Mike Fedyk mfedyk at
Tue Oct 24 18:26:07 GMT 2000

patthegreat at wrote:
> Hi,
> I guess I should have been a little more clear in my question.
> We are running a windows network with a server appliance that runs linux.  the programs that lock it up are dbase (a dos data base program) and almail an email program both of these worked fine on when we used windows 2000 shared files.
> now the windows machines crash each time more than one accesses the same program.

I'm going to assume that you have samba version 2.0 or higher....

> here is my smb.conf file ... please explain what I have done wrong
> ;  Samba Configuration
> ;  Revision 1.0 for the 2700RJ, jdblair at 17.oct.98
> ;
> ;
> [global]
>    alternate permissions = no
              This is a deprecated parameter. It  no  longer  has
              any  effect  in  Samba2.0.  In previous versions of
              Samba it affected  the  way  the  DOS  "read  only"
              attribute was mapped for a file. In Samba2.0 a file
              is marked "read only" if the  UNIX  file  does  not
              have  the  ´w´  bit  set for the owner of the file,
              regardless if the owner of the  file  is  the  cur­
              rently logged on user or not.
This should be set for each share, because it isn't a global option.  I would
remove it.

>    dead time = 5

>    default case = upper

>    locking = no
bad bad

              This  controls  whether or not locking will be per­
              formed by the server in response to  lock  requests
              from the client.

              If  "locking  =  no",  all lock and unlock requests
              will appear to succeed and all  lock  queries  will
              indicate that the queried lock is clear.

              If  "locking = yes", real locking will be performed
              by the server.

              This option may be useful for read-only filesystems
              which  may not need locking (such as cdrom drives),
              although setting this  parameter  of  "no"  is  not
              really recommended even in this case.

              Be  careful about disabling locking either globally
              or in a specific service, as lack  of  locking  may
              result in data corruption. You should never need to
              set this parameter.

turn back to "yes"

>    map hidden = yes
       map hidden (S)

              This controls whether DOS style hidden files should
              be mapped to the UNIX world execute bit.

              Note that this requires the "create mask" to be set
              such  that  the world execute bit is not masked out
              (i.e. it must include 001). See the parameter "cre­
              ate mask" for details.

                   map hidden = no

Unless you know you want this, take it out.

>    map system = yes
       map system (S)

              This controls whether DOS style system files should
              be mapped to the UNIX group execute bit.

              Note that this requires the "create mask" to be set
              such  that  the group execute bit is not masked out
              (i.e. it  must  include  010).  See  the  parameter

              "create mask" for details.

                   map system = no

>    oplocks = no
       oplocks (S)

              This boolean option tells  smbd  whether  to  issue
              oplocks (opportunistic locks) to file open requests
              on this share. The  oplock  code  can  dramatically
              (approx.  30%  or more) improve the speed of access
              to files on Samba servers. It allows the clients to
              aggressively  cache  files locally and you may want
              to disable this option for unreliable network envi­
              ronments  (it is turned on by default in Windows NT
              Servers).   For  more  information  see  the   file
              Speed.txt in the Samba docs/ directory.

              Oplocks  may  be  selectively turned off on certain
              files on a per share basis.  See the  ´veto  oplock
              files´  parameter. On some systems oplocks are rec­
              ognized by the underlying  operating  system.  This
              allows  data  synchronization between all access to
              oplocked files, whether it be via Samba or NFS or a
              local  UNIX process. See the kernel oplocks parame­
              ter for details.

              See also the "kernel oplocks" and "level2  oplocks"

              Default:      oplocks = True

turn it back on.

>    os level = 1
       os level (G)

              This integer value controls what level Samba adver­
              tises itself as for browse elections. The value  of
              this parameter determines whether nmbd has a chance
              of becoming a local master browser  for  the  WORK­
              GROUP  in  the local broadcast area. The default is
              zero, which  means  nmbd  will  lose  elections  to

              Windows  machines.  See  BROWSING.txt  in the Samba
              docs/ directory for details.

              Default:      os level = 20

              Example:      os level =  65     ;  This  will  win
              against any NT Server

Do you really want your samba to be the master browser?  If you set it to be
master, and have your os level lower than another (possibly nt) server that
wants to be master, you will get a LOT of traffic on your network from the
constant elections.

Be careful!
>    preferred master = yes

read above

>    strict locking = yes
good, but conflicts with your no locking setting above.  keep this, and turn
locking back on.

>    veto files = /Network Trash Folder/
do you use netatalk too (ie, mac clients)?

> [home]
I don't think this share will conflict with your [homes] share, but I'd avoid
this share name, just in case.

> [kdps]
>   path = /home/groups/kdps
>   public = no
>   browseable = yes
>   writable = yes
>   printable = no
>   create mask = 0775
>   valid users = admin @kdps
>   force create mode = 0664
>   force directory mode = 0775
>   hide dot files = yes
> ;kdps END (do not delete this line)
> ;deskkit BEGIN (do not delete this line)
you're using an automated program to edit your config, huh?

Many of the things I've said above are directly from the manual.  run "man
smb.conf" and read the entire manual.  You'll thank me.

And remember, a lot of people would've just said "Read the F***ing Manual", but
I took the time.  Most won't.  Do yourself a favor and don't depend too much on

I'm attaching my smb.conf for you to take a look.

Mike Fedyk                   "They that can give up essential liberty
Information Systems           to obtain a little temporary safety
Match Mail Productions Inc.   deserve neither liberty nor safety."
mfedyk at                                   Ben Franklin
-------------- next part --------------
; Please see the manual page for smb.conf for detailed description of
;	every parameter.

   printing = bsd
   printcap name = /etc/printcap
   load printers = yes
   guest account = mmpguest
   invalid users = root
   deadtime =  5
   dos filetime resolution = True 
   follow symlinks = yes
   name resolve order = wins bcast lmhosts
   time server = True
;   debug level = 2
   lpq cache time = 10
   change notify timeout = 5
   ;;;;Network Accessabality
   interfaces =
   bind interfaces only = true
   socket address =
   dns proxy = no

;  set max time to live to 6 hours. default 3 days.
;  set max wins time to live to 12 hours. default 6 days
;  set min wins time to live to 30 mins. default 6 hours.
   max ttl = 21600
   max wins ttl = 43200
   min wins ttl = 1800
   wins support = yes
   security = domain
   map to guest = Bad User
   username map = /etc/samba/
   server string = %h server (Samba %v)
   encrypt passwords = yes
   workgroup = matchmail
   netbios name = Gateway
   netbios aliases = MMP-Linux
   password server  = mmp_nt
   ;;;;;Unseen files deteted with directories
   veto files  =  /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
   delete veto files = True

   strict locking = yes
   oplocks = yes
   kernel oplocks = yes
   level2 oplocks = yes

; This socket options really speed up Samba under Linux, according to my
;	own tests.
;   socket options = SO_SNDBUF=4096 SO_RCVBUF=4096

; Please read BROWSING.txt and set the next four parameters according
;	to your network setup. There is no valid default so they are commented
;	out.
os level = 30
domain master = no
local master = no
preferred master = no

; This boolean parameter controlls whether Samba attempts to sync. the Unix
;	password with the SMB password when the encrypted SMB password in the
;	/etc/samba/smbpasswd file is changed.
   unix password sync = true

; For Unix password sync. to work on a Debian GNU/Linux system, the following
;	parameters must be set (thanks to Culus for pointing this out):
   passwd program = /usr/bin/passwd %u
   passwd chat = *New\spassword:* %n\n *Re-enter\snew\spassword:* %n\n *Password\schanged.* .

; The following parameter is useful only if you have the linpopup package
;	installed. The samba maintainer and the linpopup maintainer are
;	working to ease installation and configuration of linpopup and samba.
;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

; The default maximum log file size is 5 MBytes. That's too big so this
;	next parameter sets it to 1 MByte. Currently, Samba rotates log
;	files (/var/log/{smb,nmb} in Debian) when these files reach 1000 KBytes.
;	A better solution would be to have Samba rotate the log file upon
;	reception of a signal, but for now on, we have to live with this.
   max log size = 1000

   comment = %U's Home Dir
   available = yes
   browsable = no
   read only = no
   create mask = 0700
   directory mask = 0700
   hide dot files = yes

   comment = All Printers
   available = yes
   path = /tmp
   printable = yes
   guest ok = yes
   writable = no
   read only = yes
   create mode = 0700

   browseable = yes
   available = no
   comment = Default
   public = yes
   writable = yes
   create mask = 0660
   directory mask = 4770
   hide dot files = yes
   path = /tmp
   copy = default
   comment = Hot backup of Applications on mmp_nt
   path = /var/share/mmp/applications
   available = yes

;   copy = default
;   comment = Automatically Downloaded Files
;   path = /var/share/mmp/auto_download
;   available = yes

   copy = default
   comment = Files common to all Depts
   path = /var/share/mmp/common_files
   available = yes

   copy = default
   comment = Data Files
   path = /var/share/mmp/data
   available = yes

   copy = default
   comment = Data Processing
   path = /var/share/mmp/dp
   available = yes

   copy = default
   comment = Executive
   path = /var/share/mmp/executive
   available = yes

   copy = default
   comment = MMP FTP Files
   path = /var/share/mmp/ftp
   available = yes

   copy = default
   comment = Fulfillment
   path = /var/share/mmp/fulfillment
   available = yes

;   copy = default
;   comment = Soon to be removed
;   path = /var/share/mmp/the_mac_file_server
;   available = yes

;   copy = default
;   comment = Same as common_files - Will be removed eventually
;   path = /var/share/mmp/common_files
;   available = yes

   copy = default
   comment = Management Information Systems
   path = /var/share/mmp/mis
   available = yes

   copy = default
   comment = Project Managers
   path = /var/share/mmp/project_managers
   available = yes

   copy = default
   comment = Project Manager Supervisors
   path = /var/share/mmp/pm_supervisors
   available = yes

   copy = default
   comment = production
   path = /var/share/mmp/production
   available = yes

   copy = default
   comment = sales
   path = /var/share/mmp/sales
   available = yes

   copy = default
   comment = Web Sites
   path = /var/www
   available = yes

More information about the samba mailing list