Samba is an Open Source application that provides file and print services to SMB/CIFS clients and it allow interoperability between Linux/Unix servers and Windows-based clients. The current stable release of Samba is 3.5.1.
With the flexibility of Samba to provide interoperability, samba can integrate into a Windows Server Domain environment, by acting as a Primary Domain Controller or as a domain member. We can also make samba a part of an Active Directory domain too!
Features:
Samba allows file and print sharing and provide interoperability between Windows platform and Unix platform computers by providing the following:
1. Serve directory trees and printers to Linux, UNIX, and Windows clients
2. Assist in network browsing (with or without NetBIOS)
3. Authenticate Windows domain logins
4. Provide Windows Internet Name Service (WINS) name server resolution
5. Act as a Windows NT®-style Primary Domain Controller (PDC)
6. Act as a Backup Domain Controller (BDC) for a Samba-based PDC
7. Act as an Active Directory domain member server
8. Join a Windows NT/2000/2003 PDC
Install Samba
There are 3ways to install samba:
1) Installing through Yum
2)Install RPM packages
3)Build from source
Yum(Yellowdog Updater Modified)
Install through Yum is simpple. Just execute the following command to install.
#Yum install Samba
RPM Package Manager
Installing through RPM Package manager requires a bit more work. Normally we will install from the CD/DVD-ROM provided. By in any case a CD/DVD-ROM is not available, we might have to download the rpm file from online source.
a. Navigate to the source, which most like be the CD/DVD-ROM. The source CD/DVD-ROM have to be inserted first
#cd /media/RHEL_5.3\ x86\ DVD/Server
b. Install the rpm
#rpm -ivh samba*
Install from source
a. Download the source
#wget http://www.samba.org/samba/ftp/samba-3.5.1.tar.gz
b. Unzip the source
#tar -zxvf samba-3.5.1.tar.gz
c. Compile the source
#cd samba-3.5.1
#./configure
#make
#make install
Configure Firewall to allow Samba
Make sure to configure the firewall of the server in which Samba resides in. If not all incoming authentication request will be rejected by the firewall.
GUI
Go to System > Administration > Security Level and Firewall and tick Samba
Shell
Configuring Samba
There are many variations to deploy Samba, in this section share a basic configuration to allow a windows client to access a share folder in Linux
1. Preparing users and share folders
In this section, we will create the user to be use for samba. For security reasons, samba users should not have a login shell, thus creating the user with the option “-s /bin/false”. The samba users should not have any local password and we will need to use passwd command with –d option to remove the password of these users. We will also need to execute smbpasswd with –a option to add required users into samba authentication list.
For easy administration, we will create a folder here and have it bind to a group, and any samba users who are in this particular group will have access to this folder. “chgrp” is to make /var/samba/share folder to become under smbgroup and we need to modify file access level of this folder to allow users of smbgroup to be able to write into the folder by using “chmod” command.
Do note that the file access level is mutually exclusive from the “create mask” option in smb.conf.
# mkdir -p /var/smb/share
# chgrp smbgroup /var/samba/share
# chmod 5770 /var/samba/share
___________________________________________
# groupadd -g 600 smbgroup
# useradd -m -s /bin/false -g 600 smbuser
# passwd -d smbuser
Removing password for user smbuser.
passwd: Success
# smbpasswd -a smbuser2
New SMB password:
Retype new SMB password:
Added user smbuser2.
____________________________________________
2. Smb.conf
Smb.conf is the main configuration file of samba. It specifies the workgroup, the share name and path, the share access level and many more. The sample configuration specifies a group directory file sharing only scenario (no printer sharing). If you wish to enable file sharing individual samba users to connect to their home drive,
just uncomment the entire [home] section in the default smb.conf.
______________________________________________________________
# vi /etc/samba/smb.conf
# append this to the end of the file
# there is no need to create from a fresh copy of smb.conf
[share]
path = /var/samba/share
public = yes
write list = @smbgroup
create mask = 0770
writable = yes
_________________________________________________________________
The configuration above is quite straight forward. It is to create a public share on the server in the folder /var/samba/share. This writable share folder is visible to everyone, but only allows users from smbgroup to access it.
Changing the configuration is simple. If you do not want the share folder to be writable, just set writable = yes to writable = no, then restart the daemon.
3. Adding users and relate it to samba
To make the configuration work, samba users needs to be added (for non-directory scenarios). Samba users are actually normal users, but require a different password for samba.
To add users and insert it into samba user database, we can do the following:
#adduser smbuser
#passwd smbuser
#smbpasswd –a smbuser
4. Restart samba to enforce the new configuration
To force samba to use the new configuration, we need to restart samba daemon
_______________________________________________
# /etc/init.d/smb restart
________________________________________________
OR
_________________________________________________
# service smb restart
_________________________________________________
Troubleshooting Samba
Samba provides a command to trouble shoot samba set up.
TestParm
This command helps to check for errors in your configuration. When running this command, it will prompt out all errors from the configuration file.
# testparm /etc/samba/smb.conf
Smbclient
This command will probe the samba server and determines the share that the server provides. This is a good troubleshooting command which does not require an actual client for testing.
# smbclient –L server1
Nmblookup
This command acts like nslookup, except it does a bit more by checking whether or not the client component has been install correctly. This command can be use for both server and clients
# nmblookup –B server1
Accessing Samba Share from Windows client
In the earlier sample, we created a share using samba to allow smbuser to access the share folder from any of the internal network. In this section we will look at how to connect to the Linux server from Windows.
Setup drive letter on windows so that can easily access these files.
1.Provide the client computer the required credential to use for the share
a.Start -> run -> type “cmd” and press Enter
At the prompt type the following:
net use z: \\ip_of_your_samba_server\share/user: smbuser
2.Map the network drive
a.In Windows Explore, under Tools > Map network drive, set the drive letter and the share of the Linux Share
3. Navigate to the folder
