The Samba for MPE/iX configuration file contains the runtime configuration
information for Samba for MPE/iX. This file contains the sections and
parameters. There are four special sections: the [global] section, the
[printers] section, [homes] section and other sections. This file
also contains the information required for each share (service) and defines
attributes like associated directory path, read or write access for each share.
The Samba for MPE/iX configuration file is named "smb.conf" which
resides in the /usr/local/samba/lib directory on HP e3000 system. This
chapter documents the possible configuration options that the users can specify
in the "smb.conf" file. There are many configuration options available,
but only the configuration options and uses defined in this manual are
supported by HP.
[Global] Section
This section is for parameters which apply to the server as a whole
rather than to a specific service. It can also be used to specify default
values for service-specific parameters which are then inherited by other
services, referred to later in the configuration file.
[Printers] Section
This section works in conjunction with the printcap file and allows it
to configure a large number of printer shares without having to add
separate detailed sections for each of them. The printer names and
optional aliases are listed in the printcap file; and the configuration
parameters are defined in this section.
[Homes] Section
This section provides access to the user's home directories without
having to add a separate section for each of them. The share name is
considered to be a valid user id and the path defaults to that user's
home directory.
Other Sections
These sections explicitly define the file and printer shares.
Global Configuration Options
The global configuration options can be defined in the [Global] Section
in the "smb.conf" file.
Options cover the following configuration options which are supported for use
by HP:
Configuration file option
Browser option
Network interface configuration
Mapping PC usernames to MPE usernames
Setting the maximum SMB packet size
Disconnecting idle clients
Setting logging behaviors
Login/logout commands
User selectable Name resolve order
Global printer service option
Configuration File Option
config file
The config file parameter allows you to specify the pathname for the
configuration file used by Samba for MPE/iX.
Example:
config file = /usr/local/samba/lib/smb.conf
Browser Option
workgroup
The workgroup parameter specifies the name of the workgroup; the Samba
for MPE/iX server will appear as part of the browse list.
Example:
workgroup = SambaiX
server string
The server string parameter defines the server's comment string. This
comment string will appear next to the machine name in the browse lists,
such as the network neighborhood.
Example:
server string = HP3000, File/Printer server
Default:
server string = samba 1.9.16p9
default service
This parameter specifies the name of a service to which the client
will be connected, if the service actually requested doesn't exist.
Typically the default service is some sort of public, read-only
service.
Example:
default service = public
Default:
none
Mapping PC Usernames to MPE/iX Usernames
username map
This username map parameter allows you to map PC style usernames to
MPE/iX-style usernames. You can specify the location of your username map
file with the username map parameters.
Example:
username map = /usr/location/samba/lib/user.map
The syntax of the username map file is simple. Each line consists of a
MPE/iX-style name like manager.sys and a list of possible PC
style username like webuser, separated by an equal sign. A
sample username map in the user.map file is defined as
follows.
Example:
manager.sys = webuser
Network Interface Configuration
interfaces
The interfaces option allows you to inform Samba for MPE/iX of each
interface to which you want it to provide services, by supplying IP
address and subnet mask of your HP e3000 system.
Example:
interfaces = 192.1.2.3/255.255.0
Setting the Maximum SMB Packet Size
max xmit
The max xmit parameter allows you to set the maximum packet size which
Samba for MPE/iX can negotiate with a client. This is the maximum packet
size that SMBD will accept from a client, setting an upper limit on the
packet size that will be negotiated with a client at session setup.
Example:
max xmit = 8000
Default:
max xmit = 65535
Disconnecting Idle Clients Option
dead time
An inactive client will consume server resources even though it is not
doing anything. The deadtime parameter defines an integer value
describing the number of minutes of inactivity before a session is
automatically disconnected. The "deadtime" is considered to begin when a
client has no open files. The default "deadtime" of zero indicates that
no client should ever be dropped because of inactivity.
Example:
5 (in minutes)
Default:
0 (in minutes)
Setting Logging Behavior
max log size
The max log size option specifies the maximum size in kilobytes to
which log files can grow. The default value of the maximum log file size
is 5000 in kilobytes. If the file exceeds the specified size, it is
renamed by adding the .old extension.
Example:
max log size = 10000 (in kilobytes)
Default:
5000 (in kilobytes)
log file
The log file parameter allows you to specify the pathname of log file
used by SMBD and NMBD processes.
Example:
log file = /usr/local/samba/var/log.smb
debug level
The debug level parameter allows the debug logging level to be
specified in the Samba for MPE/iX configuration file. This option defines
the level of trace messages that you want to log into the logfile.
The typical range of the debug level can be from 0 to 5. Large values
cause more detailed information to be logged. Most of these debug levels
exist to help users to debug the server activity.
Example:
debug level = 3
Default:
debug level = 0
Login/Logout Commands
preexec
The preexec parameter allows you to specify a command to be run
whenever the service is connected.
Generates the following example output to the console:
9:41 #J36/70/FROM/MGR.SAMBA/tdis on IPC$by MGR.SAMBA from rkm-nt
Name Resolve Order
In Samba version 2.0.7 for MPE/iX, the name resolve order has been made user
selectable. The resolution can be done in several different ways:
broadcast, lmhosts, DNS lookup, WINS.
name resolve order
The order in which the names need to be resolved can be specified as
shown:
Example:
name resolve order = lmhosts bcast
The samp-lmhosts file is provided in /usr/local/samba/lib
directory.
The global printer service options allows you to specify the location of the
"printcap," printer command parameter used by Samba for MPE/iX.
The following global printer configuration options are supported for use by HP:
load printers
The load printers parameter is used in conjunction with printcap file
and [printers] section. It is a boolean variable that controls
whether all printers in the "printcap" file will be loaded for
browsing.
If the load printers parameter is set to true, all printers defined in
the printcap file will be loaded for browsing by default.
Example:
load printers = yes
Default:
load printer = no
printcap name
The printcap name option specifies the location of the
printcap. Samba for MPE/iX uses the printcap to
determine all printers available on the system if the general
[printers] service is used instead of defining each printer in its
own service.
Example:
printcap name = /usr/local/samba/lib/printcap
print command
The print command parameter defines the shell command which Samba for
MPE/iX will use to submit a print job. After Samba for MPE/iX has
finished spooling a print job to the disk, it calls this command. After
processing the file, this command must remove the spoolfile, unless you
don't mind spool files building up on your system.
This parameter can use the following print-specific macros:
%s
The full path of the print spool file.
%p
The name of the printer to which the job is to be submitted.
On MPE/iX, the rawlp utility is available on the system and is
used to send the file contents to a spooler like "lp -oraw".
Controlling User Access Rights
allow hosts
Default: none
deny hosts
These parameters allow users to define a set of client IP addresses
which will be granted access to service. If an "allow hosts option" is
present, only hosts matching the pattern are allowed to access the
service. If a "deny hosts option" exists, only hosts not matching the
pattern will be granted access.
Example:
allow hosts = 192.1.2.3
Default:
none
valid users
Default: none
invalid users
If neither of these parameters are set, then any authenticated user
will be granted access to the service. The valid users parameter may
contain a comma-delimited list of users who will be allowed to access the
service. The invalid users parameter may contain a similar
comma-delimited list of users who will never be granted access to the
service. These parameters use MPE/iX style user syntax (for example,
user.acct) to specify users. The password format used when you
log on from a PC client should be userpassword,
acctpassword.
Example:
valid users = mgr.samba
Default:
none
guest account
The shares can be configured to accept connections without a validated
user ID and password, then you can use the "guest account" parameter to
assume the guest logon identify for accessing files and printers.
Example:
guest account = mgr.samba
Default:
none
revalidate
This parameter forces the revalidation of password. When Samba for
MPE/iX successfully validates a client's password, it passes a token back
to client. This is used by the client to connect to other shares. If
revalidate=true, then Samba for MPE/iX expects a valid username
and password pair again without relying on the token. For example, after
connecting to "temp," if the client tries to connect to another share,
Samba for MPE/iX revalidates the password.
Example:
revalidate = yes
Default:
no
Share Configuration Options
This section covers the share configuration options that you use when you
configure for a specific disk or printer-share in the Samba for MPE/iX
configuration file.
Setting the Shared Directory
path
The path parameter specifies the pathname of the shared directory.
Example:
path = /usr/local/samba/docs
For printer services, this parameter describes the directory used to
temporarily spool files sent from clients for printing before they are
spooled to the local HP e3000 printer.
Example:
path = /usr/local/samba/spool
Browser Option
browseable
This parameter controls whether this share is seen in the list of
available shares in the browse list.
Example:
browseable = yes
Default:
browseable = yes
Available
This parameter lets you remove a service from availability. If
available is no, all attempts to connect to the service will fail. Using
this option preserves the service's settings and is usually more
convenient than commenting out the service.
Example:
available = no
Default:
available = yes
Comment Option
comment
The "comment" parameter specifies the comment message in the share
services.
Example:
comment = share "public" service for guest users.
Printing Access
print ok
The "print ok" option is specified in the [prints] section to
enable the share for printing access.
Controlling Read/Write Access
guest ok
If guestok is true, then guest access will be
allowed. The access rights of a client connecting as guest will be those
of the username set in the "guest account."
Example:
guest ok = yes
Default:
guest ok = no
guest only
If guest only is true, then access of service/share is only
granted with the rights of usernames given in the "guest account"
parameter.
Example:
guest only = yes
Default:
guest only = no
create mode
The create mode is used to define the permission used by
share services. This option sets an octal value representing the file
permissions available to a file created by Samba for MPE/iX.
Example:
create mode = 0744
The value of 0744 causes the group and other write and execute
bit to be removed from a file created by Samba.
read only
Example: read only = yes
Default: read only = yes
write ok
The read only = yes is identical to write ok = no.
If writeok is true, clients will be granted read/write
access to a share. The same effect can be achieved by setting read only
to false.
Example:
write ok = no
Default:
write ok = no
Sample Configuration File — samp-smb.conf
When you want to use Samba for MPE/iX, you should copy the Samba for MPE/iX
sample configuration file to /usr/local/samba/lib/smb.conf and adjust
this file as needed. The sample configuration file samp-smb.conf
resides in the /usr/local/samba/lib directory. Please refer to
Appendix A "Samba for MPE/iX Sample Comfiguration File"
Configuring the Shares for File Sharing
The PCs can access the server side filespaces using Samba for MPE/iX. Whenever
the clients want to connect to the server, the server side validates the
username and password, which are sent by the client, and grants access to the
requests share if it is appropriate.
You can configure the file service with guest access and the Samba for MPE/iX
server can grant to the guest users without a validated user ID and password.
Share level security is the default security level in Samba for MPE/iX. The
following example shows the configuration steps you can use to configure with
[global] and [service] section with security = share:
Add in the [global] section the following parameter:
security = share
To add a share, the entries can be given in the example below:
[sample shares]
comment = shared space
guest ok = no
write ok = yes
path = /sample/test
Add a username mapping in "user.map" file.
For example: mgr.sample = pcusername
When you connect a share from a PC, the password format that you
enter from a PC should be userpassword, acctpassword.
NOTE: For accessing share/user security modes, both SAMBA
account and MGR.SAMBA user should have PM capabilities.
Configuring a Printer Section for Printer Sharing
The PCs can access the server side printer using Samba for
MPE/iX. With printer sharing the client creates a file on the server
directory associated with the printer, and then lets the server
process trigger a configurable command to push the file into the MPE spooler.
The [printers] section works in conjunction with the printcap file and
allows you to configure a large number of printer shares without having to add
separate detailed sections for each of them. The Samba server can work for both
LP and network printers. The printer names and option aliases are listed in the
printcap file.Here is an example of printer names in the samp-printcap
file which resides in /usr/local/samba/lib:
samp-printcap file:
LP|6|HP3000 System LP
Here is a example for the configuration option that you may configure with
[global] and [printers] sections in the Samba for MPE/iX
configuration file — smb-conf:
[global]
# You need to supply IP address and subnet mask of your HP e3000
# with the interface parameter
interface = ip address/subnet mask
# printcap file lists printer names for use by [printer] section
printcap name = /usr/local/samba/lib/printcap
# shares may be configured to accept connections without a
# validated user id and password, and it then assumes the guest
# logon for accessing the printers.
guest account = mgr.samba
[printers]
# enable this service for printing but not for file access
print ok = yes
write ok = no
# current version of Samba for MPE/iX only allows guest users for
# printer sharing
guest ok = yes
guest only = yes
# the "staging" directory for print requests
path = /user/local/samba/spool
# The rawlp utility sends file contents to spooler like "lp -oraw"
print command = /usr/local/samba/lib/rawlp %s %p; rm %s
NOTE: Printer sharing only works for guest users.
The current configuration option for printer sharing needs to be set "guest ok"
and "guest only."
Add a printer, as shown in Figure 7-6 "ADD a
Printer". With printer sharing, the printers are accessible to HP e3000.
Figure 7-6 ADD a Printer
You can connect your server shares using the NT explorer, as shown in
Figure 7-7 "Connect to the HP e3000 Shares".
The menu tool includes a "map network drive" which brings up the small windows
shown in Figure 7-7 "Connect to the HP e3000
Shares". You connect a network driver by typing in a share name with
\\servername\sharename syntax in the "path" box.
Figure 7-7 Connect to the HP e3000 Shares
You can view the contents of the share from NT explorer, as shown in
Figure 7-8 "View the HP e3000 Share".
Click the share name at NT explorer window; it will list the files residing in
this share.
Figure 7-8 View the HP e3000 Share