM"></a><div class="variablelist"><dl><dt></dt><dd><p>The name of a program that can be used to set4287 </h3></div></div></div><a class="indexterm" name="id2560805"></a><a name="PASSWDPROGRAM"></a><div class="variablelist"><dl><dt></dt><dd><p>The name of a program that can be used to set 4248 4288 UNIX user passwords. Any occurrences of <em class="parameter"><code>%u</code></em> 4249 4289 will be replaced with the user name. The user name is checked for … … 4266 4306 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>passwd program</code></em> = <code class="literal">/bin/passwd %u</code> 4267 4307 </em></span> 4268 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555026"></a>4308 </p></dd></dl></div></div><div class="section" title="password level (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2560940"></a> 4269 4309 4270 4310 password level (G) 4271 </h3></div></div></div><a class="indexterm" name="id25 55027"></a><a name="PASSWORDLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>Some client/server combinations have difficulty4311 </h3></div></div></div><a class="indexterm" name="id2560941"></a><a name="PASSWORDLEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>Some client/server combinations have difficulty 4272 4312 with mixed-case passwords. One offending client is Windows for 4273 4313 Workgroups, which for some reason forces passwords to upper … … 4291 4331 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>password level</code></em> = <code class="literal">4</code> 4292 4332 </em></span> 4293 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555163"></a>4333 </p></dd></dl></div></div><div class="section" title="password server (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561076"></a> 4294 4334 4295 4335 password server (G) 4296 </h3></div></div></div><a class="indexterm" name="id25 55164"></a><a name="PASSWORDSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>By specifying the name of another SMB server4336 </h3></div></div></div><a class="indexterm" name="id2561078"></a><a name="PASSWORDSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>By specifying the name of another SMB server 4297 4337 or Active Directory domain controller with this option, 4298 4338 and using <code class="literal">security = [ads|domain|server]</code> … … 4309 4349 by any method and order described in that parameter.</p><p>The password server must be a machine capable of using 4310 4350 the "LM1.2X002" or the "NT LM 0.12" protocol, and it must be in 4311 user level security mode.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Using a password server means your UNIX box (running4351 user level security mode.</p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Using a password server means your UNIX box (running 4312 4352 Samba) is only as secure as your password server. <span class="emphasis"><em>DO NOT 4313 4353 CHOOSE A PASSWORD SERVER THAT YOU DON'T COMPLETELY TRUST</em></span>. … … 4338 4378 set to <code class="constant">server</code>, then there are different 4339 4379 restrictions that <code class="literal">security = domain</code> doesn't 4340 suffer from:</p><div class="itemizedlist"><ul type="disc"><li><p>You may list several password servers in4380 suffer from:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>You may list several password servers in 4341 4381 the <em class="parameter"><code>password server</code></em> parameter, however if an 4342 4382 <code class="literal">smbd</code> makes a connection to a password server, … … 4344 4384 to be authenticated from this <code class="literal">smbd</code>. This is a 4345 4385 restriction of the SMB/CIFS protocol when in <code class="literal">security = server 4346 </code> mode and cannot be fixed in Samba.</p></li><li ><p>If you are using a Windows NT server as your4386 </code> mode and cannot be fixed in Samba.</p></li><li class="listitem"><p>If you are using a Windows NT server as your 4347 4387 password server then you will have to ensure that your users 4348 4388 are able to login from the Samba server, as when in <code class="literal"> … … 4354 4394 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>password server</code></em> = <code class="literal">windc.mydomain.com:389 192.168.1.101 *</code> 4355 4395 </em></span> 4356 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555461"></a>4396 </p></dd></dl></div></div><div class="section" title="directory"><div class="titlepage"><div><div><h3 class="title"><a name="id2561375"></a> 4357 4397 4358 4398 <a name="DIRECTORY"></a>directory 4359 </h3></div></div></div><a class="indexterm" name="id25 55462"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PATH">path</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555492"></a>4399 </h3></div></div></div><a class="indexterm" name="id2561376"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PATH">path</a>.</p></dd></dl></div></div><div class="section" title="path (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561406"></a> 4360 4400 4361 4401 path (S) 4362 </h3></div></div></div><a class="indexterm" name="id25 55493"></a><a name="PATH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a directory to which4402 </h3></div></div></div><a class="indexterm" name="id2561407"></a><a name="PATH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a directory to which 4363 4403 the user of the service is to be given access. In the case of 4364 4404 printable services, this is where print data will spool prior to … … 4377 4417 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>path</code></em> = <code class="literal">/home/fred</code> 4378 4418 </em></span> 4379 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555597"></a>4419 </p></dd></dl></div></div><div class="section" title="pid directory (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561510"></a> 4380 4420 4381 4421 pid directory (G) 4382 </h3></div></div></div><a class="indexterm" name="id25 55598"></a><a name="PIDDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>4422 </h3></div></div></div><a class="indexterm" name="id2561511"></a><a name="PIDDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p> 4383 4423 This option specifies the directory where pid files will be placed. 4384 4424 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>pid directory</code></em> = <code class="literal">${prefix}/var/locks</code> … … 4386 4426 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>pid directory</code></em> = <code class="literal">pid directory = /var/run/</code> 4387 4427 </em></span> 4388 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555657"></a>4428 </p></dd></dl></div></div><div class="section" title="posix locking (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561569"></a> 4389 4429 4390 4430 posix locking (S) 4391 </h3></div></div></div><a class="indexterm" name="id25 55658"></a><a name="POSIXLOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p>4431 </h3></div></div></div><a class="indexterm" name="id2561570"></a><a name="POSIXLOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p> 4392 4432 The <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> 4393 4433 daemon maintains an database of file locks obtained by SMB clients. The default behavior is … … 4397 4437 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>posix locking</code></em> = <code class="literal">yes</code> 4398 4438 </em></span> 4399 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555712"></a>4439 </p></dd></dl></div></div><div class="section" title="postexec (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561625"></a> 4400 4440 4401 4441 postexec (S) 4402 </h3></div></div></div><a class="indexterm" name="id25 55713"></a><a name="POSTEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies a command to be run4442 </h3></div></div></div><a class="indexterm" name="id2561626"></a><a name="POSTEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies a command to be run 4403 4443 whenever the service is disconnected. It takes the usual 4404 4444 substitutions. The command may be run as the root on some … … 4408 4448 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>postexec</code></em> = <code class="literal">echo \"%u disconnected from %S from %m (%I)\" >> /tmp/log</code> 4409 4449 </em></span> 4410 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555785"></a>4450 </p></dd></dl></div></div><div class="section" title="preexec close (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561698"></a> 4411 4451 4412 4452 preexec close (S) 4413 </h3></div></div></div><a class="indexterm" name="id25 55786"></a><a name="PREEXECCLOSE"></a><div class="variablelist"><dl><dt></dt><dd><p>4453 </h3></div></div></div><a class="indexterm" name="id2561699"></a><a name="PREEXECCLOSE"></a><div class="variablelist"><dl><dt></dt><dd><p> 4414 4454 This boolean option controls whether a non-zero return code from <a class="link" href="smb.conf.5.html#PREEXEC" target="_top">preexec</a> 4415 4455 should close the service being connected to. 4416 4456 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preexec close</code></em> = <code class="literal">no</code> 4417 4457 </em></span> 4418 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555840"></a>4458 </p></dd></dl></div></div><div class="section" title="exec"><div class="titlepage"><div><div><h3 class="title"><a name="id2561753"></a> 4419 4459 4420 4460 <a name="EXEC"></a>exec 4421 </h3></div></div></div><a class="indexterm" name="id25 55841"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PREEXEC">preexec</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555871"></a>4461 </h3></div></div></div><a class="indexterm" name="id2561754"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PREEXEC">preexec</a>.</p></dd></dl></div></div><div class="section" title="preexec (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561785"></a> 4422 4462 4423 4463 preexec (S) 4424 </h3></div></div></div><a class="indexterm" name="id25 55872"></a><a name="PREEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies a command to be run whenever4464 </h3></div></div></div><a class="indexterm" name="id2561786"></a><a name="PREEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies a command to be run whenever 4425 4465 the service is connected to. It takes the usual substitutions.</p><p>An interesting example is to send the users a welcome 4426 4466 message every time they log in. Maybe a message of the day? Here … … 4434 4474 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preexec</code></em> = <code class="literal">echo \"%u connected to %S from %m (%I)\" >> /tmp/log</code> 4435 4475 </em></span> 4436 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2555979"></a>4476 </p></dd></dl></div></div><div class="section" title="prefered master"><div class="titlepage"><div><div><h3 class="title"><a name="id2561893"></a> 4437 4477 4438 4478 <a name="PREFEREDMASTER"></a>prefered master 4439 </h3></div></div></div><a class="indexterm" name="id25 55980"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PREFERREDMASTER">preferred master</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556013"></a>4479 </h3></div></div></div><a class="indexterm" name="id2561894"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PREFERREDMASTER">preferred master</a>.</p></dd></dl></div></div><div class="section" title="preferred master (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2561926"></a> 4440 4480 4441 4481 preferred master (G) 4442 </h3></div></div></div><a class="indexterm" name="id25 56014"></a><a name="PREFERREDMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p>4482 </h3></div></div></div><a class="indexterm" name="id2561927"></a><a name="PREFERREDMASTER"></a><div class="variablelist"><dl><dt></dt><dd><p> 4443 4483 This boolean parameter controls if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> is a preferred master browser for its workgroup. 4444 4484 </p><p> … … 4454 4494 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preferred master</code></em> = <code class="literal">auto</code> 4455 4495 </em></span> 4456 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556106"></a>4496 </p></dd></dl></div></div><div class="section" title="preload modules (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562019"></a> 4457 4497 4458 4498 preload modules (G) 4459 </h3></div></div></div><a class="indexterm" name="id25 56107"></a><a name="PRELOADMODULES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of paths to modules that should4499 </h3></div></div></div><a class="indexterm" name="id2562020"></a><a name="PRELOADMODULES"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of paths to modules that should 4460 4500 be loaded into smbd before a client connects. This improves 4461 4501 the speed of smbd when reacting to new connections somewhat. </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> = <code class="literal"></code> … … 4463 4503 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> = <code class="literal">/usr/lib/samba/passdb/mysql.so</code> 4464 4504 </em></span> 4465 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556167"></a>4505 </p></dd></dl></div></div><div class="section" title="auto services"><div class="titlepage"><div><div><h3 class="title"><a name="id2562080"></a> 4466 4506 4467 4507 <a name="AUTOSERVICES"></a>auto services 4468 </h3></div></div></div><a class="indexterm" name="id25 56168"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRELOAD">preload</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556200"></a>4508 </h3></div></div></div><a class="indexterm" name="id2562081"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRELOAD">preload</a>.</p></dd></dl></div></div><div class="section" title="preload (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562113"></a> 4469 4509 4470 4510 preload (G) 4471 </h3></div></div></div><a class="indexterm" name="id25 56201"></a><a name="PRELOAD"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of services that you want to be4511 </h3></div></div></div><a class="indexterm" name="id2562114"></a><a name="PRELOAD"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a list of services that you want to be 4472 4512 automatically added to the browse lists. This is most useful 4473 4513 for homes and printers services that would otherwise not be … … 4480 4520 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preload</code></em> = <code class="literal">fred lp colorlp</code> 4481 4521 </em></span> 4482 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556278"></a>4522 </p></dd></dl></div></div><div class="section" title="preserve case (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562191"></a> 4483 4523 4484 4524 preserve case (S) 4485 </h3></div></div></div><a class="indexterm" name="id25 56279"></a><a name="PRESERVECASE"></a><div class="variablelist"><dl><dt></dt><dd><p>4525 </h3></div></div></div><a class="indexterm" name="id2562192"></a><a name="PRESERVECASE"></a><div class="variablelist"><dl><dt></dt><dd><p> 4486 4526 This controls if new filenames are created with the case that the client passes, or if 4487 4527 they are forced to be the <a class="link" href="smb.conf.5.html#DEFAULTCASE" target="_top">default case</a>. … … 4490 4530 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preserve case</code></em> = <code class="literal">yes</code> 4491 4531 </em></span> 4492 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556344"></a>4532 </p></dd></dl></div></div><div class="section" title="print ok"><div class="titlepage"><div><div><h3 class="title"><a name="id2562258"></a> 4493 4533 4494 4534 <a name="PRINTOK"></a>print ok 4495 </h3></div></div></div><a class="indexterm" name="id25 56345"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTABLE">printable</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556375"></a>4535 </h3></div></div></div><a class="indexterm" name="id2562259"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTABLE">printable</a>.</p></dd></dl></div></div><div class="section" title="printable (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562289"></a> 4496 4536 4497 4537 printable (S) 4498 </h3></div></div></div><a class="indexterm" name="id25 56376"></a><a name="PRINTABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code>, then4538 </h3></div></div></div><a class="indexterm" name="id2562290"></a><a name="PRINTABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code>, then 4499 4539 clients may open, write to and submit spool files on the directory 4500 4540 specified for the service. </p><p>Note that a printable service will ALWAYS allow writing … … 4503 4543 the resource.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>printable</code></em> = <code class="literal">no</code> 4504 4544 </em></span> 4505 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556438"></a>4545 </p></dd></dl></div></div><div class="section" title="printcap cache time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562352"></a> 4506 4546 4507 4547 printcap cache time (G) 4508 </h3></div></div></div><a class="indexterm" name="id25 56440"></a><a name="PRINTCAPCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the number of seconds before the printing4548 </h3></div></div></div><a class="indexterm" name="id2562353"></a><a name="PRINTCAPCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the number of seconds before the printing 4509 4549 subsystem is again asked for the known printers. If the value 4510 4550 is greater than 60 the initial waiting time is set to 60 seconds … … 4516 4556 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>printcap cache time</code></em> = <code class="literal">600</code> 4517 4557 </em></span> 4518 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556507"></a>4558 </p></dd></dl></div></div><div class="section" title="printcap"><div class="titlepage"><div><div><h3 class="title"><a name="id2562421"></a> 4519 4559 4520 4560 <a name="PRINTCAP"></a>printcap 4521 </h3></div></div></div><a class="indexterm" name="id25 56508"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTCAPNAME">printcap name</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556540"></a>4561 </h3></div></div></div><a class="indexterm" name="id2562422"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTCAPNAME">printcap name</a>.</p></dd></dl></div></div><div class="section" title="printcap name (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562454"></a> 4522 4562 4523 4563 printcap name (G) 4524 </h3></div></div></div><a class="indexterm" name="id25 56541"></a><a name="PRINTCAPNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>4564 </h3></div></div></div><a class="indexterm" name="id2562455"></a><a name="PRINTCAPNAME"></a><div class="variablelist"><dl><dt></dt><dd><p> 4525 4565 This parameter may be used to override the compiled-in default printcap name used by the server (usually 4526 4566 <code class="filename"> /etc/printcap</code>). See the discussion of the <a class="link" href="#PRINTERSSECT" title="The [printers] section">[printers]</a> section above for reasons why you might want to do this. … … 4550 4590 where the '|' separates aliases of a printer. The fact that the second alias has a space in 4551 4591 it gives a hint to Samba that it's a comment. 4552 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>4592 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 4553 4593 Under AIX the default printcap name is <code class="filename">/etc/qconfig</code>. Samba will 4554 4594 assume the file is in AIX <code class="filename">qconfig</code> format if the string <code class="filename">qconfig</code> appears in the printcap filename. … … 4557 4597 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>printcap name</code></em> = <code class="literal">/etc/myprintcap</code> 4558 4598 </em></span> 4559 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556725"></a>4599 </p></dd></dl></div></div><div class="section" title="print command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562638"></a> 4560 4600 4561 4601 print command (S) 4562 </h3></div></div></div><a class="indexterm" name="id25 56726"></a><a name="PRINTCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>After a print job has finished spooling to4602 </h3></div></div></div><a class="indexterm" name="id2562639"></a><a name="PRINTCOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>After a print job has finished spooling to 4563 4603 a service, this command will be used via a <code class="literal">system()</code> 4564 4604 call to process the spool file. Typically the command specified will … … 4602 4642 set print command will be ignored.</p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>print command</code></em> = <code class="literal">/usr/local/samba/bin/myprintscript %p %s</code> 4603 4643 </em></span> 4604 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2556994"></a>4644 </p></dd></dl></div></div><div class="section" title="printer admin (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2562908"></a> 4605 4645 4606 4646 printer admin (S) 4607 </h3></div></div></div><a class="indexterm" name="id25 56996"></a><a name="PRINTERADMIN"></a><div class="variablelist"><dl><dt></dt><dd><p>4647 </h3></div></div></div><a class="indexterm" name="id2562909"></a><a name="PRINTERADMIN"></a><div class="variablelist"><dl><dt></dt><dd><p> 4608 4648 This lists users who can do anything to printers 4609 4649 via the remote administration interfaces offered … … 4621 4661 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>printer admin</code></em> = <code class="literal">admin, @staff</code> 4622 4662 </em></span> 4623 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557064"></a>4663 </p></dd></dl></div></div><div class="section" title="printer"><div class="titlepage"><div><div><h3 class="title"><a name="id2562977"></a> 4624 4664 4625 4665 <a name="PRINTER"></a>printer 4626 </h3></div></div></div><a class="indexterm" name="id25 57065"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTERNAME">printer name</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557095"></a>4666 </h3></div></div></div><a class="indexterm" name="id2562978"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#PRINTERNAME">printer name</a>.</p></dd></dl></div></div><div class="section" title="printer name (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563008"></a> 4627 4667 4628 4668 printer name (S) 4629 </h3></div></div></div><a class="indexterm" name="id25 57096"></a><a name="PRINTERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>4669 </h3></div></div></div><a class="indexterm" name="id2563010"></a><a name="PRINTERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p> 4630 4670 This parameter specifies the name of the printer to which print jobs spooled through a printable service 4631 4671 will be sent. … … 4640 4680 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>printer name</code></em> = <code class="literal">laserwriter</code> 4641 4681 </em></span> 4642 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557183"></a>4682 </p></dd></dl></div></div><div class="section" title="printing (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563096"></a> 4643 4683 4644 4684 printing (S) 4645 </h3></div></div></div><a class="indexterm" name="id25 57184"></a><a name="PRINTING"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameters controls how printer status information is4685 </h3></div></div></div><a class="indexterm" name="id2563097"></a><a name="PRINTING"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameters controls how printer status information is 4646 4686 interpreted on your system. It also affects the default values for 4647 4687 the <em class="parameter"><code>print command</code></em>, <em class="parameter"><code>lpq command</code></em>, <em class="parameter"><code>lppause command </code></em>, <em class="parameter"><code>lpresume command</code></em>, and <em class="parameter"><code>lprm command</code></em> if specified in the … … 4660 4700 <code class="literal">testparm -v.</code></code> 4661 4701 </em></span> 4662 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557336"></a>4702 </p></dd></dl></div></div><div class="section" title="printjob username (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563250"></a> 4663 4703 4664 4704 printjob username (S) 4665 </h3></div></div></div><a class="indexterm" name="id25 57337"></a><a name="PRINTJOBUSERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies which user information will be4705 </h3></div></div></div><a class="indexterm" name="id2563251"></a><a name="PRINTJOBUSERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies which user information will be 4666 4706 passed to the printing system. Usually, the username is sent, 4667 4707 but in some cases, e.g. the domain prefix is useful, too.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>printjob username</code></em> = <code class="literal">%U</code> … … 4669 4709 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>printjob username</code></em> = <code class="literal">%D\%U</code> 4670 4710 </em></span> 4671 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557398"></a>4711 </p></dd></dl></div></div><div class="section" title="private dir (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563311"></a> 4672 4712 4673 4713 private dir (G) 4674 </h3></div></div></div><a class="indexterm" name="id25 57399"></a><a name="PRIVATEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameters defines the directory4714 </h3></div></div></div><a class="indexterm" name="id2563312"></a><a name="PRIVATEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameters defines the directory 4675 4715 smbd will use for storing such files as <code class="filename">smbpasswd</code> 4676 4716 and <code class="filename">secrets.tdb</code>. 4677 4717 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>private dir</code></em> = <code class="literal">${prefix}/private</code> 4678 4718 </em></span> 4679 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557452"></a>4719 </p></dd></dl></div></div><div class="section" title="profile acls (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563365"></a> 4680 4720 4681 4721 profile acls (S) 4682 </h3></div></div></div><a class="indexterm" name="id25 57453"></a><a name="PROFILEACLS"></a><div class="variablelist"><dl><dt></dt><dd><p>4722 </h3></div></div></div><a class="indexterm" name="id2563366"></a><a name="PROFILEACLS"></a><div class="variablelist"><dl><dt></dt><dd><p> 4683 4723 This boolean parameter was added to fix the problems that people have been 4684 4724 having with storing user profiles on Samba shares from Windows 2000 or … … 4708 4748 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>profile acls</code></em> = <code class="literal">no</code> 4709 4749 </em></span> 4710 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557536"></a>4750 </p></dd></dl></div></div><div class="section" title="queuepause command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563438"></a> 4711 4751 4712 4752 queuepause command (S) 4713 </h3></div></div></div><a class="indexterm" name="id25 57537"></a><a name="QUEUEPAUSECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be4753 </h3></div></div></div><a class="indexterm" name="id2563439"></a><a name="QUEUEPAUSECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 4714 4754 executed on the server host in order to pause the printer queue.</p><p>This command should be a program or script which takes 4715 4755 a printer name as its only parameter and stops the printer queue, … … 4722 4762 server.</p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>queuepause command</code></em> = <code class="literal">disable %p</code> 4723 4763 </em></span> 4724 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557612"></a>4764 </p></dd></dl></div></div><div class="section" title="queueresume command (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563515"></a> 4725 4765 4726 4766 queueresume command (S) 4727 </h3></div></div></div><a class="indexterm" name="id25 57613"></a><a name="QUEUERESUMECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be4767 </h3></div></div></div><a class="indexterm" name="id2563516"></a><a name="QUEUERESUMECOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the command to be 4728 4768 executed on the server host in order to resume the printer queue. It 4729 4769 is the command to undo the behavior that is caused by the … … 4740 4780 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>queueresume command</code></em> = <code class="literal">enable %p</code> 4741 4781 </em></span> 4742 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557714"></a>4782 </p></dd></dl></div></div><div class="section" title="read list (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563618"></a> 4743 4783 4744 4784 read list (S) 4745 </h3></div></div></div><a class="indexterm" name="id25 57716"></a><a name="READLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>4785 </h3></div></div></div><a class="indexterm" name="id2563619"></a><a name="READLIST"></a><div class="variablelist"><dl><dt></dt><dd><p> 4746 4786 This is a list of users that are given read-only access to a service. If the connecting user is in this list 4747 4787 then they will not be given write access, no matter what the <a class="link" href="smb.conf.5.html#READONLY" target="_top">read only</a> option is set … … 4753 4793 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>read list</code></em> = <code class="literal">mary, @students</code> 4754 4794 </em></span> 4755 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557815"></a>4795 </p></dd></dl></div></div><div class="section" title="read only (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563717"></a> 4756 4796 4757 4797 read only (S) 4758 </h3></div></div></div><a class="indexterm" name="id25 57816"></a><a name="READONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>An inverted synonym is <a class="link" href="smb.conf.5.html#WRITEABLE" target="_top">writeable</a>.</p><p>If this parameter is <code class="constant">yes</code>, then users4798 </h3></div></div></div><a class="indexterm" name="id2563718"></a><a name="READONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>An inverted synonym is <a class="link" href="smb.conf.5.html#WRITEABLE" target="_top">writeable</a>.</p><p>If this parameter is <code class="constant">yes</code>, then users 4759 4799 of a service may not create or modify files in the service's 4760 4800 directory.</p><p>Note that a printable service (<code class="literal">printable = yes</code>) … … 4762 4802 (user privileges permitting), but only via spooling operations.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>read only</code></em> = <code class="literal">yes</code> 4763 4803 </em></span> 4764 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557892"></a>4804 </p></dd></dl></div></div><div class="section" title="read raw (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563793"></a> 4765 4805 4766 4806 read raw (G) 4767 </h3></div></div></div><a class="indexterm" name="id25 57893"></a><a name="READRAW"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not the server4807 </h3></div></div></div><a class="indexterm" name="id2563794"></a><a name="READRAW"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not the server 4768 4808 will support the raw read SMB requests when transferring data 4769 4809 to clients.</p><p>If enabled, raw reads allow reads of 65535 bytes in … … 4774 4814 tool and left severely alone.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>read raw</code></em> = <code class="literal">yes</code> 4775 4815 </em></span> 4776 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2557952"></a>4816 </p></dd></dl></div></div><div class="section" title="realm (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563854"></a> 4777 4817 4778 4818 realm (G) 4779 </h3></div></div></div><a class="indexterm" name="id25 57953"></a><a name="REALM"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the kerberos realm to use. The realm is4819 </h3></div></div></div><a class="indexterm" name="id2563855"></a><a name="REALM"></a><div class="variablelist"><dl><dt></dt><dd><p>This option specifies the kerberos realm to use. The realm is 4780 4820 used as the ADS equivalent of the NT4 <code class="literal">domain</code>. It 4781 4821 is usually set to the DNS name of the kerberos server. … … 4784 4824 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>realm</code></em> = <code class="literal">mysambabox.mycompany.com</code> 4785 4825 </em></span> 4786 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558017"></a>4826 </p></dd></dl></div></div><div class="section" title="registry shares (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2563918"></a> 4787 4827 4788 4828 registry shares (G) 4789 </h3></div></div></div><a class="indexterm" name="id25 58018"></a><a name="REGISTRYSHARES"></a><div class="variablelist"><dl><dt></dt><dd><p>4829 </h3></div></div></div><a class="indexterm" name="id2563920"></a><a name="REGISTRYSHARES"></a><div class="variablelist"><dl><dt></dt><dd><p> 4790 4830 This turns on or off support for share definitions read from 4791 4831 registry. Shares defined in <span class="emphasis"><em>smb.conf</em></span> take … … 4802 4842 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>registry shares</code></em> = <code class="literal">yes</code> 4803 4843 </em></span> 4804 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558103"></a>4844 </p></dd></dl></div></div><div class="section" title="remote announce (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564005"></a> 4805 4845 4806 4846 remote announce (G) 4807 </h3></div></div></div><a class="indexterm" name="id25 58104"></a><a name="REMOTEANNOUNCE"></a><div class="variablelist"><dl><dt></dt><dd><p>4847 </h3></div></div></div><a class="indexterm" name="id2564006"></a><a name="REMOTEANNOUNCE"></a><div class="variablelist"><dl><dt></dt><dd><p> 4808 4848 This option allows you to setup <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> to periodically announce itself 4809 4849 to arbitrary IP addresses with an arbitrary workgroup name. … … 4829 4869 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>remote announce</code></em> = <code class="literal"></code> 4830 4870 </em></span> 4831 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558208"></a>4871 </p></dd></dl></div></div><div class="section" title="remote browse sync (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564111"></a> 4832 4872 4833 4873 remote browse sync (G) 4834 </h3></div></div></div><a class="indexterm" name="id25 58210"></a><a name="REMOTEBROWSESYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>4874 </h3></div></div></div><a class="indexterm" name="id2564112"></a><a name="REMOTEBROWSESYNC"></a><div class="variablelist"><dl><dt></dt><dd><p> 4835 4875 This option allows you to setup <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> to periodically request 4836 4876 synchronization of browse lists with the master browser of a Samba … … 4864 4904 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>remote browse sync</code></em> = <code class="literal"></code> 4865 4905 </em></span> 4866 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558321"></a>4906 </p></dd></dl></div></div><div class="section" title="rename user script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564224"></a> 4867 4907 4868 4908 rename user script (G) 4869 </h3></div></div></div><a class="indexterm" name="id25 58322"></a><a name="RENAMEUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>4909 </h3></div></div></div><a class="indexterm" name="id2564225"></a><a name="RENAMEUSERSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p> 4870 4910 This is the full pathname to a script that will be run as root by <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> under special circumstances described below. 4871 4911 </p><p> … … 4874 4914 <code class="literal">%unew</code>, will be substituted with the old and new usernames, respectively. The script should 4875 4915 return 0 upon successful completion, and nonzero otherwise. 4876 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>4916 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 4877 4917 The script has all responsibility to rename all the necessary data that is accessible in this posix method. 4878 4918 This can mean different requirements for different backends. The tdbsam and smbpasswd backends will take care … … 4885 4925 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>rename user script</code></em> = <code class="literal">no</code> 4886 4926 </em></span> 4887 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558411"></a>4927 </p></dd></dl></div></div><div class="section" title="reset on zero vc (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564328"></a> 4888 4928 4889 4929 reset on zero vc (G) 4890 </h3></div></div></div><a class="indexterm" name="id25 58412"></a><a name="RESETONZEROVC"></a><div class="variablelist"><dl><dt></dt><dd><p>4930 </h3></div></div></div><a class="indexterm" name="id2564329"></a><a name="RESETONZEROVC"></a><div class="variablelist"><dl><dt></dt><dd><p> 4891 4931 This boolean option controls whether an incoming session setup 4892 4932 should kill other connections coming from the same IP. This matches … … 4907 4947 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>reset on zero vc</code></em> = <code class="literal">no</code> 4908 4948 </em></span> 4909 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558464"></a>4949 </p></dd></dl></div></div><div class="section" title="restrict anonymous (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564380"></a> 4910 4950 4911 4951 restrict anonymous (G) 4912 </h3></div></div></div><a class="indexterm" name="id25 58465"></a><a name="RESTRICTANONYMOUS"></a><div class="variablelist"><dl><dt></dt><dd><p>The setting of this parameter determines whether user and4952 </h3></div></div></div><a class="indexterm" name="id2564382"></a><a name="RESTRICTANONYMOUS"></a><div class="variablelist"><dl><dt></dt><dd><p>The setting of this parameter determines whether user and 4913 4953 group list information is returned for an anonymous connection. 4914 4954 and mirrors the effects of the … … 4928 4968 as user and group list information can be obtained using other 4929 4969 means. 4930 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>4970 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> 4931 4971 The security advantage of using restrict anonymous = 2 is removed 4932 4972 by setting <a class="link" href="smb.conf.5.html#GUESTOK" target="_top">guest ok = yes</a> on any share. 4933 4973 </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>restrict anonymous</code></em> = <code class="literal">0</code> 4934 4974 </em></span> 4935 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558548"></a>4975 </p></dd></dl></div></div><div class="section" title="root"><div class="titlepage"><div><div><h3 class="title"><a name="id2564465"></a> 4936 4976 4937 4977 <a name="ROOT"></a>root 4938 </h3></div></div></div><a class="indexterm" name="id25 58549"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#ROOTDIRECTORY">root directory</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558581"></a>4978 </h3></div></div></div><a class="indexterm" name="id2564466"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#ROOTDIRECTORY">root directory</a>.</p></dd></dl></div></div><div class="section" title="root dir"><div class="titlepage"><div><div><h3 class="title"><a name="id2564498"></a> 4939 4979 4940 4980 <a name="ROOTDIR"></a>root dir 4941 </h3></div></div></div><a class="indexterm" name="id25 58582"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#ROOTDIRECTORY">root directory</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558613"></a>4981 </h3></div></div></div><a class="indexterm" name="id2564499"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#ROOTDIRECTORY">root directory</a>.</p></dd></dl></div></div><div class="section" title="root directory (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564529"></a> 4942 4982 4943 4983 root directory (G) 4944 </h3></div></div></div><a class="indexterm" name="id25 58614"></a><a name="ROOTDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>The server will <code class="literal">chroot()</code> (i.e.4984 </h3></div></div></div><a class="indexterm" name="id2564530"></a><a name="ROOTDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>The server will <code class="literal">chroot()</code> (i.e. 4945 4985 Change its root directory) to this directory on startup. This is 4946 4986 not strictly necessary for secure operation. Even without it the … … 4965 5005 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>root directory</code></em> = <code class="literal">/homes/smb</code> 4966 5006 </em></span> 4967 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558737"></a>5007 </p></dd></dl></div></div><div class="section" title="root postexec (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564653"></a> 4968 5008 4969 5009 root postexec (S) 4970 </h3></div></div></div><a class="indexterm" name="id25 58738"></a><a name="ROOTPOSTEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>5010 </h3></div></div></div><a class="indexterm" name="id2564654"></a><a name="ROOTPOSTEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p> 4971 5011 This is the same as the <em class="parameter"><code>postexec</code></em> 4972 5012 parameter except that the command is run as root. This is useful for … … 4974 5014 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root postexec</code></em> = <code class="literal"></code> 4975 5015 </em></span> 4976 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558786"></a>5016 </p></dd></dl></div></div><div class="section" title="root preexec close (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564702"></a> 4977 5017 4978 5018 root preexec close (S) 4979 </h3></div></div></div><a class="indexterm" name="id25 58787"></a><a name="ROOTPREEXECCLOSE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the same as the <em class="parameter"><code>preexec close5019 </h3></div></div></div><a class="indexterm" name="id2564703"></a><a name="ROOTPREEXECCLOSE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is the same as the <em class="parameter"><code>preexec close 4980 5020 </code></em> parameter except that the command is run as root.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root preexec close</code></em> = <code class="literal">no</code> 4981 5021 </em></span> 4982 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558834"></a>5022 </p></dd></dl></div></div><div class="section" title="root preexec (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564750"></a> 4983 5023 4984 5024 root preexec (S) 4985 </h3></div></div></div><a class="indexterm" name="id25 58835"></a><a name="ROOTPREEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p>5025 </h3></div></div></div><a class="indexterm" name="id2564751"></a><a name="ROOTPREEXEC"></a><div class="variablelist"><dl><dt></dt><dd><p> 4986 5026 This is the same as the <em class="parameter"><code>preexec</code></em> 4987 5027 parameter except that the command is run as root. This is useful for … … 4989 5029 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root preexec</code></em> = <code class="literal"></code> 4990 5030 </em></span> 4991 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558882"></a>5031 </p></dd></dl></div></div><div class="section" title="security mask (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564799"></a> 4992 5032 4993 5033 security mask (S) 4994 </h3></div></div></div><a class="indexterm" name="id25 58883"></a><a name="SECURITYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p>5034 </h3></div></div></div><a class="indexterm" name="id2564800"></a><a name="SECURITYMASK"></a><div class="variablelist"><dl><dt></dt><dd><p> 4995 5035 This parameter controls what UNIX permission bits will be set when a Windows NT client is manipulating the 4996 5036 UNIX permission on a file using the native NT security dialog box. … … 5011 5051 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>security mask</code></em> = <code class="literal">0770</code> 5012 5052 </em></span> 5013 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2558989"></a>5053 </p></dd></dl></div></div><div class="section" title="security (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2564905"></a> 5014 5054 5015 5055 security (G) 5016 </h3></div></div></div><a class="indexterm" name="id25 58990"></a><a name="SECURITY"></a><div class="variablelist"><dl><dt></dt><dd><p>This option affects how clients respond to5056 </h3></div></div></div><a class="indexterm" name="id2564906"></a><a name="SECURITY"></a><div class="variablelist"><dl><dt></dt><dd><p>This option affects how clients respond to 5017 5057 Samba and is one of the most important settings in the <code class="filename"> 5018 5058 smb.conf</code> file.</p><p>The option sets the "security mode bit" in replies to … … 5053 5093 techniques to determine the correct UNIX user to use on behalf 5054 5094 of the client.</p><p>A list of possible UNIX usernames to match with the given 5055 client password is constructed using the following methods :</p><div class="itemizedlist"><ul type="disc"><li><p>If the <a class="link" href="smb.conf.5.html#GUESTONLY" target="_top">guest only</a> parameter is set, then all the other5095 client password is constructed using the following methods :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>If the <a class="link" href="smb.conf.5.html#GUESTONLY" target="_top">guest only</a> parameter is set, then all the other 5056 5096 stages are missed and only the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a> username is checked. 5057 </p></li><li ><p>Is a username is sent with the share connection5097 </p></li><li class="listitem"><p>Is a username is sent with the share connection 5058 5098 request, then this username (after mapping - see <a class="link" href="smb.conf.5.html#USERNAMEMAP" target="_top">username map</a>), 5059 5099 is added as a potential username. 5060 </p></li><li ><p>If the client did a previous <span class="emphasis"><em>logon5100 </p></li><li class="listitem"><p>If the client did a previous <span class="emphasis"><em>logon 5061 5101 </em></span> request (the SessionSetup SMB call) then the 5062 5102 username sent in this SMB will be added as a potential username. 5063 </p></li><li ><p>The name of the service the client requested is5103 </p></li><li class="listitem"><p>The name of the service the client requested is 5064 5104 added as a potential username. 5065 </p></li><li ><p>The NetBIOS name of the client is added to5105 </p></li><li class="listitem"><p>The NetBIOS name of the client is added to 5066 5106 the list as a potential username. 5067 </p></li><li ><p>Any users on the <a class="link" href="smb.conf.5.html#USER" target="_top">user</a> list are added as potential usernames.5107 </p></li><li class="listitem"><p>Any users on the <a class="link" href="smb.conf.5.html#USER" target="_top">user</a> list are added as potential usernames. 5068 5108 </p></li></ul></div><p>If the <em class="parameter"><code>guest only</code></em> parameter is 5069 5109 not set, then this list is then tried with the supplied password. … … 5111 5151 revert back to checking the UNIX password file, it must have a valid <code class="filename">smbpasswd</code> file to check users against. See the chapter about the User Database in 5112 5152 the Samba HOWTO Collection for details on how to set this up. 5113 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This mode of operation has5153 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This mode of operation has 5114 5154 significant pitfalls since it is more vulnerable to 5115 5155 man-in-the-middle attacks and server impersonation. In particular, … … 5119 5159 there is no way to reestablish it, and futher authentications to the 5120 5160 Samba server may fail (from a single client, till it disconnects). 5121 </p></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>From the client's point of5161 </p></div><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>From the client's point of 5122 5162 view, <code class="literal">security = server</code> is the 5123 5163 same as <code class="literal">security = user</code>. It … … 5138 5178 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>security</code></em> = <code class="literal">DOMAIN</code> 5139 5179 </em></span> 5140 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2559873"></a>5180 </p></dd></dl></div></div><div class="section" title="server schannel (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2565784"></a> 5141 5181 5142 5182 server schannel (G) 5143 </h3></div></div></div><a class="indexterm" name="id25 59874"></a><a name="SERVERSCHANNEL"></a><div class="variablelist"><dl><dt></dt><dd><p>5183 </h3></div></div></div><a class="indexterm" name="id2565785"></a><a name="SERVERSCHANNEL"></a><div class="variablelist"><dl><dt></dt><dd><p> 5144 5184 This controls whether the server offers or even demands the use of the netlogon schannel. 5145 5185 <a class="link" href="smb.conf.5.html#SERVERSCHANNEL" target="_top">server schannel = no</a> does not offer the schannel, <a class="link" href="smb.conf.5.html#SERVERSCHANNEL" target="_top">server schannel = auto</a> offers the schannel but does not enforce it, and <a class="link" href="smb.conf.5.html#SERVERSCHANNEL" target="_top">server schannel = yes</a> denies access if the client is not able to speak netlogon schannel. … … 5152 5192 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>server schannel</code></em> = <code class="literal">yes</code> 5153 5193 </em></span> 5154 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2559989"></a>5194 </p></dd></dl></div></div><div class="section" title="server signing (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2565900"></a> 5155 5195 5156 5196 server signing (G) 5157 </h3></div></div></div><a class="indexterm" name="id25 59990"></a><a name="SERVERSIGNING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether the client is allowed or required to use SMB signing. Possible values5197 </h3></div></div></div><a class="indexterm" name="id2565901"></a><a name="SERVERSIGNING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls whether the client is allowed or required to use SMB signing. Possible values 5158 5198 are <span class="emphasis"><em>auto</em></span>, <span class="emphasis"><em>mandatory</em></span> 5159 5199 and <span class="emphasis"><em>disabled</em></span>. … … 5162 5202 to disabled, SMB signing is not offered either.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>server signing</code></em> = <code class="literal">Disabled</code> 5163 5203 </em></span> 5164 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560050"></a>5204 </p></dd></dl></div></div><div class="section" title="server string (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2565961"></a> 5165 5205 5166 5206 server string (G) 5167 </h3></div></div></div><a class="indexterm" name="id256 0051"></a><a name="SERVERSTRING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what string will show up in the printer comment box in print5207 </h3></div></div></div><a class="indexterm" name="id2565962"></a><a name="SERVERSTRING"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what string will show up in the printer comment box in print 5168 5208 manager and next to the IPC connection in <code class="literal">net view</code>. It 5169 5209 can be any string that you wish to show to your users.</p><p>It also sets what will appear in browse lists next … … 5174 5214 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>server string</code></em> = <code class="literal">University of GNUs Samba Server</code> 5175 5215 </em></span> 5176 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560142"></a>5216 </p></dd></dl></div></div><div class="section" title="set directory (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566052"></a> 5177 5217 5178 5218 set directory (S) 5179 </h3></div></div></div><a class="indexterm" name="id256 0143"></a><a name="SETDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>5219 </h3></div></div></div><a class="indexterm" name="id2566053"></a><a name="SETDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p> 5180 5220 If <code class="literal">set directory = no</code>, then users of the 5181 5221 service may not use the setdir command to change directory. … … 5186 5226 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>set directory</code></em> = <code class="literal">no</code> 5187 5227 </em></span> 5188 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560202"></a>5228 </p></dd></dl></div></div><div class="section" title="set primary group script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566112"></a> 5189 5229 5190 5230 set primary group script (G) 5191 </h3></div></div></div><a class="indexterm" name="id256 0203"></a><a name="SETPRIMARYGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>Thanks to the Posix subsystem in NT a Windows User has a5231 </h3></div></div></div><a class="indexterm" name="id2566113"></a><a name="SETPRIMARYGROUPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>Thanks to the Posix subsystem in NT a Windows User has a 5192 5232 primary group in addition to the auxiliary groups. This script 5193 5233 sets the primary group in the unix userdatase when an … … 5201 5241 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>set primary group script</code></em> = <code class="literal">/usr/sbin/usermod -g '%g' '%u'</code> 5202 5242 </em></span> 5203 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560284"></a>5243 </p></dd></dl></div></div><div class="section" title="set quota command (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566194"></a> 5204 5244 5205 5245 set quota command (G) 5206 </h3></div></div></div><a class="indexterm" name="id256 0285"></a><a name="SETQUOTACOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The <code class="literal">set quota command</code> should only be used5246 </h3></div></div></div><a class="indexterm" name="id2566195"></a><a name="SETQUOTACOMMAND"></a><div class="variablelist"><dl><dt></dt><dd><p>The <code class="literal">set quota command</code> should only be used 5207 5247 whenever there is no operating system API available from the OS that 5208 5248 samba can use.</p><p>This option is only available if Samba was configured with the argument <code class="literal">--with-sys-quotas</code> or 5209 5249 on linux when <code class="literal">./configure --with-quotas</code> was used and a working quota api 5210 5250 was found in the system. Most packages are configured with these options already.</p><p>This parameter should specify the path to a script that 5211 can set quota for the specified arguments.</p><p>The specified script should take the following arguments:</p><div class="itemizedlist"><ul type="disc"><li><p>1 - quota type5212 </p><div class="itemizedlist"><ul type="circle"><li><p>1 - user quotas</p></li><li><p>2 - user default quotas (uid = -1)</p></li><li><p>3 - group quotas</p></li><li><p>4 - group default quotas (gid = -1)</p></li></ul></div></li><li><p>2 - id (uid for user, gid for group, -1 if N/A)</p></li><li><p>3 - quota state (0 = disable, 1 = enable, 2 = enable and enforce)</p></li><li><p>4 - block softlimit</p></li><li><p>5 - block hardlimit</p></li><li><p>6 - inode softlimit</p></li><li><p>7 - inode hardlimit</p></li><li><p>8(optional) - block size, defaults to 1024</p></li></ul></div><p>The script should output at least one line of data on success. And nothing on failure.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>set quota command</code></em> = <code class="literal"></code>5251 can set quota for the specified arguments.</p><p>The specified script should take the following arguments:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>1 - quota type 5252 </p><div class="itemizedlist"><ul class="itemizedlist" type="circle"><li class="listitem"><p>1 - user quotas</p></li><li class="listitem"><p>2 - user default quotas (uid = -1)</p></li><li class="listitem"><p>3 - group quotas</p></li><li class="listitem"><p>4 - group default quotas (gid = -1)</p></li></ul></div></li><li class="listitem"><p>2 - id (uid for user, gid for group, -1 if N/A)</p></li><li class="listitem"><p>3 - quota state (0 = disable, 1 = enable, 2 = enable and enforce)</p></li><li class="listitem"><p>4 - block softlimit</p></li><li class="listitem"><p>5 - block hardlimit</p></li><li class="listitem"><p>6 - inode softlimit</p></li><li class="listitem"><p>7 - inode hardlimit</p></li><li class="listitem"><p>8(optional) - block size, defaults to 1024</p></li></ul></div><p>The script should output at least one line of data on success. And nothing on failure.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>set quota command</code></em> = <code class="literal"></code> 5213 5253 </em></span> 5214 5254 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>set quota command</code></em> = <code class="literal">/usr/local/sbin/set_quota</code> 5215 5255 </em></span> 5216 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560447"></a>5256 </p></dd></dl></div></div><div class="section" title="share modes (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566357"></a> 5217 5257 5218 5258 share modes (S) 5219 </h3></div></div></div><a class="indexterm" name="id256 0448"></a><a name="SHAREMODES"></a><div class="variablelist"><dl><dt></dt><dd><p>This enables or disables the honoring of5259 </h3></div></div></div><a class="indexterm" name="id2566358"></a><a name="SHAREMODES"></a><div class="variablelist"><dl><dt></dt><dd><p>This enables or disables the honoring of 5220 5260 the <em class="parameter"><code>share modes</code></em> during a file open. These 5221 5261 modes are used by clients to gain exclusive read or write access … … 5229 5269 off as many Windows applications will break if you do so.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>share modes</code></em> = <code class="literal">yes</code> 5230 5270 </em></span> 5231 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560523"></a>5271 </p></dd></dl></div></div><div class="section" title="short preserve case (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566434"></a> 5232 5272 5233 5273 short preserve case (S) 5234 </h3></div></div></div><a class="indexterm" name="id256 0524"></a><a name="SHORTPRESERVECASE"></a><div class="variablelist"><dl><dt></dt><dd><p>5274 </h3></div></div></div><a class="indexterm" name="id2566435"></a><a name="SHORTPRESERVECASE"></a><div class="variablelist"><dl><dt></dt><dd><p> 5235 5275 This boolean parameter controls if new files which conform to 8.3 syntax, that is all in upper case and of 5236 5276 suitable length, are created upper case, or if they are forced to be the <a class="link" href="smb.conf.5.html#DEFAULTCASE" target="_top">default case</a>. … … 5239 5279 </p><p>See the section on <a class="link" href="#NAMEMANGLINGSECT" title="NAME MANGLING">NAME MANGLING</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>short preserve case</code></em> = <code class="literal">yes</code> 5240 5280 </em></span> 5241 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560603"></a>5281 </p></dd></dl></div></div><div class="section" title="show add printer wizard (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566514"></a> 5242 5282 5243 5283 show add printer wizard (G) 5244 </h3></div></div></div><a class="indexterm" name="id256 0604"></a><a name="SHOWADDPRINTERWIZARD"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printing support5284 </h3></div></div></div><a class="indexterm" name="id2566515"></a><a name="SHOWADDPRINTERWIZARD"></a><div class="variablelist"><dl><dt></dt><dd><p>With the introduction of MS-RPC based printing support 5245 5285 for Windows NT/2000 client in Samba 2.2, a "Printers..." folder will 5246 5286 appear on Samba hosts in the share listing. Normally this folder will … … 5257 5297 parameter will always cause the OpenPrinterEx() on the server 5258 5298 to fail. Thus the APW icon will never be displayed. 5259 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This does not prevent the same user from having5299 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This does not prevent the same user from having 5260 5300 administrative privilege on an individual printer.</p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>show add printer wizard</code></em> = <code class="literal">yes</code> 5261 5301 </em></span> 5262 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560687"></a>5302 </p></dd></dl></div></div><div class="section" title="shutdown script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566597"></a> 5263 5303 5264 5304 shutdown script (G) 5265 </h3></div></div></div><a class="indexterm" name="id256 0688"></a><a name="SHUTDOWNSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This a full path name to a script called by5305 </h3></div></div></div><a class="indexterm" name="id2566598"></a><a name="SHUTDOWNSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This a full path name to a script called by 5266 5306 <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that should 5267 5307 start a shutdown procedure.</p><p>If the connected user posseses the <code class="constant">SeRemoteShutdownPrivilege</code>, 5268 right, this command will be run as root.</p><p>The %z %t %r %f variables are expanded as follows:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>%z</code></em> will be substituted with the5269 shutdown message sent to the server.</p></li><li ><p><em class="parameter"><code>%t</code></em> will be substituted with the5308 right, this command will be run as root.</p><p>The %z %t %r %f variables are expanded as follows:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>%z</code></em> will be substituted with the 5309 shutdown message sent to the server.</p></li><li class="listitem"><p><em class="parameter"><code>%t</code></em> will be substituted with the 5270 5310 number of seconds to wait before effectively starting the 5271 shutdown procedure.</p></li><li ><p><em class="parameter"><code>%r</code></em> will be substituted with the5311 shutdown procedure.</p></li><li class="listitem"><p><em class="parameter"><code>%r</code></em> will be substituted with the 5272 5312 switch <span class="emphasis"><em>-r</em></span>. It means reboot after shutdown 5273 for NT.</p></li><li ><p><em class="parameter"><code>%f</code></em> will be substituted with the5313 for NT.</p></li><li class="listitem"><p><em class="parameter"><code>%f</code></em> will be substituted with the 5274 5314 switch <span class="emphasis"><em>-f</em></span>. It means force the shutdown 5275 5315 even if applications do not respond for NT.</p></li></ul></div><p>Shutdown script example: … … 5289 5329 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>shutdown script</code></em> = <code class="literal">/usr/local/samba/sbin/shutdown %m %t %r %f</code> 5290 5330 </em></span> 5291 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560841"></a>5331 </p></dd></dl></div></div><div class="section" title="smb encrypt (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566751"></a> 5292 5332 5293 5333 smb encrypt (S) 5294 </h3></div></div></div><a class="indexterm" name="id256 0842"></a><a name="SMBENCRYPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a new feature introduced with Samba 3.2 and above. It is an5334 </h3></div></div></div><a class="indexterm" name="id2566752"></a><a name="SMBENCRYPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a new feature introduced with Samba 3.2 and above. It is an 5295 5335 extension to the SMB/CIFS protocol negotiated as part of the UNIX extensions. 5296 5336 SMB encryption uses the GSSAPI (SSPI on Windows) ability to encrypt … … 5320 5360 to disabled, SMB encryption can not be negotiated.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>smb encrypt</code></em> = <code class="literal">auto</code> 5321 5361 </em></span> 5322 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2560947"></a>5362 </p></dd></dl></div></div><div class="section" title="smb passwd file (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566858"></a> 5323 5363 5324 5364 smb passwd file (G) 5325 </h3></div></div></div><a class="indexterm" name="id256 0948"></a><a name="SMBPASSWDFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option sets the path to the encrypted smbpasswd file. By5365 </h3></div></div></div><a class="indexterm" name="id2566859"></a><a name="SMBPASSWDFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>This option sets the path to the encrypted smbpasswd file. By 5326 5366 default the path to the smbpasswd file is compiled into Samba.</p><p> 5327 5367 An example of use is: … … 5331 5371 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>smb passwd file</code></em> = <code class="literal">${prefix}/private/smbpasswd</code> 5332 5372 </em></span> 5333 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561000"></a>5373 </p></dd></dl></div></div><div class="section" title="smb ports (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566911"></a> 5334 5374 5335 5375 smb ports (G) 5336 </h3></div></div></div><a class="indexterm" name="id256 1002"></a><a name="SMBPORTS"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies which ports the server should listen on for SMB traffic.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>smb ports</code></em> = <code class="literal">445 139</code>5337 </em></span> 5338 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561042"></a>5376 </h3></div></div></div><a class="indexterm" name="id2566912"></a><a name="SMBPORTS"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies which ports the server should listen on for SMB traffic.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>smb ports</code></em> = <code class="literal">445 139</code> 5377 </em></span> 5378 </p></dd></dl></div></div><div class="section" title="socket address (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2566953"></a> 5339 5379 5340 5380 socket address (G) 5341 </h3></div></div></div><a class="indexterm" name="id256 1043"></a><a name="SOCKETADDRESS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to control what5381 </h3></div></div></div><a class="indexterm" name="id2566954"></a><a name="SOCKETADDRESS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to control what 5342 5382 address Samba will listen for connections on. This is used to 5343 5383 support multiple virtual interfaces on the one server, each … … 5348 5388 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>socket address</code></em> = <code class="literal">192.168.2.20</code> 5349 5389 </em></span> 5350 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561112"></a>5390 </p></dd></dl></div></div><div class="section" title="socket options (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567023"></a> 5351 5391 5352 5392 socket options (G) 5353 </h3></div></div></div><a class="indexterm" name="id256 1114"></a><a name="SOCKETOPTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to set socket options5393 </h3></div></div></div><a class="indexterm" name="id2567024"></a><a name="SOCKETOPTIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option allows you to set socket options 5354 5394 to be used when talking with the client.</p><p>Socket options are controls on the networking layer 5355 5395 of the operating systems which allow the connection to be … … 5367 5407 samba-technical@samba.org</a>.</p><p>Any of the supported socket options may be combined 5368 5408 in any way you like, as long as your OS allows it.</p><p>This is the list of socket options currently settable 5369 using this option:</p><div class="itemizedlist"><ul type="disc"><li><p>SO_KEEPALIVE</p></li><li><p>SO_REUSEADDR</p></li><li><p>SO_BROADCAST</p></li><li><p>TCP_NODELAY</p></li><li><p>IPTOS_LOWDELAY</p></li><li><p>IPTOS_THROUGHPUT</p></li><li><p>SO_SNDBUF *</p></li><li><p>SO_RCVBUF *</p></li><li><p>SO_SNDLOWAT *</p></li><li><p>SO_RCVLOWAT *</p></li></ul></div><p>Those marked with a <span class="emphasis"><em>'*'</em></span> take an integer5409 using this option:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>SO_KEEPALIVE</p></li><li class="listitem"><p>SO_REUSEADDR</p></li><li class="listitem"><p>SO_BROADCAST</p></li><li class="listitem"><p>TCP_NODELAY</p></li><li class="listitem"><p>IPTOS_LOWDELAY</p></li><li class="listitem"><p>IPTOS_THROUGHPUT</p></li><li class="listitem"><p>SO_SNDBUF *</p></li><li class="listitem"><p>SO_RCVBUF *</p></li><li class="listitem"><p>SO_SNDLOWAT *</p></li><li class="listitem"><p>SO_RCVLOWAT *</p></li></ul></div><p>Those marked with a <span class="emphasis"><em>'*'</em></span> take an integer 5370 5410 argument. The others can optionally take a 1 or 0 argument to enable 5371 5411 or disable the option, by default they will be enabled if you … … 5379 5419 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>socket options</code></em> = <code class="literal">IPTOS_LOWDELAY</code> 5380 5420 </em></span> 5381 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561323"></a>5421 </p></dd></dl></div></div><div class="section" title="stat cache (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567234"></a> 5382 5422 5383 5423 stat cache (G) 5384 </h3></div></div></div><a class="indexterm" name="id256 1324"></a><a name="STATCACHE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will use a cache in order to5424 </h3></div></div></div><a class="indexterm" name="id2567235"></a><a name="STATCACHE"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will use a cache in order to 5385 5425 speed up case insensitive name mappings. You should never need 5386 5426 to change this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>stat cache</code></em> = <code class="literal">yes</code> 5387 5427 </em></span> 5388 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561374"></a>5428 </p></dd></dl></div></div><div class="section" title="store dos attributes (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567285"></a> 5389 5429 5390 5430 store dos attributes (S) 5391 </h3></div></div></div><a class="indexterm" name="id256 1375"></a><a name="STOREDOSATTRIBUTES"></a><div class="variablelist"><dl><dt></dt><dd><p>5431 </h3></div></div></div><a class="indexterm" name="id2567286"></a><a name="STOREDOSATTRIBUTES"></a><div class="variablelist"><dl><dt></dt><dd><p> 5392 5432 If this parameter is set Samba attempts to first read DOS attributes (SYSTEM, HIDDEN, ARCHIVE or 5393 5433 READ-ONLY) from a filesystem extended attribute, before mapping DOS attributes to UNIX permission bits (such … … 5401 5441 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>store dos attributes</code></em> = <code class="literal">no</code> 5402 5442 </em></span> 5403 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561496"></a>5443 </p></dd></dl></div></div><div class="section" title="strict allocate (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567407"></a> 5404 5444 5405 5445 strict allocate (S) 5406 </h3></div></div></div><a class="indexterm" name="id256 1497"></a><a name="STRICTALLOCATE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean that controls the handling of5446 </h3></div></div></div><a class="indexterm" name="id2567408"></a><a name="STRICTALLOCATE"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean that controls the handling of 5407 5447 disk space allocation in the server. When this is set to <code class="constant">yes</code> 5408 5448 the server will change from UNIX behaviour of not committing real … … 5416 5456 of users.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>strict allocate</code></em> = <code class="literal">no</code> 5417 5457 </em></span> 5418 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561566"></a>5458 </p></dd></dl></div></div><div class="section" title="strict locking (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567477"></a> 5419 5459 5420 5460 strict locking (S) 5421 </h3></div></div></div><a class="indexterm" name="id256 1567"></a><a name="STRICTLOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p>5461 </h3></div></div></div><a class="indexterm" name="id2567478"></a><a name="STRICTLOCKING"></a><div class="variablelist"><dl><dt></dt><dd><p> 5422 5462 This is an enumerated type that controls the handling of file locking in the server. When this is set to <code class="constant">yes</code>, 5423 5463 the server will check every read and write access for file locks, and deny access if locks exist. This can be slow on … … 5435 5475 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>strict locking</code></em> = <code class="literal">Auto</code> 5436 5476 </em></span> 5437 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561646"></a>5477 </p></dd></dl></div></div><div class="section" title="strict sync (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567556"></a> 5438 5478 5439 5479 strict sync (S) 5440 </h3></div></div></div><a class="indexterm" name="id256 1647"></a><a name="STRICTSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>Many Windows applications (including the Windows 98 explorer5480 </h3></div></div></div><a class="indexterm" name="id2567557"></a><a name="STRICTSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>Many Windows applications (including the Windows 98 explorer 5441 5481 shell) seem to confuse flushing buffer contents to disk with doing 5442 5482 a sync to disk. Under UNIX, a sync call forces the process to be … … 5452 5492 reported with the new Windows98 explorer shell file copies.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>strict sync</code></em> = <code class="literal">no</code> 5453 5493 </em></span> 5454 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561711"></a>5494 </p></dd></dl></div></div><div class="section" title="svcctl list (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567621"></a> 5455 5495 5456 5496 svcctl list (G) 5457 </h3></div></div></div><a class="indexterm" name="id256 1712"></a><a name="SVCCTLLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This option defines a list of init scripts that smbd5497 </h3></div></div></div><a class="indexterm" name="id2567622"></a><a name="SVCCTLLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This option defines a list of init scripts that smbd 5458 5498 will use for starting and stopping Unix services via the Win32 5459 5499 ServiceControl API. This allows Windows administrators to … … 5468 5508 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>svcctl list</code></em> = <code class="literal">cups postfix portmap httpd</code> 5469 5509 </em></span> 5470 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561801"></a>5510 </p></dd></dl></div></div><div class="section" title="sync always (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567707"></a> 5471 5511 5472 5512 sync always (S) 5473 </h3></div></div></div><a class="indexterm" name="id256 1802"></a><a name="SYNCALWAYS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean parameter that controls5513 </h3></div></div></div><a class="indexterm" name="id2567708"></a><a name="SYNCALWAYS"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean parameter that controls 5474 5514 whether writes will always be written to stable storage before 5475 5515 the write call returns. If this is <code class="constant">no</code> then the server will be … … 5482 5522 any affect.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>sync always</code></em> = <code class="literal">no</code> 5483 5523 </em></span> 5484 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561871"></a>5524 </p></dd></dl></div></div><div class="section" title="syslog only (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567777"></a> 5485 5525 5486 5526 syslog only (G) 5487 </h3></div></div></div><a class="indexterm" name="id256 1872"></a><a name="SYSLOGONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>5527 </h3></div></div></div><a class="indexterm" name="id2567778"></a><a name="SYSLOGONLY"></a><div class="variablelist"><dl><dt></dt><dd><p> 5488 5528 If this parameter is set then Samba debug messages are logged into the system 5489 5529 syslog only, and not to the debug log files. There still will be some … … 5491 5531 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>syslog only</code></em> = <code class="literal">no</code> 5492 5532 </em></span> 5493 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561919"></a>5533 </p></dd></dl></div></div><div class="section" title="syslog (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567825"></a> 5494 5534 5495 5535 syslog (G) 5496 </h3></div></div></div><a class="indexterm" name="id256 1920"></a><a name="SYSLOG"></a><div class="variablelist"><dl><dt></dt><dd><p>5536 </h3></div></div></div><a class="indexterm" name="id2567826"></a><a name="SYSLOG"></a><div class="variablelist"><dl><dt></dt><dd><p> 5497 5537 This parameter maps how Samba debug messages are logged onto the system syslog logging levels. 5498 5538 Samba debug level zero maps onto syslog <code class="constant">LOG_ERR</code>, debug level one maps onto … … 5505 5545 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>syslog</code></em> = <code class="literal">1</code> 5506 5546 </em></span> 5507 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2561989"></a>5547 </p></dd></dl></div></div><div class="section" title="template homedir (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567895"></a> 5508 5548 5509 5549 template homedir (G) 5510 </h3></div></div></div><a class="indexterm" name="id256 1990"></a><a name="TEMPLATEHOMEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>When filling out the user information for a Windows NT5550 </h3></div></div></div><a class="indexterm" name="id2567896"></a><a name="TEMPLATEHOMEDIR"></a><div class="variablelist"><dl><dt></dt><dd><p>When filling out the user information for a Windows NT 5511 5551 user, the <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon uses this 5512 5552 parameter to fill in the home directory for that user. If the … … 5516 5556 is substituted with the user's Windows NT user name.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>template homedir</code></em> = <code class="literal">/home/%D/%U</code> 5517 5557 </em></span> 5518 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562055"></a>5558 </p></dd></dl></div></div><div class="section" title="template shell (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2567961"></a> 5519 5559 5520 5560 template shell (G) 5521 </h3></div></div></div><a class="indexterm" name="id256 2056"></a><a name="TEMPLATESHELL"></a><div class="variablelist"><dl><dt></dt><dd><p>When filling out the user information for a Windows NT5561 </h3></div></div></div><a class="indexterm" name="id2567962"></a><a name="TEMPLATESHELL"></a><div class="variablelist"><dl><dt></dt><dd><p>When filling out the user information for a Windows NT 5522 5562 user, the <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon uses this 5523 parameter to fill in the login shell for that user.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562094"></a>5563 parameter to fill in the login shell for that user.</p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="time offset (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568000"></a> 5524 5564 5525 5565 time offset (G) 5526 </h3></div></div></div><a class="indexterm" name="id256 2095"></a><a name="TIMEOFFSET"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a setting in minutes to add5566 </h3></div></div></div><a class="indexterm" name="id2568001"></a><a name="TIMEOFFSET"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a setting in minutes to add 5527 5567 to the normal GMT to local time conversion. This is useful if 5528 5568 you are serving a lot of PCs that have incorrect daylight … … 5531 5571 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>time offset</code></em> = <code class="literal">60</code> 5532 5572 </em></span> 5533 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562154"></a>5573 </p></dd></dl></div></div><div class="section" title="time server (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568060"></a> 5534 5574 5535 5575 time server (G) 5536 </h3></div></div></div><a class="indexterm" name="id256 2155"></a><a name="TIMESERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> advertises itself as a time server to Windows5576 </h3></div></div></div><a class="indexterm" name="id2568061"></a><a name="TIMESERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter determines if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> advertises itself as a time server to Windows 5537 5577 clients.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>time server</code></em> = <code class="literal">no</code> 5538 5578 </em></span> 5539 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562204"></a>5579 </p></dd></dl></div></div><div class="section" title="unix charset (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568110"></a> 5540 5580 5541 5581 unix charset (G) 5542 </h3></div></div></div><a class="indexterm" name="id256 2206"></a><a name="UNIXCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the charset the unix machine5582 </h3></div></div></div><a class="indexterm" name="id2568112"></a><a name="UNIXCHARSET"></a><div class="variablelist"><dl><dt></dt><dd><p>Specifies the charset the unix machine 5543 5583 Samba runs on uses. Samba needs to know this in order to be able to 5544 5584 convert text to the charsets other SMB clients use. … … 5549 5589 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>unix charset</code></em> = <code class="literal">ASCII</code> 5550 5590 </em></span> 5551 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562270"></a>5591 </p></dd></dl></div></div><div class="section" title="unix extensions (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568176"></a> 5552 5592 5553 5593 unix extensions (G) 5554 </h3></div></div></div><a class="indexterm" name="id256 2272"></a><a name="UNIXEXTENSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether Samba5594 </h3></div></div></div><a class="indexterm" name="id2568178"></a><a name="UNIXEXTENSIONS"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether Samba 5555 5595 implements the CIFS UNIX extensions, as defined by HP. 5556 5596 These extensions enable Samba to better serve UNIX CIFS clients … … 5559 5599 no current use to Windows clients.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>unix extensions</code></em> = <code class="literal">yes</code> 5560 5600 </em></span> 5561 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562318"></a>5601 </p></dd></dl></div></div><div class="section" title="unix password sync (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568224"></a> 5562 5602 5563 5603 unix password sync (G) 5564 </h3></div></div></div><a class="indexterm" name="id256 2319"></a><a name="UNIXPASSWORDSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether Samba5604 </h3></div></div></div><a class="indexterm" name="id2568225"></a><a name="UNIXPASSWORDSYNC"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean parameter controls whether Samba 5565 5605 attempts to synchronize the UNIX password with the SMB password 5566 5606 when the encrypted SMB password in the smbpasswd file is changed. … … 5571 5611 access to the old password cleartext, only the new).</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>unix password sync</code></em> = <code class="literal">no</code> 5572 5612 </em></span> 5573 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562379"></a>5613 </p></dd></dl></div></div><div class="section" title="update encrypted (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568285"></a> 5574 5614 5575 5615 update encrypted (G) 5576 </h3></div></div></div><a class="indexterm" name="id256 2380"></a><a name="UPDATEENCRYPTED"></a><div class="variablelist"><dl><dt></dt><dd><p>5616 </h3></div></div></div><a class="indexterm" name="id2568286"></a><a name="UPDATEENCRYPTED"></a><div class="variablelist"><dl><dt></dt><dd><p> 5577 5617 This boolean parameter allows a user logging on with a plaintext password to have their encrypted (hashed) 5578 5618 password in the smbpasswd file to be updated automatically as they log on. This option allows a site to … … 5592 5632 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>update encrypted</code></em> = <code class="literal">no</code> 5593 5633 </em></span> 5594 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562498"></a>5634 </p></dd></dl></div></div><div class="section" title="use client driver (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568404"></a> 5595 5635 5596 5636 use client driver (S) 5597 </h3></div></div></div><a class="indexterm" name="id256 2499"></a><a name="USECLIENTDRIVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter applies only to Windows NT/20005637 </h3></div></div></div><a class="indexterm" name="id2568405"></a><a name="USECLIENTDRIVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter applies only to Windows NT/2000 5598 5638 clients. It has no effect on Windows 95/98/ME clients. When 5599 5639 serving a printer to Windows NT/2000 clients without first installing … … 5620 5660 server.</em></span></p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use client driver</code></em> = <code class="literal">no</code> 5621 5661 </em></span> 5622 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562578"></a>5662 </p></dd></dl></div></div><div class="section" title="use kerberos keytab (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568484"></a> 5623 5663 5624 5664 use kerberos keytab (G) 5625 </h3></div></div></div><a class="indexterm" name="id256 2580"></a><a name="USEKERBEROSKEYTAB"></a><div class="variablelist"><dl><dt></dt><dd><p>5665 </h3></div></div></div><a class="indexterm" name="id2568486"></a><a name="USEKERBEROSKEYTAB"></a><div class="variablelist"><dl><dt></dt><dd><p> 5626 5666 Specifies whether Samba should attempt to maintain service principals in the systems 5627 5667 keytab file for <code class="constant">host/FQDN</code> and <code class="constant">cifs/FQDN</code>. … … 5635 5675 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use kerberos keytab</code></em> = <code class="literal">False</code> 5636 5676 </em></span> 5637 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562647"></a>5677 </p></dd></dl></div></div><div class="section" title="use mmap (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568553"></a> 5638 5678 5639 5679 use mmap (G) 5640 </h3></div></div></div><a class="indexterm" name="id256 2648"></a><a name="USEMMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>This global parameter determines if the tdb internals of Samba can5680 </h3></div></div></div><a class="indexterm" name="id2568554"></a><a name="USEMMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>This global parameter determines if the tdb internals of Samba can 5641 5681 depend on mmap working correctly on the running system. Samba requires a coherent 5642 5682 mmap/read-write system memory cache. Currently only HPUX does not have such a … … 5647 5687 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use mmap</code></em> = <code class="literal">yes</code> 5648 5688 </em></span> 5649 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562699"></a>5689 </p></dd></dl></div></div><div class="section" title="username level (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568605"></a> 5650 5690 5651 5691 username level (G) 5652 </h3></div></div></div><a class="indexterm" name="id256 2700"></a><a name="USERNAMELEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option helps Samba to try and 'guess' at5692 </h3></div></div></div><a class="indexterm" name="id2568606"></a><a name="USERNAMELEVEL"></a><div class="variablelist"><dl><dt></dt><dd><p>This option helps Samba to try and 'guess' at 5653 5693 the real UNIX username, as many DOS clients send an all-uppercase 5654 5694 username. By default Samba tries all lowercase, followed by the … … 5665 5705 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username level</code></em> = <code class="literal">5</code> 5666 5706 </em></span> 5667 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562781"></a>5707 </p></dd></dl></div></div><div class="section" title="username map script (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568687"></a> 5668 5708 5669 5709 username map script (G) 5670 </h3></div></div></div><a class="indexterm" name="id256 2782"></a><a name="USERNAMEMAPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This script is a mutually exclusive alternative to the5710 </h3></div></div></div><a class="indexterm" name="id2568688"></a><a name="USERNAMEMAPSCRIPT"></a><div class="variablelist"><dl><dt></dt><dd><p>This script is a mutually exclusive alternative to the 5671 5711 <a class="link" href="smb.conf.5.html#USERNAMEMAP" target="_top">username map</a> parameter. This parameter 5672 5712 specifies and external program or script that must accept a single … … 5679 5719 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username map script</code></em> = <code class="literal">/etc/samba/scripts/mapusers.sh</code> 5680 5720 </em></span> 5681 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2562858"></a>5721 </p></dd></dl></div></div><div class="section" title="username map (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2568764"></a> 5682 5722 5683 5723 username map (G) 5684 </h3></div></div></div><a class="indexterm" name="id256 2859"></a><a name="USERNAMEMAP"></a><div class="variablelist"><dl><dt></dt><dd><p>5724 </h3></div></div></div><a class="indexterm" name="id2568765"></a><a name="USERNAMEMAP"></a><div class="variablelist"><dl><dt></dt><dd><p> 5685 5725 This option allows you to specify a file containing a mapping of usernames from the clients to the server. 5686 5726 This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows … … 5766 5806 # no username map</code> 5767 5807 </em></span> 5768 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563137"></a>5808 </p></dd></dl></div></div><div class="section" title="user"><div class="titlepage"><div><div><h3 class="title"><a name="id2569043"></a> 5769 5809 5770 5810 <a name="USER"></a>user 5771 </h3></div></div></div><a class="indexterm" name="id256 3138"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#USERNAME">username</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563169"></a>5811 </h3></div></div></div><a class="indexterm" name="id2569044"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#USERNAME">username</a>.</p></dd></dl></div></div><div class="section" title="users"><div class="titlepage"><div><div><h3 class="title"><a name="id2569075"></a> 5772 5812 5773 5813 <a name="USERS"></a>users 5774 </h3></div></div></div><a class="indexterm" name="id256 3170"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#USERNAME">username</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563201"></a>5814 </h3></div></div></div><a class="indexterm" name="id2569076"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#USERNAME">username</a>.</p></dd></dl></div></div><div class="section" title="username (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569107"></a> 5775 5815 5776 5816 username (S) 5777 </h3></div></div></div><a class="indexterm" name="id256 3202"></a><a name="USERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>Multiple users may be specified in a comma-delimited5817 </h3></div></div></div><a class="indexterm" name="id2569108"></a><a name="USERNAME"></a><div class="variablelist"><dl><dt></dt><dd><p>Multiple users may be specified in a comma-delimited 5778 5818 list, in which case the supplied password will be tested against 5779 5819 each username in turn (left to right).</p><p>The <em class="parameter"><code>username</code></em> line is needed only when … … 5813 5853 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username</code></em> = <code class="literal">fred, mary, jack, jane, @users, @pcgroup</code> 5814 5854 </em></span> 5815 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563371"></a>5855 </p></dd></dl></div></div><div class="section" title="usershare allow guests (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569277"></a> 5816 5856 5817 5857 usershare allow guests (G) 5818 </h3></div></div></div><a class="indexterm" name="id256 3372"></a><a name="USERSHAREALLOWGUESTS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether user defined shares are allowed5858 </h3></div></div></div><a class="indexterm" name="id2569278"></a><a name="USERSHAREALLOWGUESTS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether user defined shares are allowed 5819 5859 to be accessed by non-authenticated users or not. It is the equivalent 5820 5860 of allowing people who can create a share the option of setting … … 5823 5863 is set to off.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare allow guests</code></em> = <code class="literal">no</code> 5824 5864 </em></span> 5825 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563424"></a>5865 </p></dd></dl></div></div><div class="section" title="usershare max shares (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569330"></a> 5826 5866 5827 5867 usershare max shares (G) 5828 </h3></div></div></div><a class="indexterm" name="id256 3425"></a><a name="USERSHAREMAXSHARES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of user defined shares5868 </h3></div></div></div><a class="indexterm" name="id2569331"></a><a name="USERSHAREMAXSHARES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of user defined shares 5829 5869 that are allowed to be created by users belonging to the group owning the 5830 5870 usershare directory. If set to zero (the default) user defined shares are ignored. 5831 5871 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare max shares</code></em> = <code class="literal">0</code> 5832 5872 </em></span> 5833 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563469"></a>5873 </p></dd></dl></div></div><div class="section" title="usershare owner only (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569375"></a> 5834 5874 5835 5875 usershare owner only (G) 5836 </h3></div></div></div><a class="indexterm" name="id256 3470"></a><a name="USERSHAREOWNERONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether the pathname exported by5876 </h3></div></div></div><a class="indexterm" name="id2569376"></a><a name="USERSHAREOWNERONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether the pathname exported by 5837 5877 a user defined shares must be owned by the user creating the 5838 5878 user defined share or not. If set to True (the default) then … … 5844 5884 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare owner only</code></em> = <code class="literal">True</code> 5845 5885 </em></span> 5846 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563527"></a>5886 </p></dd></dl></div></div><div class="section" title="usershare path (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569425"></a> 5847 5887 5848 5888 usershare path (G) 5849 </h3></div></div></div><a class="indexterm" name="id256 3528"></a><a name="USERSHAREPATH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the absolute path of the directory on the5889 </h3></div></div></div><a class="indexterm" name="id2569426"></a><a name="USERSHAREPATH"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the absolute path of the directory on the 5850 5890 filesystem used to store the user defined share definition files. 5851 5891 This directory must be owned by root, and have no access for … … 5868 5908 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare path</code></em> = <code class="literal">NULL</code> 5869 5909 </em></span> 5870 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563598"></a>5910 </p></dd></dl></div></div><div class="section" title="usershare prefix allow list (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569496"></a> 5871 5911 5872 5912 usershare prefix allow list (G) 5873 </h3></div></div></div><a class="indexterm" name="id256 3599"></a><a name="USERSHAREPREFIXALLOWLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a list of absolute pathnames5913 </h3></div></div></div><a class="indexterm" name="id2569497"></a><a name="USERSHAREPREFIXALLOWLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a list of absolute pathnames 5874 5914 the root of which are allowed to be exported by user defined share definitions. 5875 5915 If the pathname to be exported doesn't start with one of the strings in this … … 5886 5926 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>usershare prefix allow list</code></em> = <code class="literal">/home /data /space</code> 5887 5927 </em></span> 5888 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563670"></a>5928 </p></dd></dl></div></div><div class="section" title="usershare prefix deny list (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569569"></a> 5889 5929 5890 5930 usershare prefix deny list (G) 5891 </h3></div></div></div><a class="indexterm" name="id256 3671"></a><a name="USERSHAREPREFIXDENYLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a list of absolute pathnames5931 </h3></div></div></div><a class="indexterm" name="id2569570"></a><a name="USERSHAREPREFIXDENYLIST"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies a list of absolute pathnames 5892 5932 the root of which are NOT allowed to be exported by user defined share definitions. 5893 5933 If the pathname exported starts with one of the strings in this … … 5905 5945 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>usershare prefix deny list</code></em> = <code class="literal">/etc /dev /private</code> 5906 5946 </em></span> 5907 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563745"></a>5947 </p></dd></dl></div></div><div class="section" title="usershare template share (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569643"></a> 5908 5948 5909 5949 usershare template share (G) 5910 </h3></div></div></div><a class="indexterm" name="id256 3746"></a><a name="USERSHARETEMPLATESHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>User defined shares only have limited possible parameters5950 </h3></div></div></div><a class="indexterm" name="id2569644"></a><a name="USERSHARETEMPLATESHARE"></a><div class="variablelist"><dl><dt></dt><dd><p>User defined shares only have limited possible parameters 5911 5951 such as path, guest ok, etc. This parameter allows usershares to 5912 5952 "cloned" from an existing share. If "usershare template share" … … 5923 5963 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>usershare template share</code></em> = <code class="literal">template_share</code> 5924 5964 </em></span> 5925 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563818"></a>5965 </p></dd></dl></div></div><div class="section" title="use sendfile (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569716"></a> 5926 5966 5927 5967 use sendfile (S) 5928 </h3></div></div></div><a class="indexterm" name="id256 3819"></a><a name="USESENDFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code>, and the <code class="constant">sendfile()</code>5968 </h3></div></div></div><a class="indexterm" name="id2569717"></a><a name="USESENDFILE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this parameter is <code class="constant">yes</code>, and the <code class="constant">sendfile()</code> 5929 5969 system call is supported by the underlying operating system, then some SMB read calls 5930 5970 (mainly ReadAndX and ReadRaw) will use the more efficient sendfile system call for files that … … 5935 5975 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use sendfile</code></em> = <code class="literal">false</code> 5936 5976 </em></span> 5937 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563875"></a>5977 </p></dd></dl></div></div><div class="section" title="use spnego (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569774"></a> 5938 5978 5939 5979 use spnego (G) 5940 </h3></div></div></div><a class="indexterm" name="id256 3876"></a><a name="USESPNEGO"></a><div class="variablelist"><dl><dt></dt><dd><p>This variable controls controls whether samba will try5980 </h3></div></div></div><a class="indexterm" name="id2569775"></a><a name="USESPNEGO"></a><div class="variablelist"><dl><dt></dt><dd><p>This variable controls controls whether samba will try 5941 5981 to use Simple and Protected NEGOciation (as specified by rfc2478) with 5942 5982 WindowsXP and Windows2000 clients to agree upon an authentication mechanism. … … 5946 5986 disabled.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use spnego</code></em> = <code class="literal">yes</code> 5947 5987 </em></span> 5948 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2563925"></a>5988 </p></dd></dl></div></div><div class="section" title="utmp directory (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569823"></a> 5949 5989 5950 5990 utmp directory (G) 5951 </h3></div></div></div><a class="indexterm" name="id256 3926"></a><a name="UTMPDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only available if Samba has5991 </h3></div></div></div><a class="indexterm" name="id2569824"></a><a name="UTMPDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is only available if Samba has 5952 5992 been configured and compiled with the option <code class="literal"> 5953 5993 --with-utmp</code>. It specifies a directory pathname that is … … 5961 6001 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>utmp directory</code></em> = <code class="literal">/var/run/utmp</code> 5962 6002 </em></span> 5963 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564003"></a>6003 </p></dd></dl></div></div><div class="section" title="utmp (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569901"></a> 5964 6004 5965 6005 utmp (G) 5966 </h3></div></div></div><a class="indexterm" name="id256 4004"></a><a name="UTMP"></a><div class="variablelist"><dl><dt></dt><dd><p>6006 </h3></div></div></div><a class="indexterm" name="id2569902"></a><a name="UTMP"></a><div class="variablelist"><dl><dt></dt><dd><p> 5967 6007 This boolean parameter is only available if Samba has been configured and compiled 5968 6008 with the option <code class="literal">--with-utmp</code>. If set to … … 5976 6016 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>utmp</code></em> = <code class="literal">no</code> 5977 6017 </em></span> 5978 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564066"></a>6018 </p></dd></dl></div></div><div class="section" title="valid users (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2569964"></a> 5979 6019 5980 6020 valid users (S) 5981 </h3></div></div></div><a class="indexterm" name="id256 4067"></a><a name="VALIDUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>6021 </h3></div></div></div><a class="indexterm" name="id2569965"></a><a name="VALIDUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p> 5982 6022 This is a list of users that should be allowed to login to this service. Names starting with 5983 6023 '@', '+' and '&' are interpreted using the same rules as described in the … … 5995 6035 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>valid users</code></em> = <code class="literal">greg, @pcusers</code> 5996 6036 </em></span> 5997 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564157"></a>6037 </p></dd></dl></div></div><div class="section" title="-valid (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570055"></a> 5998 6038 5999 6039 -valid (S) 6000 </h3></div></div></div><a class="indexterm" name="id25 64158"></a><a name="-VALID"></a><div class="variablelist"><dl><dt></dt><dd><p> This parameter indicates whether a share is6040 </h3></div></div></div><a class="indexterm" name="id2570056"></a><a name="-VALID"></a><div class="variablelist"><dl><dt></dt><dd><p> This parameter indicates whether a share is 6001 6041 valid and thus can be used. When this parameter is set to false, 6002 6042 the share will be in no way visible nor accessible. … … 6007 6047 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>-valid</code></em> = <code class="literal">yes</code> 6008 6048 </em></span> 6009 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564207"></a>6049 </p></dd></dl></div></div><div class="section" title="veto files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570105"></a> 6010 6050 6011 6051 veto files (S) 6012 </h3></div></div></div><a class="indexterm" name="id25 64208"></a><a name="VETOFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>6052 </h3></div></div></div><a class="indexterm" name="id2570106"></a><a name="VETOFILES"></a><div class="variablelist"><dl><dt></dt><dd><p> 6013 6053 This is a list of files and directories that are neither visible nor accessible. Each entry in 6014 6054 the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' … … 6041 6081 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>veto files</code></em> = <code class="literal">No files or directories are vetoed.</code> 6042 6082 </em></span> 6043 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564325"></a>6083 </p></dd></dl></div></div><div class="section" title="veto oplock files (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570224"></a> 6044 6084 6045 6085 veto oplock files (S) 6046 </h3></div></div></div><a class="indexterm" name="id25 64326"></a><a name="VETOOPLOCKFILES"></a><div class="variablelist"><dl><dt></dt><dd><p>6086 </h3></div></div></div><a class="indexterm" name="id2570225"></a><a name="VETOOPLOCKFILES"></a><div class="variablelist"><dl><dt></dt><dd><p> 6047 6087 This parameter is only valid when the <a class="link" href="smb.conf.5.html#OPLOCKS" target="_top">oplocks</a> 6048 6088 parameter is turned on for a share. It allows the Samba administrator … … 6065 6105 # No files are vetoed for oplock grants</code> 6066 6106 </em></span> 6067 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564418"></a>6107 </p></dd></dl></div></div><div class="section" title="vfs object"><div class="titlepage"><div><div><h3 class="title"><a name="id2570317"></a> 6068 6108 6069 6109 <a name="VFSOBJECT"></a>vfs object 6070 </h3></div></div></div><a class="indexterm" name="id25 64420"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#VFSOBJECTS">vfs objects</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564450"></a>6110 </h3></div></div></div><a class="indexterm" name="id2570318"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#VFSOBJECTS">vfs objects</a>.</p></dd></dl></div></div><div class="section" title="vfs objects (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570349"></a> 6071 6111 6072 6112 vfs objects (S) 6073 </h3></div></div></div><a class="indexterm" name="id25 64452"></a><a name="VFSOBJECTS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the backend names which6113 </h3></div></div></div><a class="indexterm" name="id2570350"></a><a name="VFSOBJECTS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the backend names which 6074 6114 are used for Samba VFS I/O operations. By default, normal 6075 6115 disk I/O operations are used but these can be overloaded … … 6078 6118 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>vfs objects</code></em> = <code class="literal">extd_audit recycle</code> 6079 6119 </em></span> 6080 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564510"></a>6120 </p></dd></dl></div></div><div class="section" title="volume (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570409"></a> 6081 6121 6082 6122 volume (S) 6083 </h3></div></div></div><a class="indexterm" name="id25 64512"></a><a name="VOLUME"></a><div class="variablelist"><dl><dt></dt><dd><p>This allows you to override the volume label6123 </h3></div></div></div><a class="indexterm" name="id2570410"></a><a name="VOLUME"></a><div class="variablelist"><dl><dt></dt><dd><p>This allows you to override the volume label 6084 6124 returned for a share. Useful for CDROMs with installation programs 6085 6125 that insist on a particular volume label.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>volume</code></em> = <code class="literal"> 6086 6126 # the name of the share</code> 6087 6127 </em></span> 6088 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564554"></a>6128 </p></dd></dl></div></div><div class="section" title="wide links (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570452"></a> 6089 6129 6090 6130 wide links (S) 6091 </h3></div></div></div><a class="indexterm" name="id25 64555"></a><a name="WIDELINKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not links6131 </h3></div></div></div><a class="indexterm" name="id2570454"></a><a name="WIDELINKS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not links 6092 6132 in the UNIX file system may be followed by the server. Links 6093 6133 that point to areas within the directory tree exported by the … … 6097 6137 that Samba has to do in order to perform the link checks.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>wide links</code></em> = <code class="literal">yes</code> 6098 6138 </em></span> 6099 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564606"></a>6139 </p></dd></dl></div></div><div class="section" title="winbind cache time (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570505"></a> 6100 6140 6101 6141 winbind cache time (G) 6102 </h3></div></div></div><a class="indexterm" name="id25 64607"></a><a name="WINBINDCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of6142 </h3></div></div></div><a class="indexterm" name="id2570506"></a><a name="WINBINDCACHETIME"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of 6103 6143 seconds the <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon will cache 6104 6144 user and group information before querying a Windows NT server … … 6108 6148 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind cache time</code></em> = <code class="literal">300</code> 6109 6149 </em></span> 6110 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564678"></a>6150 </p></dd></dl></div></div><div class="section" title="winbind enum groups (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570576"></a> 6111 6151 6112 6152 winbind enum groups (G) 6113 </h3></div></div></div><a class="indexterm" name="id25 64679"></a><a name="WINBINDENUMGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>On large installations using <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> it may be necessary to suppress6153 </h3></div></div></div><a class="indexterm" name="id2570577"></a><a name="WINBINDENUMGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>On large installations using <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> it may be necessary to suppress 6114 6154 the enumeration of groups through the <code class="literal">setgrent()</code>, 6115 6155 <code class="literal">getgrent()</code> and … … 6117 6157 the <em class="parameter"><code>winbind enum groups</code></em> parameter is 6118 6158 <code class="constant">no</code>, calls to the <code class="literal">getgrent()</code> system 6119 call will not return any data. </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Turning off group enumeration may cause some programs to behave oddly. </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind enum groups</code></em> = <code class="literal">no</code>6120 </em></span> 6121 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564768"></a>6159 call will not return any data. </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Turning off group enumeration may cause some programs to behave oddly. </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind enum groups</code></em> = <code class="literal">no</code> 6160 </em></span> 6161 </p></dd></dl></div></div><div class="section" title="winbind enum users (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570667"></a> 6122 6162 6123 6163 winbind enum users (G) 6124 </h3></div></div></div><a class="indexterm" name="id25 64770"></a><a name="WINBINDENUMUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>On large installations using <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> it may be6164 </h3></div></div></div><a class="indexterm" name="id2570668"></a><a name="WINBINDENUMUSERS"></a><div class="variablelist"><dl><dt></dt><dd><p>On large installations using <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> it may be 6125 6165 necessary to suppress the enumeration of users through the <code class="literal">setpwent()</code>, 6126 6166 <code class="literal">getpwent()</code> and … … 6128 6168 the <em class="parameter"><code>winbind enum users</code></em> parameter is 6129 6169 <code class="constant">no</code>, calls to the <code class="literal">getpwent</code> system call 6130 will not return any data. </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Turning off user6170 will not return any data. </p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Turning off user 6131 6171 enumeration may cause some programs to behave oddly. For 6132 6172 example, the finger program relies on having access to the … … 6134 6174 usernames. </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind enum users</code></em> = <code class="literal">no</code> 6135 6175 </em></span> 6136 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564862"></a>6176 </p></dd></dl></div></div><div class="section" title="winbind expand groups (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570760"></a> 6137 6177 6138 6178 winbind expand groups (G) 6139 </h3></div></div></div><a class="indexterm" name="id25 64863"></a><a name="WINBINDEXPANDGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum depth that winbindd6179 </h3></div></div></div><a class="indexterm" name="id2570761"></a><a name="WINBINDEXPANDGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>This option controls the maximum depth that winbindd 6140 6180 will traverse when flattening nested group memberships 6141 6181 of Windows domain groups. This is different from the … … 6149 6189 incoming NSS or authentication requests during this time.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind expand groups</code></em> = <code class="literal">1</code> 6150 6190 </em></span> 6151 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564931"></a>6191 </p></dd></dl></div></div><div class="section" title="winbind nested groups (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570829"></a> 6152 6192 6153 6193 winbind nested groups (G) 6154 </h3></div></div></div><a class="indexterm" name="id25 64932"></a><a name="WINBINDNESTEDGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>If set to yes, this parameter activates the support for nested6194 </h3></div></div></div><a class="indexterm" name="id2570830"></a><a name="WINBINDNESTEDGROUPS"></a><div class="variablelist"><dl><dt></dt><dd><p>If set to yes, this parameter activates the support for nested 6155 6195 groups. Nested groups are also called local groups or 6156 6196 aliases. They work like their counterparts in Windows: Nested … … 6160 6200 groups, you need to run nss_winbind.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind nested groups</code></em> = <code class="literal">yes</code> 6161 6201 </em></span> 6162 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2564981"></a>6202 </p></dd></dl></div></div><div class="section" title="winbind normalize names (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570888"></a> 6163 6203 6164 6204 winbind normalize names (G) 6165 </h3></div></div></div><a class="indexterm" name="id25 64982"></a><a name="WINBINDNORMALIZENAMES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether winbindd will replace6205 </h3></div></div></div><a class="indexterm" name="id2570889"></a><a name="WINBINDNORMALIZENAMES"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether winbindd will replace 6166 6206 whitespace in user and group names with an underscore (_) character. 6167 6207 For example, whether the name "Space Kadet" should be … … 6183 6223 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind normalize names</code></em> = <code class="literal">yes</code> 6184 6224 </em></span> 6185 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565059"></a>6225 </p></dd></dl></div></div><div class="section" title="winbind nss info (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2570965"></a> 6186 6226 6187 6227 winbind nss info (G) 6188 </h3></div></div></div><a class="indexterm" name="id25 65060"></a><a name="WINBINDNSSINFO"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control how Winbind retrieves Name6228 </h3></div></div></div><a class="indexterm" name="id2570966"></a><a name="WINBINDNSSINFO"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control how Winbind retrieves Name 6189 6229 Service Information to construct a user's home directory and login shell. 6190 6230 Currently the following settings are available: 6191 6231 6192 </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>template</code></em>6232 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><em class="parameter"><code>template</code></em> 6193 6233 - The default, using the parameters of <em class="parameter"><code>template 6194 6234 shell</code></em> and <em class="parameter"><code>template homedir</code></em>) 6195 </p></li><li ><p><em class="parameter"><code><sfu | rfc2307 ></code></em>6235 </p></li><li class="listitem"><p><em class="parameter"><code><sfu | rfc2307 ></code></em> 6196 6236 - When Samba is running in security = ads and your Active Directory 6197 6237 Domain Controller does support the Microsoft "Services for Unix" (SFU) … … 6208 6248 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind nss info</code></em> = <code class="literal">template sfu</code> 6209 6249 </em></span> 6210 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565178"></a>6250 </p></dd></dl></div></div><div class="section" title="winbind offline logon (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571085"></a> 6211 6251 6212 6252 winbind offline logon (G) 6213 </h3></div></div></div><a class="indexterm" name="id25 65180"></a><a name="WINBINDOFFLINELOGON"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control whether Winbind should6253 </h3></div></div></div><a class="indexterm" name="id2571086"></a><a name="WINBINDOFFLINELOGON"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control whether Winbind should 6214 6254 allow to login with the <em class="parameter"><code>pam_winbind</code></em> 6215 6255 module using Cached Credentials. If enabled, winbindd will store user credentials … … 6219 6259 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind offline logon</code></em> = <code class="literal">true</code> 6220 6260 </em></span> 6221 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565248"></a>6261 </p></dd></dl></div></div><div class="section" title="winbind reconnect delay (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571154"></a> 6222 6262 6223 6263 winbind reconnect delay (G) 6224 </h3></div></div></div><a class="indexterm" name="id25 65249"></a><a name="WINBINDRECONNECTDELAY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of6264 </h3></div></div></div><a class="indexterm" name="id2571155"></a><a name="WINBINDRECONNECTDELAY"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies the number of 6225 6265 seconds the <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon will wait between 6226 6266 attempts to contact a Domain controller for a domain that is 6227 6267 determined to be down or not contactable.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind reconnect delay</code></em> = <code class="literal">30</code> 6228 6268 </em></span> 6229 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565300"></a>6269 </p></dd></dl></div></div><div class="section" title="winbind refresh tickets (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571207"></a> 6230 6270 6231 6271 winbind refresh tickets (G) 6232 </h3></div></div></div><a class="indexterm" name="id25 65302"></a><a name="WINBINDREFRESHTICKETS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control whether Winbind should refresh Kerberos Tickets6272 </h3></div></div></div><a class="indexterm" name="id2571208"></a><a name="WINBINDREFRESHTICKETS"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is designed to control whether Winbind should refresh Kerberos Tickets 6233 6273 retrieved using the <em class="parameter"><code>pam_winbind</code></em> module. 6234 6274 … … 6237 6277 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind refresh tickets</code></em> = <code class="literal">true</code> 6238 6278 </em></span> 6239 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565368"></a>6279 </p></dd></dl></div></div><div class="section" title="winbind rpc only (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571274"></a> 6240 6280 6241 6281 winbind rpc only (G) 6242 </h3></div></div></div><a class="indexterm" name="id25 65369"></a><a name="WINBINDRPCONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>6282 </h3></div></div></div><a class="indexterm" name="id2571275"></a><a name="WINBINDRPCONLY"></a><div class="variablelist"><dl><dt></dt><dd><p> 6243 6283 Setting this parameter to <code class="literal">yes</code> forces 6244 6284 winbindd to use RPC instead of LDAP to retrieve information from Domain … … 6246 6286 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind rpc only</code></em> = <code class="literal">no</code> 6247 6287 </em></span> 6248 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565416"></a>6288 </p></dd></dl></div></div><div class="section" title="winbind separator (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571323"></a> 6249 6289 6250 6290 winbind separator (G) 6251 </h3></div></div></div><a class="indexterm" name="id25 65417"></a><a name="WINBINDSEPARATOR"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows an admin to define the character6291 </h3></div></div></div><a class="indexterm" name="id2571324"></a><a name="WINBINDSEPARATOR"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter allows an admin to define the character 6252 6292 used when listing a username of the form of <em class="replaceable"><code>DOMAIN 6253 6293 </code></em>\<em class="replaceable"><code>user</code></em>. This parameter … … 6260 6300 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind separator</code></em> = <code class="literal">+</code> 6261 6301 </em></span> 6262 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565503"></a>6302 </p></dd></dl></div></div><div class="section" title="winbind trusted domains only (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571410"></a> 6263 6303 6264 6304 winbind trusted domains only (G) 6265 </h3></div></div></div><a class="indexterm" name="id25 65504"></a><a name="WINBINDTRUSTEDDOMAINSONLY"></a><div class="variablelist"><dl><dt></dt><dd><p>6305 </h3></div></div></div><a class="indexterm" name="id2571411"></a><a name="WINBINDTRUSTEDDOMAINSONLY"></a><div class="variablelist"><dl><dt></dt><dd><p> 6266 6306 This parameter is designed to allow Samba servers that are members 6267 6307 of a Samba controlled domain to use UNIX accounts distributed via NIS, … … 6274 6314 </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind trusted domains only</code></em> = <code class="literal">no</code> 6275 6315 </em></span> 6276 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565570"></a>6316 </p></dd></dl></div></div><div class="section" title="winbind use default domain (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571477"></a> 6277 6317 6278 6318 winbind use default domain (G) 6279 </h3></div></div></div><a class="indexterm" name="id25 65572"></a><a name="WINBINDUSEDEFAULTDOMAIN"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether the6319 </h3></div></div></div><a class="indexterm" name="id2571478"></a><a name="WINBINDUSEDEFAULTDOMAIN"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter specifies whether the 6280 6320 <a class="citerefentry" href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon should operate on users 6281 6321 without domain component in their username. Users without a domain … … 6287 6327 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>winbind use default domain</code></em> = <code class="literal">yes</code> 6288 6328 </em></span> 6289 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565643"></a>6329 </p></dd></dl></div></div><div class="section" title="wins hook (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571550"></a> 6290 6330 6291 6331 wins hook (G) 6292 </h3></div></div></div><a class="indexterm" name="id25 65644"></a><a name="WINSHOOK"></a><div class="variablelist"><dl><dt></dt><dd><p>When Samba is running as a WINS server this6332 </h3></div></div></div><a class="indexterm" name="id2571551"></a><a name="WINSHOOK"></a><div class="variablelist"><dl><dt></dt><dd><p>When Samba is running as a WINS server this 6293 6333 allows you to call an external program for all changes to the 6294 6334 WINS database. The primary use for this option is to allow the 6295 6335 dynamic update of external name resolution databases such as 6296 6336 dynamic DNS.</p><p>The wins hook parameter specifies the name of a script 6297 or executable that will be called as follows:</p><p><code class="literal">wins_hook operation name nametype ttl IP_list</code></p><div class="itemizedlist"><ul type="disc"><li><p>The first argument is the operation and is6337 or executable that will be called as follows:</p><p><code class="literal">wins_hook operation name nametype ttl IP_list</code></p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>The first argument is the operation and is 6298 6338 one of "add", "delete", or 6299 6339 "refresh". In most cases the operation … … 6302 6342 "refresh" may sometimes be called when 6303 6343 the name has not previously been added, in that 6304 case it should be treated as an add.</p></li><li ><p>The second argument is the NetBIOS name. If the6344 case it should be treated as an add.</p></li><li class="listitem"><p>The second argument is the NetBIOS name. If the 6305 6345 name is not a legal name then the wins hook is not called. 6306 6346 Legal names contain only letters, digits, hyphens, underscores 6307 and periods.</p></li><li ><p>The third argument is the NetBIOS name6308 type as a 2 digit hexadecimal number. </p></li><li ><p>The fourth argument is the TTL (time to live)6309 for the name in seconds.</p></li><li ><p>The fifth and subsequent arguments are the IP6347 and periods.</p></li><li class="listitem"><p>The third argument is the NetBIOS name 6348 type as a 2 digit hexadecimal number. </p></li><li class="listitem"><p>The fourth argument is the TTL (time to live) 6349 for the name in seconds.</p></li><li class="listitem"><p>The fifth and subsequent arguments are the IP 6310 6350 addresses currently registered for that name. If this list is 6311 6351 empty then the name should be deleted.</p></li></ul></div><p>An example script that calls the BIND dynamic DNS update 6312 6352 program <code class="literal">nsupdate</code> is provided in the examples 6313 directory of the Samba source code. </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565750"></a>6353 directory of the Samba source code. </p><p><span class="emphasis"><em>No default</em></span></p></dd></dl></div></div><div class="section" title="wins proxy (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571656"></a> 6314 6354 6315 6355 wins proxy (G) 6316 </h3></div></div></div><a class="indexterm" name="id25 65751"></a><a name="WINSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean that controls if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will respond to broadcast name6356 </h3></div></div></div><a class="indexterm" name="id2571657"></a><a name="WINSPROXY"></a><div class="variablelist"><dl><dt></dt><dd><p>This is a boolean that controls if <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> will respond to broadcast name 6317 6357 queries on behalf of other hosts. You may need to set this 6318 6358 to <code class="constant">yes</code> for some older clients.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>wins proxy</code></em> = <code class="literal">no</code> 6319 6359 </em></span> 6320 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565804"></a>6360 </p></dd></dl></div></div><div class="section" title="wins server (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571711"></a> 6321 6361 6322 6362 wins server (G) 6323 </h3></div></div></div><a class="indexterm" name="id25 65806"></a><a name="WINSSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies the IP address (or DNS name: IP6363 </h3></div></div></div><a class="indexterm" name="id2571712"></a><a name="WINSSERVER"></a><div class="variablelist"><dl><dt></dt><dd><p>This specifies the IP address (or DNS name: IP 6324 6364 address for preference) of the WINS server that <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> should register with. If you have a WINS server on 6325 6365 your network then you should set this to the WINS server's IP.</p><p>You should point this at your WINS server if you have a … … 6328 6368 (working) server will be queried for a name. The tag should be 6329 6369 separated from the ip address by a colon. 6330 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>You need to set up Samba to point6370 </p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>You need to set up Samba to point 6331 6371 to a WINS server if you have multiple subnets and wish cross-subnet 6332 6372 browsing to work correctly.</p></div><p>See the chapter in the Samba3-HOWTO on Network Browsing.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>wins server</code></em> = <code class="literal"></code> … … 6340 6380 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>wins server</code></em> = <code class="literal">192.9.200.1 192.168.2.61</code> 6341 6381 </em></span> 6342 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565915"></a>6382 </p></dd></dl></div></div><div class="section" title="wins support (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571821"></a> 6343 6383 6344 6384 wins support (G) 6345 </h3></div></div></div><a class="indexterm" name="id25 65916"></a><a name="WINSSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean controls if the <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> process in Samba will act as a WINS server. You should6385 </h3></div></div></div><a class="indexterm" name="id2571822"></a><a name="WINSSUPPORT"></a><div class="variablelist"><dl><dt></dt><dd><p>This boolean controls if the <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> process in Samba will act as a WINS server. You should 6346 6386 not set this to <code class="constant">yes</code> unless you have a multi-subnetted network and 6347 6387 you wish a particular <code class="literal">nmbd</code> to be your WINS server. … … 6349 6389 on more than one machine in your network.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>wins support</code></em> = <code class="literal">no</code> 6350 6390 </em></span> 6351 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2565984"></a>6391 </p></dd></dl></div></div><div class="section" title="workgroup (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571891"></a> 6352 6392 6353 6393 workgroup (G) 6354 </h3></div></div></div><a class="indexterm" name="id25 65985"></a><a name="WORKGROUP"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what workgroup your server will6394 </h3></div></div></div><a class="indexterm" name="id2571892"></a><a name="WORKGROUP"></a><div class="variablelist"><dl><dt></dt><dd><p>This controls what workgroup your server will 6355 6395 appear to be in when queried by clients. Note that this parameter 6356 6396 also controls the Domain name used with … … 6360 6400 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>workgroup</code></em> = <code class="literal">MYGROUP</code> 6361 6401 </em></span> 6362 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566057"></a>6402 </p></dd></dl></div></div><div class="section" title="writable"><div class="titlepage"><div><div><h3 class="title"><a name="id2571963"></a> 6363 6403 6364 6404 <a name="WRITABLE"></a>writable 6365 </h3></div></div></div><a class="indexterm" name="id25 66058"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#WRITEABLE">writeable</a>.</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566088"></a>6405 </h3></div></div></div><a class="indexterm" name="id2571964"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter is a synonym for <a class="link" href="#WRITEABLE">writeable</a>.</p></dd></dl></div></div><div class="section" title="writeable (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2571995"></a> 6366 6406 6367 6407 writeable (S) 6368 </h3></div></div></div><a class="indexterm" name="id25 66089"></a><a name="WRITEABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>Inverted synonym for <a class="link" href="smb.conf.5.html#READONLY" target="_top">read only</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>writeable</code></em> = <code class="literal">no</code>6369 </em></span> 6370 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566139"></a>6408 </h3></div></div></div><a class="indexterm" name="id2571996"></a><a name="WRITEABLE"></a><div class="variablelist"><dl><dt></dt><dd><p>Inverted synonym for <a class="link" href="smb.conf.5.html#READONLY" target="_top">read only</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>writeable</code></em> = <code class="literal">no</code> 6409 </em></span> 6410 </p></dd></dl></div></div><div class="section" title="write cache size (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2572046"></a> 6371 6411 6372 6412 write cache size (S) 6373 </h3></div></div></div><a class="indexterm" name="id25 66140"></a><a name="WRITECACHESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this integer parameter is set to non-zero value,6413 </h3></div></div></div><a class="indexterm" name="id2572047"></a><a name="WRITECACHESIZE"></a><div class="variablelist"><dl><dt></dt><dd><p>If this integer parameter is set to non-zero value, 6374 6414 Samba will create an in-memory cache for each oplocked file 6375 6415 (it does <span class="emphasis"><em>not</em></span> do this for … … 6389 6429 # for a 256k cache size per file</code> 6390 6430 </em></span> 6391 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566223"></a>6431 </p></dd></dl></div></div><div class="section" title="write list (S)"><div class="titlepage"><div><div><h3 class="title"><a name="id2572129"></a> 6392 6432 6393 6433 write list (S) 6394 </h3></div></div></div><a class="indexterm" name="id25 66224"></a><a name="WRITELIST"></a><div class="variablelist"><dl><dt></dt><dd><p>6434 </h3></div></div></div><a class="indexterm" name="id2572130"></a><a name="WRITELIST"></a><div class="variablelist"><dl><dt></dt><dd><p> 6395 6435 This is a list of users that are given read-write access to a service. If the 6396 6436 connecting user is in this list then they will be given write access, no matter … … 6407 6447 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>write list</code></em> = <code class="literal">admin, root, @staff</code> 6408 6448 </em></span> 6409 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566316"></a>6449 </p></dd></dl></div></div><div class="section" title="write raw (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2572223"></a> 6410 6450 6411 6451 write raw (G) 6412 </h3></div></div></div><a class="indexterm" name="id25 66317"></a><a name="WRITERAW"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not the server6452 </h3></div></div></div><a class="indexterm" name="id2572224"></a><a name="WRITERAW"></a><div class="variablelist"><dl><dt></dt><dd><p>This parameter controls whether or not the server 6413 6453 will support raw write SMB's when transferring data from clients. 6414 6454 You should never need to change this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>write raw</code></em> = <code class="literal">yes</code> 6415 6455 </em></span> 6416 </p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2566360"></a>6456 </p></dd></dl></div></div><div class="section" title="wtmp directory (G)"><div class="titlepage"><div><div><h3 class="title"><a name="id2572266"></a> 6417 6457 6418 6458 wtmp directory (G) 6419 </h3></div></div></div><a class="indexterm" name="id25 66361"></a><a name="WTMPDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p>6459 </h3></div></div></div><a class="indexterm" name="id2572268"></a><a name="WTMPDIRECTORY"></a><div class="variablelist"><dl><dt></dt><dd><p> 6420 6460 This parameter is only available if Samba has been configured and compiled with the option <code class="literal"> 6421 6461 --with-utmp</code>. It specifies a directory pathname that is used to store the wtmp or wtmpx files (depending on … … 6429 6469 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>wtmp directory</code></em> = <code class="literal">/var/log/wtmp</code> 6430 6470 </em></span> 6431 </p></dd></dl></div></div></div></div><div class="refsect1" lang="en"><a name="id2566444"></a><h2>WARNINGS</h2><p>6471 </p></dd></dl></div></div></div></div><div class="refsect1" title="WARNINGS"><a name="id2572350"></a><h2>WARNINGS</h2><p> 6432 6472 Although the configuration file permits service names to contain spaces, your client software may not. 6433 6473 Spaces will be ignored in comparisons anyway, so it shouldn't be a problem - but be aware of the possibility. … … 6442 6482 care when designing these sections. In particular, ensure that the permissions on spool directories are 6443 6483 correct. 6444 </p></div><div class="refsect1" lang="en"><a name="id2566494"></a><h2>VERSION</h2><p>This man page is correct for version 3 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id2566504"></a><h2>SEE ALSO</h2><p>6445 <a class="citerefentry" href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, <a class="citerefentry" href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>, <a class="citerefentry" href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a>, <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a class="citerefentry" href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a class="citerefentry" href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>, <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a>, <a class="citerefentry" href="testprns.1.html"><span class="citerefentry"><span class="refentrytitle">testprns</span>(1)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id2566584"></a><h2>AUTHOR</h2><p>6484 </p></div><div class="refsect1" title="VERSION"><a name="id2572400"></a><h2>VERSION</h2><p>This man page is correct for version 3 of the Samba suite.</p></div><div class="refsect1" title="SEE ALSO"><a name="id2572411"></a><h2>SEE ALSO</h2><p> 6485 <a class="citerefentry" href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, <a class="citerefentry" href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>, <a class="citerefentry" href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a>, <a class="citerefentry" href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, <a class="citerefentry" href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a class="citerefentry" href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a class="citerefentry" href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>, <a class="citerefentry" href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a>, <a class="citerefentry" href="testprns.1.html"><span class="citerefentry"><span class="refentrytitle">testprns</span>(1)</span></a>.</p></div><div class="refsect1" title="AUTHOR"><a name="id2572490"></a><h2>AUTHOR</h2><p> 6446 6486 The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed 6447 6487 by the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
Note:
See TracChangeset
for help on using the changeset viewer.