Samba/Configuring a Workgroup from the Shell with Samba

From Wikibooks, open books for an open world
Jump to navigation Jump to search

Configuring Samba[edit | edit source]

After you have installed Samba, you need to configure it:

Samba is configured by editing the smb.conf file, which is generally located in /etc/samba/. There is usually a smb.conf.example file that is well commented and will help you on your way to configuring the server. Just edit it and save it as smb.conf for an easy way get the server running.

Using Samba[edit | edit source]

To start samba, start its two daemons, smbd and nmbd.

Your computer's shared directories and files should now also be viewable on your windows network (My Network Places).

To view windows shares in the Linux environment run the smbtree command.

Decide before what you really want[edit | edit source]

This topic forks in two branches:

- Server (File, print, etc.)

- Domain Controller

Of course it is an oversimplification. You can combine these approaches, but for now keep it simple to avoid unnecessary trouble.

Server[edit | edit source]

- A file server consists in computer shares - files, printers, devices, queues, etc. - in a network controlled by smbd daemon.

It's a role of smbd take care of grant or deny controlled access to these parts.

Server KISS[edit | edit source]

There are many forms to configure and install samba. Better is to keep it simple, focusing your needs. To a hurry sysadmin, or even poorman, I recommend some basic approach, delaying complexities and security tuning for future iterations.

Shortly, it is a Standalone Server for centralized tasks: file and print serving.

Backup your original in smb.conf:

# cd /etc/samba
# mv smb.conf smb.conf.orig
# touch smb.conf

and insert these lines in the new one:

[global]
workgroup = SAMBAGRP
netbios name = SAMBAKISS
security = SHARE
passdb backend = guest

[data]
comment = Public Data
path = /srv/myshares
read only = no

This approach requires just one account - guest - to connect. To add guest account, follow script:

  1. Create guest account on Unix system
  2. Block local access changing shell to false
  3. Eliminate password from guest account

adduser script fits well

# adduser --home /dev/null --shell /bin/false --no-create-home --uid 65533 --disabled-password guest
  1. Create or map samba account
# smbpasswd -a guest
New SMB password: (type ENTER)
Retype new SMB password: (type ENTER)
Added user guest.

Domain Controller[edit | edit source]

[TODO]

Managing Samba[edit | edit source]

Basic Check[edit | edit source]

It's a good idea to check samba running parts in a host machine, before start:

$ ps ax ¦ grep .*mbd

Usually there are two process, nmbd and smbd, (number of smbd instances and path of daemon may vary). It indicate that samba is running.

$ ps ax ¦ grep mbd
29402 ?        Ss     0:03 /usr/sbin/nmbd -D
29404 ?        Ss     0:00 /usr/sbin/smbd -D

Another way (more sophisticated) requires root privileges:

$ sudo smbcontrol nmbd ping
PONG from pid 29402
$ sudo smbcontrol smbd ping
PONG from pid 29407  (number of smbd daemons may vary)

Samba main parts are daemons named smbd and nmbd.

  • smbd: take care of files, logons, shares, etc
  • nmbd: deal with names

When you are using samba suite, you are sending requests to these daemons, mostly to smbd.

Database moves[edit | edit source]

Samba uses files to keep its controls. There are two types of files in focus: flat files and trivial database files.

User database have to be created and initialized and the main configuration file prepared with shares and system parameters. It's better to get a nice reading on existent documentation before try to implement a real production site, identify and possibly write down instructions.

Its is common to start a samba server based on a fire-up and forget philosophy, and later (at an year basis) have to recover in a hurry the same server and find out you can't remember how to add users, tune, etc.

Tasks to Write Down[edit | edit source]

  • Check smb.conf

After configure or change smb.conf, it is recommended test modifications before start. You can do it running and reading possibly error messages or abnormalities

 $mybox:~$ sudo testparm
  • Start/Stop samba

Actually, depending on your distribution, you will start samba running a previous prepared batch file, that resides on startup script set.

Debian based distributions use:

$mybox:~$ sudo /etc/init.d/samba start      # starts samba
$mybox:~$ sudo /etc/init.d/samba stop       # stops samba
  • Restart and check in one step
# /etc/init.d/samba restart && ps ax | grep mbd
  • Add/Remove users

[TODO]

Using smbpasswd to
- add user
- change password
  • Check log files

[TODO]

  • Backup smb.conf and tdb databases

[TODO]