 |
» |
|
|
|
The Samba for MPE/iX configuration file contains the runtime
configuration information for Samba for MPE/iX. This file contains
the sections and parameters. There are four special sections: the [global] section, the [printers] section, [homes] section and other sections. This file also contains the
information required for each share (service) and defines attributes
like associated directory path, read or write access for each share. The Samba for MPE/iX configuration file is named "smb.conf" which resides in the /usr/local/samba/lib directory on HP e3000 system. This chapter documents
the possible configuration options that the users can specify in
the "smb.conf" file. There are many configuration options available,
but only the configuration options and uses defined in this manual
are supported by HP. - [Global] Section
This section is for parameters which apply to the
server as a whole rather than to a specific service. It can also
be used to specify default values for service-specific parameters
which are then inherited by other services, referred to later in
the configuration file.
- [Printers] Section
This section works in conjunction with the printcap
file and allows it to configure a large number of printer shares
without having to add separate detailed sections for each of them. The
printer names and optional aliases are listed in the printcap file;
and the configuration parameters are defined in this section.
- [Homes] Section
This section provides access to the user's
home directories without having to add a separate section for each
of them. The share name is considered to be a valid user id and
the path defaults to that user's home directory.
- Other
Sections
These sections explicitly define the file and printer
shares.
Global
Configuration Options | |
The global configuration options can be defined in the [Global] Section in the "smb.conf" file. Options cover the following configuration options which are
supported for use by HP: Configuration file option Network interface configuration Mapping PC usernames to MPE usernames Setting the maximum SMB packet size Disconnecting idle clients Setting logging behaviors User selectable Name resolve order Global printer service option
Configuration
File Option- config file
The config file parameter allows you to specify
the pathname for the configuration file used by Samba for MPE/iX.
- Example:
config file = /usr/local/samba/lib/smb.conf
- workgroup
The workgroup parameter specifies the name of the
workgroup; the Samba for MPE/iX server will appear as part of the
browse list. - Example:
workgroup = SambaiX - server string
The server string parameter defines the server's
comment string. This comment string will appear next to the machine
name in the browse lists, such as the network neighborhood. - Example:
server string = HP3000, File/Printer server - Default:
server string = samba 1.9.16p9 - default service
This parameter specifies the name of a service to
which the client will be connected, if the service actually requested
doesn't exist. Typically the default service is some sort
of public, read-only service. - Example:
default service = public - Default:
none
Mapping
PC Usernames to MPE/iX Usernames- username map
This username map parameter allows you to map PC
style usernames to MPE/iX-style usernames. You can specify the location
of your username map file with the username map parameters. - Example:
username map = /usr/location/samba/lib/user.map The syntax of the username map file is simple. Each line consists
of a MPE/iX-style name like manager.sys and a list of possible PC style username like webuser, separated by an equal sign. A sample username
map in the user.map file is defined as follows. - Example:
manager.sys = webuser
Network
Interface Configuration- interfaces
The interfaces option allows you to inform Samba
for MPE/iX of each interface to which you want it to provide services,
by supplying IP address and subnet mask of your HP e3000 system. - Example:
interfaces = 192.1.2.3/255.255.0
Setting
the Maximum SMB Packet Size- max xmit
The max xmit parameter allows you to set the maximum
packet size which Samba for MPE/iX can negotiate with a client.
This is the maximum packet size that SMBD will accept from a client,
setting an upper limit on the packet size that will be negotiated
with a client at session setup. - Example:
max xmit = 8000 - Default:
max xmit = 65535
Disconnecting
Idle Clients Option- dead time
An inactive client will consume server resources
even though it is not doing anything. The deadtime parameter defines
an integer value describing the number of minutes of inactivity before
a session is automatically disconnected. The "deadtime" is
considered to begin when a client has no open files. The default "deadtime" of
zero indicates that no client should ever be dropped because of
inactivity. - Example:
5 (in minutes) - Default:
0 (in minutes)
- max log size
The max log size option specifies the maximum size
in kilobytes to which log files can grow. The default value of the
maximum log file size is 5000 in kilobytes. If the file exceeds
the specified size, it is renamed by adding the .old extension. - Example:
max log size = 10000 (in kilobytes) - Default:
5000 (in kilobytes) - log file
The log file parameter allows you to specify the
pathname of log file used by SMBD and NMBD processes. - Example:
log file = /usr/local/samba/var/log.smb - debug level
The debug level parameter allows the debug logging
level to be specified in the Samba for MPE/iX configuration file.
This option defines the level of trace messages that you want to log
into the logfile. The typical range of the debug level can be from 0 to 5. Large
values cause more detailed information to be logged. Most of these
debug levels exist to help users to debug the server activity. - Example:
debug level = 3 - Default:
debug level = 0
- preexec
The preexec parameter allows you to specify a command
to be run whenever the service is connected. Example: callci /usr/local/samba/lib/tellop tcon %S %u %m %I Generates the following example output to the console: 9:41 #J36/50/FROM/MGR.SAMBA/tcon on IPC$ by MGR.SAMBA from rkm-nt - postexec
The postexec parameter allows you to specify a command
to be run whenever the service is disconnected. - Example:
callci /usr/local/samba/lib/tellop tdis %S %u %m %I
Generates the following example output to the console: 9:41
#J36/70/FROM/MGR.SAMBA/tdis on IPC$by MGR.SAMBA from rkm-nt In Samba version 2.0.7 for MPE/iX, the name resolve order
has been made user selectable. The resolution can be done in several
different ways: broadcast, lmhosts, DNS lookup, WINS. - name resolve order
The order in which the names
need to be resolved can be specified as shown: - Example:
name resolve order = lmhosts
bcast The samp-lmhosts file is provided in /usr/local/samba/lib directory. samp-lmhosts file looks like: 12.34.56.78 mpexl/cup.hp.com - Default:
lmhosts host WINS bcast
Global
Printer Service Options | |
The global printer service options allows you to specify the
location of the "printcap," printer command parameter used by Samba
for MPE/iX. The following global printer configuration options are supported
for use by HP: - load printers
The load printers parameter is used in conjunction
with printcap file and [printers] section. It is a boolean variable that controls whether
all printers in the "printcap" file will be loaded for browsing. If the load printers parameter is set to true, all printers
defined in the printcap file will be loaded for browsing by default. - Example:
load printers = yes - Default:
load printer = no - printcap name
The printcap name option specifies the location
of the printcap. Samba for MPE/iX uses the printcap to determine all printers available on the system
if the general [printers] service is used instead of defining each printer in its
own service. - Example:
printcap name = /usr/local/samba/lib/printcap - print command
The print command parameter defines the shell command
which Samba for MPE/iX will use to submit a print job. After Samba
for MPE/iX has finished spooling a print job to the disk, it calls
this command. After processing the file, this command must remove
the spoolfile, unless you don't mind spool files building
up on your system. This parameter can use the following print-specific macros: - %s
The full path of the print spool file. - %p
The name of the printer to which the job is to be submitted.
- Example:
print command = /usr/local/samba/lib/rawlp %s %p; rm %s On MPE/iX, the rawlp utility
is available on the system and is used to send the file contents
to a spooler like "lp -oraw".
Controlling
User Access Rights | |
- deny hosts
These parameters allow users to define a set of
client IP addresses which will be granted access to service. If
an "allow hosts option" is present, only hosts
matching the pattern are allowed to access the service. If a "deny
hosts option" exists, only hosts not matching the pattern
will be granted access. - Example:
allow hosts = 192.1.2.3 - Default:
none
- invalid users
If neither of these parameters are set, then any
authenticated user will be granted access to the service. The valid
users parameter may contain a comma-delimited list of users who
will be allowed to access the service. The invalid users parameter
may contain a similar comma-delimited list of users who will never
be granted access to the service. These parameters use MPE/iX style
user syntax (for example, user.acct) to specify users. The password format used when you log
on from a PC client should be userpassword, acctpassword. - Example:
valid users = mgr.samba - Default:
none
- guest account
The shares can be configured to accept connections
without a validated user ID and password, then you can use the "guest
account" parameter to assume the guest logon identify for
accessing files and printers. - Example:
guest account = mgr.samba - Default:
none
- revalidate
This parameter forces the revalidation of password.
When Samba for MPE/iX successfully validates a client's
password, it passes a token back to client. This is used by the
client to connect to other shares. If revalidate=true, then Samba for MPE/iX expects a valid username
and password pair again without relying on the token. For example,
after connecting to "temp," if the client tries
to connect to another share, Samba for MPE/iX revalidates the password. - Example:
revalidate = yes - Default:
no
Share
Configuration Options | |
This section covers the share configuration options that you
use when you configure for a specific disk or printer-share in the
Samba for MPE/iX configuration file. Setting
the Shared Directory- path
The path parameter specifies the pathname of the
shared directory. - Example:
path = /usr/local/samba/docs For printer services, this parameter describes the
directory used to temporarily spool files sent from clients for
printing before they are spooled to the local HP e3000 printer. - Example:
path = /usr/local/samba/spool
- browseable
This parameter controls whether this share is seen
in the list of available shares in the browse list. - Example:
browseable = yes - Default:
browseable = yes - Available
This parameter lets you remove a service from availability.
If available is no, all attempts to connect to the service will
fail. Using this option preserves the service's settings
and is usually more convenient than commenting out the service. - Example:
available = no - Default:
available = yes
- comment
The "comment" parameter specifies
the comment message in the share services. - Example:
comment = share "public" service for guest users.
- print ok
The "print ok" option is specified
in the [prints] section to enable the share for printing access.
Controlling
Read/Write Access- guest ok
If guest ok is true, then guest access will be allowed. The
access rights of a client connecting as guest will be those of the
username set in the "guest account." - Example:
guest ok = yes - Default:
guest ok = no - guest only
If guest only is true, then access of service/share is only
granted with the rights of usernames given in the "guest
account" parameter. - Example:
guest only = yes - Default:
guest only = no - create mode
The create mode is used to define the permission used by share
services. This
option sets an octal value representing the file permissions available
to a file created by Samba for MPE/iX. - Example:
create mode = 0744 The value of 0744 causes the group and other write and execute bit
to be removed from a file created by Samba. - read only
Example: read only = yes Default: read only = yes - write ok
The read only = yes is identical to write ok = no. If write ok is true, clients will be granted read/write access
to a share. The same effect can be achieved by setting read only
to false. - Example:
write ok = no - Default:
write ok = no
Sample
Configuration File — samp-smb.confWhen you want to use Samba for MPE/iX, you should copy the
Samba for MPE/iX sample configuration file to /usr/local/samba/lib/smb.conf and adjust this file as needed. The sample configuration
file samp-smb.conf resides in the /usr/local/samba/lib directory. Please refer to Appendix A “Samba
for MPE/iX Sample Comfiguration File” Configuring
the Shares for File Sharing | |
The PCs can access the server side filespaces using Samba
for MPE/iX. Whenever the clients want to connect to the server,
the server side validates the username and password, which are sent
by the client, and grants access to the requests share if it is
appropriate. You can configure the file service with guest access and the
Samba for MPE/iX server can grant to the guest users without a validated
user ID and password. Share level security is the default security level in Samba
for MPE/iX. The following example shows the configuration steps
you can use to configure with [global] and [service] section with security = share: Add in the [global] section the following parameter: security = share To add a share, the entries can be given in the
example below: [sample shares] Add a username mapping in "user.map" file. For example: mgr.sample = pcusername When you connect a share from a PC, the password
format that you enter from a PC should be userpassword, acctpassword.
| | | |  | NOTE: For accessing share/user security modes, both SAMBA account and MGR.SAMBA user should have PM capabilities. | | | | |
Configuring
a Printer Section for Printer Sharing | |
The PCs can access the server side printer using Samba for
MPE/iX. With printer sharing the client creates a file on the server
directory associated with the printer, and then lets the server
process trigger a configurable command to push the file into the
MPE spooler. The [printers] section works in conjunction with the printcap file and
allows you to configure a large number of printer shares without
having to add separate detailed sections for each of them. The Samba
server can work for both LP and network printers. The printer names
and option aliases are listed in the printcap file.Here is an example of printer names in the
samp-printcap file which resides in /usr/local/samba/lib: samp-printcap file: LP|6|HP3000 System LP Here is a example for the configuration option that you may
configure with [global] and [printers] sections in the Samba for MPE/iX configuration file — smb-conf: # You need to supply IP address and subnet mask of your HP e3000 with the interface parameter |
interface = ip address/subnet mask |
# printcap file lists printer names for use by [printer] section |
printcap name = /usr/local/samba/lib/printcap |
# shares may be configured to accept connections without a validated user id and password, and it then assumes the guest logon for accessing the printers. |
guest account = mgr.samba |
# enable this service for printing but not for file access |
print ok = yes
write ok = no |
# current version of Samba for MPE/iX only allows guest users for printer sharing |
# the "staging" directory for print requests |
path = /user/local/samba/spool |
# The rawlp utility sends file contents to spooler like "lp -oraw" |
print command = /usr/local/samba/lib/rawlp %s %p; rm %s |
Add a printer, as shown in Figure 7-6 “ADD
a Printer”. With printer sharing, the printers are accessible to
HP e3000. You can connect your server shares using the NT explorer,
as shown in Figure 7-7 “Connect
to the HP e3000 Shares”. The menu tool includes a "map network drive" which
brings up the small windows shown in Figure 7-7 “Connect
to the HP e3000 Shares”. You connect a network driver by typing in a share
name with \\servername\sharename syntax in the "path" box. You can view the contents of the share from NT explorer, as
shown in Figure 7-8 “View
the HP e3000 Share”. Click the
share name at NT explorer window; it will list the files residing
in this share. |
Printable version
