staging.inyokaproject.org

smb.conf

Autor:
nenem
Datum:
19. Dezember 2022 09:57
Code:
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed

Server role: ROLE_STANDALONE

# Global parameters
[global]
	abort shutdown script = 
	add group script = 
	additional dns hostnames = 
	add machine script = 
	addport command = 
	addprinter command = 
	add share command = 
	add user script = 
	add user to group script = 
	afs token lifetime = 604800
	afs username map = 
	aio max threads = 100
	algorithmic rid base = 1000
	allow dcerpc auth level connect = No
	allow dns updates = secure only
	allow insecure wide links = No
	allow nt4 crypto = No
	allow trusted domains = Yes
	allow unsafe cluster upgrade = No
	apply group policies = No
	async dns timeout = 10
	async smb echo handler = No
	auth event notification = No
	auto services = 
	binddns dir = /var/lib/samba/bind-dns
	bind interfaces only = No
	browse list = Yes
	cache directory = /var/cache/samba
	change notify = Yes
	change share command = 
	check password script = 
	cldap port = 389
	client ipc max protocol = default
	client ipc min protocol = default
	client ipc signing = default
	client lanman auth = No
	client ldap sasl wrapping = sign
	client max protocol = default
	client min protocol = NT1
	client NTLMv2 auth = Yes
	client plaintext auth = No
	client protection = default
	client schannel = Yes
	client signing = default
	client smb encrypt = default
	client smb3 encryption algorithms = AES-128-GCM, AES-128-CCM, AES-256-GCM, AES-256-CCM
	client smb3 signing algorithms = AES-128-GMAC, AES-128-CMAC, HMAC-SHA256
	client use kerberos = desired
	client use spnego principal = No
	client use spnego = Yes
	cluster addresses = 
	clustering = No
	config backend = file
	config file = 
	create krb5 conf = Yes
	ctdbd socket = 
	ctdb locktime warn threshold = 0
	ctdb timeout = 0
	cups connection timeout = 30
	cups encrypt = No
	cups server = 
	dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
	deadtime = 10080
	debug class = No
	debug encryption = No
	debug hires timestamp = Yes
	debug pid = No
	debug prefix timestamp = No
	debug uid = No
	dedicated keytab file = 
	default service = 
	defer sharing violations = Yes
	delete group script = 
	deleteprinter command = 
	delete share command = 
	delete user from group script = 
	delete user script = 
	dgram port = 138
	disable netbios = No
	disable spoolss = No
	dns forwarder = 
	dns proxy = Yes
	dns update command = /usr/sbin/samba_dnsupdate
	dns zone scavenging = No
	dns zone transfer clients allow = 
	dns zone transfer clients deny = 
	domain logons = No
	domain master = Auto
	dos charset = CP850
	dsdb event notification = No
	dsdb group change notification = No
	dsdb password event notification = No
	enable asu support = No
	enable core files = Yes
	enable privileges = Yes
	encrypt passwords = Yes
	enhanced browsing = Yes
	enumports command = 
	eventlog list = 
	get quota command = 
	getwd cache = Yes
	gpo update command = /usr/sbin/samba-gpupdate
	guest account = nobody
	host msdfs = Yes
	hostname lookups = No
	idmap backend = tdb
	idmap cache time = 604800
	idmap gid = 
	idmap negative cache time = 120
	idmap uid = 
	include system krb5 conf = Yes
	init logon delay = 100
	init logon delayed hosts = 
	interfaces = 
	iprint server = 
	keepalive = 300
	kerberos encryption types = all
	kerberos method = default
	kernel change notify = Yes
	kpasswd port = 464
	krb5 port = 88
	lanman auth = No
	large readwrite = Yes
	ldap admin dn = 
	ldap connection timeout = 2
	ldap debug level = 0
	ldap debug threshold = 10
	ldap delete dn = No
	ldap deref = auto
	ldap follow referral = Auto
	ldap group suffix = 
	ldap idmap suffix = 
	ldap machine suffix = 
	ldap max anonymous request size = 256000
	ldap max authenticated request size = 16777216
	ldap max search request size = 256000
	ldap page size = 1000
	ldap passwd sync = no
	ldap replication sleep = 1000
	ldap server require strong auth = Yes
	ldap ssl = start tls
	ldap suffix = 
	ldap timeout = 15
	ldap user suffix = 
	lm announce = Auto
	lm interval = 60
	load printers = Yes
	local master = Yes
	lock directory = /run/samba
	lock spin time = 200
	log file = /var/log/samba/log.%m
	logging = file
	log level = 1
	log nt token command = 
	logon drive = 
	logon home = \\%N\%U
	logon path = \\%N\%U\profile
	logon script = 
	log writeable files on exit = No
	lpq cache time = 30
	lsa over netlogon = No
	machine password timeout = 604800
	mangle prefix = 1
	mangling method = hash2
	map to guest = Bad User
	max disk size = 0
	max log size = 1000
	max mux = 50
	max open files = 16384
	max smbd processes = 0
	max stat cache size = 512
	max ttl = 259200
	max wins ttl = 518400
	max xmit = 16644
	mdns name = netbios
	message command = 
	min domain uid = 1000
	min receivefile size = 0
	min wins ttl = 21600
	mit kdc command = 
	multicast dns register = No
	name cache timeout = 660
	name resolve order = lmhosts wins host bcast
	nbt client socket address = 0.0.0.0
	nbt port = 137
	ncalrpc dir = /var/run/samba/ncalrpc
	netbios aliases = 
	netbios name = LSER
	netbios scope = 
	neutralize nt4 emulation = No
	nmbd bind explicit broadcast = Yes
	nsupdate command = /usr/bin/nsupdate -g
	ntlm auth = ntlmv2-only
	nt pipe support = Yes
	ntp signd socket directory = /var/lib/samba/ntp_signd
	nt status support = Yes
	null passwords = No
	obey pam restrictions = Yes
	old password allowed period = 60
	oplock break wait time = 0
	os2 driver map = 
	os level = 20
	pam password change = Yes
	panic action = /usr/share/samba/panic-action %d
	passdb backend = tdbsam
	passdb expand explicit = No
	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
	passwd chat debug = No
	passwd chat timeout = 2
	passwd program = /usr/bin/passwd %u
	password hash gpg key ids = 
	password hash userPassword schemes = 
	password server = *
	perfcount module = 
	pid directory = /run/samba
	preferred master = Auto
	prefork backoff increment = 10
	prefork children = 4
	prefork maximum backoff = 120
	preload modules = 
	printcap cache time = 750
	printcap name = 
	private dir = /var/lib/samba/private
	raw NTLMv2 auth = No
	read raw = Yes
	realm = 
	registry shares = No
	reject md5 clients = No
	reject md5 servers = No
	remote announce = 
	remote browse sync = 
	rename user script = 
	require strong key = Yes
	reset on zero vc = No
	restrict anonymous = 0
	root directory = 
	rpc big endian = No
	rpc server dynamic port range = 49152-65535
	rpc server port = 0
	samba kcc command = /usr/sbin/samba_kcc
	security = AUTO
	server max protocol = SMB3
	server min protocol = NT1
	server multi channel support = Yes
	server role = standalone server
	server schannel = Yes
	server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
	server signing = default
	server smb3 encryption algorithms = AES-128-GCM, AES-128-CCM, AES-256-GCM, AES-256-CCM
	server smb3 signing algorithms = AES-128-GMAC, AES-128-CMAC, HMAC-SHA256
	server string = %h server (Samba, Ubuntu)
	set primary group script = 
	set quota command = 
	show add printer wizard = Yes
	shutdown script = 
	smb2 disable lock sequence checking = No
	smb2 disable oplock break retry = No
	smb2 leases = Yes
	smb2 max credits = 8192
	smb2 max read = 8388608
	smb2 max trans = 8388608
	smb2 max write = 8388608
	smbd profiling level = off
	smb passwd file = /etc/samba/smbpasswd
	smb ports = 445 139
	socket options = TCP_NODELAY
	spn update command = /usr/sbin/samba_spnupdate
	stat cache = Yes
	state directory = /var/lib/samba
	svcctl list = 
	syslog = 1
	syslog only = No
	template homedir = /home/%D/%U
	template shell = /bin/false
	time server = No
	timestamp logs = Yes
	tls cafile = tls/ca.pem
	tls certfile = tls/cert.pem
	tls crlfile = 
	tls dh params file = 
	tls enabled = Yes
	tls keyfile = tls/key.pem
	tls priority = NORMAL:-VERS-SSL3.0
	tls verify peer = as_strict_as_possible
	unicode = Yes
	unix charset = UTF-8
	unix extensions = Yes
	unix password sync = Yes
	use mmap = Yes
	username level = 0
	username map = 
	username map cache time = 0
	username map script = 
	usershare allow guests = Yes
	usershare max shares = 100
	usershare owner only = Yes
	usershare path = /var/lib/samba/usershares
	usershare prefix allow list = 
	usershare prefix deny list = 
	usershare template share = 
	utmp = No
	utmp directory = 
	winbind cache time = 300
	winbindd socket directory = /var/run/samba/winbindd
	winbind enum groups = No
	winbind enum users = No
	winbind expand groups = 0
	winbind max clients = 200
	winbind max domain connections = 1
	winbind nested groups = Yes
	winbind normalize names = No
	winbind nss info = template
	winbind offline logon = No
	winbind reconnect delay = 30
	winbind refresh tickets = No
	winbind request timeout = 60
	winbind rpc only = No
	winbind scan trusted domains = No
	winbind sealed pipes = Yes
	winbind separator = \
	winbind use default domain = No
	winbind use krb5 enterprise principals = Yes
	wins hook = 
	wins proxy = No
	wins server = 
	wins support = No
	workgroup = ABCDEFGH
	write raw = Yes
	wtmp directory = 
	idmap config * : backend = tdb
	access based share enum = No
	acl allow execute always = No
	acl check permissions = Yes
	acl flag inherited canonicalization = Yes
	acl group control = No
	acl map full control = Yes
	administrative share = No
	admin users = 
	afs share = No
	aio read size = 1
	aio write behind = 
	aio write size = 1
	allocation roundup size = 0
	available = Yes
	blocking locks = Yes
	block size = 1024
	browseable = Yes
	case sensitive = Auto
	check parent directory delete on close = No
	comment = 
	copy = 
	create mask = 0660
	csc policy = manual
	cups options = 
	default case = lower
	default devmode = Yes
	delete readonly = No
	delete veto files = No
	dfree cache time = 0
	dfree command = 
	directory mask = 0770
	directory name cache size = 100
	dmapi support = No
	dont descend = 
	dos filemode = No
	dos filetime resolution = No
	dos filetimes = Yes
	durable handles = Yes
	ea support = Yes
	fake directory create times = No
	fake oplocks = No
	follow symlinks = Yes
	smbd force process locks = No
	force create mode = 0000
	force directory mode = 0000
	force group = 
	force printername = No
	force unknown acl user = No
	force user = 
	fstype = NTFS
	guest ok = No
	guest only = No
	hide dot files = Yes
	hide files = 
	hide new files timeout = 0
	hide special files = No
	hide unreadable = No
	hide unwriteable files = No
	honor change notify privilege = No
	hosts allow = 
	hosts deny = 
	include = 
	inherit acls = No
	inherit owner = no
	inherit permissions = No
	invalid users = 
	kernel oplocks = No
	kernel share modes = Yes
	level2 oplocks = Yes
	locking = Yes
	lppause command = 
	lpq command = %p
	lpresume command = 
	lprm command = 
	magic output = 
	magic script = 
	mangled names = illegal
	mangling char = ~
	map acl inherit = No
	map archive = Yes
	map hidden = No
	map readonly = no
	map system = No
	max connections = 0
	max print jobs = 1000
	max reported print jobs = 0
	min print space = 0
	msdfs proxy = 
	msdfs root = No
	msdfs shuffle referrals = No
	nt acl support = Yes
	ntvfs handler = unixuid, default
	oplocks = Yes
	path = 
	posix locking = Yes
	postexec = 
	preexec = 
	preexec close = No
	preserve case = Yes
	printable = No
	print command = 
	printer name = 
	printing = cups
	printjob username = %U
	print notify backchannel = No
	queuepause command = 
	queueresume command = 
	read list = 
	read only = Yes
	root postexec = 
	root preexec = 
	root preexec close = No
	server smb encrypt = default
	short preserve case = Yes
	smbd async dosmode = No
	smbd getinfo ask sharemode = Yes
	smbd max async dosmode = 0
	smbd max xattr size = 65536
	smbd search ask sharemode = Yes
	spotlight = No
	spotlight backend = noindex
	store dos attributes = Yes
	strict allocate = No
	strict locking = Auto
	strict rename = No
	strict sync = Yes
	sync always = No
	use client driver = No
	use sendfile = No
	valid users = 
	veto files = 
	veto oplock files = 
	vfs objects = 
	volume = 
	wide links = No
	write list = 


[printers]
	browseable = No
	comment = All Printers
	create mask = 0700
	path = /var/spool/samba
	printable = Yes


[print$]
	comment = Printer Drivers
	path = /var/lib/samba/printers