Samba server configuration


Published on

A description of how to configure SAMBA on Redhat Linux and implement file/printer sharing...

Published in: Technology
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Samba server configuration

  1. 1. Presented by- Rohit Phulsunge ( VII sem CSE)
  2. 3. <ul><ul><li>Samba is a suite of open-source applications that support the Server Message Block (SMB) and Common Internet File System (CIFS) protocols used by Microsoft operating Systems. This allows the Samba applications to interface into Microsoft networks to provide interoperability across normally different networking systems. </li></ul></ul><ul><ul><li>In other words, Samba enabled UNIX machine can masquerade as a server on your Microsoft network and offer the services. The package required for samba server is “samba”. </li></ul></ul>
  3. 4. Three prime reasons to use samba server <ul><li>File and Printer Sharing Services . Using the Server Message Block (SMB) protocol to facilitate the sharing of files, folders, volumes, and the sharing of printers throughout the network. </li></ul><ul><li>Directory Services . Sharing vital information about the computers and users of the network with such technologies as the Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory®. </li></ul><ul><li>Authentication and Access . Establishing the identity of a computer or user of the network and determining the information the computer or user is authorized to access using such principles and technologies as file permissions, group policies, and the Kerberos authentication service. </li></ul>
  4. 5. How samba actually works? <ul><li>Samba server simulates a window domain server; however as seen it actually works just as a workgroup. As a matter of fact, it is defaulted to a workgroup. </li></ul>
  5. 6. To share /shares/ through samba <ul><li>Run rpm -q samba samba-common samba-client to confirm the samba, samba-common, and samba-client packages are installed (version numbers may differ): </li></ul><ul><li>$ rpm -q samba samba-common </li></ul><ul><li>samba-client samba-3.4.0-0.41.el6.3.i686 </li></ul><ul><li>samba-common-3.4.0-0.41.el6.3.i686 </li></ul><ul><li>samba-client-3.4.0-0.41.el6.3.i686 </li></ul><ul><li> If any of these packages are not installed, install them by running yum install package-name as the root user. </li></ul><ul><li>Edit /etc/samba/smb.conf as the root user. Add the following entry to the bottom of this file to share the /shares/ directory through Samba: </li></ul><ul><li>[shares] comment = Documents for Apache HTTP Server, FTP, rsync, and Samba </li></ul><ul><li>path = /shares </li></ul><ul><li> public = yes </li></ul><ul><li>writeable = no </li></ul><ul><li>A Samba account is required to mount a Samba file system. Run smbpasswd -a username as the root user to create a Samba account, where username is an existing Linux user. For example, smbpasswd -a testuser creates a Samba account for the Linux testuser user: </li></ul><ul><li># smbpasswd -a testuser New SMB password: Enter a password Retype new SMB password: Enter the same password again Added user testuser. Running smbpasswd -a username , where username is the username of a Linux account that does not exist on the system, causes a Cannot locate Unix account for ' username '! error. </li></ul>
  6. 7. <ul><li>Run service smb start as the root user to start the Samba service: </li></ul><ul><li>service smb start Starting SMB services: [ OK ] </li></ul><ul><li>Run smbclient -U username -L localhost to list the available shares, where username is the Samba account added in step 3. When prompted for a password, enter the password assigned to the Samba account in step 3 (version numbers may differ): </li></ul><ul><li>$ smbclient -U username -L localhost Enter username 's password: Domain=[ HOSTNAME ] OS=[Unix] Server=[Samba 3.4.0-0.41.el6] Sharename Type Comment --------- ---- ------- shares Disk Documents for Apache HTTP Server, FTP, rsync, and Samba IPC$ IPC IPC Service (Samba Server Version 3.4.0-0.41.el6) username Disk Home Directories Domain=[ HOSTNAME ] OS=[Unix] Server=[Samba 3.4.0-0.41.el6] Server Comment --------- ------- Workgroup Master --------- ------- </li></ul><ul><li>Run mkdir /test/ as the root user to create a new directory. This directory will be used to mount the shares Samba share. </li></ul><ul><li>Run the following command as the root user to mount the shares Samba share to /test/, replacing username with the username from step 3: </li></ul><ul><li>mount //localhost/shares /test/ -o user= username Enter the password for username , which was configured in step 3. </li></ul><ul><li>Run cat /test/index.html to view the file, which is being shared through Samba: </li></ul><ul><li>$ cat /test/index.html <html> <body> <p>Hello</p> </body> </html> </li></ul>
  7. 8. From where it can be accessed? <ul><li>Samba can be accessed from any windows system. Depending on the version of windows, security risk is involved. </li></ul><ul><li>If improvement of securities at system level is desired, setting up samba server in Windows NT, Windows 2k pro or XP pro. </li></ul><ul><li>For windows 2000 and XP: </li></ul><ul><ul><li>Disable Domain member: Digitally encrypt or sign secure channel data </li></ul></ul><ul><ul><li>Disable Domain member: Digitally sign secure channel data( when possible) </li></ul></ul><ul><ul><li>This is done through Security settings=> Local Policies => Security Options </li></ul></ul><ul><li>For LINUX/UNIX based O/S: </li></ul><ul><ul><li>Samba’s main configuration file resides in /etc/samba/smb.conf in most flavours of LINUX. </li></ul></ul>
  8. 9. Packages required for Samba <ul><li>samba-3.0.28-0.el5.8.i386.rpm </li></ul><ul><li>samba-client-3.0.28-0.el5.8.i386.rpm </li></ul><ul><li>samba-common-3.0.28-0.el5.8.i386.rpm </li></ul><ul><li>samba-swat-3.0.28-0.el5.8.i386.rpm </li></ul><ul><li>system-config-samba-1.2.39-1.el5.noarch </li></ul><ul><li>Note: All the packages mentioned above are for redhat linux version 5.2 </li></ul>
  9. 10. Commands to start, restart and stop samba server <ul><li>[root@server2 root]# service smb start </li></ul><ul><li>[root@server2 root]# service smb restart </li></ul><ul><li>[root@server2 root]# service smb stop </li></ul><ul><li>Note: Here server2 is mostly localhost machine. </li></ul>
  10. 11. Important note before modifying smb.conf <ul><li>Before updating and / or modifying smb.conf make sure you have a backup copy of smb.conf otherwise samba services would never run in subsequent tests. </li></ul>
  11. 12. Smb.conf Analysis <ul><li>It has the following sections:- </li></ul><ul><li>1) Global </li></ul><ul><li>2) Printer </li></ul><ul><li>3) Logs </li></ul><ul><li>4) Host allowed to connect to this server </li></ul><ul><li>5) Browser control and networking options </li></ul><ul><li>6) Security </li></ul><ul><li>7) Password </li></ul><ul><li>8) Private home </li></ul>
  12. 13. <ul><li>1) [Global] </li></ul><ul><li>Here is where you declare the group name, the NetBios name; how you want this to appear in network neighbourhood- the default is set to host name. </li></ul><ul><li>workgroup= MDKGROUP </li></ul><ul><li>netbios name= xxxx </li></ul><ul><li>Server string = Samba Server %v </li></ul><ul><li>2) [Printer] </li></ul><ul><li>This section enables your printer for samba, required if you need to print any printer connected to Linux Box. </li></ul><ul><li>Printcap name=lpstat </li></ul><ul><li>Load printers = yes </li></ul><ul><li>Printing =cups </li></ul><ul><li>3) [Logs] </li></ul><ul><li>Enables logging for each machine that connects to samba server </li></ul><ul><li>Log file=/var/log/samba/log.%m </li></ul><ul><li>Max log size=50 </li></ul>
  13. 14. <ul><li>4) [Host that are allowed to connect to this server] </li></ul><ul><li>Enter single hosts here if you need it per host or a subnet mask. </li></ul><ul><li>hosts allow = </li></ul><ul><li>5) [Browser control and networking options] </li></ul><ul><li>You may also use per interfaces, note that each interface represents a complete network(subnet). </li></ul><ul><li>Interfaces= </li></ul><ul><li>6) [Security] </li></ul><ul><li>Uncomment this line to enable security mode (user level) </li></ul><ul><li>security=user </li></ul><ul><li>7) [Password] </li></ul><ul><li>Enable the password restriction, forcing it to be number of characters required, as well as the username. Password must be encrypted. </li></ul><ul><li>password level=8 </li></ul><ul><li>username level=8 </li></ul><ul><li>encrypt password = yes </li></ul><ul><li>smb passwd file= /etc/samba/smbpasswd </li></ul><ul><li>8) [Private home] </li></ul>
  14. 15. Server side configuration <ul><li>#vi/etc/samba/smb.conf ( configuration file of samba server) </li></ul><ul><li>Entry of the file as below: </li></ul><ul><li>Global options: </li></ul><ul><li>Workgroup=mygroup //This should match your windows workgroup </li></ul><ul><li>Hosts allow=192.168.1 //This will allow only the networks 192.168.1 to access the services </li></ul><ul><li>Serverstring= Samba Server running on RHEL 4 // Comment that will be displayed in Network Neighbourhood </li></ul><ul><li>Directory Sharing Options: </li></ul><ul><li>[database] </li></ul><ul><li>Share name which will be displayed in Network Neighbourhood. </li></ul>
  15. 16. <ul><li>Comment = Access files stored on Samba Server </li></ul><ul><li>Comment displayed in Network Neighbourhood </li></ul><ul><li>Path =/database </li></ul><ul><li>Path of the directory associated with the share </li></ul><ul><li>Valid users =rohit mohit </li></ul><ul><li>Name of the users who can access the share. </li></ul><ul><li>Public = no </li></ul><ul><li>Specify whether guest user can access the share or not. </li></ul><ul><li>Writable = yes </li></ul><ul><li>Specify whether the shared directory is writable or not. </li></ul><ul><li>Browseable = yes </li></ul><ul><li>Specify whether the directory should be viewable in Neighbourhood. </li></ul>
  16. 17. <ul><li>:wq </li></ul><ul><li>(meant for saving and quitting) </li></ul><ul><li># service smb start </li></ul><ul><li>(meant for starting the samba service once the configuration file has been modified with appropriate changes) </li></ul><ul><li>#chkconfig smb on </li></ul><ul><li>( meant for checking whether the samba server service has started or not) </li></ul><ul><li>#smbpassd –a rohit </li></ul><ul><li>( password for the user on the samba server, user rohit is the user of windows system and my password should match to that of windows) </li></ul>
  17. 18. Client side configuration <ul><li>1) For Linux client </li></ul><ul><li>#smbclient//winstation1/data –U rohit </li></ul><ul><li>This will be given an smb prompt as follows. </li></ul><ul><li>smb:> get ( to download the file ) </li></ul><ul><li>smb:> put ( to upload the file ) </li></ul><ul><li>smb:> exit ( to quit the session ) </li></ul><ul><li>2) For windows client </li></ul><ul><li>Create the same user with the same password that you created on Linux server and create the same workgroup as you mentioned in Linux server. After this view workgroup and you will see the workgroup that you mentioned in Linux server. Open the workgroup by providing username and password and open the content that you share from your samba server. </li></ul>
  18. 19. Advantages of SAMBA server <ul><li>Free and open source </li></ul><ul><li>Portable across multiple platforms </li></ul><ul><li>Allows for easier networking of Windows workstations to computers running other platforms. </li></ul>
  19. 20. Disadvantages of SAMBA server <ul><ul><li>Smb is still developing. </li></ul></ul><ul><ul><li>Maintaining compatibility with Microsoft’s implementation is a constant battle. </li></ul></ul><ul><ul><li>Threat of legal action against commercial users of Samba from Microsoft. </li></ul></ul>
  20. 21. Problems faced while configuration <ul><li>First of all you have to make sure that the Samba server is running; and of course that all your network connections are active and functional, otherwise you will be wasting your time trying out why something is not working. </li></ul><ul><li>If the server is not running at boot time use the services control panel to set it- run at boot time. </li></ul><ul><li>A single error even that of space or indentation in the smb.conf file will make the file unreadable and an error message is displayed soon after. </li></ul>