Frequently Asked Questions: Difference between revisions
(added example) |
Mmuehlfeld (talk | contribs) m (Updated link) |
||
(7 intermediate revisions by 4 users not shown) | |||
Line 35: | Line 35: | ||
</tr> |
</tr> |
||
<tr> |
<tr> |
||
<td>messages.tdb</td><td>Samba messaging system</td> |
<td>messages.tdb</td><td>Samba [[messaging]] system</td> |
||
</tr> |
</tr> |
||
<tr> |
<tr> |
||
Line 91: | Line 91: | ||
secrets.tdb |
secrets.tdb |
||
passdb.tdb |
passdb.tdb |
||
==Example== |
|||
To back up printing.tdb: |
|||
<nowiki>root# ls |
|||
. browse.dat locking.tdb ntdrivers.tdb printing.tdb |
|||
.. share_info.tdb connections.tdb messages.tdb ntforms.tdb |
|||
printing.tdbkp unexpected.tdb brlock.tdb gmon.out namelist.debug |
|||
ntprinters.tdb sessionid.tdb |
|||
⚫ | |||
root# tdbbackup -s .bak printing.tdb |
|||
printing.tdb : 135 records |
|||
root# ls -l printing.tdb* |
|||
-rw------- 1 root root 40960 May 2 03:44 printing.tdb |
|||
-rw------- 1 root root 40960 May 2 03:44 printing.tdb.bak</nowiki> |
|||
⚫ | |||
==vfs - An example for a recycle container on a samba share == |
==vfs - An example for a recycle container on a samba share == |
||
Line 122: | Line 139: | ||
==guest access== |
==guest access== |
||
To provide Guest Access to samba please see the page: [[Setting_up_Samba_as_a_Standalone_Server|Setting up Samba as a Standalone Server]] |
|||
The ''Guest'' account of the windows world is mapped to the user ''nobody'' in the unix world. This can be changed with the global option ''guest account'' which defaults to ''nobody''. Also the ''guest ok'' parameter on every share deafult to ''no''. The unix account ''nobody'' must exist in your account database. If the ''Guest'' has read or write access to the share depends on the mode bits of the path and wether the share has ''read only = no'' set. |
|||
To enable guest access to a share you need the following parameters in your smb.conf: |
|||
[global] |
|||
security = user |
|||
map to guest = Bad Password |
|||
⚫ | |||
[share_definition] |
|||
guest ok = yes |
|||
The other way to get public access is to use ''security = share''. Then all access is mapped to the ''guest account''. But this is not a good choice since you cant distinguish between authorized users and anonymous users. |
|||
⚫ | |||
[[Category:Category FAQ]] |
Latest revision as of 15:37, 7 January 2017
What are tdb files?
Answered by Jerry Carter on samba@lists.samba.org [1]
Samba uses a lightweight database called Trivial Database
(tdb). Here's the list (john, we should really document
this somewhere).
(*) information persistent across restarts (but not necessarily important to backup).
account_policy.tdb* | NT account policy settings such as pw expiration, etc... |
brlock.tdb | byte range locks |
browse.dat | browse lists |
connections.tdb | share connections (used to enforce max connections, etc...) |
gencache.tdb | generic caching db |
group_mapping.tdb* | group mapping information |
lang_en.tdb | Language encodings (i think). |
locking.tdb | share modes & oplocks |
login_cache.tdb* | bad pw attempts |
messages.tdb | Samba messaging system |
netsamlogon_cache.tdb* | cache of user net_info_3 struct from net_samlogon() request (as a domain member) |
ntdrivers.tdb* | installed printer drivers |
ntforms.tdb* | installed printer forms |
ntprinters.tdb* | installed printer information |
printing/ | directory containing tdb per print queue of cached lpq output |
registry.tdb | Windows registry skeleton (connect via regedit.exe) |
sessionid.tdb | session information (e.g. support for 'utmp = yes') |
share_info.tdb* | share acls |
unexpected.tdb | unexpected packet queue needed to support windows clients that respond on a difference port that the originating request) (i could be wrong on this one). |
winbindd_cache.tdb | winbindd's cache of user lists, etc... |
winbindd_idmap.tdb* | winbindd's local idmap db |
wins.dat* | wins database when 'wins support = yes' |
In the private subdirectory we have two more tdb files:
secrets.tdb* | Private information like workstation passwords, the ldap admin dn and trust account information |
passdb.tdb* | User account information if passdb backend = tdbsam is used |
The following tdb's should be backed up IMO:
nt*.tdb
account_policy.tdb
group_mapping.tdb
share_info.tdb
winbindd_idmap.tdb
secrets.tdb
passdb.tdb
Example
To back up printing.tdb:
root# ls . browse.dat locking.tdb ntdrivers.tdb printing.tdb .. share_info.tdb connections.tdb messages.tdb ntforms.tdb printing.tdbkp unexpected.tdb brlock.tdb gmon.out namelist.debug ntprinters.tdb sessionid.tdb root# tdbbackup -s .bak printing.tdb printing.tdb : 135 records root# ls -l printing.tdb* -rw------- 1 root root 40960 May 2 03:44 printing.tdb -rw------- 1 root root 40960 May 2 03:44 printing.tdb.bak ----
vfs objects = recycle recycle:keeptree = yes recycle:versions = yes recycle:touch = yes recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP recycle:exclude_dir= /tmp,/temp,/cache recycle:repository = .recycle/.recycle.%u recycle:noversions = *.doc,*.xls,*.ppt #hide files = /.recycle.*/.recycle/ #veto files = /.recycle.*/.recycle/
inherit permissions
Use the UNIX form of setgid to make all files and subdirectories belong to the enclosing group.
For example: the root directory for a samba share appears as:
# ls -ld /home/storage drwxrwxr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage
change the directory so all files & subdirectories created will belong to 'dom_users' group:
# chmod g+s /home/storage
verify the results:
# ls -ld /home/storage drwxrwsr-x 47 root dom_users 4096 Jan 31 08:09 /home/storage
if you create a new file 'abc' as user 'foo' who has the primary group 'users' the file is created as
# ls -ld /home/storage/* drwxrwsr-x 47 foo dom_users 4096 Jan 31 08:09 /home/storage/abc
guest access
To provide Guest Access to samba please see the page: Setting up Samba as a Standalone Server