05.07.01
Do you need an inexpensive yet reliable file server for your NT/2000
network? Do you need a machine that is stable and rarely, if ever,
crashes? Do you want to save a small fortune on Client Access
Licenses? Why not set up a Linux file server running Samba? It is
easy to do and it is the perfect job for that old server that is
collecting dust in the back room. Also, all of the software that you
will need is free. When it is properly set up, it will show up in
Network Neighborhood and have all of the user/group permissions that
your enterprise should need. It is extremely configurable, so that
you should be able to implement whatever security or services that
you require.
Best Wishes,
Jay
It's no Mamba, it's Samba
What is Samba? you might ask. Samba is an Open Source software (for
you native Windows guys this may come as a surprise, but this means
free) suite which provides file and print services for SMB/CIFS
clients. Samba is freely available under the GNU General Public
License which can be seen here: www.gnu.org/copyleft/gpl.html.
Samba runs on top of the SMB protocol (Server Message Block, Session
Message block, NetBIOS or LanManager protocol; depending on who you
ask).
First of all, you will need to verify that Samba is installed on your
system. As always, you will need "root" privileges for most of what
we will be doing, so go ahead and login as "root". If you are using
RedHat or a RedHat based distribution such as SuSE or Mandrake
simply enter the following command in a terminal: rpm -q samba
If Samba is installed this will return the version of Samba that is
installed. If rpm does not recognize samba, it is not installed
(again on a RedHat based system; rpm- RedHat Package Manager). For
those of you not using rpms, you can also enter the following
(although if you are using a distribution that does not support rpm
you probably know more about this than I): ps ax | grep mbd
This will tell you if the smbd and nmbd daemons, which comprise
Samba, are running. If nothing is returned try: samba start
If you receive a "command not found" error, you will have to install
Samba. Samba can be found here: samba.org
If you are doing a fresh Linux installation, you should be able to
select Samba during the installation. I cannot vouch for all
distributions, but I do know that there is an option to use file
sharing with Windows (which is Samba) during the install of RedHat
7.1, SuSE 7.0, and Mandrake 7.2. You may have to select "custom" or
"expert" install to receive this option. If you are using an older
distribution of Linux, or you simply want the latest code, go to www.samba.org. Here you can find RPMs for distributions that
support them or you can get source to compile for yourself. Simply
follow the instructions included with the documentation. FYI; RedHat
7.1, which is only a few weeks old, ships with Samba v2.07. Samba
has just released their latest version, Samba v2.20, so you may want
to upgrade; especially if you need to install Samba any way.
 Now that you have Samba installed, you will have to configure it.
There are some graphical front-ends available that will run under X
windows (such as KDE or Gnome). I have not yet tried any of these,
however, I would love to hear about any experiences that any of you
may have with such tools. Write me and let me know what you did and
how it worked for you.
Any way, the file that configures Samba is smb.conf. In RedHat (and
most other distributions), the default location is /etc/samba. You
should be able to do a "find" if that is not where it is. Ok, now
that you have found smb.conf, open it up in your favorite text
editor (I like Advanced Editor which is on the KDE2 desktop, but
that is just me).
Now, there are only a few entries that you should need to worry
about for simple file sharing, although configuring Samba can be
quite complex depending on what exactly you need it to do for you.
Most of the smb.conf file has excellent commentary on what
expressions do what, however there are many things that can be done
that are not mentioned in this file. The official documentation can
be downloaded in html and pdf formats here:
http://us4.samba.org/samba/docs/
There is an excellent "unofficial" Samba reference that can be found
here:
home.germany.net/101-69082/samba.html
The first part of smb.conf that we will be concerned with will be
the [global] section (which is also the first section in smb.conf).
The first two options that we will configure refers to the local
machines netbios name and the workgroup to which the machine
belongs. For instance the first two lines of the [global] section
might read:
workgroup = MYWORKGROUP
netbios name = SAMBASERVER
The workgroup defines the NetBIOS name of the workgroup that will be
accessing the shared files/folders. In this example the NetBIOS name
of the workgroup is "MYWORKGROUP". If you are on a domain, you will
have to see what the NetBIOS domain name is. For instance, my home
network domain name is karzz.net (don't ask where that name came
from because I do not have an answer). The workgroup name that I use
on my Samba file server is "KARZZ".
|
|
 |
|
For a sample smb.conf file with minimal security go here: NetworkNewz.com/sambaconf.txt. This is the very basic
smb.conf that I use at home. Remember, any lines that begin with ";"
or "#" are comments and do not affect the configuration. The only
connection to the outside world that I have is dial-up, so my
internal security is minimal. I am providing this file simply as an
example for basic connectivity; you will need to decide what options
you will need to implement, especially if security is a factor.
The next argument that you may or may not worry about is the "hosts
allow" argument. This line will restrict access to subnets that are
listed. For instance, if your subnet is a class C with the network
number 192.168.1.0, all that you would put on the "hosts allow" line
would be 192.168.1. At home, I do not bother with this and simply
comment out this line (place either ";" or "#" at the beginning of
the line).
The next few arguments define how Samba deals with passwords. This
is the area that most people have difficulties with. The reason that
this can be problematic is that, by default, Windows machines use
encrypted passwords (with the exception of the first release of
Windows 95). By default, Samba does not configure itself to handle
passwords. This results in connectivity problems that can be
frustrating and difficult to find if you don't know what is going on.
The next argument to look for is "security". Unless you are on a
larger network, this should be set to "user". You can also use
"server" or "domain" but you will have to define the server that
will be handling this in the "password server" field.
Next set "encrypt passwords" to "yes"; you should simply have to
uncomment that line along with the next line that reads "smb passwd
file = /etc/samba/smbpasswd". This is so that you can accommodate Windows machines that use encrypted passwords: ie. Windows 95 second
release and all versions that follow.
You will have to make user accounts on the local machine for any
users that you want to share files to. I use the KDE user manager,
"kuser", because (being the Windows guy that I am) that is the one
that I find easiest to use. If you prefer, you can use "linuxconf".
When you make your user accounts, make sure that you use the same
username and password that your users use to login to their Windows
machines. You will not be prompted for a username and password if
they are different, you will simply not be allowed access to the
share.
Once you have made your user accounts, run "smbpasswd -a username",
where "username" is a real username. This will allow you to update
the Samba password file with your new user. You will have to reenter
the password for your user (twice). Anytime that you need to change
a users password, simply run "smbpasswd username".
OK, now you need to share out directories. Look at the bottom of the
smb.conf file. There are several examples that document your options
quite nicely. They cover everything from group membership to guest
accounts and so on.
There you go, you have configured Samba. Now you will have to start
or restart Samba. Simply go to the command line an type "samba
start" or "samba restart". Any time that you make a change to
smb.conf, simply restart Samba. You do not need to reboot or
anything like that. Changes should take effect immediately.
Do you want to share a drive/folder/file on a Windows machine? At a
command prompt type (this is all one line):
mount -t smbfs -o username=administrator,
password=Foo_Bar2 //server/share /mount/point
where -t designates the file system (smbfs= Samba file system), -o
specifies options (username and password) and "//server/share" is
the share on the Windows server that you are trying to access
(administrative shares such as c$ are valid here), and
"/mount/point" is a predefined directory to use for the share. For
instance, let's say that you have made a directory "/share" on your
local Linux box. You want to access the "E:" drive on a server named
"jayserver". The username is "Foo" and the password is "Bar". Simply
type:
mount -t smbfs -o username=Foo,password=Bar
//jayserver/E/share
Advertise to thousands of network executives and more!
For ad details & prices, click... Susan@NetworkNewz.com
We at the Editorial Team would like to thank all our readers for
reading NetworkNewz. We hope you find this information useful. Be
sure to check NetworkNewz.com for more great information.
Also, questions, suggestions and comments are always welcome.
Sincerely,
Jay Fougere,
NetworkNewz Editor
| |
