Installs and configures Samba client or server.
- Debian / Ubuntu derivatives
- RedHat and derivatives
If you would like support for your preferred platform. Please think about creating a Vagrant Box and adding test platforms
- Chef 12.15+
- Does not integrate with LDAP/AD.
- Uses plaintext passwords for the user resource to create the SMB users if the password backend is tdbsam or smbpasswd. See below under usage.
- Creates & manages the system user. The creation of the user is the trigger for smbpasswd.
Installs the samba client to provide access to SMB shares.
Sets up a Samba server. See below for more information on configurables.
This cookbook includes a resource/provider for managing samba users with the smbpasswd program. It will create the users home directory, and manage the user.
The creation of the user is the trigger for smbpasswd management.
The basis of this resource is the Core user resource.
samba_user 'jtimberman' do password 'plaintextpassword' # user password for samba and the system comment 'user_name_comment' home '/home/jtimberman' # Users home. shell '/bin/zsh' # User shell to set, e.g. /bin/sh, /sbin/nologin manage_home true # true/false, whether to manage the users home directory location end
This resource can only create, enable or delete the user. It only supports setting the user's initial password. It assumes a password db backend that utilizes the smbpasswd program.
This will enforce the user system password set by the resource.
samba_server 'samba server' do workgroup # The SMB workgroup to use, default "SAMBA". interfaces # Interfaces to listen on, default "lo 127.0.0.1". hosts_allow # Allowed hosts/networks, default "127.0.0.0/8". bind_interfaces_only # Limit interfaces to serve SMB, default "no" load_printers # Whether to load printers, default "no". passdb_backend # Which password backend to use, default "tdbsam". dns_proxy # Whether to search NetBIOS names through DNS, default "no". security # Samba security mode, default "user". map_to_guest # What Samba should do with logins that don't match Unix users, default "Bad User". socket_options # Socket options, default "`TCP_NODELAY`" config_file # Location of Samba configuration, see resource for platform default log_dir # Location of Samba logs, see resource for platform default realm # Kerberos realm to use, default: '' password_server # Use a specific remote server for auth, default: '' encrypt_passwords # Whether to negotiate encrypted passwords, default: yes kerberos_method # How kerberos tickets are verified, default: secrets only log_level # Sets the logging level from 0-10, default: 0 winbind_separator # Define the character used when listing a username of the form of DOMAIN \user, default \ idmap_config # Define the mapping between SIDS and Unix users and groups, default: none max_log_size # Maximum log file size, default: 5000, (5MB) options # list of additional options, e.g. 'unix charset' => 'UTF8'. end
samba_share 'Share Name' do comment guest_ok # yes, no printable # yes, no write_list # An array of Unix users create_mask # e.g. 0644 directory_mask # e.g. 0700 read_only # yes, no, default no create_directory # Whether to create the directory being served, default true valid_users # space separated users or group, default '' force_group # Assign Unix group as default primary, default '' browseable # yes, no default: yes options # list of additional options, e.g. 'inherit permissions' => 'yes' path # String for the path of directory to be served. Required. end
samba::default recipe includes
samba::client, which simply installs smbclient package.
Create a cookbook with the
share resources as if you were using any other Chef resource.
For examples see the
Unfortunately, smbpasswd does not take a hashed password as an argument - the password is echoed and piped to the smbpasswd program. This is a limitation of Samba.
Copyright 2010-2016, Chef Software, Inc.
Copyright 2017, Webb Agile Solutions Ltd.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.