Samba Default smb.conf and a provision for file server roles.

Andrew Bartlett abartlet at
Mon Sep 3 17:17:20 MDT 2012

On Tue, 2012-08-28 at 14:21 -0500, Ricky Nance wrote:
> Hey all, gonna hop on a soap box for a bit here, so I apologize in advance.
> My complaint is the distro specific smb.conf being 'overly helpful'.

I'm not sure if the issue is distro-specific.  The distributions didn't
do this on their own, we helped them!  The examples/smb.conf.default is
the basis for some of this pain, and this much we can fix. 

>  I have
> had several issues lately with people using these as a basis to setup
> simple (generally anonymous) file sharing. The issue is they uncomment many
> items that don't even pertain to their setup. In general you only need
> about 4 or 5 lines under global to do this, most configs I have seen have
> somewhere around 15-20 lines, many that actually hinder their setup. One
> very specific thing I have seen is [global] containing lines like security
> = share (which is now depreciated), others include interfaces =,
>  and valid users = root. I have also seen in [share] writable = yes, and
> while this is not wrong, I have see issues that were fixed by simply
> changing that line to read only = no (a different code path as I understand
> it).
> Now, what I am proposing with samba 4 is that we use something that has
> made my life much easier, provision, to generate this file and possibly
> move away from distro specific configs. I understand that there may be
> complications in doing this, but for the simple things it will make the end
> user experience much better. I also understand that this may not work well
> with something like a Samba 3 + LDAP setup, but to be honest that is
> something that should be discouraged, unless there is some need for that
> specific LDAP setup. I think there are many users that only use LDAP for
> samba related purposes (I was one of them once), but lets face it, MOST
> programs will read from Active Directory as good, or even better than, they
> read from LDAP.
> On that note with users only wanting to use the file sharing option of
> samba, it does not make sense to me to install active directory. When using
> the file server only, you typically only need to spawn smbd and nmbd,
> however with samba 4 using the samba bin, I feel like samba should be
> parsing the smb.conf and then deciding what to spawn, otherwise we will get
> into a bad scenario with init files not working right.
> Anyway, I'd like to get a little feedback on the list as to what direction
> samba will be taking on this as well as what the users think of this
> approach.

I think our very first step should be to examine the smb.conf.default
and remove entries that the vast majority of users do not need.  For
example, most of the browsing/master options I think should be removed. 

Then yes, we should look into running provision for the member server
case, and particularly once we merge the winbindd implementations, have
a 'samba will work it out' configuration based on just running 'samba'
and it spawining the right combination of other services based on the

Andrew Bartlett
Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list