Appendix ソースからインストールしたSamba4の設定初期値
どのように設定が反映されているかは testparm コマンドで確認できます。
-vオプションを付けることでデフォルト値を確認することができます。
環境
OS:RockyLinux 9.2
Samba:Samba 4.18.4
testparm -s
[root@rocky9-samba43 ~]#
[root@rocky9-samba43 ~]# testparm -s
Load smb config files from /usr/local/samba/etc/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)
Server role: ROLE_STANDALONE
# Global parameters
[global]
dns proxy = No
log file = /usr/local/samba/var/log.%m
max log size = 50
server role = standalone server
server string = Samba Server
workgroup = MYGROUP
idmap config * : backend = tdb
[homes]
browseable = No
comment = Home Directories
read only = No
[printers]
browseable = No
comment = All Printers
path = /usr/spool/samba
printable = Yes
[root@rocky9-samba43 ~]#testparm -sv
[root@rocky9-samba43 ~]#
[root@rocky9-samba43 ~]# testparm -sv
Load smb config files from /usr/local/samba/etc/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)
Server role: ROLE_STANDALONE
# Global parameters
[global]
abort shutdown script =
add group script =
additional dns hostnames =
add machine script =
addport command =
addprinter command =
add share command =
add user script =
add user to group script =
afs token lifetime = 604800
afs username map =
aio max threads = 100
algorithmic rid base = 1000
allow dcerpc auth level connect = No
allow dns updates = secure only
allow insecure wide links = No
allow nt4 crypto = No
allow trusted domains = Yes
allow unsafe cluster upgrade = No
apply group policies = No
async dns timeout = 10
async smb echo handler = No
auth event notification = No
auto services =
binddns dir = /usr/local/samba/bind-dns
bind interfaces only = No
browse list = Yes
cache directory = /usr/local/samba/var/cache
change notify = Yes
change share command =
check password script =
cldap port = 389
client ipc max protocol = default
client ipc min protocol = default
client ipc signing = default
client lanman auth = No
client ldap sasl wrapping = seal
client max protocol = default
client min protocol = SMB2_02
client NTLMv2 auth = Yes
client plaintext auth = No
client protection = default
client schannel = Yes
client signing = default
client smb encrypt = default
client smb3 encryption algorithms = AES-128-GCM, AES-128-CCM, AES-256-GCM, AES-256-CCM
client smb3 signing algorithms = AES-128-GMAC, AES-128-CMAC, HMAC-SHA256
client use kerberos = desired
client use spnego principal = No
client use spnego = Yes
cluster addresses =
clustering = No
config backend = file
config file =
create krb5 conf = Yes
ctdbd socket =
ctdb locktime warn threshold = 0
ctdb timeout = 0
cups connection timeout = 30
cups encrypt = No
cups server =
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
deadtime = 10080
debug class = No
debug encryption = No
debug hires timestamp = Yes
debug pid = No
debug prefix timestamp = No
debug syslog format = No
winbind debug traceid = No
debug uid = No
dedicated keytab file =
default service =
defer sharing violations = Yes
delete group script =
deleteprinter command =
delete share command =
delete user from group script =
delete user script =
dgram port = 138
disable netbios = No
disable spoolss = No
dns forwarder =
dns port = 53
dns proxy = No
dns update command = /usr/local/samba/sbin/samba_dnsupdate
dns zone scavenging = No
dns zone transfer clients allow =
dns zone transfer clients deny =
domain logons = No
domain master = Auto
dos charset = CP850
dsdb event notification = No
dsdb group change notification = No
dsdb password event notification = No
enable asu support = No
enable core files = Yes
enable privileges = Yes
encrypt passwords = Yes
enhanced browsing = Yes
enumports command =
eventlog list =
get quota command =
getwd cache = Yes
gpo update command = /usr/local/samba/sbin/samba-gpupdate
guest account = nobody
host msdfs = Yes
hostname lookups = No
idmap backend = tdb
idmap cache time = 604800
idmap gid =
idmap negative cache time = 120
idmap uid =
include system krb5 conf = Yes
init logon delay = 100
init logon delayed hosts =
interfaces =
iprint server =
kdc default domain supported enctypes = 0
kdc enable fast = Yes
kdc force enable rc4 weak session keys = No
kdc supported enctypes = 0
keepalive = 300
kerberos encryption types = all
kerberos method = default
kernel change notify = Yes
kpasswd port = 464
krb5 port = 88
lanman auth = No
large readwrite = Yes
ldap admin dn =
ldap connection timeout = 2
ldap debug level = 0
ldap debug threshold = 10
ldap delete dn = No
ldap deref = auto
ldap follow referral = Auto
ldap group suffix =
ldap idmap suffix =
ldap machine suffix =
ldap max anonymous request size = 256000
ldap max authenticated request size = 16777216
ldap max search request size = 256000
ldap page size = 1000
ldap passwd sync = no
ldap replication sleep = 1000
ldap server require strong auth = Yes
ldap ssl = start tls
ldap suffix =
ldap timeout = 15
ldap user suffix =
lm announce = Auto
lm interval = 60
load printers = Yes
local master = Yes
lock directory = /usr/local/samba/var/lock
lock spin time = 200
log file = /usr/local/samba/var/log.%m
logging =
log level = 1
log nt token command =
logon drive =
logon home = \\%N\%U
logon path = \\%N\%U\profile
logon script =
log writeable files on exit = No
lpq cache time = 30
lsa over netlogon = No
machine password timeout = 604800
mangle prefix = 1
mangling method = hash2
map to guest = Never
max disk size = 0
max log size = 50
max mux = 50
max open files = 16424
max smbd processes = 0
max stat cache size = 512
max ttl = 259200
max wins ttl = 518400
max xmit = 16644
mdns name = netbios
message command =
min domain uid = 1000
min receivefile size = 0
min wins ttl = 21600
mit kdc command =
multicast dns register = Yes
name cache timeout = 660
name resolve order = lmhosts wins host bcast
nbt client socket address = 0.0.0.0
nbt port = 137
ncalrpc dir = /usr/local/samba/var/run/ncalrpc
netbios aliases =
netbios name = ROCKY9-SAMBA43
netbios scope =
neutralize nt4 emulation = No
nmbd bind explicit broadcast = Yes
nsupdate command = /usr/bin/nsupdate -g
nt hash store = always
ntlm auth = ntlmv2-only
nt pipe support = Yes
ntp signd socket directory = /usr/local/samba/var/lib/ntp_signd
nt status support = Yes
null passwords = No
obey pam restrictions = No
old password allowed period = 60
oplock break wait time = 0
os2 driver map =
os level = 20
pam password change = No
panic action =
passdb backend = tdbsam
passdb expand explicit = No
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
passwd chat timeout = 2
passwd program =
password hash gpg key ids =
password hash userPassword schemes =
password server = *
perfcount module =
pid directory = /usr/local/samba/var/run
preferred master = Auto
prefork backoff increment = 10
prefork children = 4
prefork maximum backoff = 120
preload modules =
printcap cache time = 750
printcap name =
private dir = /usr/local/samba/private
raw NTLMv2 auth = No
read raw = Yes
realm =
registry shares = No
reject md5 clients = Yes
reject md5 servers = Yes
remote announce =
remote browse sync =
rename user script =
require strong key = Yes
reset on zero vc = No
restrict anonymous = 0
root directory =
rpc big endian = No
rpc server dynamic port range = 49152-65535
rpc server port = 0
rpc start on demand helpers = Yes
samba kcc command = /usr/local/samba/sbin/samba_kcc
security = AUTO
server max protocol = SMB3
server min protocol = SMB2_02
server multi channel support = Yes
server role = standalone server
server schannel = Yes
server schannel require seal = Yes
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
server signing = default
server smb3 encryption algorithms = AES-128-GCM, AES-128-CCM, AES-256-GCM, AES-256-CCM
server smb3 signing algorithms = AES-128-GMAC, AES-128-CMAC, HMAC-SHA256
server string = Samba Server
set primary group script =
set quota command =
show add printer wizard = Yes
shutdown script =
smb1 unix extensions = Yes
smb2 disable lock sequence checking = No
smb2 disable oplock break retry = No
smb2 leases = Yes
smb2 max credits = 8192
smb2 max read = 8388608
smb2 max trans = 8388608
smb2 max write = 8388608
smb3 unix extensions = No
smbd profiling level = off
smb passwd file = /usr/local/samba/private/smbpasswd
smb ports = 445 139
socket options = TCP_NODELAY
spn update command = /usr/local/samba/sbin/samba_spnupdate
stat cache = Yes
state directory = /usr/local/samba/var/locks
svcctl list =
syslog = 1
syslog only = No
template homedir = /home/%D/%U
template shell = /bin/false
time server = No
timestamp logs = Yes
tls cafile = tls/ca.pem
tls certfile = tls/cert.pem
tls crlfile =
tls dh params file =
tls enabled = Yes
tls keyfile = tls/key.pem
tls priority = NORMAL:-VERS-SSL3.0
tls verify peer = as_strict_as_possible
unicode = Yes
unix charset = UTF-8
unix password sync = No
use mmap = Yes
username level = 0
username map =
username map cache time = 0
username map script =
usershare allow guests = No
usershare max shares = 0
usershare owner only = Yes
usershare path = /usr/local/samba/var/locks/usershares
usershare prefix allow list =
usershare prefix deny list =
usershare template share =
utmp = No
utmp directory =
winbind cache time = 300
winbindd socket directory = /usr/local/samba/var/run/winbindd
winbind enum groups = No
winbind enum users = No
winbind expand groups = 0
winbind max clients = 200
winbind max domain connections = 1
winbind nested groups = Yes
winbind normalize names = No
winbind nss info = template
winbind offline logon = No
winbind reconnect delay = 30
winbind refresh tickets = No
winbind request timeout = 60
winbind rpc only = No
winbind scan trusted domains = No
winbind sealed pipes = Yes
winbind separator = \
winbind use default domain = No
winbind use krb5 enterprise principals = Yes
wins hook =
wins proxy = No
wins server =
wins support = No
workgroup = MYGROUP
write raw = Yes
wtmp directory =
idmap config * : backend = tdb
access based share enum = No
acl allow execute always = No
acl check permissions = Yes
acl flag inherited canonicalization = Yes
acl group control = No
acl map full control = Yes
administrative share = No
admin users =
afs share = No
aio read size = 1
aio write behind =
aio write size = 1
allocation roundup size = 0
available = Yes
blocking locks = Yes
block size = 1024
browseable = Yes
case sensitive = Auto
check parent directory delete on close = No
comment =
copy =
create mask = 0744
csc policy = manual
cups options =
default case = lower
default devmode = Yes
delete readonly = No
delete veto files = No
dfree cache time = 0
dfree command =
directory mask = 0755
directory name cache size = 100
dmapi support = No
dont descend =
dos filemode = No
dos filetime resolution = No
dos filetimes = Yes
durable handles = Yes
ea support = Yes
fake directory create times = No
fake oplocks = No
follow symlinks = Yes
smbd force process locks = No
force create mode = 0000
force directory mode = 0000
force group =
force printername = No
force unknown acl user = No
force user =
fstype = NTFS
guest ok = No
guest only = No
hide dot files = Yes
hide files =
hide new files timeout = 0
hide special files = No
hide unreadable = No
hide unwriteable files = No
honor change notify privilege = No
hosts allow =
hosts deny =
include =
inherit acls = No
inherit owner = no
inherit permissions = No
invalid users =
kernel oplocks = No
kernel share modes = No
level2 oplocks = Yes
locking = Yes
lppause command =
lpq command = %p
lpresume command =
lprm command =
magic output =
magic script =
mangled names = illegal
mangling char = ~
map acl inherit = No
map archive = Yes
map hidden = No
map readonly = no
map system = No
max connections = 0
max print jobs = 1000
max reported print jobs = 0
min print space = 0
msdfs proxy =
msdfs root = No
msdfs shuffle referrals = No
nt acl support = Yes
ntvfs handler = unixuid, default
oplocks = Yes
path =
posix locking = Yes
postexec =
preexec =
preexec close = No
preserve case = Yes
printable = No
print command =
printer name =
printing = cups
printjob username = %U
print notify backchannel = No
queuepause command =
queueresume command =
read list =
read only = Yes
root postexec =
root preexec =
root preexec close = No
server addresses =
server smb encrypt = default
short preserve case = Yes
smbd async dosmode = No
smbd getinfo ask sharemode = Yes
smbd max async dosmode = 0
smbd max xattr size = 65536
smbd search ask sharemode = Yes
spotlight = No
spotlight backend = noindex
store dos attributes = Yes
strict allocate = No
strict locking = Auto
strict rename = No
strict sync = Yes
sync always = No
use client driver = No
use sendfile = No
valid users =
veto files =
veto oplock files =
vfs objects =
volume =
volume serial number = -1
wide links = No
write list =
[homes]
browseable = No
comment = Home Directories
read only = No
[printers]
browseable = No
comment = All Printers
path = /usr/spool/samba
printable = Yes
[root@rocky9-samba43 ~]#この記事が気に入ったらサポートをしてみませんか?