Introduction
Samba can be used to allow connectivity between Linux and Windows(95,98,NT,2000). Samba can be used to share printers, share directories, connect to an NT domain, and many other useful features. However, this tutorial explains the steps involved in basic configuring Samba for file and print sharing. For more complex topics, visit the Samba website or type the command
Basic Samba Information
Starting, Stopping, and Restarting Samba
Most Linux distributions come with scripts to start, stop, and restart Samba properly. If yours does not, use the commands under the Optional Commands column
Samba Log Files
All Samba actions such as login attempts and file transfers can be logged in the /var/log/samba directory. Under this directory the actions are logged by machine name. For example, all actions from the machine named “Morpheus” are logged in the file
Windows Workgroup
You can specify which Windows Network Neighborhood Workgroup your Linux machine is seen in and the description of the machine by editing the following lines in
Access Control
Using Samba with Windows NT 4.0 Service Pack 3 or higher
Samba can be configured to send plain-text passwords or encrypted passwords. The Microsoft SMB protocol originally used plain-text passwords. However, with Service Pack 3 or higher for Windows NT 4.0, they changed the protocol to use encrypted passwords. Samba must be configured for this to connect to Windows NT 4.0 machines. One way to do this is to modify the NT registry; however, if you choose this option all NT machines must be configured to use plain-text passwords which is time-consuming and might cause conflicts elsewhere. The easy way to handle this is to configure Samba to send encrypted passwords. This can be done with the following steps:
The following section is usually included in the sample
Then, just restart Samba and add the Linux printer to a Windows machine as you would any other Window’s shared printer. The printer name will be the same name specified in the
Creating a Common Share Directory for Multiple Users
You can create a share directory more than one user has permission to view. This is similar to a Linux/Unix group definition. The best way to explain this is to show an example:
This shares the directory
Connecting to a Samba Machine in Linux
To connect to a Samba machine (Windows or Linux running Samba) from the command line, execute the command (replace
If you want to pass a different username to the Samba Server, execute the command (replace
If a password is associated with the username, you will be prompted for it. Once you are authorized by the SMB protocol, you will be at a
Configuring Windows Machines
Connect to a Linux machine running Samba the same way you connect to any Windows machine – browse through Network Neighboorhood or Windows Explorer entering a password if required. Note: Windows 95/98 only prompts for a password and assumes the Windows Login name as the username. You need to either create a user on your Linux box with your Windows Login or create a Windows Login with the same username on your Linux machine. Optionally, you can have the Windows Login and password for Windows 95/98/NT/2000 be the same as your Linux Samba username and password and it will not prompt for a password. Obviously, this is a security issue if others have access to your system.
Samba can be used to allow connectivity between Linux and Windows(95,98,NT,2000). Samba can be used to share printers, share directories, connect to an NT domain, and many other useful features. However, this tutorial explains the steps involved in basic configuring Samba for file and print sharing. For more complex topics, visit the Samba website or type the command
man smb.conf on a Linux machine with Samba installed. Configuring Samba is done by editing the configuration file /etc/smb.conf that is usually located under the /etc directory. Everytime you modify this file, Samba must be restarted for the changes to take effect.Basic Samba Information
Starting, Stopping, and Restarting Samba
Most Linux distributions come with scripts to start, stop, and restart Samba properly. If yours does not, use the commands under the Optional Commands column
| Runlevel Script | Optional Command | |
| Start Samba | /etc/rc.d/init.d/samba start | /usr/sbin/smbd -D and /usr/sbin/nmbd -D |
| Stop Samba | /etc/rc.d/init.d/samba stop | killall -TERM smbd and killall -TERM nmbd |
| Restart Samba | /etc/rc.d/init.d/samba restart | killall -HUP smbd and killall -HUP nmbd |
All Samba actions such as login attempts and file transfers can be logged in the /var/log/samba directory. Under this directory the actions are logged by machine name. For example, all actions from the machine named “Morpheus” are logged in the file
/var/log/samba/log.morpheus. User actions can also be logged under two files named /var/log/log.smb and /var/log/log.nmb. This is configured in the smb.conf file using the option log file. For example, to log actions by machine name use the following line:log file = /var/log/samba/log.%mWindows Workgroup
You can specify which Windows Network Neighborhood Workgroup your Linux machine is seen in and the description of the machine by editing the following lines in
smb.conf:workgroup = WORKGROUPNAME
server string = MACHINE DESCRIPTIONAccess Control
smb.conf can be used to allow and deny access by IP addresses. This is done by listing IP addresses or subnets on the lines beginning with hosts allow and hosts deny. Examples:| Example | Explanation |
hosts allow 192.168.10.0/255.255.255.0 | Allow all hosts in the given network/netmask |
hosts allow 160.210 EXCEPT 160.210.24.56 | Allow all hosts beginning with 160.210 except 160.210.24.56 |
hosts allow 192.168.10 192.168.20 | allow all hosts beginning with 192.168.10 or 192.168.20 |
hosts deny 130.74 | deny all hosts beginning with 130.74 |
Samba can be configured to send plain-text passwords or encrypted passwords. The Microsoft SMB protocol originally used plain-text passwords. However, with Service Pack 3 or higher for Windows NT 4.0, they changed the protocol to use encrypted passwords. Samba must be configured for this to connect to Windows NT 4.0 machines. One way to do this is to modify the NT registry; however, if you choose this option all NT machines must be configured to use plain-text passwords which is time-consuming and might cause conflicts elsewhere. The easy way to handle this is to configure Samba to send encrypted passwords. This can be done with the following steps:
- Create a separate password file for Samba based on your
/etc/passwdfile. This will create Samba users for every user that already exists on your system. To do this by executing the commandcat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd. The script should be in the/usr/bindirectory or you can get it here. - Make sure only root has permission to read and write to the Samba password file with the command
chmod 600 smbpasswd. - The script does not copy the passwords. To set the Samba password for each users thus enabling their Samba accounts, use the command
smbpasswd usernamefor each user. - Edit the
smb.conffile to include the two lines
encrypt passwords = yes
smb passwd file = /etc/smbpasswd - Restart Samba with
/etc/rc.d/init.d/smb restart
The following section is usually included in the sample
smb.conf that allows printers defined in the /etc/printcap file to be shared. If not add/uncomment the following lines in smb.conf: [printers]
comment = All Printers
path = /var/spool/samba
browseable = no
Then, just restart Samba and add the Linux printer to a Windows machine as you would any other Window’s shared printer. The printer name will be the same name specified in the
/etc/printcap file such as lp.Creating a Common Share Directory for Multiple Users
You can create a share directory more than one user has permission to view. This is similar to a Linux/Unix group definition. The best way to explain this is to show an example:
[myshare]
comment = Share for John and Sam
path = /usr/share
valid users = john sam
public = no
writable = yes
printable = no
create mask = 0765
This shares the directory
/usr/share for only the users john and sam. It is writable which means both john and sam have write permissions to the shared directory. Any files/directories created in the shared directory will have the permission 0765.Connecting to a Samba Machine in Linux
To connect to a Samba machine (Windows or Linux running Samba) from the command line, execute the command (replace
MACHINENAME and sharename with the appropriate values)smbclient //MACHINENAME/sharenameIf you want to pass a different username to the Samba Server, execute the command (replace
username with your username).smbclient //MACHINENAME/sharename -U usernameIf a password is associated with the username, you will be prompted for it. Once you are authorized by the SMB protocol, you will be at a
smb: \> prompt. This is similar to an ftp session where get, put, pwd, ls, etc. can be used to navigate. Type help for a list of commands.Configuring Windows Machines
Connect to a Linux machine running Samba the same way you connect to any Windows machine – browse through Network Neighboorhood or Windows Explorer entering a password if required. Note: Windows 95/98 only prompts for a password and assumes the Windows Login name as the username. You need to either create a user on your Linux box with your Windows Login or create a Windows Login with the same username on your Linux machine. Optionally, you can have the Windows Login and password for Windows 95/98/NT/2000 be the same as your Linux Samba username and password and it will not prompt for a password. Obviously, this is a security issue if others have access to your system.
No comments:
Post a Comment