See if Samba is installed on your computer with the following command: rpm -qa | grep samba
It should return the following:
Where <version> is the version number of the samba package (2.2.5-10). If not, then you will have to pull it off the CD.
Next you need to edit /etc/samba/smb.conf file.
This is by way of example. In this case the samba server will be used as the WINS server. Not normally done in the Hi-Stat environment. It should look like the following:
#======================= Global Settings =====================================
[global]
netbios name = SystemsSrvr
workgroup = LEXWKSDOM
server string = Systems Samba Server
hosts allow = 10.146. 127.
# Windows IPC$ share needs to log in as guest for browsing
guest account = pcguest
# this tells Samba to use a separate
log file for each machine
# that connects
log file = /etc/samba/%m.log
max log size = 5000
# security = user is for password checking
on the RedHat server
# use security = server if you have a PDC and / or BDC
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# password server = Lex-user1 Lex-user2
# use the above ONLY if security is set to server. This tells it where
# to go for password checking. Typically the domain controller.
# to be kept in sync with the SMB password.
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
# OS Level determines the precedence
of this server in master browser
# elections. The default value should be reasonable
os level = 255
domain master = yes
preferred master = yes
wins support = yes
wins proxy = yes
dns proxy = no
# Default case is normally upper case for all DOS files
default case = lower
; case sensitive = no
# Adds an extra layer of protection
bind interfaces only = yes
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
getwd cache = yes
wide links = yes
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %S
create mode = 0750
directory mode = 0775
# This one is useful for people to
share files
[tmp]
comment = Temporary file space
path = /tmp
public = yes
writeable = yes
valid users = @some_group
inherit permissions = yes
create mode = 770
directory mode = 770
write list = user1 user2
#======================= End of smb.conf
==================================
Samba users need to be added. They also need to be regular linux users as well. Add users with the following command: useradd -m <user> Do this for every user. You also need to create an account for pcguest as listed in the smb.conf file. Otherwise browsing won't work. For every user except pcguest, set up a password using passwd <user>.
Disable login to user pcguest. This is necessary to prevent people from logging in with this account. This account is only used for browsing. Use the following commands:
usermod -e 01/01/2003 pcguest
usermod -f 0 pcguest
Now you need to create the samba
password list. to do this, type the following:
cat /etc/passwd | /usr/bin/mksmbpasswd.sh
> /etc/samba/smbpasswd
You will need to reissue the above command every time you add a new user. Otherwise the new user will get a login failure. Add an SMB password for each user
(except user pcguest) with the following command smbpasswd <user>
With multiple users, its best to manage them with groups. So we will need to set up groups like this:
groupadd <group>.
Next you need to add the users to this group with the following command:
usermod -G <group> <user>. Note, if the user is already in a group, this will remove them
from the group. You need to list all groups seperated by commas when adding a group.
To see
what group a user is already in, use the following command: id <user>
Next we need to set the permission of the directory to this group. chgrp <group> -R /directory
Then we need to set the privileges of the directory. FYI, the privs set on the folder MUST be
greater than or equal to the privs set in the smb.conf file. Samba works within the constraints
of the linux privs. In this case, everyone in the group will have full privs, and everyone
outside of the group will have no privs. chmod 770 /directory.
Next we need to set up the share in the smb.conf file. The significant variable for
group sharing is valid users = @some_group. the @ symbol tells samba that this is a group
instead of a user. Here is an example of a share with the group having full privs:
[GroupShare]
path = /home/sharing
public = yes
writeable = yes
valid users = @some_group
create mask = 770
,
Edit /etc/resolv.conf make sure the IP of the nameserver is in there. If your samba server is your name server, then it should look like the following line:
nameserver 127.0.0.1
To start Samba: Type the following: /etc/init.d/smb start. For the samba service to run on PC startup, type the following: chkconfig smb on.
NOTE: If you are going to run a firewall, you will need to open the TCP and UDP ports used for samba. For information on this, see the firewall page.
|
Command
|
Result
|
Example
|
testparm |
Tests integrity of smb.conf file | testparm /etc/samba/smc.conf |
smbclient |
Used for testing samba server | smbclient -L localhost -U% |
smb
start |
Starts samba | /etc/init.d/smb start |
smb
stop |
Stops samba | /etc/init.d/smb stop |
smb
restart |
Restarts samba | /etc/init.d/smb restart |
Sometimes browsing doesn't work. Particularly in a network environment with multiple network protocols, like Netbeui, and IPX/SPX. Apparently when an election is held, and your Samba server is set to win the election, (os level = 255) it does so, but only on the TCP/IP protocol. If there are Windows PCs on your network running other protocols, thanks to Microsoft, they will basically mess things up and end up being the master browser anyway. So to keep Windows based PCs from being in the election, you need to make a change in the registry of the PC so that it diesn't maintain the Browse list. You can do so easily by clicking here, or you can do it yourself by running regedit.exe and edit the following key: In order to see who is the master browser, issue the following command on your
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList.
You need to change the value to No. Restart your PC, and your Samba server will then be the master browser, as it should. This will need to be done to all PCs on the network that are in the same domain / workgroup as the samba server.
samba server: smbclient -L servername Just press enter for the password.