[Wolves] Simple (?) Samba configuration.

David Goodwin david at openminds.co.uk
Wed Mar 3 08:30:50 GMT 2004

Right, as it's only 8am, and I'm at work, and there seems to be some 
vague interest in samba configurations etc, he's my go at being useful.

The stuff below contains a simple samba configuration that should work 
on a small network (i.e. no domain etc). It shares user's home 
directories, and a "pub" directory as well as a single printer.

The configuration will use encrypted passwords, so Windows 2000/98 etc 
should all work happily with it. It doesn't use ldap or pam or anything 
else, so is relatively simple (?!)

The main configuration file for samba is nearly always 
/etc/samba/smb.conf, although some older distros used /etc/smb.conf.

Each authenticated user will see their home directory (e.g. user bob 
would see a share \\sambaServer\bob). It also shares a printer which is 
defined in /etc/printcap. For this example, the samba server is in a 
workgroup, Canine, and called Lassie.

# smb.conf file.
    # what name we want this server to appear in the network
    # neighbourhood as. If not defined defaults to `hostname`
    netbios name = Lassie
    # workgroup = NT-Domain-Name or Workgroup-Name.
    workgroup = CANINE
    # string to display next to server in explorer show details thing.
    server string = Lassie will save the day
    # options are server or share. Normal is user.
    # This results in Windows users being mapped to Unix users.
    security = user
    # what IP addresses we allow to connect (useful if the box has
    # an external interface to the web)
    hosts allow = 192.168.0. 127.

    # manually define printer. (see below for more printing stuff)
    load printers = no
    printcap name = /etc/printcap
    # what printing subsystem we use (cups or lprng are probably the
    # most common)
    printing = lprng
    # %m = machine name that's connecting.
    log file = /var/log/samba/samba.%m
    # max log size in kb
    max log size = 50

    # encrypt passwords (NT4 pre sp3(?) used plain text passwords)
    encrypt passwords = yes
    # allow windows clients to set their clocks to us using
    # "net \\sambabox /time /set /y"
    time server = yes
    preserve case = yes

    # some default optimisations.
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    # what interface we should listen on.
    interfaces =

    # tell samba to act as a directory for machines on the network
    local master = yes
    os level = 90
    # tell samba to be a WINS server (i.e. Windows clients can use
    # it as a wins server for ns lookups.
    wins support = yes

# "homes" is a magic share which uses the current
# username of the user connected to
# display their /home/$USER directory as \\theServer\$USER

    comment = Home Directories
    # make it not visible to browsing clients
    # (i.e. you have to state \\server\$aUser to get to a user's home
    # directory. )
    browseable = no
    writable = yes

# define a share called pub. anyone who has permission at the unix
# filesystem level can read/write to it.
    comment = public stuff
    path = /pub
    read only = no
    public = yes
    guest ok = no

# define a printer called "printer".
    comment = Samsung Laser Printer
    # where the spooled files go to.
    path = /var/spool/smb_print
    # what printer to use from /etc/printcap
    printer = smb_print
    # we allow people to see it if they go to \\thisServer
    browseable = yes
    # users must be authenticated
    guest ok = no
    use client driver = no
    # tell samba it's a printer.
    printable = yes
    print command = /usr/bin/lpr -Psmb_print %s
    lpq command = /usr/bin/lpq -Psmb_print
    # connecting windows clients can use this string to find the #
    # right drivers. Unfortunately it's deprecated in later versions
    # of samba.
    printer name = Samsung ML-1450 Series

# the end.

To allow users to access Samba, you need to do three things :

1) Have samba running (use "testparm" to make sure you've not made any 
typos in teh config file) and run /etc/init.d/samba start (sometimes 
/etc/init.d/smb start).

2) Add Unix users to /etc/passwd - i.e. they can telnet/ssh/login to the 

3) As root, add users to /etc/samba/private/smbpasswd (sometimes 
/etc/samba/smbpasswd), using the "smbpasswd" utility as follows :

smbpasswd -a $user

It will then prompt you for a password.

Now to test samba :

 From Linux :
1) "smbclient -L //theServerName"
This logs you in as an anonymous user if you enter no password, and 
should show a list of shares you made browseable. (e.g. pub and printer)

2) "smbclient -L //theServerName  -U $username"
Enter in the password for $username when prompted, this should now show 
you something like :
         Sharename      Type      Comment
         ---------      ----      -------
         printer        Printer   Samsung Laser Printer
         pub            Disk      public stuff
         IPC$           IPC       IPC Service (Lassie will save the day)
         ADMIN$         IPC       IPC Service (Lassie will save the day)
         david          Disk      Home Directories

 From Windows :

Make sure you can ping the linux box (e.g. ping lassie). Things should 
generally work quicker if you set up Windows to use IP of the Samba box 
as a Wins server (assuming you followed my config file above).

Then try \\lassie (or what ever)

You will be prompted for a Username and password. Enter these and you're 

If you don't have the same username on Windows as Linux, "man smbusers" 
might help - this maps windows users to linux users. By not having the 
same username on Windows as Linux you will be required to enter your 
password the first time you access the Samba server after logging 

Alternative configuration options :

1) You can use SWAT (edit /etc/inetd.conf probably, or run 
/etc/init.d/swat start?) to edit smb.conf (point browser to 
http://server:901 ?).

2) Use a tool supplied with your distro. I use Slackware and it's kind 
of sparing on configuration tools ;)



p.s the smb.conf above should really work, although I've skipped out the 
domain bits I have in my server at home.

More information about the Wolves mailing list