char *tls_cafile; \
char *tls_crlfile; \
char *tls_dhpfile; \
- char *panic_action; \
int bPreferredMaster;
#include "param/param_global.h"
.iWriteCacheSize = 0,
.iCreate_mask = 0744,
.iCreate_force_mode = 0,
- .iSecurity_mask = 0777,
- .iSecurity_force_mode = 0,
.iDir_mask = 0755,
.iDir_force_mode = 0,
- .iDir_Security_mask = 0777,
- .iDir_Security_force_mode = 0,
.iMaxConnections = 0,
.iDefaultCase = CASE_LOWER,
.iPrinting = DEFAULT_PRINTING,
.bLocking = true,
.iStrictLocking = Auto,
.bPosixLocking = true,
- .bShareModes = true,
.bOpLocks = true,
.bKernelOplocks = false,
.bLevel2OpLocks = true,
.iDirectoryNameCacheSize = 100,
#endif
.ismb_encrypt = SMB_SIGNING_DEFAULT,
+ .bKernelShareModes = true,
+ .bDurableHandles = true,
.param_opt = NULL,
.dummy = ""
};
case PRINT_CUPS:
case PRINT_IPRINT:
-#ifdef HAVE_CUPS
/* set the lpq command to contain the destination printer
name only. This is used by cups_queue_get() */
string_set(&pService->szLpqcommand, "%p");
string_set(&pService->szLpresumecommand, "");
string_set(&pService->szQueuepausecommand, "");
string_set(&pService->szQueueresumecommand, "");
-#else
- string_set(&pService->szLpqcommand, "lpq -P'%p'");
- string_set(&pService->szLprmcommand, "lprm -P'%p' %j");
- string_set(&pService->szPrintcommand, "lpr -P'%p' %s; rm %s");
- string_set(&pService->szLppausecommand, "lp -i '%p-%j' -H hold");
- string_set(&pService->szLpresumecommand, "lp -i '%p-%j' -H resume");
- string_set(&pService->szQueuepausecommand, "disable '%p'");
- string_set(&pService->szQueueresumecommand, "enable '%p'");
-#endif /* HAVE_CUPS */
break;
case PRINT_SYSV:
string_set(&pService->szPrintcommand, "lp -r -P%p %s");
break;
-#if defined(DEVELOPER) || defined(ENABLE_SELFTEST) || defined(ENABLE_BUILD_FARM_HACKS)
+#if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
case PRINT_TEST:
case PRINT_VLP: {
Globals.max_log_size = 5000;
Globals.max_open_files = max_open_files();
Globals.open_files_db_hash_size = SMB_OPEN_DATABASE_TDB_HASH_SIZE;
- Globals.srv_maxprotocol = PROTOCOL_SMB2_10;
+ Globals.srv_maxprotocol = PROTOCOL_SMB3_00;
Globals.srv_minprotocol = PROTOCOL_LANMAN1;
Globals.security = SEC_USER;
Globals.bEncryptPasswords = true;
/* Printers cannot be read_only. */
ServicePtrs[i]->bRead_only = false;
- /* No share modes on printer services. */
- ServicePtrs[i]->bShareModes = false;
/* No oplocks on printer services. */
ServicePtrs[i]->bOpLocks = false;
/* Printer services must be printable. */
static bool handle_realm(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
{
bool ret = true;
- char *realm = strupper_talloc(talloc_tos(), pszParmValue);
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *realm = strupper_talloc(frame, pszParmValue);
char *dnsdomain = strlower_talloc(realm, pszParmValue);
ret &= string_set(&Globals.szRealm, pszParmValue);
ret &= string_set(&Globals.szRealm_upper, realm);
ret &= string_set(&Globals.szRealm_lower, dnsdomain);
- TALLOC_FREE(realm);
+ TALLOC_FREE(frame);
return ret;
}
}
/***************************************************************************
- Initialize any local varients in the sDefault table.
+ Initialize any local variables in the sDefault table, after parsing a
+ [globals] section.
***************************************************************************/
void init_locals(void)
{
- /* None as yet. */
+ /*
+ * We run this check once the [globals] is parsed, to force
+ * the VFS objects and other per-share settings we need for
+ * the standard way a AD DC is operated. We may change these
+ * as our code evolves, which is why we force these settings.
+ *
+ * We can't do this at the end of lp_load_ex(), as by that
+ * point the services have been loaded and they will already
+ * have "" as their vfs objects.
+ */
+ if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
+ const char **vfs_objects = lp_vfs_objects(-1);
+ if (!vfs_objects || !vfs_objects[0]) {
+ if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
+ } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
+ } else {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
+ }
+ }
+
+ lp_do_parameter(-1, "map hidden", "no");
+ lp_do_parameter(-1, "map system", "no");
+ lp_do_parameter(-1, "map readonly", "no");
+ lp_do_parameter(-1, "store dos attributes", "yes");
+ lp_do_parameter(-1, "create mask", "0777");
+ lp_do_parameter(-1, "directory mask", "0777");
+ }
}
/***************************************************************************
fault_configure(smb_panic_s3);
+ /*
+ * We run this check once the whole smb.conf is parsed, to
+ * force some settings for the standard way a AD DC is
+ * operated. We may changed these as our code evolves, which
+ * is why we force these settings.
+ */
+ if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
+ lp_do_parameter(-1, "passdb backend", "samba_dsdb");
+
+ lp_do_parameter(-1, "rpc_server:default", "external");
+ lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
+ lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
+ lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
+ lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
+ lp_do_parameter(-1, "rpc_server:winreg", "embedded");
+ lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
+ lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
+ lp_do_parameter(-1, "rpc_server:tcpip", "no");
+ }
+
bAllowIncludeRegistry = true;
return (bRetval);
return Globals.szPrintcapname;
if (sDefault.iPrinting == PRINT_CUPS) {
-#ifdef HAVE_CUPS
return "cups";
-#else
- return "lpstat";
-#endif
}
if (sDefault.iPrinting == PRINT_BSD)