Samba 17
Transcript of Samba 17
-
7/28/2019 Samba 17
1/11
17.2. Configuring a Samba Server
The default configuration file (/etc/samba/smb.conf) allows users to view their Red
Hat Linux home directories as a Samba share. It also shares any printers configured for
the Red Hat Linux system as Samba shared printers. In other words, you can attach aprinter to your Red Hat Linux system and print to it from the Windows machines on your
network.
17.2.1. Graphical Configuration
To configure Samba using a graphical interface, use the Samba Server ConfigurationTool. For command line configuration, skip to Section 17.2.2 Command LineConfiguration.
The Samba Server Configuration Tool is a graphical interface for managing Samba
shares, users, and basic server settings. It modifies the configuration files in the/etc/samba/ directory. Any changes to these files not made using the application are
preserved.
To use this application, you must be running the X Window System, have root privileges,
and have the redhat-config-samba RPM package installed. To start the Samba Server
Configuration Tool from the desktop, go to the Main Menu Button (on the Panel) =>
System Settings => Server Settings => Samba Server or type the command redhat-
config-samba at a shell prompt (for example, in an XTerm or a GNOME terminal).
Figure 17-1. Samba Server Configuration Tool
Note
The Samba Server Configuration Tool does not display shared printers or the
default stanza that allows users to view their own home directories on the Samba
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-CONFIGURING-CMDLINEhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-CONFIGURING-CMDLINEhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-CONFIGURING-CMDLINEhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-CONFIGURING-CMDLINEhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-CONFIGURING-CMDLINE -
7/28/2019 Samba 17
2/11
server.
17.2.1.1. Configuring Server Settings
The first step in configuring a Samba server is to configure the basic settings for theserver and a few security options. After starting the application, select Preferences =>
Server Settings from the pulldown menu. The Basic tab is displayed as shown in Figure
17-2.
Figure 17-2. Configuring Basic Server Settings
On the Basic tab, specify which workgroup the computer should be in as well as a brief
description of the computer. They correspond to the workgroup and server string
options in smb.conf.
Figure 17-3. Configuring Security Server Settings
The Security tab contains the following options:
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#FIG-SAMBA-BASIChttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#FIG-SAMBA-BASIChttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#FIG-SAMBA-BASIChttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#FIG-SAMBA-BASIC -
7/28/2019 Samba 17
3/11
Authentication Mode This corresponds to the security option. Select one of
the following types of authentication.
o Domain The Samba server relies on a Windows NT Primary or Backup
Domain Controller to verify the user. The server passes the username and
password to the Controller and waits for it to return. Specify the NetBIOS
name of the Primary or Backup Domain Controller in the AuthenticationServer field.
The Encrypted Passwords option must be set to Yes if this is selected.
o Server The Samba server tries to verify the username and password
combination by passing them to another Samba server. If it can not, theserver tries to verify using the user authentication mode. Specify the
NetBIOS name of the other Samba server in the Authentication Server
field.
o Share Samba users do not have to enter a username and password
combination on a per Samba server basis. They are not prompted for ausername and password until they try to connect to a specific shareddirectory from a Samba server.
o User (Default) Samba users must provide a valid username and
password on a per Samba server basis. Select this option if you want the
Windows Username option to work. Refer to Section 17.2.1.2ManagingSamba Users for details.
Encrypt Passwords (Default value is Yes) This option must be enabled if the
clients are connecting from a Windows 98, Windows NT 4.0 with Service Pack 3,
or other more recent versions of Microsoft Windows. The passwords aretransfered between the server and the client in an encrypted format instead of in as
a plain-text word that can be intercepted. This corresponds to the encrypted
passwords option. Refer to Section 17.2.3Encrypted Passwords for more
information about encrypted Samba passwords.
Guest Account When users or guest users log into a Samba server, they must
be mapped to a valid user on the server. Select one of the existing usernames on
the system to be the guest Samba account. When guests logs in to the Sambaserver, they have the same privileges as this user. This corresponds to the guest
account option.
After clicking OK, the changes are written to the configuration file and the daemon is
restart; thus, the changes take effect immediately.
17.2.1.2. Managing Samba Users
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S3-SAMBA-GUI-USERShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S3-SAMBA-GUI-USERShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S3-SAMBA-GUI-USERShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-ENCRYPTED-PASSWORDShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-ENCRYPTED-PASSWORDShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-ENCRYPTED-PASSWORDShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S3-SAMBA-GUI-USERShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S3-SAMBA-GUI-USERShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html#S2-SAMBA-ENCRYPTED-PASSWORDS -
7/28/2019 Samba 17
4/11
The Samba Server Configuration Tool requires that an existing user account be active
on the Red Hat Linux system acting as the Samba server before a Samba user can be
added. The Samba user is associated with the existing Red Hat Linux user account.
Figure 17-4. Managing Samba Users
To add a Samba user, select Preferences => Samba Users from the pulldown menu, and
click the Add User button. On the Create New Samba User window select a Unix
Username from the list of existing users on the local system.
If the user has a different username on a Windows machine and will be logging into the
Samba server from the Windows machine, specify that Windows username in theWindows Username field. The Authentication Mode on the Security tab of the Server
Settings preferences must be set to User for this option to work.
Also configure a Samba Password for the Samba User and confirm the Samba Password
by typing it again. Even if you select to use encrypted passwords for Samba, it is
recommended that the Samba passwords for all users are different from their Red HatLinux system passwords.
To edit an existing user, select the user from the list, and clickEdit User. To delete an
existing Samba user, select the user, and click the Delete User button. Deleting a Samba
user does not delete the associated Red Hat Linux user account.
The users are modified immediately after clicking the OKbutton.
17.2.1.3. Adding a Share
-
7/28/2019 Samba 17
5/11
Figure 17-5. Adding a Share
To add a share, click the Add button. The Basic tab configures the following options:
Directory The directory to share via Samba. The directory must exist.
Descriptions A brief description of the share.
Basic Permissions Whether users should only be able to read the files in the
shared directory or whether they should be able to read and write to the shareddirectory.
On the Access tab, select whether to allow only specified users to access the share or
whether to allow all Samba users to access the share. If you select to allow access tospecific users, select the users from the list of available Samba users.
The share is added immediately after clicking OK.
17.2.2. Command Line Configuration
Samba uses /etc/samba/smb.conf as its configuration file. If you change this
configuration file, the changes do not take effect until you restart the Samba daemon withthe command service smb restart.
To specify the Windows workgroup and a brief description of the Samba server, edit the
following lines in yoursmb.conf file:
workgroup = WORKGROUPNAMEserver string = BRIEF COMMENT ABOUT SERVER
Replace WORKGROUPNAMEwith the name of the Windows workgroup to which this
machine should belong. The BRIEF COMMENT ABOUT SERVER is optional and is used as
the Windows comment about the Samba system.
-
7/28/2019 Samba 17
6/11
To create a Samba share directory on your Linux system, add the following section to
yoursmb.conf file (after modifying it to reflect your needs and your system):
[sharename]comment = Insert a comment herepath = /home/share/
valid users = tfox carolepublic = nowritable = yesprintable = nocreate mask = 0765
The above example allows the users tfox and carole to read and write to the directory
/home/share, on the Samba server, from a Samba client.
17.2.3. Encrypted Passwords
In Red Hat Linux 9 encrypted passwords are enabled by default because it is more secure.If encrypted passwords are not used, plain text passwords are used, which can be
intercepted by someone using a network packet sniffer. It is recommended that encryptedpasswords be used.
The Microsoft SMB Protocol originally used plaintext passwords. However, Windows
NT 4.0 with Service Pack 3 or higher, Windows 98, Windows 2000, Windows ME, and
Windows XP require encrypted Samba passwords. To use Samba between a Red HatLinux system and a system running one of these Windows operating systems, you can
either edit your Windows registry to use plaintext passwords or configure Samba on your
Linux system to use encrypted passwords. If you choose to modify your registry, you
must do so for all your Windows machines this is risky and may cause furtherconflicts. It is recommended that you use encrypted passwords for better security.
To configure Samba on your Red Hat Linux system to use encrypted passwords, follow
these steps:
1. Create a separate password file for Samba. To create one based on your existing
/etc/passwd file, at a shell prompt, type the following command:cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd
2. If the system uses NIS, type the following command:
ypcat passwd | mksmbpasswd.sh > /etc/samba/smbpasswd3. The mksmbpasswd.sh script is installed in your/usr/bin directory with the
samba package.
4. Change the permissions of the Samba password file so that only root has read andwrite permissions:
chmod 600 /etc/samba/smbpasswd
-
7/28/2019 Samba 17
7/11
-
7/28/2019 Samba 17
8/11
/sbin/service smb start
Stop the daemon with the following command:
/sbin/service smb stop
To start the smb service at boot time, use the command:
/sbin/chkconfig --level 345 smb on
You can also use chkconfig, ntsysv or the Services Configuration Tool to configure
which services start at boot time. Refer to Chapter 14 Controlling Access to Services fordetails.
17.3. Connecting to a Samba Share
To connect to a Linux Samba share from a Microsoft Windows machine, use Network
Neighborhood or the graphical file manager.
To connect to a Samba share from a Linux system, from a shell prompt, type the
following command:
smbclient //hostname/sharename -U username
Replace hostname with the hostname or IP address of the Samba server you want to
connect to, sharename with the name of the shared directory you want to browse, and
username with the Samba username for the system. Enter the correct password or press
[Enter] if no password is required for the user.
If you see the smb:\> prompt, you have successfully logged in. Once you are logged in,
type help for a list of commands. If you wish to browse the contents of your home
directory, replace sharename with your username. If the -U switch is not used, the
username of the current user is passed to the Samba server.
To exit smbclient, type exit at the smb:\> prompt.
You can also use Nautilus to view available Samba shares on your network. Select Main
Menu Button (on the Panel) => Network Servers to view a list of Samba workgroupson your network. You can also type smb: in the Location: bar of Nautilus to view the
workgroups.
As shown in Figure 17-6, an icon appears for each available SMB workgroup on thenetwork.
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-services.htmlhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-services.htmlhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-services.htmlhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-connect-share.html#FIG-SAMBA-NAUTILUS-WORKGROUPShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-services.htmlhttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-connect-share.html#FIG-SAMBA-NAUTILUS-WORKGROUPS -
7/28/2019 Samba 17
9/11
Figure 17-6. SMB Workgroups in Nautilus
Double-click one of the workgroup icons to view a list of computers within the
workgroup.
-
7/28/2019 Samba 17
10/11
Figure 17-7. SMB Machines in Nautilus
As you can see from Figure 17-7, there is an icon for each machine within the
workgroup. Double-click on an icon to view the Samba shares on the machine. If ausername and password combination is required, you are prompted for them.
Alternately, you can also specify a username and password combination in the Location:
bar using the following syntax (replace user,password, servername, and sharename
with the appropriate values):
smb://user:password@servername/sharename/
17.4. Additional ResourcesFor configuration options not covered here, please refer to the following resources.
17.4.1. Installed Documentation
smb.conf man page explains how to configure the Samba configuration file
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-connect-share.html#FIG-SAMBA-NAUTILUS-MACHINEShttp://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-connect-share.html#FIG-SAMBA-NAUTILUS-MACHINES -
7/28/2019 Samba 17
11/11
smbd man page describes how the Samba daemon works
/usr/share/doc/samba-/docs/ HTML and text help
files included with the samba package
17.4.2. Useful Websites
http://www.samba.org The Samba Web page contains useful documentation,
information about mailing lists, and a list of GUI interfaces.
http://www.samba.org/http://www.samba.org/