Samba for MPE/iX Configuration File Options

[Global] Section

This section is for parameters which apply to the server as a whole rather than to a specific service. It can also be used to specify default values for service-specific parameters which are then inherited by other services, referred to later in the configuration file.

[Printers] Section

This section works in conjunction with the printcap file and allows it to configure a large number of printer shares without having to add separate detailed sections for each of them. The printer names and optional aliases are listed in the printcap file; and the configuration parameters are defined in this section.

[Homes] Section

This section provides access to the user's home directories without having to add a separate section for each of them. The share name is considered to be a valid user id and the path defaults to that user's home directory.

Other Sections

These sections explicitly define the file and printer shares.

Global Configuration Options

• Configuration file option

• Browser option

• Network interface configuration

• Mapping PC usernames to MPE usernames

• Setting the maximum SMB packet size

• Disconnecting idle clients

• Setting logging behaviors

• Login/logout commands

• User selectable Name resolve order

• Global printer service option

Configuration File Option

config file

The config file parameter allows you to specify the pathname for the configuration file used by Samba for MPE/iX.

Example:

config file = /usr/local/samba/lib/smb.conf

Browser Option

workgroup

The workgroup parameter specifies the name of the workgroup; the Samba for MPE/iX server will appear as part of the browse list.

Example:

workgroup = SambaiX

server string

The server string parameter defines the server's comment string. This comment string will appear next to the machine name in the browse lists, such as the network neighborhood.

Example:

server string = HP3000, File/Printer server

Default:

server string = samba 1.9.16p9

default service

This parameter specifies the name of a service to which the client will be connected, if the service actually requested doesn't exist. Typically the default service is some sort of public, read-only service.

Example:

default service = public

Default:

none

Mapping PC Usernames to MPE/iX Usernames

username map

This username map parameter allows you to map PC style usernames to MPE/iX-style usernames. You can specify the location of your username map file with the username map parameters.

Example:

username map = /usr/location/samba/lib/user.map

The syntax of the username map file is simple. Each line consists of a MPE/iX-style name like manager.sys and a list of possible PC style username like webuser, separated by an equal sign. A sample username map in the user.map file is defined as follows.

Example:

manager.sys = webuser

Network Interface Configuration

interfaces

The interfaces option allows you to inform Samba for MPE/iX of each interface to which you want it to provide services, by supplying IP address and subnet mask of your HP e3000 system.

Example:

interfaces = 192.1.2.3/255.255.0

Setting the Maximum SMB Packet Size

max xmit

The max xmit parameter allows you to set the maximum packet size which Samba for MPE/iX can negotiate with a client. This is the maximum packet size that SMBD will accept from a client, setting an upper limit on the packet size that will be negotiated with a client at session setup.

Example:

max xmit = 8000

Default:

max xmit = 65535

Disconnecting Idle Clients Option

dead time

An inactive client will consume server resources even though it is not doing anything. The deadtime parameter defines an integer value describing the number of minutes of inactivity before a session is automatically disconnected. The "deadtime" is considered to begin when a client has no open files. The default "deadtime" of zero indicates that no client should ever be dropped because of inactivity.

Example:

5 (in minutes)

Default:

0 (in minutes)

Setting Logging Behavior

max log size

The max log size option specifies the maximum size in kilobytes to which log files can grow. The default value of the maximum log file size is 5000 in kilobytes. If the file exceeds the specified size, it is renamed by adding the .old extension.

Example:

max log size = 10000 (in kilobytes)

Default:

5000 (in kilobytes)

log file

The log file parameter allows you to specify the pathname of log file used by SMBD and NMBD processes.

Example:

log file = /usr/local/samba/var/log.smb

debug level

The debug level parameter allows the debug logging level to be specified in the Samba for MPE/iX configuration file. This option defines the level of trace messages that you want to log into the logfile.

The typical range of the debug level can be from 0 to 5. Large values cause more detailed information to be logged. Most of these debug levels exist to help users to debug the server activity.

Example:

debug level = 3

Default:

debug level = 0

Login/Logout Commands

preexec

The preexec parameter allows you to specify a command to be run whenever the service is connected.

Example: callci /usr/local/samba/lib/tellop tcon %S %u %m %I

Generates the following example output to the console:

9:41 #J36/50/FROM/MGR.SAMBA/tcon on IPC$ by MGR.SAMBA from rkm-nt

postexec

The postexec parameter allows you to specify a command to be run whenever the service is disconnected.

Example:

callci /usr/local/samba/lib/tellop tdis %S %u %m %I

Name Resolve Order

name resolve order

The order in which the names need to be resolved can be specified as shown:

Example:

name resolve order = lmhosts bcast

The samp-lmhosts file is provided in /usr/local/samba/lib directory.

samp-lmhosts file looks like: 12.34.56.78 mpexl/cup.hp.com

Default:

lmhosts host WINS bcast

Global Printer Service Options

load printers

The load printers parameter is used in conjunction with printcap file and [printers] section. It is a boolean variable that controls whether all printers in the "printcap" file will be loaded for browsing.

If the load printers parameter is set to true, all printers defined in the printcap file will be loaded for browsing by default.

Example:

load printers = yes

Default:

load printer = no

printcap name

The printcap name option specifies the location of the printcap. Samba for MPE/iX uses the printcap to determine all printers available on the system if the general [printers] service is used instead of defining each printer in its own service.

Example:

printcap name = /usr/local/samba/lib/printcap

print command

The print command parameter defines the shell command which Samba for MPE/iX will use to submit a print job. After Samba for MPE/iX has finished spooling a print job to the disk, it calls this command. After processing the file, this command must remove the spoolfile, unless you don't mind spool files building up on your system.

This parameter can use the following print-specific macros:

%s

The full path of the print spool file.

%p

The name of the printer to which the job is to be submitted.

Example:

print command = /usr/local/samba/lib/rawlp %s %p; rm %s

On MPE/iX, the rawlp utility is available on the system and is used to send the file contents to a spooler like "lp -oraw".

Controlling User Access Rights

allow hosts

Default: none

deny hosts

These parameters allow users to define a set of client IP addresses which will be granted access to service. If an "allow hosts option" is present, only hosts matching the pattern are allowed to access the service. If a "deny hosts option" exists, only hosts not matching the pattern will be granted access.

Example:

allow hosts = 192.1.2.3

Default:

none

valid users

Default: none

invalid users

If neither of these parameters are set, then any authenticated user will be granted access to the service. The valid users parameter may contain a comma-delimited list of users who will be allowed to access the service. The invalid users parameter may contain a similar comma-delimited list of users who will never be granted access to the service. These parameters use MPE/iX style user syntax (for example, user.acct) to specify users. The password format used when you log on from a PC client should be userpassword, acctpassword.

Example:

valid users = mgr.samba

Default:

none

guest account

The shares can be configured to accept connections without a validated user ID and password, then you can use the "guest account" parameter to assume the guest logon identify for accessing files and printers.

Example:

guest account = mgr.samba

Default:

none

revalidate

This parameter forces the revalidation of password. When Samba for MPE/iX successfully validates a client's password, it passes a token back to client. This is used by the client to connect to other shares. If revalidate=true, then Samba for MPE/iX expects a valid username and password pair again without relying on the token. For example, after connecting to "temp," if the client tries to connect to another share, Samba for MPE/iX revalidates the password.

Example:

revalidate = yes

Default:

no

Share Configuration Options

Setting the Shared Directory

path

The path parameter specifies the pathname of the shared directory.

Example:

path = /usr/local/samba/docs

For printer services, this parameter describes the directory used to temporarily spool files sent from clients for printing before they are spooled to the local HP e3000 printer.

Example:

path = /usr/local/samba/spool

Browser Option

browseable

This parameter controls whether this share is seen in the list of available shares in the browse list.

Example:

browseable = yes

Default:

browseable = yes

Available

This parameter lets you remove a service from availability. If available is no, all attempts to connect to the service will fail. Using this option preserves the service's settings and is usually more convenient than commenting out the service.

Example:

available = no

Default:

available = yes

Comment Option

comment

The "comment" parameter specifies the comment message in the share services.

Example:

comment = share "public" service for guest users.

Printing Access

print ok

The "print ok" option is specified in the [prints] section to enable the share for printing access.

Controlling Read/Write Access

guest ok

If guest ok is true, then guest access will be allowed. The access rights of a client connecting as guest will be those of the username set in the "guest account."

Example:

guest ok = yes

Default:

guest ok = no

guest only

If guest only is true, then access of service/share is only granted with the rights of usernames given in the "guest account" parameter.

Example:

guest only = yes

Default:

guest only = no

create mode

The create mode is used to define the permission used by share services. This option sets an octal value representing the file permissions available to a file created by Samba for MPE/iX.

Example:

create mode = 0744

The value of 0744 causes the group and other write and execute bit to be removed from a file created by Samba.

read only

Example: read only = yes

Default: read only = yes

write ok

The read only = yes is identical to write ok = no. If write ok is true, clients will be granted read/write access to a share. The same effect can be achieved by setting read only to false.

Example:

write ok = no

Default:

write ok = no

Sample Configuration File — samp-smb.conf

Configuring the Shares for File Sharing

1. Add in the [global] section the following parameter: security = share

2. To add a share, the entries can be given in the example below:

   [sample shares]

   
       comment = shared space
   
       guest ok = no
   
       write ok = yes
   
       path = /sample/test
   
   

3. Add a username mapping in "user.map" file. For example: mgr.sample = pcusername

4. When you connect a share from a PC, the password format that you enter from a PC should be userpassword, acctpassword.

NOTE: For accessing share/user security modes, both SAMBA account and MGR.SAMBA user should have PM capabilities.

Configuring a Printer Section for Printer Sharing

  [global]
  # You need to supply IP address and subnet mask of your HP e3000
  # with the interface parameter
  interface = ip address/subnet mask
  # printcap file lists printer names for use by [printer] section
  printcap name = /usr/local/samba/lib/printcap
  # shares may be configured to accept connections without a
  # validated user id and password, and it then assumes the guest
  # logon for accessing the printers.
  guest account = mgr.samba
  [printers]
  # enable this service for printing but not for file access
  print ok = yes
  write ok = no
  # current version of Samba for MPE/iX only allows guest users for
  # printer sharing
  guest ok = yes
  guest only = yes
  # the "staging" directory for print requests
  path = /user/local/samba/spool
  # The rawlp utility sends file contents to spooler like "lp -oraw"
  print command = /usr/local/samba/lib/rawlp %s %p; rm %s

NOTE: Printer sharing only works for guest users. The current configuration option for printer sharing needs to be set "guest ok" and "guest only."