[Home] [Resume] [Work Responsibilities] [Search Page] [IT Menu]
Samba, like Apache, has become a standard part of nearly every Linux distribution in production today. Samba allows your Linux computer to "speak Windows" across the network, so to speak. Using Samba, you can network your Linux box and your Windows computer(s) together seamlessly.The goal of this article is to get a basic Samba installation running between a Linux box and one or several Windows boxes. We want to give each Windows user the ability to see their Linux home directory across the network and to print to a printer connected to the Linux machine. The goal is just to get Linux to serve files to and accept print jobs from Windows machines.
Samba Contents
Before starting to muck about with Samba, a network of some sort must be in place between the Linux box and the Windows box(es) in question. Follow these steps if you haven't already got such a network in place. Note that we're assuming here that if you're not already on a network, you're probably going to want to create a small private network to connect your Windows and Linux boxes together.
Before doing anything else, choose a "workgroup" name for your small private network. This is the virtual group to which all of the machines on your network will belong. For this example, we'll use the workgroup "LEARNSAMBA" to communicate.
Next, choose an IP number and a host name for each box. There are two network segments which are 'reserved' for private use: they are 10.0.0.0 and 192.168.0.0. So, for example, chose 192.168.1.1 and "linuxboy" for your Linux box, 192.168.1.2 and "winboy-a" for your first Windows box, 192.168.1.3 and "winboy-b" for your second Windows box, and so forth.
Once each box has an IP number and a host name, configure each box to use this information. On the Linux box, this means using your distribution's network administration tools to configure the ethernet adapter and host name. In this example, you'd tell Linux that the machine is 192.168.1.1 with a netmask of 255.255.255.0 and that "linuxboy" is the host name for the machine. This configuration can also be done by hand, but it's tedious and much more complicated, so it behooves you at this point to learn about your Linux distribution's system administration tools.
On the Windows boxes, follow these instructions:
Once all of these steps has been taken care of, the hosts files on each machine will need to be edited. On the Windows machines, we need to create or edit the "C:\WINDOWS\HOSTS" file to contain one line for each machine and its IP number, like this:
192.168.1.1 linuxboy 192.168.1.2 winboy-a 192.168.1.3 winboy-b
The same lines should be added to the end of the "C:\WINDOWS\LMHOSTS" file. Again, if the file doesn't yet exist, it should be created.
On the Linux box, similar changes need to be made. First, edit the "/etc/hosts" file to contain the lines listed above. Then, edit the "lmhosts" file in your Samba configuration directory (normally "/etc/samba.d" is the location) to map the Windows-style name of each machine to the LINUX-style name. In most cases, the file looks quite silly, since the two names are the same. For this example, we'll add the following lines to the "/etc/samba.d/lmhosts" file:
linuxboy linuxboy winboy-a winboy-a winboy-b winboy-b
Silly, but necessary. Once these changes have been made to all systems involved, reboot all of the machines and see if you can now talk between them. The best way to test this is to try to "ping around" the network. Log into "linuxboy" and try this:
ping -c 3 winboy-a ping -c 3 winboy-b
Then, start an MS-DOS window on each of the Windows machines and try this:
(from the first windows machine:)
ping linuxboy ping winboy-b
(from the second windows machine:)
ping linuxboy ping winboy-a
If you are able to successfully "ping around" to and from all machines on the network, you're ready to go on to installing and configuring Samba. If not, it's time to troubleshoot. Go over all of the steps above closely and ensure that you got them right. Check your network cabling, your hub, or if necessary, your termination to make sure that everything is working correctly. Networking can be a tricky science to master at first, since there are so many variables, but usually prolonged periods of perseverance can fix the problems you'll find.
Samba Contents
Very few Linux users will actually need to visit the Samba home page to download it, since most Linux users will find a copy of Samba either installed on their system already or on their distribution CD.
To see if Samba is already installed, look for one of the following files:
/usr/sbin/smbd
/sbin/smbd
/usr/bin/smbd
/usr/local/sbin/smbd
The smbd daemon is the part of samba which takes care of file and print sharing. The other major Samba component is nmbd, which handles the NetBIOS-style naming conventions and other mundane tasks. If smbd and nmbd are already present on your hard drive (they will usually be in the same directory), then you're ready to roll.
If they're not already installed, try browsing through the packages on your distribution CD. Try the following command if you're not sure how to go about browsing the CD once you've mounted it:
find /cdrom /mnt/cdrom -name 'samba*' -print
You should see a package (a file ending in .rpm, .deb, or tgz in most cases) which begins with the name samba and then contains a bunch of version information. Install this package using your package installer, and proceed to the next section. If you're not sure how to use your packaging utility, try the following commands:
man rpm # for Red Hat users man dpkg # for Debian users man pkgtool # for Slackware users
If in doubt, most users will probably find that the rpm packaging utility is the one installed on their system.
The samba package was not installed with my original installation and it had to be located from the installation disk. It was located in the /cdrom/slakware/n9/samba.tgz.
The command installpkg samba.tgz was used to install the samba package on my system
Samba Contents
Nearly all Samba configuration is done via the "smb.conf" file, which is generally found in the "/etc/samba.d" directory. If you can't find this directory, try to locate the Samba files like this:
locate smb.conf.sample
Mine was found in the /etc directory.
Once you've located the Samba configuration directory, visit it and create a new "smb.conf" file for the network we're working with. The easiest way to edit an "smb.conf" file by hand is with an editor such as emacs or vi. There isn't too much configuring to do for our basic setup; we just want enough functionality to allow us to browse some filesystem shares on the Linux box and to use the Linux box printers over the network.
If you would like to understand the file as we build it, print out a copy of the "smb.conf.sample" file and follow along in it as we build an "smb.conf" for our small network. Or, try looking at the manual page for Samba configuration:
man 5 smb.conf
Samba Contents
The "smb.conf" file resembles in some way the common Windows ".ini" file format in that it is broken up into a number of sections, each one beginning with a section title enclosed in brackets. The first section with which we'll concern ourselves (and the first section in the sample configuration file we've adopted) is the "[global]" section, so we add that key to the file:
[global]
The first two options to configure will identify the Linux box to the other machines on the network. The options in question are the "workgroup" and "server string" options. Note that while the server string is just a description of the Linux machine, the workgroup must match the workgroup name being used by the other machines on our small peer-style network:
workgroup = LEARNSAMBA
server string = Linuxboy the Samba Basics Linux Box
Next, some small security issues. Since we don't want anyone outside the network to be able to access our Linux Samba server, we need to configure some access permission. We only want to allow hosts from our network to connect. Also, in the case of our Linux box, we'd like use Unix-style authentication, which gives access or denies access based on a username/password pair, rather than associating a password with each shared resource:
hosts allow = 192.168.1. 127.
security = user
The 127.0.0.0 network is reserved for loopback (a sort of "test network" for each machine), so we allow it as well.
We also want to specify a log file for Samba to use in keeping track of activity and problems on the network:
log file = /var/log/samba.log
If you'd like a separate log for information about each machine on the network, use something similar to this:
log file = /var/log/samba.log.%m
The "%m" in this case will expand to the name of the connecting machine each time a log entry is to be made.
Now, some printing options. We want our Linux box to be able to accept print jobs from our Windows machines, so we tell Samba to allow printing to occur across the network. We also tell samba how to find our printer and a little bit about our Linux print system:
load printers = yes
printcap name = /etc/printcap
printing = lprng
These options assume that the Linux box uses the "LPRng" print system and that "/etc/printcap" is the printer definitions file. If your Linux distribution is different, you may need to alter these options slightly.
Now, for a couple of troublesome but necessary options. Early Windows 95 machines were able to deal with unencrypted passwords, but later versions of Windows 95 and all Windows 98 machines want only encrypted passwords to be sent across the network. This is a more secure method for doing things anyway, but it'll require a little more work later on. For now, we need to add two options to our "smb.conf" file dealing with this problem:
encrypt passwords = yes
smb passwd file = /etc/samba.d/smbpasswd
Note that you should change the location of the password file to match the location of your "smb.conf" file. Note also that while most distributions ship an encryption-ready Samba binary, those of you downloading and compiling Samba yourself may need to download and compile some extra software to take advantage of encrypted passwords. More on this later. For the moment, let's finish configuring our "smb.conf" file.
We're pretty much done with the "[global]" section, though there are many more options to work with when necessary. Now we move on to the "[homes]" section of our file, which will control the sharing of users' home directories. We want every user with a home directory on "linuxboy" to be able to access that home directory from either of the Windows machines, so we add he following lines to the file:
[homes]
comment = Home Directories
browseable = yes
read only = no
create mask = 0750
Finally, we're going to add a "[printers]" section to our "smb.conf" file to give a little bit more information about the printers we're going to be using across the network. Since this is a small network, let's assume that we want all printers "linuxboy" knows about to be accessible to the Windows machines. We add the following to the "smb.conf" file:
[printers]
comment = All Printers
browseable = yes
printable = yes
public = yes
writable = no
create mode = 0700
After all is said and done, our newly created "smb.conf" file looks like this:
[global]
workgroup = LEARNSAMBA
server string = Linuxboy the Samba Basics Linux Box
hosts allow = 192.168.1. 127.
security = user
log file = /var/log/samba.log.%m
load printers = yes
printcap name = /etc/printcap
printing = lprng
encrypt passwords = yes
smb passwd file = /etc/samba.d/smbpasswd
[homes]
comment = Home Directories
browseable = yes
read only = no
create mask = 0750
[printers]
comment = All Printers
browseable = yes
printable = yes
public = yes
writable = no
create mode = 0700
This file gives us a good starting point for a small network. Note, however, that for larger, more complicated installations, it's woefully inadequate. If you plan to deploy Samba on a large network, please study the Samba docs in detail and maybe even get a book!
Samba Contents
Remember that we configured Samba to expect encrypted passwords for authentication, since that is what most versions of Windows 95 and Windows 98 will want. Authenticating this way is more secure, but requires a little bit of extra legwork on our part. Since the encryption algorithms used by Linux and Windows are different, a separate version of the passwords file must be maintained especially for Samba. This file can be created from an existing "/etc/passwd" using the mksmbpasswd utility, which with most distributions comes ready to support shadow passwords without trouble. It is used like this:
cat /etc/passwd | mksmbpasswd > /etc/samba.d/smbpasswd chmod 0500 /etc/samba.d/smbpasswd
Note that if your Samba configuration directory doesn't reside at "/etc/samba.d" you'll need to change the line above to reflect the correct location for the newly created file.
Once the password file has been created, Samba will use it without much fanfare. Note, however, that users who change their Linux passwords will find that their Samba password has not been updated. To update a Samba password, users should use the smbpasswd command:
$ smbpasswd Old SMB password: New SMB password: Retype new SMB password: $
In most cases, no additional maintenance of the "smbpasswd" file is required. For more details on using encrypted passwords, especially if you are compiling Samba from source, please see the following files in the "docs" directory off of the main Samba source tree:
docs/ENCRYPTION.txt docs/Win95.txt docs/WinNT.txt
Note that you must enable encrypted passwords to be able to talk to most Windows 95 and Windows 98 systems.
Samba Contents
Now that all configuration is done, it is time to start Samba. In most
cases, using the Samba installation that shipped with a distribution, this can be done using one of the following commands:
/etc/rc.d/rc.samba
/etc/rc.d/init.d/samba start
/etc/rc.d/init.d/smb start
Note that this will start Samba only until the machine is rebooted. Once the machine is rebooted, Samba will not start again automatically. To make Samba start each time you boot your Linux box, use the runlevel or daemon editor included in your distribution's system administration tool.
Users who have compiled Samba from scratch can start it on the command line like this:
smbd -D nmbd -D
In this case, to have Samba start each time you boot, you should add these calls to the end of one of your rc files, most likely "/etc/rc.d/rc.local" or a similar local configuration file.
Samba Contents
First, make sure your Samba daemons are running. On your Linux box, in a shell, type the following:
ps ax | grep -e smbd -e nmbd
You should see copies of both smbd and nmbd running. If not, there is some sort of problem, most probably with your "smb.conf" configuration file. To test the file for correctness, try running the following command and watching for errors:
smbtestparm
Once you've verified that Samba is running on your Linux box, and you've got your Windows boxes configured properly, and you can ping back and forth between all of the machines in question, log in to one of the Windows boxes and try opening the "Network Neighborhood" icon. Note that the username and password you use should match those you use on the Linux box. You should be able to easily find a listing for the host name of your Linux box -- in our example, "linuxboy" is the host name. Double-clicking on this icon should open a list of shared resources available from the Linux box.
If you don't see the Linux box listed in the Network Neighborhood, or you get an error message, there's a problem somewhere. Before trying anything else, open a DOS window on a Windows box and try typing the following:
net view \\linuxboy
Replace the name "linuxboy" with the name of the Linux system on your network. If you get a list of shared resources here without any errors, there is either a problem in the configuration of your Windows box(es) or the encrypted passwords in Samba. If, on the other hand, the command returns an error, there is some configuration problem directly with Samba or your network. Review the instructions here and try again.
Samba Contents
Once you're able to pull your Linux box up in the Network Neighborhood and double-click on it, it should be an easy matter to use any of the resources listed. To open your home directory, simply double-click on it; it will be browseable just as though it were any other Windows directory. You can even drag the icon to your desktop and create a shortcut there to your home directory on the Linux box.
Printing to the printers on your Linux box is a slightly different issue, but not much more difficult. In the Network Neighborhood dialog for your Linux box, double click on the shared resource for the printer you'd like to use. Windows should whisk you away to a dialog asking, among other things, if you'd like to be able to print to this printer from DOS-based programs and for the correct driver to install. Once you've finished with the simple series of dialogs, you will be able to print to the printer just as if it were connected directly to your Windows box.
Note that if there are two resources for your printer (for example, a raw one and one that passes through GhostScript), you should use the raw resource from Windows and install the driver for your printer there. Otherwise, printing won't work properly, and GhostScript will become very confused on your Linux box.
Using shared resources from DOS isn't much more difficult. Using the method above, you can configure the printer to be accessible from DOS programs without further trouble. To use shared disk resources from DOS, the net command is the necessary tool. To map a shared resource to a drive letter, try a command such as this one:
net use z: \\linuxboy\jackson
The command above will use the home directory "jackson" on the Linux machine "Linuxboy" as drive letter "Z:" in DOS. After issuing this command, you can treat this drive just as you would any other drive. Note that you may be asked to enter a password in order to map the share. If you'd like to automate sending of the password, issue the command like this:
net use z: \\linuxboy\jackson mypassword
Replace "mypassword" with the password for the account you're using. If you'd like to be able to access shared resources without the need for mapping to a drive letter, simply supply such paths directly to DOS commands or programs:
dir \\linuxboy\jackson\Office50\explorer\WorkFolder
If you've mapped a drive letter and would like to stop using it, use a similar command:
net use /delete z:
Access to your Linux system is now easy from both DOS and Windows.
Samba Contents
Edit the /etc/hosts and the /etc/lmhosts files on both the Win and Linux boxes
192.168.1.1 linuxboy
192.168.1.2 winboy-a
192.168.1.3 winboy-b
To make sure the window names match the Linux names edit the /etc/lmhosts
linuxboy linuxboy
winboy-a winboy-a
winboy-b winboy-b
Ping the PCs using the names after the reboot to confirm connectivity.
Check to see if Samba is installed. Look for the smbd program. It may be in the /usr/sbin/smbd. Also check if nmbd is present.
Because NT (SP3 and higher) SMB clients default to encrypted passwords the registry has to be told not to do this.
Start > Run > Regedt32 > Edit > Add Value and edit as follows:
- Value Name = EnablePlainTextPassword
- Data Type = REG_DWORD
- Data = 1
From the Windows client log on using the username and password set up on the Linux server. Map to that users home directory.
Although this worked fine on the computer at college a few additional alterations to the smb.conf file had to be done on my home PC before it would work. I am not too sure if all the following are required but it now works.
smb.conf
[global]
workgroup = 3604e1
server string = Samba Server
hosts allow = 192.168.1. 192.168.2. 127.
load printers = yes
printcap name = /etc/printcap
printing = bsd
log file = /var/log/samba.%m
max log size = 50
security = user
socket options = TCP_NODELAY
dns proxy = no
[homes]
comment = Home Directories
browseable = yes
writable = yes
[printers]comment = All Printers
path = /var/spool/samba
browseable = yes
guest ok = no
writable = no
printable = yes
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
Samba Contents
