[Wolves] Simple (?) Samba configuration.
David Goodwin
david at openminds.co.uk
Wed Mar 3 08:30:50 GMT 2004
Right, as it's only 8am, and I'm at work, and there seems to be some
vague interest in samba configurations etc, he's my go at being useful.
The stuff below contains a simple samba configuration that should work
on a small network (i.e. no domain etc). It shares user's home
directories, and a "pub" directory as well as a single printer.
The configuration will use encrypted passwords, so Windows 2000/98 etc
should all work happily with it. It doesn't use ldap or pam or anything
else, so is relatively simple (?!)
The main configuration file for samba is nearly always
/etc/samba/smb.conf, although some older distros used /etc/smb.conf.
Each authenticated user will see their home directory (e.g. user bob
would see a share \\sambaServer\bob). It also shares a printer which is
defined in /etc/printcap. For this example, the samba server is in a
workgroup, Canine, and called Lassie.
# smb.conf file.
[global]
# what name we want this server to appear in the network
# neighbourhood as. If not defined defaults to `hostname`
netbios name = Lassie
# workgroup = NT-Domain-Name or Workgroup-Name.
workgroup = CANINE
# string to display next to server in explorer show details thing.
server string = Lassie will save the day
# options are server or share. Normal is user.
# This results in Windows users being mapped to Unix users.
security = user
# what IP addresses we allow to connect (useful if the box has
# an external interface to the web)
hosts allow = 192.168.0. 127.
# manually define printer. (see below for more printing stuff)
load printers = no
printcap name = /etc/printcap
# what printing subsystem we use (cups or lprng are probably the
# most common)
printing = lprng
# %m = machine name that's connecting.
log file = /var/log/samba/samba.%m
# max log size in kb
max log size = 50
# encrypt passwords (NT4 pre sp3(?) used plain text passwords)
encrypt passwords = yes
# allow windows clients to set their clocks to us using
# "net \\sambabox /time /set /y"
time server = yes
preserve case = yes
# some default optimisations.
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# what interface we should listen on.
interfaces = 192.168.0.1/24
# tell samba to act as a directory for machines on the network
local master = yes
os level = 90
# tell samba to be a WINS server (i.e. Windows clients can use
# it as a wins server for ns lookups.
wins support = yes
# "homes" is a magic share which uses the current
# username of the user connected to
# display their /home/$USER directory as \\theServer\$USER
[homes]
comment = Home Directories
# make it not visible to browsing clients
# (i.e. you have to state \\server\$aUser to get to a user's home
# directory. )
browseable = no
writable = yes
# define a share called pub. anyone who has permission at the unix
# filesystem level can read/write to it.
[pub]
comment = public stuff
path = /pub
read only = no
public = yes
guest ok = no
# define a printer called "printer".
[printer]
comment = Samsung Laser Printer
# where the spooled files go to.
path = /var/spool/smb_print
# what printer to use from /etc/printcap
printer = smb_print
# we allow people to see it if they go to \\thisServer
browseable = yes
# users must be authenticated
guest ok = no
use client driver = no
# tell samba it's a printer.
printable = yes
print command = /usr/bin/lpr -Psmb_print %s
lpq command = /usr/bin/lpq -Psmb_print
# connecting windows clients can use this string to find the #
# right drivers. Unfortunately it's deprecated in later versions
# of samba.
printer name = Samsung ML-1450 Series
# the end.
To allow users to access Samba, you need to do three things :
1) Have samba running (use "testparm" to make sure you've not made any
typos in teh config file) and run /etc/init.d/samba start (sometimes
/etc/init.d/smb start).
2) Add Unix users to /etc/passwd - i.e. they can telnet/ssh/login to the
machine.
3) As root, add users to /etc/samba/private/smbpasswd (sometimes
/etc/samba/smbpasswd), using the "smbpasswd" utility as follows :
smbpasswd -a $user
It will then prompt you for a password.
Now to test samba :
From Linux :
1) "smbclient -L //theServerName"
This logs you in as an anonymous user if you enter no password, and
should show a list of shares you made browseable. (e.g. pub and printer)
2) "smbclient -L //theServerName -U $username"
Enter in the password for $username when prompted, this should now show
you something like :
<snip>
Sharename Type Comment
--------- ---- -------
printer Printer Samsung Laser Printer
pub Disk public stuff
IPC$ IPC IPC Service (Lassie will save the day)
ADMIN$ IPC IPC Service (Lassie will save the day)
david Disk Home Directories
<snip>
From Windows :
Make sure you can ping the linux box (e.g. ping lassie). Things should
generally work quicker if you set up Windows to use IP of the Samba box
as a Wins server (assuming you followed my config file above).
Then try \\lassie (or what ever)
You will be prompted for a Username and password. Enter these and you're
away.
If you don't have the same username on Windows as Linux, "man smbusers"
might help - this maps windows users to linux users. By not having the
same username on Windows as Linux you will be required to enter your
password the first time you access the Samba server after logging
in/rebooting.
Alternative configuration options :
1) You can use SWAT (edit /etc/inetd.conf probably, or run
/etc/init.d/swat start?) to edit smb.conf (point browser to
http://server:901 ?).
2) Use a tool supplied with your distro. I use Slackware and it's kind
of sparing on configuration tools ;)
8:25...
David.
p.s the smb.conf above should really work, although I've skipped out the
domain bits I have in my server at home.
More information about the Wolves
mailing list