bmartino1 Posted January 18 Share Posted January 18 I would like to request a Major overhead to Samba. I would like to have lime tech Unraid implement a disable Unraids Default smb.conf this can be accomplished by having another line in smb.conf with include unraid-smb.conf located under the config folder. The smb.conf would only have included conf file for exta-conf and unraid-smb.conf and shares.conf this way we can add a GUI option that would # out unraid-smb.conf with a warning for advance users only. Then advance users can add their own [global] option to the extra config in the web gui. I would just delete the smb.conf under /boot but its a persistent file. Otherwise, as per other forum clients. extra should by default trump unraids default options. Quote Link to comment
Xaero Posted January 18 Share Posted January 18 1 hour ago, bmartino1 said: I would like to request a Major overhead to Samba. I would like to have lime tech Unraid implement a disable Unraids Default smb.conf this can be accomplished by having another line in smb.conf with include unraid-smb.conf located under the config folder. The smb.conf would only have included conf file for exta-conf and unraid-smb.conf and shares.conf this way we can add a GUI option that would # out unraid-smb.conf with a warning for advance users only. Then advance users can add their own [global] option to the extra config in the web gui. I would just delete the smb.conf under /boot but its a persistent file. Otherwise, as per other forum clients. extra should by default trump unraids default options. I ended up implementing this my own way inside of Unraid since I needed the additional functionality this brings. It's pretty easy to do, actually. In /boot/config/go, I added this line: until [ -f /etc/samba/smb.conf ]; do sleep 1; done && echo "\tinclude = /boot/config/smb-override.conf" >> /etc/samba/smb.conf Then I added my custom samba changes to /etc/samba/smb.conf. What the above does is: Wait for Unraid's smb.conf to be present in the ramdisk (realistically it already should be by the time this executes - but we need to be certain so we check, and wait if not). Append a line saying to include /boot/config/smb-override.conf after the include for smb-shares.conf which is generated by unraid. Samba processes these config files from top to bottom, and includes are processed inline. This means anything declared in the first include happens there, then the second, then the third, and each of those respective files is processed from top to bottom completely when samba stitches the configurations together. This is good for us, since we can now override any per-share settings we want to, or create additional shares outside of what Unraid provides. 1 Quote Link to comment
bmartino1 Posted January 18 Author Share Posted January 18 Awesome, thank you for this, I will definetly test, and try to implement this. As long as I pre-make a smb-override.conf and store in /boot the flash drive. As was debating on trying to find the commands to overwrite a file, but didn't known where in the boot process, if I need to restart the samba service if the file was overwritten. Quote Link to comment
bmartino1 Posted January 19 Author Share Posted January 19 (edited) Sadly, this did not work. all this did was include my override, i explicitly want to set different samba settings that unraid decided should be set. With the go file to suposedly repace this smb conf... i still don't have my smb config... root@BMM-Unraid:/etc/samba# cat smb.conf [global] # configurable identification include = /etc/samba/smb-names.conf # log stuff only to syslog logging = syslog@0 # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null # disable aio by default aio read size = 0 aio write size = 0 # misc. invalid users = root unix extensions = No wide links = Yes use sendfile = Yes host msdfs = No # ease upgrades from Samba 3.6 acl allow execute always = Yes # permit NTLMv1 authentication ntlm auth = Yes # default global fruit settings: #fruit:aapl = Yes #fruit:nfs_aces = Yes fruit:nfs_aces = No #fruit:copyfile = No #fruit:model = MacSamba # hook for user-defined samba config include = /boot/config/smb-extra.conf [global] # hook for unassigned devices shares include = /etc/samba/smb-unassigned.conf # auto-configured shares include = /etc/samba/smb-shares.conf \tinclude = /boot/config/smb-override.conf root@BMM-Unraid:/etc/samba# FYI Default smb config for noting when using the unraid plugin as well. Default before go file and reboot root@BMM-Unraid:/etc/samba# ls lmhosts smb-fruit.conf smb-names.conf smb-shares.conf smb-unassigned.conf smb.conf root@BMM-Unraid:/etc/samba# cat smb.conf [global] # configurable identification include = /etc/samba/smb-names.conf # log stuff only to syslog logging = syslog@0 # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null # disable aio by default aio read size = 0 aio write size = 0 # misc. invalid users = root unix extensions = No wide links = Yes use sendfile = Yes host msdfs = No # ease upgrades from Samba 3.6 acl allow execute always = Yes # permit NTLMv1 authentication ntlm auth = Yes # default global fruit settings: #fruit:aapl = Yes #fruit:nfs_aces = Yes fruit:nfs_aces = No #fruit:copyfile = No #fruit:model = MacSamba # hook for user-defined samba config include = /boot/config/smb-extra.conf [global] # hook for unassigned devices shares include = /etc/samba/smb-unassigned.conf # auto-configured shares include = /etc/samba/smb-shares.conf root@BMM-Unraid:/etc/samba# the smb conf i want implemented: root@BMM-Unraid:/boot/config# cat smb-override.conf # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # For a step to step guide on installing, configuring and using samba, # read the Samba-HOWTO-Collection. This may be obtained from: # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf # # Many working examples of smb.conf files can be found in the # Samba-Guide which is generated daily and can be downloaded from: # http://www.samba.org/samba/docs/Samba-Guide.pdf # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentary and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting. # Note: Consider carefully the location in the configuration file of # this line. The included file is read at that point. ;include = /usr/local/samba/lib/smb.conf.%m #UnRaid Default Configurable Identification #cat /etc/samba/smb-names.conf #Generated names netbios name = BMM-Unraid server string = VM - Docker Server hide dot files = no server multi channel support = yes max open files = 40960 multicast dns register = No disable netbios = No local master = yes os level = 200 security = USER workgroup = WORKGROUP map to guest = Bad User passdb backend = smbpasswd idmap config * : backend = tdb idmap config * : range = 3000-7999 create mask = 0777 directory mask = 0777 bind interfaces only = yes local master = yes ####### #Unraid smb.conf settings logging = syslog@0 # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null ########### #Unknown Fruit Conf never included in smb.conf ... cat /etc/samba/smb-fruit.conf fruit:nfs_aces = No vfs objects = catia fruit streams_xattr fruit:encoding = native ########## #========Other Settings that should be set #Domain/AD Server Settings dns proxy = no preferred master = yes server role = standalone server name resolve order = bcast host lmhosts wins winbind request timeout = 5 #File Path / share Settings follow symlinks = yes unix extensions = No wide links = Yes map to guest = Bad User guest account = nobody guest ok = Yes #force group = nogroup #force user = nobody case sensitive = True default case = lower preserve case = yes short preserve case = yes acl allow execute always = Yes map hidden = Yes map system = Yes #Performance tuning smbd max xattr size = 2097152 #posix locking = No read raw = yes write raw = yes use sendfile = Yes #v -Warning Know your Numbers! #socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 #^ -Warning Know your Numbers! #UnRaid disabled aio by default aio read size = 0 aio write size = 0 #min receivefile size = 16384 #aio read size = 16384 #aio write size = 16384 #Needed by some Windows installs server sign auto server signing = auto #server signing = no strict locking = no *Use NT1 for win 95 and older connections... samba shuold be using smb2 fix crypt... #old win95 access samba area: NT1 and needs ntlm ntlm auth = yes ntlm auth = ntlmv1-permitted #server min protocol = NT1 server min protocol = SMB2 #Control client and Protcal access #client min protocol = SMB2 #client max protocol = SMB3 #Note null passwords is depreciated but need for empty passwords form ayno and guest user null passwords = Yes #Apple SMB2 samba File Settings fruit:encoding = native fruit:zero_file_id = false fruit:nfs_aces = false fruit:nfs_aces = No rpc_server:mdssvc = disabled rpc_daemon:mdssd = disabled fruit:encoding = native fruit:time machine max size = 0 #Unlimted fruit:time machine = True fruit:resource = stream fruit:metadata = stream vfs objects = catia fruit streams_xattr #======================= Global Notes if using as Domain Controller ============== # Server role. Defines in which mode Samba will operate. Possible # values are "standalone server", "member server", "classic primary # domain controller", "classic backup domain controller", "active # directory domain controller". # # Most people will want "standalone sever" or "member server". # Running as "active directory domain controller" will require first # running "samba-tool domain provision" to wipe databases and create a # new domain. ;domain master = yes # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ;hosts allow = 192.168.1. 192.168.2. 127. # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ;guest account = pcguest # Specifies the Kerberos or Active Directory realm the host is part of ;realm = MY_REALM # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. ;passdb backend = tdbsam # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ;logon path = \\%L\Profiles\%U # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ;wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ;wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ;wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The default is NO. dns proxy = no # These scripts are used on a domain controller or stand-alone # machine to add or delete corresponding unix accounts ; add user script = /usr/sbin/useradd %u ; add group script = /usr/sbin/groupadd %g ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u ; delete user script = /usr/sbin/userdel %u ; delete user from group script = /usr/sbin/deluser %u %g ; delete group script = /usr/sbin/groupdel %g #============================ Share Definitions ============================== #Samba as Primary Domain Controller # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /usr/local/samba/lib/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /usr/local/samba/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer ;[printers] ; comment = All Printers ; path = /usr/spool/samba ; browseable = no # Set public = yes to allow user 'guest account' to print ; guest ok = no ; writable = no ; printable = yes # hook for user-defined samba config include = /boot/config/smb-extra.conf [global] # hook for unassigned devices shares include = /etc/samba/smb-unassigned.conf # auto-configured shares include = /etc/samba/smb-shares.conf root@BMM-Unraid:/boot/config# Edited January 19 by bmartino1 fix notes feature request still needed. Quote Link to comment
bmartino1 Posted January 19 Author Share Posted January 19 (edited) the go comand should be more like GNU nano 7.2 go Modified #!/bin/bash # Start the Management Utility /usr/local/sbin/emhttp & until [ -f /etc/samba/smb.conf ]; rm /etc/samba/smb.conf && do sleep 1 until [ -f /etc/samba/smb.conf ]; do sleep 1; done && cp /boot/config/smb-override.conf /etc/samba/smb.conf #restart samba... #until [ -f /etc/samba/smb.conf ]; ################################################## The problem is restarting samb service to run my SMB conf... root@BMM-Unraid:/boot/config# systemctl smbd restart bash: systemctl: command not found root@BMM-Unraid:/boot/config# /etc/rd.d/rc.samba restart bash: /etc/rd.d/rc.samba: No such file or directory root@BMM-Unraid:/boot/config# /etc/init.d/samba restart bash: /etc/init.d/samba: No such file or directory root@BMM-Unraid:/boot/config# service smbd restart bash: service: command not found root@BMM-Unraid:/boot/config# systemctl restart smbd bash: systemctl: command not found so whats the comand to restart the samba service? Edited January 19 by bmartino1 Quote Link to comment
bmartino1 Posted January 19 Author Share Posted January 19 (edited) testing solutions with go file #!/bin/bash # Start the Management Utility /usr/local/sbin/emhttp & do sleep 60; rm /etc/samba/smb.conf && do sleep 1; cp /boot/config/smb-override.conf /etc/samba/smb.conf && do sleep 1 until [ -f /etc/samba/smb.conf ]; /etc/rc.d/rc.samba restart Thank you dlandon When this happens, go to a command line and do this command: /etc/rc.d/rc.samba restart and see if SMB will work. as this did restart samba. If i need to use user script at start of array and have a sh script instead User script sh file... sleep 30 rm /etc/samba/smb.conf cp /boot/config/smb-override.conf /etc/samba/smb.conf /etc/rc.d/rc.samba restart Edited January 19 by bmartino1 Quote Link to comment
Xaero Posted January 25 Share Posted January 25 In theory, anything added to the smb-override.conf with my example should override anything already set in the smb.conf, since it's under a [global] header. `chkconfig` would verify that. I personally only use it to override settings within shares, and not parent samba settings. You shouldn't need to restart samba with the change being made in the `go` file since the samba service isn't started until after the array start, and the smb.conf file is created long before the disks are mounted, even with an unencrypted array. Either way, I'm glad this helped you find a solution that works for you, and I'm glad you shared the result of your efforts. More options. More open. More flexibility! 1 Quote Link to comment
bmartino1 Posted January 26 Author Share Posted January 26 it did not at best it added an include(Which is the same as me adding that to the exta smb config via the gui) and kept unraid default options that I wanted to remove. I had to user the plugin user scripts to remove the etc/samba/smb config replace it with my own and restart the samb service... the SMB config on unraid is all over the place... Quote Link to comment
bmartino1 Posted January 28 Author Share Posted January 28 Thank You Xaero! for your assistance in helping me figure out a way to do the action. Quote Link to comment
Solution bmartino1 Posted February 7 Author Solution Share Posted February 7 (edited) Rant - Notes and Finally some words... Since this is kinda not really supported and can be done. I still think it's a good note / feature request. Assuming Unraid maintains certain settings in their /etc/samba folder for configs from the web gui. As web gui share information should only contain share data, same as identification data should only contain that data... *Now I can properly tell samba to be the true local master non ad with ad settings and controls. Re-enable root user login and fix some setting that I want to run on my samba network. This is my completed samba config for future reference: it is recommended that you cat your setting before making the smb-override.conf on the USB command: #cat /etc/samba/smb-names.conf and replace settings in this smb config. This config works for Windows 7 - 11 samba and Apple OS 10.15 and higher using the more secure smb2 protocol (which has some problems and will eventually be upgraded to smb3). This config also maintains the use of the web GUI shares. But this config Breaks the identification as it can't be called as Unraid devs decided to put some samba setting in that config. So instead of being able to include, it would be easier to cat that config after you have set up the settings and find replace in this SMB config below. root@BMM-Unraid:/boot/config# cat smb-override.conf # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # For a step to step guide on installing, configuring and using samba, # read the Samba-HOWTO-Collection. This may be obtained from: # http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf # # Many working examples of smb.conf files can be found in the # Samba-Guide which is generated daily and can be downloaded from: # http://www.samba.org/samba/docs/Samba-Guide.pdf # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentary and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting. # Note: Consider carefully the location in the configuration file of # this line. The included file is read at that point. ;include = /boot/config/smb-permachine.conf.%m #Unraid settings we want to keep... ######## #Unraid identity settings that you need to update and change... settings to carry over # Generated names netbios name = YouUnraidNamer Defauilt Tower server string = RouterVM - Samba Server hide dot files = no server multi channel support = yes max open files = 40960 multicast dns register = No disable netbios = No local master = yes os level = 200 security = USER workgroup = WORKGROUP map to guest = Bad User passdb backend = smbpasswd ;null passwords = Yes idmap config * : backend = tdb idmap config * : range = 3000-7999 create mask = 0777 directory mask = 0777 bind interfaces only = yes #bind to interface is all we need... ip / interface name need in advace config with more than 3 adapters on a single host outside of bond / bridge of the nic adapters... ;interfaces = 192.168.1.2 127.0.0.1 #Unriad uses Backwards compatible lib pam for samba... # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. ;passdb backend = tdbsam #Unraid smb.conf settings to carry over... cat /etc/samba/smb.conf logging = syslog@0 # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null ########### #Unriad Unknown / Old Apple Fruit Conf... cat /etc/samba/smb-fruit.conf ;fruit:nfs_aces = No ;vfs objects = catia fruit streams_xattr ;fruit:encoding = native ########## #OSX Apple SMB2 samba File Settings Fix: fruit:encoding = native fruit:zero_file_id = false fruit:nfs_aces = false fruit:nfs_aces = No rpc_server:mdssvc = disabled rpc_daemon:mdssd = disabled fruit:encoding = native fruit:time machine max size = 0 #Unlimted fruit:time machine = True fruit:resource = stream fruit:metadata = stream vfs objects = catia fruit streams_xattr #========Other Settings that should be set (Some set by default named to guarantee this option...) #Domain/AD Server Settings # Server role. Defines in which mode Samba will operate. Possible # values are "standalone server", "member server", "classic primary # domain controller", "classic backup domain controller", "active # directory domain controller". # # Most people will want "standalone sever" or "member server". # Running as "active directory domain controller" will require first # running "samba-tool domain provision" to wipe databases and create a # new domain. ;domain master = yes server role = standalone server # Specifies the Kerberos or Active Directory realm the host is part of ;realm = MY_REALM # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The default is NO. dns proxy = no preferred master = yes name resolve order = bcast host lmhosts wins winbind request timeout = 5 # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ;wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ;wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ;wins proxy = yes #Needed by some Windows installs server sign auto #server signing = no server signing = auto strict locking = no ####Deprecating and securing settings: #old win95 and nt systems will neet NT1 for access to samba: NT1 and needs ntlm auth... #ntlm auth = yes #server min protocol = NT1 #Recomend Secure it more settings... ntlm auth = ntlmv1-permitted server min protocol = SMB2 #Control Client and Access #client min protocol = SMB2 #client max protocol = SMB3 #Depreciated but some may still need it... carry over from nt1 #lanman auth = no #lanman auth may no longer work... #null passwords = Yes #null passwords may not work... #File Path / Share Settings / Permission Access fixes follow symlinks = yes unix extensions = No wide links = Yes case sensitive = True default case = lower preserve case = yes short preserve case = yes guest ok = Yes acl allow execute always = Yes map hidden = Yes map system = Yes #posix locking = No #Guest Account needs to be defined this is a permission access issue and file permission set when windows/apple makes a unix file permission on unraid! # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used guest account = nobody #These should be set at share level... #force group = nogroup #force user = nobody #========Other Settings that should lookup and inspect for Performance tuning [increase and saturate your network for higher and faster file copying] #v -Warning Know your Numbers! #socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 #^ -Warning Know your Numbers! smbd max xattr size = 2097152 read raw = yes write raw = yes use sendfile = Yes #UnRaid disabled aio by default [ 0 = unlimited] aio read size = 0 aio write size = 0 #min receivefile size = 16384 #aio read size = 16384 #aio write size = 16384 # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ;logon path = \\%L\Profiles\%U # These scripts are used on a domain controller or stand-alone # machine to add or delete corresponding unix accounts ; add user script = /usr/sbin/useradd %u ; add group script = /usr/sbin/groupadd %g ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u ; delete user script = /usr/sbin/userdel %u ; delete user from group script = /usr/sbin/deluser %u %g ; delete group script = /usr/sbin/groupdel %g #============================ Share Definitions and Notes ============================== #Samba as Primary Domain Controller make a share sambadc and make 2 folders netlogon and profiles... # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /mnt/usrs/sambadc/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roaming profile shares # the default is to use the user's home directory ;[Profiles] ; path = /mnt/usrs/sambadc/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer ;[printers] ; comment = All Printers ; path = /usr/spool/samba ; browseable = no ; writable = no ; printable = yes # Set public = yes to allow user 'guest account' to print ; guest ok = no #^Printers disabled at Global settings... Saved for thoese who want samba to also be the printer server... #Restore Other Plugins # hook for user-defined samba config include = /boot/config/smb-extra.conf [global] # hook for unassigned devices shares include = /etc/samba/smb-unassigned.conf # auto-configured shares include = /etc/samba/smb-shares.conf To have this smb config take effect, you will need to install the user script plugin from the community apps page: This is my script that I found to work to allow unraid to generate its SMB config, then we remove that config and replace it with our own. We have the script run at array startup to replace the file to maintain settings and not break other places. Script to remove and replace #!/bin/bash sleep 30 rm /etc/samba/smb.conf cp /boot/config/smb-override.conf /etc/samba/smb.conf /etc/rc.d/rc.samba restart Before running the script you can confirm it replaces as you can run samba testparm to see the before and after. If testparm didn't run or error there, you must review your smb-overide script and fix any syntax / errors. Then run the script again. testparm etc... Some final notes: This has been stable and fixed for my network needs for over 2 weeks. And is stable Enough to make share web gui changes.... This doesn't fix the terparm notice for weak crypto. But enables and fixes other settings and actions I require on a network to file share without issues. It is a dry read, but I highly recommend looking over the many smb options a config can have. With samba, config placement and ordering is everything! Hope Unraid Devs clean up and move non webgui settings out of the weird smb config files in samba to make an easier include for the future. Notes for Unraid Devs: Not sure what was going on in apple past / unraid evolution of samba for apple to have the old fruits: "smb-fruit.conf". < this config is no longer beign called form what i can tell... Quite a few commands we want and don't want in smb-names.conf most of these setting have no business being in this config and SHOULD be in the main smb config.... Unraid's SMB web gui and shares is quite well done: the smb-shares.conf is perfect the way it is. this must be called at the end of the smb config to close the global option *Placement is everything... -- Plugins and addons may have an echo command attached to add at the end of the smb conf. I also run the unattended disk plugin and to use its shares we must add its include to have disk mount shares... Since the plugin adds this data at boot, and we remove, we need to add the plugins data to the smb-overide command as that is where it would have been... Community: This should also help other clients and user to leverage samba and the vpn / domain controller for ldap purposes... <Thats a entire different smb config and setting change! Since we don't have a normal package manager (from what I can tell of the kernel unraid sits closely related to the Debian environment) and the fact that we are missing libs to run LDAP stuff.... we may never have full DC/ldap support. Similar libs are missing to leverage python scripts and database for web scrapes. All in all Unraids SMB is not bad and ONLY ADVANCE SYSTEM USERS should attempt to edit and maintain their own smb config. Breaking this can break many other things within unraid! This may break in future release on unraid. AS of writing, this has been tested in latest stable 6.12.6 and found to be working... Edited February 8 by bmartino1 clean up smb conf and fix spelling Quote Link to comment
bmartino1 Posted March 3 Author Share Posted March 3 (edited) Upgraded to unriad v6.12.8. Glad the devs used some of the samba config options and fixed quite a bit. Here is my updated - cleaned up config that I run and seems to be stable. # #======================= Global Settings ===================================== [global] # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting. # Note: Consider carefully the location in the configuration file of # this line. The included file is read at that point. ;include = /usr/local/samba/lib/smb.conf.%m #UnRaid Default Configurable Identification netbios name = BMM-Unraid server string = VM - Docker Server hide dot files = no server multi channel support = yes max open files = 40960 multicast dns register = No disable netbios = No local master = yes os level = 200 security = USER workgroup = WORKGROUP map to guest = Bad User passdb backend = smbpasswd ;null passwords = Yes idmap config * : backend = tdb idmap config * : range = 3000-7999 create mask = 0777 directory mask = 0777 bind interfaces only = yes ;interfaces = 192.168.1.254 127.0.0.1 # log stuff only to syslog logging = syslog@0 # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null # disable aio by default aio read size = 0 aio write size = 0 # misc. #invalid users = root unix extensions = No wide links = Yes use sendfile = Yes host msdfs = No # ease upgrades from Samba 3.6 acl allow execute always = Yes #========Other Settings that should be set #Security: ntlm auth = ntlmv1-permitted server min protocol = SMB2 #Domain/AD Server Settings local master = yes dns proxy = no preferred master = yes server role = standalone server name resolve order = host wins lmhosts bcast winbind request timeout = 5 server signing = auto strict locking = no #File Path / share Settings follow symlinks = yes guest account = nobody guest ok = Yes map hidden = Yes map system = Yes case sensitive = True default case = lower preserve case = yes short preserve case = yes #Apple SMB2 samba File Settings fruit:encoding = native fruit:zero_file_id = false fruit:nfs_aces = false fruit:nfs_aces = No rpc_server:mdssvc = disabled rpc_daemon:mdssd = disabled fruit:encoding = native fruit:time machine max size = 0 #Unlimted fruit:time machine = True fruit:resource = stream fruit:metadata = stream vfs objects = catia fruit streams_xattr #Performance tuning smbd max xattr size = 2097152 #posix locking = No read raw = yes write raw = yes use sendfile = Yes #min receivefile size = 16384 #aio read size = 16384 #aio write size = 16384 [global] # hook for unassigned devices shares include = /etc/samba/smb-unassigned.conf # auto-configured shares include = /etc/samba/smb-shares.conf Edited April 8 by bmartino1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.