|
|
The Samba/iX configuration file contains the runtime configuration information
for Samba/iX. This file contains the sections and parameters. There are four
special sections: the [global] section, the [printers] section,
[homes] section and other sections. This file also contains the
information required for each share (service) and defines attributes like
associated directory path, read or write access for each share.
The Samba/iX configuration file is named "smb.conf" which resides in
the /usr/local/samba/lib directory on HP 3000 system. This chapter
documents the possible configuration options that the users can specify in the
"smb.conf" file. There are many configuration options available, but
only the configuration options and uses defined in this manual are supported
by HP.
- [Global] Section
- This section is for parameters which apply to the server as a whole
rather than to a specific service. It can also be used to specify
default values for service-specific parameters which are then inherited
by other services, referred to later in the configuration file.
- [Printers] Section
- This section works in conjunction with the printcap file and allows it
to configure a large number of printer shares without having to add
separate detailed sections for each of them. The printer names and
optional aliases are listed in the printcap file; and the configuration
parameters are defined in this section.
- [Homes] Section
- This section provides access to the user's home directories without
having to add a separate section for each of them. The share name is
considered to be a valid user id and the path defaults to that user's
home directory.
- Other Sections
- These sections explicitly define the file and printer shares.
Global Configuration Options
The global configuration options can be defined in the [Global] Section
in the "smb.conf" file, options cover the following configuration
options which are supported for use by HP:
- Configuration file option
- Browser option
- Network interface configuration
- Mapping PC usernames to MPE usernames
- Setting the maximum SMB packet size
- Disconnecting idle clients
- Setting logging behaviors
- Login/logout commands
- Global printer service option
Configuration File Option
- config file
- The config file parameter allows you to specify the pathname for the
configuration file used by Samba/iX.
Example: config file = /usr/local/samba/lib/smb.conf
Browser Option
- workgroup
- The workgroup parameter specifies the name of the workgroup; the
Samba/iX server will appear as part of the browse list.
Example: workgroup = SambaiX
- server string
- The server string parameter defines the server's comment string. This
comment string will appear next to the machine name in the browse lists,
such as the network neighborhood.
Example: server string = HP3000, File/Printer server
Default: server string = samba 1.9.16p9
- default service
- This parameter specifies the name of a service that a client will be
connected to, if the service actually requested doesn't exist. Typically
the default service is some sort of public, read-only service.
Example: default service = public
Default: none
Mapping PC Usernames to MPE Usernames
- username map
- This username map parameter allows you to map PC style usernames to MPE
style usernames. You can specify the location of your username map file
with the username map parameters.
Example: username map = /usr/location/samba/lib/user.map
The syntax of the username map file is simple. Each line consists of a
MPE style name like manager.sys and a list of possible PC style
username like webuser, separated by an equal sign. A sample
username map in the user.map file is defined as follows.
Example: manager.sys = webuser
Network Interface Configuration
- interfaces
- The interfaces option allows you to inform Samba/iX of each interface
you wish it to provide services on, by supplying IP address and subnet
mask of your HP 3000 system.
Example: interfaces = 192.1.2.3/255.255.0
Setting the Maximum SMB Packet Size
- max xmit
- The max xmit parameter allows you to set the maximum packet size which
Samba/iX can negotiate with a client. This is the maximum packet size
that SMBD will accept from a client, setting an upper limit on the
packet size that will be negotiated with a client at session setup.
Example: max xmit = 8000
Default: max xmit = 65535
Disconnecting Idle Clients Option
- dead time
- An inactive client will consume server resources even though it is not
doing anything. The dead time parameter defines an integer value
describing the number of minutes of inactivity before a session is
automatically disconnected. The "dead time" is considered to begin when
a client has no open files. The default "dead time" of zero indicates
that no client should ever be dropped because of inactivity.
Example: 5 (in minutes)
Default: 0 (in minutes)
Setting Logging Behavior
- max log size
- The max log size option specifies the maximum size in kilobytes to which
log files can grow. The default value of the maximum log file size is
5000 in kilobytes. If the file exceeds the specified size, it is renamed
by adding the .old extension.
Example: max log size = 10000 (in kilobytes)
Default: 5000 (in kilobytes)
- log file
- The log file parameter allows you to specify the pathname of log file
used by SMBD and NMBD processes.
Example: log file = /usr/local/samba/var/log.smb
- debug level
- The debug level parameter allows the debug logging level to be specified
in the Samba/iX configuration file. This option defines the level of
trace messages that you want to log into the logfile.
The typical range of the debug level can be from 0 to 5. Large values
cause more detailed information to be logged. Most of these debug levels
exist to help users to debug the server activity.
Example: debug level = 3
Default: debug level = 0
Login/Logout Commands
- preexec
- The preexec parameter allows you to specify a command to be run whenever
the service is connected.
Example: callci /usr/local/samba/lib/tellop tcon %S %u %m %I
Generates the following example output to the console:
9:41 #J36/50/FROM/MGR.SAMBA/tcon on IPC$ by MGR.SAMBA from
rkm-nt
- postexec
- The postexec parameter allows you to specify a command to be run
whenever the service is disconnected.
Example: callci /usr/local/samba/lib/tellop tdis %S %u %m %I
Generates the following example output to the console:
9:41 #J36/70/FROM/MGR.SAMBA/tdis on IPC$by MGR.SAMBA from rkm-nt
Global Printer Service Options
The global printer service options allows you to specify the location of the
"printcap", printer command parameter used by Samba/iX.
The following global printer configuration options are supported for use by HP:
- load printers
- The load printers parameter is used in conjunction with printcap file
and [printers] section. It is a boolean variable that controls
whether all printers in the "printcap" file will be loaded for
browsing.
If the load printers parameter is set to true, all printers defined in
the printcap file will be loaded for browsing by default.
Example: load printers = yes
Default: load printer = no
- printcap name
- The printcap name option specifies the location of the printcap.
Samba/iX uses the printcap to determine all printers available
on the system if the general [printers] service is used instead
of defining each printer in its own service.
Example: printcap name = /usr/local/samba/lib/printcap
- print command
- The print command parameter defines the shell command which Samba/iX
will use to submit a print job. After Samba/iX has finished spooling a
print job to the disk, it calls this command. After processing the file,
this command must remove the spoolfile, unless you don't mind spool
files building up on your system.
This parameter can use the following print-specific macros:
- %s
- The full path of the print spool file.
- %p
- The name of the printer to which the job is to be submitted.
Example: print command = /usr/local/samba/lib/rawlp %s %p; rm %s
On MPE/iX 6.0, the "rawlp" utility is available on the system
and is used to send the file contents to a spooler like
"lp -oraw".
Controlling User Access Rights
- allow hosts
-
Default: none
- deny hosts
- These parameters allow users to define a set of client IP addresses
which will be granted access to service. If an allow hosts option is
present, only hosts matching the pattern are allowed to access the
service. If a deny hosts option exists, only hosts not matching the
pattern will be granted access.
Example: allow hosts = 192.1.2.3
Default: none
- valid users
-
Default: none
- invalid users
- If neither of these parameters are set, then any authenticated user will
be granted access to the service. The valid users parameter may contain
a comma-delimited list of users who will be allowed to access the
service. The invalid users parameter may contain a similar
comma-delimited list of users who will never be granted access to the
service. These parameters use MPE style user syntax (for example,
user.acct) to specify users.
The password format used when you log on from a PC client should be
userpassword, acctpassword.
Example: valid users = mgr.samba
Default: none
- guest account
- The shares can be configured to accept connections without a validated
user ID and password, then you can use the "guest account" parameter to
assume the guest logon identify for accessing files and printers.
Example: guest account = mgr.samba
Default: none
- revalidate
- Forces the revalidation of password. When Samba/iX successfully
validates a clients password, it passes a token back to client. This is
used by the client to connect to other shares. If
revalidate=true, then Samba/iX expects a valid username and
password pair again without just relying on the token. For example,
after connecting to "temp", if the client tries to connect to another
share, Samba/iX revalidates the password.
Example: revalidate = yes
Default: no
Share Configuration Options
This section covers the share configuration options that you use when you
configure for a specific disk or printer share in the Samba/iX configuration
file.
Setting the Shared Directory
- path
- The path parameter specifies the pathname of the shared directory.
Example: path = /usr/local/samba/docs
For printer services, this parameter describes the directory used to
temporarily spool files sent from clients for printing before they are
spooled to the local HP 3000 printer.
Example: path = /usr/local/samba/spool
Browser Option
- browseable
- This parameter controls whether this share is seen in the list of
available shares in the browse list.
Example: browseable = yes
Default: browseable = yes
- Available
- This parameter lets you remove a service from availability. If available
is no, all attempts to connect to the service will fail. Using this
option preserves the service's settings and is usually more convenient
than commenting out the service.
Example: available = no
Default: available = yes
Comment Option
- comment
- The "comment" parameter specifies the comment message in the share
services.
Example: comment = share "public" service for guest users.
Printing Access
- print ok
- The "print ok" option is specified in the [prints] section to
enable the share for printing access.
Controlling Read/Write Access
- guest ok
- If guest ok is true, then guest access will be allowed. The
access rights of a client connecting as guest will be those of the
username set in the "guest account."
Example: guest ok = yes
Default: guest ok = no
- guest only
- If guest only is true, then access of service/share is only granted with
the rights of usernames given in the "guest account" parameter.
Example: guest only = yes
Default: guest only = no
- create mode
- The "create mode" is used to define the permission used by share
services.
This option sets an octal value representing the file permissions
available to a file created by Samba/iX.
Example: create mode = 0744
The value of 0744 causes the group and other write and execute
bit to be removed from a file created by Samba.
- read only
- Example: read only = yes
Default: read only = yes
- write ok
- The read only = yes is identical to write ok = no. If
write ok is true, clients will be granted read/write access to
a share. The same effect can be achieved by setting read only to false.
Example: write ok = no
Default: write ok = no
Sample Configuration File — samp-smb.conf
When you want to use Samba/iX, you should copy the Samba/iX sample
configuration file to /usr/local/samba/lib/smb.conf and adjust this
file as needed. The sample configuration file samp-smb.conf resides
in the /usr/local/samba/lib directory. Please refer to
Appendix A "Samba/iX Sample Comfiguration File"
Configuring the Shares for File Sharing
The PCs can access the server side filespaces using Samba/iX. Whenever the
clients want to connect to the server, the server side validates the username
and password which are sent by the client and grants access to the requests
share if it is appropriate.
You can configure the file service with guest access and the Samba/iX server
can grant to the guest users without a validated user ID and password.
Share level security is the default security level in Samba/iX. The following
example shows the configuration steps you can use to configure with
[global] and [service] section with security = share:
- Add in the [global] section the following parameter:
security = share
- To add a share, the entries can be given in the example below:
[sample shares]
comment = shared space
guest ok = no
write ok = yes
path = /sample/test
- Add a username mapping in "user.map" file. For example:
mgr.sample = pcusername
- When you connect a share from a PC, the password format that you enter
from a PC should be: userpassword, acctpassword.
 |
NOTE: For accessing share/user security modes, both SAMBA
account and MGR.SAMBA user should have PM capabilities.
|
Configuring a Printer Section for Printer Sharing
The PCs can access the server side printer using Samba/iX. With printer
sharing the client creates a file on the server directory associated with the
printer, and then lets the server process trigger a configurable command to
push the file into the MPE spooler.
The [printers] section works in conjunction with the printcap file and
allows to configure a large number of printer shares without having to add
separate detailed sections for each of them. The printer names and option
aliases are listed in the printcap file.Here is an sample example of
printer names in the samp-printcap file which resides in
/usr/local/samba/lib:
samp-printcap file:
LP|6|HP3000 System LP
Here is a sample example for the configuration option that you may configure
with [global] and [printers] sections in the Samba/iX
configuration file — smb-conf:
[global]
# You need supply IP address and subnet mask of your 3000 with the
# interface parameter
interface = ip address/subnet mask
# printcap file lists printer names for use by [printer] section
printcap name = /usr/local/samba/lib/printcap
# shares may be configured to accept connections without a validated
# user id and password, and then it assumes the guest logon for
# accessing the printers.
guest account = mgr.samba
[printers]
# enable this service for printing but not for file access
print ok = yes
write ok = no
# current version of Samba/iX only allows guest users for printer
# sharing
guest ok = yes
guest only = yes
# the "staging" directory for print requests
path = /user/local/samba/spool
# The rawlp utility sends file contents to spooler like "lp -oraw"
print command = /usr/local/samba/lib/rawlp %s %p; rm %s
 |
NOTE: For the current version of Samba/iX, the printer sharing only
works for guest users.
The current configuration option for printer sharing needs to set "guest ok"
and "guest only".
|
Add a printer, as shown in
Figure 7-6 "ADD a Printer". With printer sharing, the printers are
accessible to HP 3000.
Figure 7-6 ADD a Printer
You can connect your server shares using the NT explorer, as shown in
Figure 7-7 "Connect to the HP 3000 Shares".
The menu tool includes a "map network drive" which brings up the small windows
shown in
Figure 7-7 "Connect to the HP 3000 Shares". You connect a network driver
by typing in a share name with \\servername\sharename syntax in the
"path" box.
Figure 7-7 Connect to the HP 3000 Shares
You can view the contents of the share from NT explorer, as shown in
Figure 7-8 "View the HP 3000 Share". Click the share name at NT explorer
window, it will list the files residing in this share
Figure 7-8 View the HP 3000 Share
|