allow insecure wide links

In normal operation the option which allows the server to follow symlinks outside of a share path is automatically disabled when are enabled on a Samba server. This is done for security purposes to prevent UNIX clients creating symlinks to areas of the server file system that the administrator does not wish to export. Setting to true disables the link between these two parameters, removing this protection and allowing a site to configure the server to follow symlinks (by setting to "true") even when is turned on. It is not recommended to enable this option unless you fully understand the implications of allowing the server to follow symbolic links created by UNIX clients. For most normal Samba configurations this would be considered a security hole and setting this parameter is not recommended. This option was added at the request of sites who had deliberately set Samba up in this way and needed to continue supporting this functionality without having to patch the Samba code.

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

allow insecure wide links
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Samba\smb_conf\allow insecure wide links
Value Nameallow insecure wide links
Value TypeREG_DWORD
Default Value0
True Value1
False Value0

samba.admx

Administrative Templates (Computers)