5-3 smb.conf 的設定

這是唯一的重點

#======================= Global Settings =====================================
[global]
# 工作群組
workgroup = hbes
server string = Samba Server
netbios name = fs
security = user
encrypt passwords = true
#smb passwd file = /etc/samba/smbpasswd
name resolve order = lmhosts bcast host

#允許可以連線的範圍，原來這一個並沒有設定就能正常使用，但使用RouterOS的 VPN 連線進來卻無法使用，這時就要指定連線範圍才能讓 VPN 連線使用 samba
;   hosts allow = 192.168.1. 192.168.2. 127.
hosts allow = 192.168.8. 192.168.6. 172.20.2. 172.20.1. 163.23.108.

;   local master = no ****************************************************************************************
        local master = no

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
;   domain master = yes *********************************************************************
        domain master = yes

# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
        domain logons = yes

        logon drive = t:

        logon home = \\%L\%U

# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
;   logon script = %m.bat
# run a specific logon batch file per username
;   logon script = %U.bat
        logon script = U.bat

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
        dns proxy = no
        username map = /etc/samba/smbusers

#============================ ���ɥؿ��w�q�Ͽ ==============================
#使用者的家目錄設定
#browseable =no  別人無法看到你的家目錄
# writeable = yes 允許使用者可以讀寫

[homes]
        comment = Home Directories
        browseable = no
        writeable = yes

[行政辦公]
        comment = 漢寶國小檔案伺服器
        path = /home/T1/samba/行政辦公
        writeable = yes
        browseable = yes
#       允許名單：行政人員(校長、主任、組長)、任職教師(級任教師、科任教師)、校護、替代役
#　　把所有開放可以使用的人員的帳號，全部都寫在底下這一行，這樣，它們在使用
#　　\\sambaserver 時，才看得到 行政辦公這個分享目錄
        valid users = userid1,  userid2,  userid3,  userid4,  userid5,  userid6,  userid7,  userid8,  ......

        hide unreadable = yes
        printable = no

# 這個分享目錄是給上電腦課的學生使用的
[student]
        path = /home/student
        writeable = yes
        browseable = yes
        hide unreadable = yes
#　允許名單：網管，級任教師(如果要開放的話)，班級學生(每一個班級在/etc/group 建立該班級的群組)
#　上方教師使用的 行政辦公 也可以使用群組的方式
        valid users = teacherid,級任教學1,級任教學2,@st3A,@st3B,@st4A,@st4B,@st5A,@st5B,@st6A,@st6B

# @st3A 表示在 /etc/group 裡 st3A 這個群組裡的所以成員