Diferencia entre revisiones de «Samba»
De Guifi.net - Wiki Hispano
(Página creada con «{{en desarrollo}} Instalar los paquetes necesarios: aptitude install libcupsys2 samba samba-common portmap samba-common-bin») |
|||
| (No se muestran 5 ediciones intermedias realizadas por 3 usuarios) | |||
| Línea 1: | Línea 1: | ||
| − | + | __TOC__ | |
| + | ==descripción, uso.-== | ||
| − | + | Es un conjunto de programas diseñado para permitir la comunicación con ordenadores con sistema operativo privativo de Microsoft, especialmente útil en redes donde conviven arquitecturas y sistemas diferentes; mediante samba podemos integrar en la misma red los ordenadores de usuario final, con sistemas operativos privativos, y los equipos con sistemas libres. Cada equipo que usa samba proporciona a todos los efectos los mismos servicios que proporcionaría un servidor de Microsoft, pero en formato libre y sin costes de licencias e instalación. | |
| − | + | ||
| + | ==funciones implementadas con samba.-== | ||
| + | * hosting de archivos | ||
| + | * compartir archivos, carpetas y recursos | ||
| + | * gestión centralizada de usuarios windows mediante la integracíón ''Samba''-''[[OpenLDAP]]'' | ||
| + | |||
| + | ==servidores con samba en producción.-== | ||
| + | aaa | ||
| + | .- mantiene el hosting de archivos de los departamentos, proporcionando un recurso | ||
| + | compartido a cada servicio o grupo de trabajo. | ||
| + | .- la gestión de usuarios la realiza el sistema operativo de este servidor vía archivo /etc/passwd | ||
| + | .- las copias de seguridad de las carpetas de los servicios se realiza mediante sincronización con | ||
| + | los discos SCSI de ''bbb'' (rsync), distribuyendo cinco copias a la semana entre dos discos | ||
| + | diferentes en cinco carpetas (1=lunes, 2=martes, ...) | ||
| + | |||
| + | este es el código que ejecuta el archivo ''istambul:/home/admin/lmxjv.sh'' variando segun la fecha | ||
| + | la carpeta y disco de destino: | ||
| + | rsync -auvzr --progress root@aaa.dominio.es:/origen/* /destino/... | ||
| + | |||
| + | bbb | ||
| + | .- mantiene un servidor samba en entorno de desarrollo especialmente para las pruebas de | ||
| + | integración samba-ldap; fue el primer servidor samba cuyo sistema de usuarios se apuntaba al | ||
| + | servidor ldap | ||
| + | |||
| + | ccc | ||
| + | .- este equipo mantiene el árbol ldap de la organización, de donde | ||
| + | partirá la unificación de usuarios; mantiene también un servidor samba como el de | ||
| + | ''bbb'' con gestión de usuarios vía ldap | ||
| + | |||
| + | ==implementación.-== | ||
| + | para servidores con gestión local de usuarios | ||
| + | apt-get install samba samba-common | ||
| + | |||
| + | para servidores con gestion de usuarios ldap además | ||
| + | apt-get install smbldap-tools | ||
| + | |||
| + | el resto es activar el tipo de funciones que ha de realizar el servidor, si será Controlador de Dominio, qué dominio sirve, dónde estarán sus usuarios, etc. y definir sus recursos compartidos y los permisos de acceso a esos recursos. | ||
| + | |||
| + | ==ejemplos de uso.-== | ||
| + | |||
| + | /etc/init.d/samba | ||
| + | |||
| + | testparm -v | ||
| + | |||
| + | smbstatus | ||
| + | |||
| + | root@host# mount -t smbfs -o username=administrador //equipo/carpeta_origen /home/destino/ | ||
| + | |||
| + | ==estado de desarrollo== | ||
| + | * los servidores con samba están en producción atendiendo eficazmente todas las peticiones que les realizan los dptos sin percances significativos hasta el momento; el resto de servidores samba están preparados para trabajar en cualquier momento en modo producción y configurados ya para trabajar con el servidor ldap en vez de mediante usuarios locales o de dominio; | ||
| + | |||
| + | * quedaría pendiente el cambio de discos físicos del servidor ''aaa'' debido a un problema en el particionamiento de su instalación que hace imposible acceder a las características de sus sistemas de archivos y quizá pueda ser la causa de un futuro fallo del sistema de archivos; ésta es la salida del comando ''df -h'' | ||
| + | |||
| + | Filesystem Size Used Avail Use% Mounted on | ||
| + | /dev/hda1 -19135695371958k 1.0k 0.0k 97% / | ||
| + | |||
| + | * el siguiente paso en el desarrollo de esta tecnología debería llevarnos a la gestión total e integrada de usuarios windows mediante [[OpenLDAP]] y la protección de recursos compartidos mediante la gestión apropiada de esas contraseñas; técnicamente está todo preparado para abordar este cambio | ||
| + | |||
| + | ==comentarios.-== | ||
| + | |||
| + | ==archivos de configuración== | ||
| + | ===autenticacion de usuarios vía ldap (en ''ccc:/etc/samba/smb.conf'')=== | ||
| + | [global] | ||
| + | unix charset = LOCALE | ||
| + | workgroup = GRUPO | ||
| + | netbios name = maquina | ||
| + | passdb backend = ldapsam:ldap://127.0.0.1 | ||
| + | username map = /etc/samba/smbusers | ||
| + | log level = 2 | ||
| + | syslog = 0 | ||
| + | log file = /var/log/samba.log | ||
| + | max log size = 50 | ||
| + | smb ports = 139 445 | ||
| + | name resolve order = hosts wins bcast | ||
| + | wins server = a.b.c.d | ||
| + | time server = Yes | ||
| + | show add printer wizard = No | ||
| + | add user script = /usr/sbin/smbldap-useradd -a -m '%u' | ||
| + | delete user script = /usr/sbin/smbldap-userdel -r %u | ||
| + | add group script = /usr/sbin/smbldap-groupadd -p '%g' | ||
| + | delete group script = /usr/sbin/smbldap-groupdel '%g' | ||
| + | add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' | ||
| + | delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' | ||
| + | set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' | ||
| + | add machine script = /usr/sbin/smbldap-useradd -w '%u | ||
| + | passwd program = /usr/sbin/smbldap-passwd '%u' | ||
| + | logon script = scripts\logon.bat | ||
| + | logon path = \\%L\profiles\%U | ||
| + | logon drive = X: | ||
| + | domain logons = Yes | ||
| + | preferred master = Yes | ||
| + | ldap admin dn = cn=admin,dc=ldap,dc=blogmail,dc=cc | ||
| + | ldap group suffix = ou=Groups | ||
| + | ldap idmap suffix = ou=Idmap | ||
| + | ldap machine suffix = ou=Computers | ||
| + | ldap passwd sync = Yes | ||
| + | ldap suffix = dc=ldap,dc=blogmail,dc=cc | ||
| + | ldap user suffix = ou=Users | ||
| + | idmap backend = ldap:ldap://127.0.0.1 | ||
| + | idmap uid = 10000-20000 | ||
| + | idmap gid = 10000-20000 | ||
| + | printer admin = Administrator | ||
| + | map acl inherit = Yes | ||
| + | printing = cups | ||
| + | printcap name = CUPS | ||
| + | |||
| + | ===configuración del hosting de servicios en '''aaa:/etc/samba/smb.conf'''=== | ||
| + | la salida siguiente la hemos obtenido con ''testparm -v'', muchas de las variables que se muestran son los valores por defecto de samba. | ||
| + | [global] | ||
| + | dos charset = CP850 | ||
| + | unix charset = UTF-8 | ||
| + | display charset = LOCALE | ||
| + | workgroup = HVDT | ||
| + | realm = | ||
| + | netbios name = SINAI | ||
| + | netbios aliases = | ||
| + | netbios scope = | ||
| + | server string = %h server (Samba %v) | ||
| + | interfaces = | ||
| + | bind interfaces only = No | ||
| + | security = SHARE | ||
| + | auth methods = | ||
| + | encrypt passwords = Yes | ||
| + | update encrypted = No | ||
| + | client schannel = Auto | ||
| + | server schannel = Auto | ||
| + | allow trusted domains = Yes | ||
| + | hosts equiv = | ||
| + | min passwd length = 5 | ||
| + | map to guest = Never | ||
| + | null passwords = No | ||
| + | obey pam restrictions = Yes | ||
| + | password server = * | ||
| + | smb passwd file = /etc/samba/smbpasswd | ||
| + | private dir = /etc/samba | ||
| + | passdb backend = tdbsam, guest | ||
| + | algorithmic rid base = 1000 | ||
| + | root directory = | ||
| + | guest account = nobody | ||
| + | pam password change = No | ||
| + | passwd program = /usr/bin/passwd %u | ||
| + | passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . | ||
| + | passwd chat debug = No | ||
| + | passwd chat timeout = 2 | ||
| + | username map = | ||
| + | password level = 0 | ||
| + | username level = 0 | ||
| + | unix password sync = No | ||
| + | restrict anonymous = 0 | ||
| + | lanman auth = Yes | ||
| + | ntlm auth = Yes | ||
| + | client NTLMv2 auth = No | ||
| + | client lanman auth = Yes | ||
| + | client plaintext auth = Yes | ||
| + | preload modules = | ||
| + | log level = 0 | ||
| + | syslog = 0 | ||
| + | syslog only = No | ||
| + | log file = /var/log/samba/log.%m | ||
| + | max log size = 1000 | ||
| + | timestamp logs = Yes | ||
| + | debug hires timestamp = No | ||
| + | debug pid = No | ||
| + | debug uid = No | ||
| + | smb ports = 445 139 | ||
| + | protocol = NT1 | ||
| + | large readwrite = Yes | ||
| + | max protocol = NT1 | ||
| + | min protocol = CORE | ||
| + | read bmpx = No | ||
| + | read raw = Yes | ||
| + | write raw = Yes | ||
| + | disable netbios = No | ||
| + | acl compatibility = | ||
| + | nt pipe support = Yes | ||
| + | nt status support = Yes | ||
| + | announce version = 4.9 | ||
| + | announce as = NT | ||
| + | max mux = 50 | ||
| + | max xmit = 16644 | ||
| + | name resolve order = lmhosts wins host bcast | ||
| + | max ttl = 259200 | ||
| + | max wins ttl = 518400 | ||
| + | min wins ttl = 21600 | ||
| + | time server = No | ||
| + | unix extensions = Yes | ||
| + | use spnego = Yes | ||
| + | client signing = auto | ||
| + | server signing = No | ||
| + | client use spnego = Yes | ||
| + | change notify timeout = 60 | ||
| + | deadtime = 0 | ||
| + | getwd cache = Yes | ||
| + | keepalive = 300 | ||
| + | kernel change notify = Yes | ||
| + | lpq cache time = 10 | ||
| + | max smbd processes = 0 | ||
| + | paranoid server security = Yes | ||
| + | max disk size = 0 | ||
| + | max open files = 10000 | ||
| + | socket options = TCP_NODELAY | ||
| + | use mmap = Yes | ||
| + | hostname lookups = No | ||
| + | name cache timeout = 660 | ||
| + | load printers = Yes | ||
| + | printcap name = cups | ||
| + | disable spoolss = No | ||
| + | enumports command = | ||
| + | addprinter command = | ||
| + | deleteprinter command = | ||
| + | show add printer wizard = Yes | ||
| + | os2 driver map = | ||
| + | mangling method = hash2 | ||
| + | mangle prefix = 1 | ||
| + | stat cache = Yes | ||
| + | machine password timeout = 604800 | ||
| + | add user script = | ||
| + | delete user script = | ||
| + | add group script = | ||
| + | delete group script = | ||
| + | add user to group script = | ||
| + | delete user from group script = | ||
| + | set primary group script = | ||
| + | add machine script = | ||
| + | shutdown script = | ||
| + | abort shutdown script = | ||
| + | logon script = | ||
| + | logon path = \\%N\%U\profile | ||
| + | logon drive = | ||
| + | logon home = \\%N\%U | ||
| + | domain logons = No | ||
| + | os level = 20 | ||
| + | lm announce = Auto | ||
| + | lm interval = 60 | ||
| + | preferred master = Auto | ||
| + | local master = Yes | ||
| + | domain master = Auto | ||
| + | browse list = Yes | ||
| + | enhanced browsing = Yes | ||
| + | dns proxy = No | ||
| + | wins proxy = No | ||
| + | wins server = 193.146.178.5 | ||
| + | wins support = No | ||
| + | wins hook = | ||
| + | wins partners = | ||
| + | kernel oplocks = Yes | ||
| + | lock spin count = 3 | ||
| + | lock spin time = 10 | ||
| + | oplock break wait time = 0 | ||
| + | ldap suffix = | ||
| + | ldap machine suffix = | ||
| + | ldap user suffix = | ||
| + | ldap group suffix = | ||
| + | ldap idmap suffix = | ||
| + | ldap filter = (uid=%u) | ||
| + | ldap admin dn = | ||
| + | ldap ssl = | ||
| + | ldap passwd sync = no | ||
| + | ldap delete dn = No | ||
| + | ldap replication sleep = 1000 | ||
| + | add share command = | ||
| + | change share command = | ||
| + | delete share command = | ||
| + | config file = | ||
| + | preload = | ||
| + | lock directory = | ||
| + | pid directory = /var/run/samba | ||
| + | utmp directory = | ||
| + | wtmp directory = | ||
| + | utmp = No | ||
| + | default service = | ||
| + | message command = | ||
| + | dfree command = | ||
| + | get quota command = | ||
| + | set quota command = | ||
| + | remote announce = | ||
| + | remote browse sync = | ||
| + | socket address = 0.0.0.0 | ||
| + | homedir map = auto.home | ||
| + | afs username map = | ||
| + | time offset = 0 | ||
| + | NIS homedir = No | ||
| + | panic action = /usr/share/samba/panic-action %d | ||
| + | host msdfs = No | ||
| + | enable rid algorithm = Yes | ||
| + | idmap backend = | ||
| + | idmap uid = | ||
| + | idmap gid = | ||
| + | template primary group = nobody | ||
| + | template homedir = /home/%D/%U | ||
| + | template shell = /bin/false | ||
| + | winbind separator = \ | ||
| + | winbind cache time = 300 | ||
| + | winbind enable local accounts = Yes | ||
| + | winbind enum users = Yes | ||
| + | winbind enum groups = Yes | ||
| + | winbind use default domain = No | ||
| + | winbind trusted domains only = No | ||
| + | winbind nested groups = No | ||
| + | comment = | ||
| + | path = | ||
| + | username = | ||
| + | invalid users = | ||
| + | valid users = | ||
| + | admin users = | ||
| + | read list = | ||
| + | write list = | ||
| + | printer admin = | ||
| + | force user = | ||
| + | force group = | ||
| + | read only = Yes | ||
| + | create mask = 0744 | ||
| + | force create mode = 00 | ||
| + | security mask = 0777 | ||
| + | force security mode = 00 | ||
| + | directory mask = 0755 | ||
| + | force directory mode = 00 | ||
| + | directory security mask = 0777 | ||
| + | force directory security mode = 00 | ||
| + | inherit permissions = No | ||
| + | inherit acls = No | ||
| + | guest only = No | ||
| + | guest ok = No | ||
| + | only user = No | ||
| + | hosts allow = | ||
| + | hosts deny = | ||
| + | ea support = No | ||
| + | nt acl support = Yes | ||
| + | profile acls = No | ||
| + | map acl inherit = No | ||
| + | afs share = No | ||
| + | block size = 1024 | ||
| + | max connections = 0 | ||
| + | min print space = 0 | ||
| + | strict allocate = No | ||
| + | strict sync = No | ||
| + | sync always = No | ||
| + | use sendfile = No | ||
| + | write cache size = 0 | ||
| + | max reported print jobs = 0 | ||
| + | max print jobs = 1000 | ||
| + | printable = No | ||
| + | printing = cups | ||
| + | cups options = | ||
| + | print command = | ||
| + | lpq command = | ||
| + | lprm command = | ||
| + | lppause command = | ||
| + | lpresume command = | ||
| + | queuepause command = | ||
| + | queueresume command = | ||
| + | printer name = | ||
| + | use client driver = No | ||
| + | default devmode = No | ||
| + | default case = lower | ||
| + | case sensitive = No | ||
| + | preserve case = Yes | ||
| + | short preserve case = Yes | ||
| + | mangle case = No | ||
| + | mangling char = ~ | ||
| + | hide dot files = Yes | ||
| + | hide special files = No | ||
| + | hide unreadable = No | ||
| + | hide unwriteable files = No | ||
| + | delete veto files = No | ||
| + | veto files = | ||
| + | hide files = | ||
| + | veto oplock files = | ||
| + | map system = No | ||
| + | map hidden = No | ||
| + | map archive = Yes | ||
| + | mangled names = Yes | ||
| + | mangled map = | ||
| + | store dos attributes = No | ||
| + | browseable = Yes | ||
| + | blocking locks = Yes | ||
| + | csc policy = manual | ||
| + | fake oplocks = No | ||
| + | locking = Yes | ||
| + | oplocks = Yes | ||
| + | level2 oplocks = Yes | ||
| + | oplock contention limit = 2 | ||
| + | posix locking = Yes | ||
| + | strict locking = Yes | ||
| + | share modes = Yes | ||
| + | copy = | ||
| + | include = | ||
| + | exec = | ||
| + | preexec close = No | ||
| + | postexec = | ||
| + | root preexec = | ||
| + | root preexec close = No | ||
| + | root postexec = | ||
| + | available = Yes | ||
| + | volume = | ||
| + | fstype = NTFS | ||
| + | set directory = No | ||
| + | wide links = Yes | ||
| + | follow symlinks = Yes | ||
| + | dont descend = | ||
| + | magic script = | ||
| + | magic output = | ||
| + | delete readonly = No | ||
| + | dos filemode = No | ||
| + | dos filetimes = No | ||
| + | dos filetime resolution = No | ||
| + | fake directory create times = No | ||
| + | vfs objects = | ||
| + | msdfs root = No | ||
| + | msdfs proxy = | ||
| + | |||
| + | [Dpto_generico] | ||
| + | comment = Departamento 1 | ||
| + | path = /var/dptos/Dpto1 | ||
| + | read only = No | ||
| + | create mask = 0777 | ||
| + | directory mask = 0777 | ||
| + | guest ok = Yes | ||
| + | |||
| + | [Dpto_restringido] | ||
| + | comment = informatica | ||
| + | path = /var/dptos/informatica | ||
| + | write list = informatica, admin, root | ||
| + | read only = No | ||
| + | create mask = 0770 | ||
| + | directory mask = 0770 | ||
| + | |||
| + | |||
| + | [[Categoría:Software]] | ||
Revisión de 00:55 2 mayo 2007
Contenido
descripción, uso.-
Es un conjunto de programas diseñado para permitir la comunicación con ordenadores con sistema operativo privativo de Microsoft, especialmente útil en redes donde conviven arquitecturas y sistemas diferentes; mediante samba podemos integrar en la misma red los ordenadores de usuario final, con sistemas operativos privativos, y los equipos con sistemas libres. Cada equipo que usa samba proporciona a todos los efectos los mismos servicios que proporcionaría un servidor de Microsoft, pero en formato libre y sin costes de licencias e instalación.
funciones implementadas con samba.-
- hosting de archivos
- compartir archivos, carpetas y recursos
- gestión centralizada de usuarios windows mediante la integracíón Samba-OpenLDAP
servidores con samba en producción.-
aaa
.- mantiene el hosting de archivos de los departamentos, proporcionando un recurso compartido a cada servicio o grupo de trabajo. .- la gestión de usuarios la realiza el sistema operativo de este servidor vía archivo /etc/passwd .- las copias de seguridad de las carpetas de los servicios se realiza mediante sincronización con los discos SCSI de bbb (rsync), distribuyendo cinco copias a la semana entre dos discos diferentes en cinco carpetas (1=lunes, 2=martes, ...)
este es el código que ejecuta el archivo istambul:/home/admin/lmxjv.sh variando segun la fecha la carpeta y disco de destino: rsync -auvzr --progress root@aaa.dominio.es:/origen/* /destino/...
bbb
.- mantiene un servidor samba en entorno de desarrollo especialmente para las pruebas de integración samba-ldap; fue el primer servidor samba cuyo sistema de usuarios se apuntaba al servidor ldap
ccc
.- este equipo mantiene el árbol ldap de la organización, de donde partirá la unificación de usuarios; mantiene también un servidor samba como el de bbb con gestión de usuarios vía ldap
implementación.-
para servidores con gestión local de usuarios
apt-get install samba samba-common
para servidores con gestion de usuarios ldap además
apt-get install smbldap-tools
el resto es activar el tipo de funciones que ha de realizar el servidor, si será Controlador de Dominio, qué dominio sirve, dónde estarán sus usuarios, etc. y definir sus recursos compartidos y los permisos de acceso a esos recursos.
ejemplos de uso.-
/etc/init.d/samba
testparm -v
smbstatus
root@host# mount -t smbfs -o username=administrador //equipo/carpeta_origen /home/destino/
estado de desarrollo
- los servidores con samba están en producción atendiendo eficazmente todas las peticiones que les realizan los dptos sin percances significativos hasta el momento; el resto de servidores samba están preparados para trabajar en cualquier momento en modo producción y configurados ya para trabajar con el servidor ldap en vez de mediante usuarios locales o de dominio;
- quedaría pendiente el cambio de discos físicos del servidor aaa debido a un problema en el particionamiento de su instalación que hace imposible acceder a las características de sus sistemas de archivos y quizá pueda ser la causa de un futuro fallo del sistema de archivos; ésta es la salida del comando df -h
Filesystem Size Used Avail Use% Mounted on /dev/hda1 -19135695371958k 1.0k 0.0k 97% /
- el siguiente paso en el desarrollo de esta tecnología debería llevarnos a la gestión total e integrada de usuarios windows mediante OpenLDAP y la protección de recursos compartidos mediante la gestión apropiada de esas contraseñas; técnicamente está todo preparado para abordar este cambio
comentarios.-
archivos de configuración
autenticacion de usuarios vía ldap (en ccc:/etc/samba/smb.conf)
[global] unix charset = LOCALE workgroup = GRUPO netbios name = maquina passdb backend = ldapsam:ldap://127.0.0.1 username map = /etc/samba/smbusers log level = 2 syslog = 0 log file = /var/log/samba.log max log size = 50 smb ports = 139 445 name resolve order = hosts wins bcast wins server = a.b.c.d time server = Yes show add printer wizard = No add user script = /usr/sbin/smbldap-useradd -a -m '%u' delete user script = /usr/sbin/smbldap-userdel -r %u add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u passwd program = /usr/sbin/smbldap-passwd '%u' logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes preferred master = Yes ldap admin dn = cn=admin,dc=ldap,dc=blogmail,dc=cc ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=ldap,dc=blogmail,dc=cc ldap user suffix = ou=Users idmap backend = ldap:ldap://127.0.0.1 idmap uid = 10000-20000 idmap gid = 10000-20000 printer admin = Administrator map acl inherit = Yes printing = cups printcap name = CUPS
configuración del hosting de servicios en aaa:/etc/samba/smb.conf
la salida siguiente la hemos obtenido con testparm -v, muchas de las variables que se muestran son los valores por defecto de samba.
[global]
dos charset = CP850
unix charset = UTF-8
display charset = LOCALE
workgroup = HVDT
realm =
netbios name = SINAI
netbios aliases =
netbios scope =
server string = %h server (Samba %v)
interfaces =
bind interfaces only = No
security = SHARE
auth methods =
encrypt passwords = Yes
update encrypted = No
client schannel = Auto
server schannel = Auto
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = Yes
password server = *
smb passwd file = /etc/samba/smbpasswd
private dir = /etc/samba
passdb backend = tdbsam, guest
algorithmic rid base = 1000
root directory =
guest account = nobody
pam password change = No
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
passwd chat debug = No
passwd chat timeout = 2
username map =
password level = 0
username level = 0
unix password sync = No
restrict anonymous = 0
lanman auth = Yes
ntlm auth = Yes
client NTLMv2 auth = No
client lanman auth = Yes
client plaintext auth = Yes
preload modules =
log level = 0
syslog = 0
syslog only = No
log file = /var/log/samba/log.%m
max log size = 1000
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
smb ports = 445 139
protocol = NT1
large readwrite = Yes
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
disable netbios = No
acl compatibility =
nt pipe support = Yes
nt status support = Yes
announce version = 4.9
announce as = NT
max mux = 50
max xmit = 16644
name resolve order = lmhosts wins host bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
unix extensions = Yes
use spnego = Yes
client signing = auto
server signing = No
client use spnego = Yes
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
kernel change notify = Yes
lpq cache time = 10
max smbd processes = 0
paranoid server security = Yes
max disk size = 0
max open files = 10000
socket options = TCP_NODELAY
use mmap = Yes
hostname lookups = No
name cache timeout = 660
load printers = Yes
printcap name = cups
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
mangling method = hash2
mangle prefix = 1
stat cache = Yes
machine password timeout = 604800
add user script =
delete user script =
add group script =
delete group script =
add user to group script =
delete user from group script =
set primary group script =
add machine script =
shutdown script =
abort shutdown script =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = No
os level = 20
lm announce = Auto
lm interval = 60
preferred master = Auto
local master = Yes
domain master = Auto
browse list = Yes
enhanced browsing = Yes
dns proxy = No
wins proxy = No
wins server = 193.146.178.5
wins support = No
wins hook =
wins partners =
kernel oplocks = Yes
lock spin count = 3
lock spin time = 10
oplock break wait time = 0
ldap suffix =
ldap machine suffix =
ldap user suffix =
ldap group suffix =
ldap idmap suffix =
ldap filter = (uid=%u)
ldap admin dn =
ldap ssl =
ldap passwd sync = no
ldap delete dn = No
ldap replication sleep = 1000
add share command =
change share command =
delete share command =
config file =
preload =
lock directory =
pid directory = /var/run/samba
utmp directory =
wtmp directory =
utmp = No
default service =
message command =
dfree command =
get quota command =
set quota command =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
afs username map =
time offset = 0
NIS homedir = No
panic action = /usr/share/samba/panic-action %d
host msdfs = No
enable rid algorithm = Yes
idmap backend =
idmap uid =
idmap gid =
template primary group = nobody
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 300
winbind enable local accounts = Yes
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
winbind trusted domains only = No
winbind nested groups = No
comment =
path =
username =
invalid users =
valid users =
admin users =
read list =
write list =
printer admin =
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
inherit permissions = No
inherit acls = No
guest only = No
guest ok = No
only user = No
hosts allow =
hosts deny =
ea support = No
nt acl support = Yes
profile acls = No
map acl inherit = No
afs share = No
block size = 1024
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
use sendfile = No
write cache size = 0
max reported print jobs = 0
max print jobs = 1000
printable = No
printing = cups
cups options =
print command =
lpq command =
lprm command =
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer name =
use client driver = No
default devmode = No
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide special files = No
hide unreadable = No
hide unwriteable files = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
store dos attributes = No
browseable = Yes
blocking locks = Yes
csc policy = manual
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = Yes
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
vfs objects =
msdfs root = No
msdfs proxy =
[Dpto_generico]
comment = Departamento 1
path = /var/dptos/Dpto1
read only = No
create mask = 0777
directory mask = 0777
guest ok = Yes
[Dpto_restringido]
comment = informatica
path = /var/dptos/informatica
write list = informatica, admin, root
read only = No
create mask = 0770
directory mask = 0770
