The smb.conf file must be created and put in your samba lib directory. To demonstrate how this should be done, we will look at my samba configuration file with comments. There are many more options, but the important ones will be presented and discussed here.
We'll begin with the global configuration
[global] # The workgroup option sets the name for the Workgroup/Domain workgroup = RTL # The server string is what clients will see when # browsing shares in network neighborhood. This name is # arbitrary and can be whatever you want. server string = Crosu Remote Teaching Lab # The guest account sets the UNIX username that should be used # when a guest accesses shares (for permissions). It must be a # valid unix username guest account = nobody # Sets the OS Level used by samba in elections os level = 65 # Level of verbosity in loggin, may be from 1 to 10 log level = 2 # Security level used by samba to authenticate security = user # Whether to encrypt passwords encrypt passwords = yes # If we are a domain master browser. This should only be set # if we are using samba as a PDC. Most people will not be, and # should leave this out to use the default value of no domain master = yes # Whether we want to handle authentication for the domain. Again # only set if you are using samba as a PDC domain logons = yes # Whether we want Samba to be a Preferred Master Browser prefered master = yes # The default home directory for users home directories for use # in the homes share. This is the SMB path, not the unix path. If # I try to log in as user ccunning to the samba server SOCRATES, # the following will resolve to \\SOCRATES\ccunning. logon home = \\%N\%U # This stores the path to NT profiles if you are Samba is acting # as a primary domain controller. If you are not, leave this option out logon path = \\%N\%U\profiles # This sets a script to be executed when a users logs into a machine # on the domain. Again, only for PDC functionality. The script must # be stores in the directory specified by the [netlogin] share logon script = login.bat # This is a list of what hosts are allowed to connect to Samba. It may # contain partial matches. For example, 128.146.110. would allow all # machines on that subnet to connect. You may also use hosts deny. hosts allow = 128.146.110.17 128.146.110.46 # This tells samba if it should function as a WINS server. For clients # to be able to browse the network, you must have a WINS Server. If you # do not already have a wins server, you should say yes here. If you do # already have on (be it samba or NT), you should specify it with the # option wins server = IP wins support = yes # This is a list of users who's actions on the share should be # executed as root on the UNIX side. admin users = ccunning # A list of UNIX users and groups that should not be allowed to # connect invalid users = root bin daemon adm sync shutdown www # This determines if samba should syncronize samba passwords with # unix passwords if we are using encrypted passwords. If you set this # to yes, the unix password will be updated when the user changes # their samba password from either the client windows machine or the # unix command line. unix password sync = yes # This should be the command used to execute the unix passwd program passwd program = /usr/bin/passwd %u # This is used to allow samba to interact with the password program. # The following should work for most systems. The line is an # expect-respond string. Below, samba will listen for the word password # which may be preceeded or followed by anything (* matches all), and # will then send the new password (%n) followed by a new line. It will do # this again (as most password programs require confirmation), and then # look for the word successful to indicate success. passwd chat = *password* %n\n *password* %n\n *successful* # This option sets a file that can be used to map NT Groups to # UNIX groups. The file should have entries of UNIX Group = NT Group. # All unix groups must have valid entries in /etc/group domain group map = /opt/samba/lib/domaingroup.map # Same as the domain group map, except it maps unix users to nt users domain user map = /opt/samba/lib/domainuser.map