P. 1
Chapter 15

Chapter 15

|Views: 36|Likes:

More info:

Published by: ak.microsoft20056613 on Nov 26, 2008
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PPT, PDF, TXT or read online from Scribd
See more
See less





Chapter – 15 SAMBA

Objectives: At the end of this module, you would have gained fair knowledge on: •What is Samba •Configuring a Samba Server •Sharing Directories between Windows & Linux •Sharing Printers between Windows & Linux

With Samba you can share a Linux filesystem with Windows 95, 98, 2000 or NT. You can share a Windows 95, 98, or NT FAT filesystem with Linux. You can also share printers connected to either Linux or Windows 95, 98, 2000, or NT. The Samba suite of SMB protocol utilities consists of several components. The smb daemon provides the file and print service to SMB clients. The configuration for this daemon is described in smb.conf.

1. The nmbd daemon provides NetBIOS nameserving and browsing support. 2. The SMB client program smbclient implement a simple FTP-like client on a Linux or UNIX system. 3. The SMB mounting program smbmount enables mounting of server directories on a Linux or UNIX system. 4. The testparm utility allows you to test your smb.conf configuration file. 5. The smbstatus utility tells you who is currently using the smbd server

Installing Samba
You can install Samba during the Red Hat installation from the CD-ROM or later using RPM as follows. Mount the CD-ROM # # cd /mnt/cdrom/RedHat/RPMS rpm –ivh samba*

A Simple Samba Setup
Samba can be very complex, so it is important to get the simplest possible implementation of Samba running before making major configuration changes. The main configuration file smb.conf, is located in /etc/samba directory of your Red Hat Samba server. It is used by the Samba server software to determine the directories and printers to be shared and to determine security options for those directories and printers.

Testing with Linux Client
The default /etc/smaba/smb.conf should be sufficient to run a simple Samba test with a Linux client. Run the following command in the Samba server. # /etc/rc.d/init.d/smb start The above command starts the Samba server if it is not yet started. In the client side make sure that it is physically connected to your server and client can able to ping the server’s IP address. If everything is ok give the following command. # smbclient ‘//’ -U myuid

Testing with a Windows Client
Samba is what make a Linux computer show up in a Windows Network Neighborhood. For doing this edit the /etc/samba/smb.conf file and note the workgroup name = and uncomment the encrypted passwords = yes and smb passwd file = /etc/samba/smbpasswd lines. Next you have to add Samba users as follows. # touch /etc/samba/smbpasswd # smbpasswd -a myuid. The myuid is the name of the user account which is to be added with Samba. –a option is for adding a new user entry in /etc/samba/smbpasswd file. After giving the command system prompts for the supply of the password. The password, which you have given here, can be used for login from a Windows client.

It is possible to access share, which is available in a Windows machine from a Linux system, which is running Samba. For doing this do the following steps. Share the subdirectory or Drives in your Windows system. Then in the Linux Server give the following command. # smbclient –L //win95_1 The above command will display all the available shares in the system named win95_1 # smbmount //win95_1/musics /mnt/win95 or # mount -t smbfs //win95_1/music /mnt/win95

Configuring Samba
The [global] Section The global section controls parameters for the entire SMB server. It also provides defaults for the other sections: [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = DOMAIN1 Workgroup = specifies the workgroup. Try to keep it all uppercase, fewer than nine characters, and without space. All the machines connected to the Samba server should be in the same workgroup. # server string is the equivalent of the NT Description field server string = Samba Server server string = specifies a human readable string used to identify the server in the clients user interface.

; hosts allow = 192.168.1. 192.168.2. 127. If uncommented, the hosts allow = line restricts Samba access to certain subnets. Multiple subnets are separated by spaces. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes The above lines enable the sharing of the printer. # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = lprng The above line specifies the type of printing # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest

If enabled the above line defines a guest account for clients logged in as a user not known to the Samba server. # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log The above line enables a separate machine wise log file and define its path. # Put a capping on the size of the log files (in Kb). max log size = 0

# Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server # The argument list may include: # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # or to auto-locate the domain controller/s # password server = * ; password server = <NT-Server-Name> The above line defines the NT Server name where the password authentication is takes place. You can define this to authenticate your users using a NT server.

# Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 The above two lines controls non-case sensitivity. For instance, a value of 8 means the first 8 characters of the password will be compared will be compared without case sensitivity to the entered password. # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd

The [homes] Section The [homes] section allows network clients to connect to a user’s home directory on your server without having an explicit entry in the smb.conf file. When service request is made, the Samba server searches the smb.conf file for the specific section corresponding to service request. If the service is not found, Samba checks whether there is a [homes] section. If the [ homes ] section exists, the password file is searched to find the home directory for the user making the request. [homes] browseable = no writable = yes

The preceding is the simplest usable [homes] share. The browseable = no entry instructs SMB client not to list the share in a browser. However. [homes] is a special case, this will not be effective for [homes] share. If browseable = yes will display a share called homes on the clients network browser.

[homes] comment = Home Directories browseable = no read only = no path = %H/smbtree create mode = 0750

Sharing Files and Print Services
After configuring your defaults for the Samba, you can create specific shared directories limited to certain groups of peoples or available for everyone. The given below is a example share which can be added in /etc/samba/smb.conf file. [games] comment = world of games path = /usr/local/games valid users = manoj, @games browseable = yes public = no writable = yes create mode = 0700

A printer share is created by placing a print ok = yes and a printer name = in the share. Here is an example: [epson] print ok = yes printer name = dmp path = /home/everyone browseable = yes Here is a printer that is listed as epson on the client because of the browseable = yes. It prints out of printcap printer dmp. Its spool directory is /home/everyone.

Common smb.conf Options
read only, writable, writeable, write ok writable, writeable and write ok are synonyms and read only is inverted synonym for writable, writeable and write ok.Only one of this options need to specify whether a share is writeable. If this option is specified in the global section, it serves as defualt for shares. This options can overridden by the write list = option.

valid users = (S) Not specified or blank value after equal sign allows access to everyone. To limit access, place a coma delimited list of valid users after the equal sign: valid users = myuid, manoj, @aita The option gives access to users myuid, manoj and group aita. This option is overridden by the invalid users = option. invalid users = (S) This option lists the names of invalid users and groups. This list overrides any users in the valid users = option for the share

hosts allow = , hosts deny = , allow hosts =, deny hosts = hosts allow = and allow hosts = are synonym and hosts deny and deny hosts are inverted synonym for hosts allow and allow hosts. hosts allow = hosts allow = hosts allow = overrides any hosts deny = options. public = and gues ok = These two option gives the same results. The purpose of this option is to allow those without a login on the server to access a share , if set to

Using Samba as a Logon Server
Samba can be used to authenticate logon on Windows 9x, NT, and 2000 computers. Windows 2000 must have NetBIOS over TCP/IP enabled to interact with Samba. The given below is a sample smb.conf file, in which the server’s host name is mainserv, the workgroup is MYGROUP, Windows 9x clients all use encrypted passwords, and there is no WINS server or domain controller other than the Samba server:

Using Samba as a Logon Server
[global] netbios name = mainserv workgroup = MYGROUP encrypt passwords = yes wins support = yes preferred master = yes domain masters = yes domain logons = yes [homes] writeable = yes

Restart Samba and you now have a server capable of assuming the logon authentication duties for Windows 9x clients. The next step is to set up the clients and users Each user must have a valid UNIX account and a valid smbpasswd entry. Assuming the user has a valid UNIX account, setting up the smbpasswd entry is simply a matter of doing the following as root: # smbpasswd -a manoj The above command will add a smbpasswd entry for the user manoj and set a password for the user.

Check the Logon to Windows NT Domain check box, type the workgroup name of the Samba server in the Windows NT Domain text box, and check the Logon and Restore Network Connection radio button. Click OK All the way out of all dialog boxes, and answer yes when asked if you want to restart the computer.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->