Feeds:
Posts
Comments

Archive for the ‘Server Service’ Category

DNS (Domain Name Service) server is a server that translate an IP address into a name that will be easy to remember or do the opposite way.

The administrative job is done in Server side. For client side just set the machine to connect the DNS server.

Before we start, I assume that you are connected to Internet already. For, text editor, you can use any program that you are familiar with. In this sample, I use vim.

The installation is as easy as below:

Step 1. Install the bind9

Open Linux Terminal (Applications>Accessories>Terminal), type: sudo apt-get install bind9

Installation finished.

(more…)

Read Full Post »

The basic security setting for xampp is not secured with password. You have to change the setting if you want to increase your xampp security access.

To check your security setting, from XAMPP main screen, click ‘Security’. Below is the default for first installation security setting.

To change to security setting, you have to do it through Linux command line. Open your Linux Terminal (Applications > Accessories > Terminal).

Goto to ‘/opt/lampp‘ directory.

(more…)

Read Full Post »

If you are looking for Web Server or FTP server and you don’t to have a complicated process, xampp can be considered as your choice.

The most thing I like from XAMPP is separate setup with the Linux system and it’s easy to use. So, next time I don’t need it, I just remove its directory, and that’s it. I don’t need to do uninstall process.

XAMPP has been tested to work on SuSE, RedHat, Mandrake and Debian, mean it works with Ubuntu.

There are 4 steps to do before you can run XAMPP on Linux.


Step 1. Downloading

First, you have to download the program from http://apachefriends.org/en/xampp.html.

(more…)

Read Full Post »

What is Web Server? Before we go to that question, it’s better if we know what is web.

Actually, web is only a file or document in HTML format which is transferred from 1 computer (server) to a computer (client) which requests that file/document. To read a web document you need a web client application. There are so many web client applications available, such as Mozilla, Firefox, Opera etc.

Did you get a picture what is the Web Server? Yes, Web Server is an application in a computer that supplies files or document which are requested by client computer. There are few web server available in market, such as Apache, IIS and Cold Fusion, but the most popular web server in the world is Apache. Because, almost 70% web servers in the world use Apache.

Apache is under GPL. So, you can use it for free.

Apache2 or Apache Web Server a default web server installed in Ubuntu.

Note:

  • If you are using Gutsy, you don’t have to do the installation. You have it already. You just need to configure the setting only.

  • If you want to use PHP4, you can’t use apache2, it’s designed to work with PHP5 now. You can use Xampp. With Xampp, even you can choose which PHP version that you want to use, PHP4 or PHP5, without change any configuration.

Step 1. Apache Installation

To install Apache2 in Ubuntu, just type the command below in your Terminal Console.

taufanlubis@zyrex:~$ sudo apt-get install apache2 apache2-common apache2-mpm-prefork apache2-utils

……….
……….

This command will complete the installation of apache2 web server.

Step 2. Apache Configuration

The default of apache2 configuration files are located at /etc/apache2.

taufanlubis@zyrex:~$ ls -l /etc/apache2/

total 60
-rw-r–r– 1 root root 24175 2007-01-16 01:10 apache2.conf
drwxr-xr-x 2 root root 4096 2007-08-03 14:01 conf.d
-rw-r–r– 1 root root 895 2007-01-16 01:11 envvars
-rw-r–r– 1 root root 0 2007-08-03 14:01 httpd.conf
drwxr-xr-x 2 root root 12288 2007-09-07 08:00 mods-available
drwxr-xr-x 2 root root 4096 2007-10-03 22:26 mods-enabled
-rw-r–r– 1 root root 10 2007-08-03 14:01 ports.conf
drwxr-xr-x 2 root root 4096 2007-09-07 08:00 sites-available
drwxr-xr-x 2 root root 4096 2007-08-03 14:01 sites-enabled

taufanlubis@zyrex:~$

 

Step 2A. Apache Configuration —sites-available

To change it, just edit ‘default‘ file at /etc/apache2/sites-available

taufanlubis@zyrex:/$ cd /etc/apache2/sites-available/
taufanlubis@zyrex:/etc/apache2/sites-available$ ls
default

taufanlubis@zyrex:/etc/apache2/sites-available$ sudo gedit default
NameVirtualHost *
<VirtualHost *>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

 

<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2′s default start page
# in /apache2-default/, but still have / go to the right place
#RedirectMatch ^/$ /apache2-default/
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ “/usr/share/doc/”
<Directory “/usr/share/doc/”>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>

 

Step 2B. Apache Configuration —document root

If you want to change from ‘/var/www‘ to ‘/home/www‘, just change the ‘DocumentRoot /var/www‘ to be ‘DocumentRoot /home/www‘.

 

The main configuration file is located at /etc/apache2/apache2.conf.
…..
ServerRoot “/etc/apache2″
PidFile /var/run/apache2.pid
ErrorLog /var/log/apache2/error.log
Include /etc/apache2/ports.conf

 

Additional Apache Configuration —Enable some Apache modules (Note: If need it!!!!)

SSL, rewrite, suexec and include

As you can see above, Apache2 supports a lot of modules and uses DSO (Dynamic Shared Object). DSO will make each module easier to be developed and maintained.

 

Additional Apache Configuration —Add new Modules to Apache2

taufanlubis@zyrex:~$ sudo a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.

taufanlubis@zyrex:~$ sudo a2enmod rewrite
Module rewrite installed; run /etc/init.d/apache2 force-reload to enable.

taufanlubis@zyrex:~$ sudo a2enmod suexec
Module suexec installed; run /etc/init.d/apache2 force-reload to enable.

taufanlubis@zyrex:~$ sudo a2enmod include
Module include installed; run /etc/init.d/apache2 force-reload to enable.

taufanlubis@zyrex:~$

 

Additional Apache Configuration —Check Apache2 modules installed

taufanlubis@zyrex:~$ /usr/sbin/apache2 -l

Compiled in modules:
core.c
mod_log_config.c
mod_logio.c
prefork.c
http_core.c
mod_so.c

taufanlubis@zyrex:~$

 

Install PHP5

PHP4 is no longer supported in Feisty. If you still want to use PHP4, I suggest you to use XAMPP.

taufanlubis@zyrex:~$ sudo apt-get install php5

Password:
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
libapache2-mod-php5
Suggested packages:
php-pear
The following NEW packages will be installed:
libapache2-mod-php5 php5
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 2531kB/2532kB of archives.
After unpacking 5743kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://security.ubuntu.com feisty-security/main libapache2-mod-php5 5.2.1-0ubuntu1.4 [2531kB]
Fetched 2531kB in 25s (100kB/s)
Selecting previously deselected package libapache2-mod-php5.
(Reading database … 156650 files and directories currently installed.)
Unpacking libapache2-mod-php5 (from …/libapache2-mod-php5_5.2.1-0ubuntu1.4_i386.deb) …
Selecting previously deselected package php5.
Unpacking php5 (from …/php5_5.2.1-0ubuntu1.4_all.deb) …
Setting up libapache2-mod-php5 (5.2.1-0ubuntu1.4) …
Setting up php5 (5.2.1-0ubuntu1.4) …

taufanlubis@zyrex:~$

 

Install PHP5 Library

taufanlubis@zyrex:~$ sudo apt-get install libapache2-mod-php5

Reading package lists… Done
Building dependency tree
Reading state information… Done
libapache2-mod-php5 is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

taufanlubis@zyrex:~$

 

Install MySql for PHP5

taufanlubis@zyrex:~$ sudo apt-get install php5-mysql
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
php5-mysql
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 65.5kB of archives.
After unpacking 246kB of additional disk space will be used.
Get:1 http://security.ubuntu.com feisty-security/main php5-mysql 5.2.1-0ubuntu1.4 [65.5kB]
Fetched 65.5kB in 2s (27.7kB/s)
Selecting previously deselected package php5-mysql.
(Reading database … 156650 files and directories currently installed.)
Unpacking php5-mysql (from …/php5-mysql_5.2.1-0ubuntu1.4_i386.deb) …
Setting up php5-mysql (5.2.1-0ubuntu1.4) …

taufanlubis@zyrex:~$

 

Install phpmyadmin for php5-mysql

taufanlubis@zyrex:~$ sudo apt-get install phpmyadmin
Reading package lists… Done
Building dependency tree
Reading state information… Done
Suggested packages:
mysql-server
Recommended packages:
php5-mcrypt php4-mcrypt php5-gd php4-gd
The following NEW packages will be installed:
phpmyadmin
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 3591kB of archives.
After unpacking 14.1MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com feisty/universe phpmyadmin 4:2.9.1.1-2ubuntu1 [3591kB]
Fetched 3591kB in 49s (73.2kB/s)
Preconfiguring packages …
Selecting previously deselected package phpmyadmin.
(Reading database … 156654 files and directories currently installed.)
Unpacking phpmyadmin (from …/phpmyadmin_4%3a2.9.1.1-2ubuntu1_all.deb) …
Setting up phpmyadmin (2.9.1.1-2ubuntu1) …
Creating config file /etc/phpmyadmin/apache.conf with new version
Creating config file /etc/phpmyadmin/config.footer.inc.php with new version
Creating config file /etc/phpmyadmin/config.header.inc.php with new version
Creating config file /etc/phpmyadmin/config.inc.php with new version
Creating config file /etc/phpmyadmin/htaccess with new version

taufanlubis@zyrex:~$

 

Check your apache2 modules installed.

taufanlubis@zyrex:~$ sudo apt-cache search apache2 (may different with yours)
libapache2-mod-auth-mysql – Apache 2 module for MySQL authentication
libapache2-mod-auth-pam – module for Apache2 which authenticate using PAM
libapache2-mod-auth-pgsql – Module for Apache2 which provides pgsql authentication
libapache2-mod-auth-plain – Module for Apache2 which provides plaintext authentication
libapache2-mod-auth-sys-group – Module for Apache2 which checks user against system group
libapache2-mod-macro – Create macros inside apache2 config files
libapache2-mod-python – Apache 2 module that embeds Python within the server
libapache2-mod-python-doc – Apache 2 module that embeds Python within the server
libapache2-svn – Subversion server modules for Apache
adzapper – proxy advertisement zapper add-on
libapache-mod-dav – A DAV module for Apache
libapache-mod-jk-doc – Documentation of libapache-mod-jk/libapache2-mod-jk packages
libapache-ruby1.8 – Ruby libraries for mod_ruby
libapache2-mod-annodex – Provides server-side support for Annodex media

libapache2-mod-apreq2 – generic Apache request library – Apache module

libapache2-mod-auth-kerb – apache2 module for Kerberos authentication

libapache2-mod-bt – BitTorrent tracker for the Apache2 web server

libapache2-mod-bt-dev – Header files for mod_bt

libapache2-mod-chroot – run Apache in a secure chroot environment

libapache2-mod-dnssd – Apache 2 module which adds Zeroconf support via avahi

libapache2-mod-encoding – Apache2 module for non-ascii filename interoperability

libapache2-mod-fcgid – an alternative module compat with mod_fastcgi

libapache2-mod-geoip – GeoIP support for apache2

libapache2-mod-ifier – Filter and reject incoming client requests

libapache2-mod-jk – Apache 2 connector for the Tomcat Java servlet engine

libapache2-mod-layout – Apache2 web page content wrapper

libapache2-mod-ldap-userdir – Apache2 module that provides UserDir lookups via LDAP

libapache2-mod-mime-xattr – Apache2 module to get MIME info from filesystem extended attributes

libapache2-mod-mono – Run ASP.NET Pages on UNIX with Apache 2 and Mono

libapache2-mod-musicindex – Browse, stream, download and search through MP3/Ogg/FLAC files

libapache2-mod-ngobjweb – Apache2 module for the SOPE application server

libapache2-mod-proxy-html – Apache2 filter module for HTML links rewriting

libapache2-mod-removeip – Module to remove IP from apache2′s logs

libapache2-mod-rpaf – module for Apache2 which takes the last IP from the ‘X-Forwarded-For’ header

libapache2-mod-ruby – Embedding Ruby in the Apache2 web server

libapache2-mod-scgi – Apache module implementing the SCGI protocol

libapache2-mod-shib – Shibboleth implements the OASIS SAML v1.1 specification,

libapache2-mod-speedycgi – apache2 module to speed up perl scripts by making them persistent

libapache2-mod-suphp – Apache2 module to run php scripts with the owner permissions

libapache2-mod-vhost-hash-alias – Fast and efficient way to manage virtual hosting

libapache2-mod-vhost-ldap – Apache 2 module for Virtual Hosting from LDAP

libapache2-mod-xmlrpc2 – XMLRPC Server module for Apache2 web server

libapache2-modbt-perl – Perl bindings for mod_bt

libapache2-modxslt – XSLT processing module for Apache 2.0.x based on libxml2

libapache2-redirtoservname – Apache 2 module to redirect users to the canonical hostname

libapache2-request-perl – generic Apache request library – Perl modules

libapache2-webauth – Apache 2 modules for WebAuth authentication

libapache2-webkdc – Apache 2 modules for a WebAuth authentication KDC

libembperl-perl – A system for building dynamic websites with Perl

libnet-bittorrent-libbt-tracker-perl – Perl bindings for libbttracker

mod-chroot-common – run Apache in a secure chroot environment

mod-musicindex-common – Common files for mod-musicindex

modxslt-doc – Documentation for modxslt

mono-apache-server – backend for mod_mono Apache module

mono-apache-server2 – backend for mod_mono2 Apache module

nanoweb-contrib – user contributed utilities for Nanoweb

php5-apache2-mod-bt – PHP bindings for mod_bt

rt3.4-apache2 – Apache 2 specific files for request-tracker3.4

rt3.6-apache2 – Apache 2 specific files for request-tracker3.6

torrus-apache – Universal front-end for Round-Robin Databases (for apache 1.x)

torrus-apache2 – Universal front-end for Round-Robin Databases (for apache 2.x)

torrus-common – Universal front-end for Round-Robin Databases (common files)

libapache2-mod-fastcgi – Apache 2 FastCGI module for long-running CGI scripts

apache2-mpm-itk – multiuser MPM for Apache 2.2

libapache2-mod-perl2 – Integration of perl with the Apache2 web server

libapache2-mod-perl2-dev – Integration of perl with the Apache2 web server – development files

libapache2-mod-perl2-doc – Integration of perl with the Apache2 web server – documentation

libapache2-mod-php5 – server-side, HTML-embedded scripting language (apache 2 module)

php5-cgi – server-side, HTML-embedded scripting language (CGI binary)

libapache2-mod-cband – An Apache 2 module for bandwidth limiting the webserver

apache2 – Next generation, scalable, extendable web server

apache2-doc – documentation for apache2

apache2-mpm-event – Event driven model for Apache HTTPD 2.1

apache2-mpm-perchild – Transitional package – please remove

apache2-mpm-prefork – Traditional model for Apache HTTPD 2.1

apache2-mpm-worker – High speed threaded model for Apache HTTPD 2.1

apache2-prefork-dev – development headers for apache2

apache2-src – Apache source code

apache2-threaded-dev – development headers for apache2

apache2-utils – utility programs for webservers

apache2.2-common – Next generation, scalable, extendable web server

taufanlubis@zyrex:~$

 

Update your Apache2

taufanlubis@zyrex:~$ sudo apt-get update

taufanlubis@zyrex:~$ sudo apt-get upgrade

 

Test your Apache2

Open your web browser (ex. Firefox).

Type ‘localhost‘, if you get ‘It works!’ message mean that your succeed.

 

Read Full Post »

Samba Server part 2 # 2

Practice 4: Primary Domain Controller (Provide center Authorization and Authentication for directories)

Samba can act as Domain Controller. It will centralize the Authorization and Authentication services.

 

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

hosts allow = 192.168.0.0/24 127.

hosts deny = ALL

log file = /var/log/samba/log.%m

dns proxy = no

max log size = 1000

syslog = 0

obey pam restrictions = yes

domain logons = yes

domain master = auto

wins support = no

logon path = \\%N\%U\profile

logon home = \\%N\%U

logon script = logon.cmd

socket options = TCP_NODELAY

 

[sharing_data]

path = /home/sharing_data/

comment = Taufan Sharing Folder at Ubuntu

public = yes

encrypt passwords = no

security = share

read only = yes

browseable = yes

directory mask = 0700

create mask = 0600

 

[Amanda]

path = /home/amanda/

comment = Angela Folder at Ubuntu

public = no

read only = no

encrypt passwords = yes

browseable = yes

security = user

valid users = amanda, alice, mark, taufanlubis, nadine

force user = amanda

force group = amanda

 

[netlogon]

comment = Network Logon Service

path = /home/samba/netlogon

guest ok = yes

writable = no

share modes = no

 

[profiles]

comment = Users profiles

path = /home/samba/profiles

guest ok = no

browseable = no

create mask = 0600

directory mask = 0700

 

[printers]

comment = All Printers

load printers = yes

printing = cups

printcap name = cups

browseable = no

path = /var/spool/samba

printable = yes

public = no

writable = no

create mode = 0700

 

[print$]

comment = Printer Drivers

path = /var/lib/samba/printers

browseable = yes

read only = yes

guest ok = no

 

[cdrom]

comment = Samba server’s CD-ROM

writable = no

locking = no

path = /cdrom

public = yes

#printer

load printers = yes

printing = cups

printcap name = cups

 

taufanlubis@zyrex:~$

 

If you have clients that still use Windows, you have to set the ‘encrypt passwords = no’ because Windows only can access the plain password from Samba Server. That’s why, I put the encrypt password into different share-directories.

If it’s accessed by Linux the I set encrypt passwords = yes and it’s accessed by Windows Clients then I set encrypt passwords = no.

 

Now, let’s check our configuration.

taufanlubis@zyrex:~$ sudo smbclient -L 192.168.0.2

Password:

session setup failed: NT_STATUS_LOGON_FAILURE

taufanlubis@zyrex:~$

When you use smbclient, just don’t put ‘sudo’, it will create an error like above. Now, I repeat the command without ‘sudo‘. This command is used to check sharing directories in Samba Servers.

taufanlubis@zyrex:~$ smbclient -L 192.168.0.2

Password:

Domain=[UBUNTUWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]

 

Sharename Type Comment

——— —- ——-

sharing_data Disk Taufan Sharing Folder at Ubuntu

Amanda Disk Angela Folder at Ubuntu

netlogon Disk Network Logon Service

print$ Disk Printer Drivers

cdrom Disk Samba server’s CD-ROM

IPC$ IPC IPC Service (UbuntuZyrexServer)

PDF Printer PDF

LX-1050 Printer LX-1050

Laserjet1320 Printer Laserjet1320

Domain=[UBUNTUWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]

 

Server Comment

——— ——-

UBUNTUZYREX UbuntuZyrexServer

 

Workgroup Master

——— ——-

UBUNTUWORKGROUP UBUNTUZYREX

taufanlubis@zyrex:~$

What is smbclient?

Smbclient is almost the like ftp program. It’s used to access SMB resources on the servers.

 

Connect to your directory using smbclient

After you are connected, you can browse, add, delete files or directories. Of course, it will be depended on your access level. You can use common Linux command line, such as cp, mv, mkdir, rm, rmdir, ls etc..

taufanlubis@zyrex:~$ smbclient -U amanda //192.168.0.2/amanda

Password:

Domain=[UBUNTUZYREX] OS=[Unix] Server=[Samba 3.0.26a]

smb: \> ls

. D 0 Mon Oct 22 08:49:20 2007

.. D 0 Mon Oct 22 08:51:01 2007

pictures D 0 Mon Oct 22 08:49:20 2007

.profile H 566 Mon Oct 22 08:48:42 2007

Examples D 0 Sun Apr 15 18:52:21 2007

Tekken.jpg A 61344 Mon Oct 22 08:49:00 2007

.bash_logout H 220 Mon Oct 22 08:48:42 2007

.bashrc H 2298 Mon Oct 22 08:48:42 2007

 

48209 blocks of size 262144. 15950 blocks available

smb: \> cd pictures/

smb: \pictures\> ls

. D 0 Mon Oct 22 08:49:20 2007

.. D 0 Mon Oct 22 08:49:20 2007

Robot.jpg A 87919 Mon Oct 22 08:49:21 2007

 

48209 blocks of size 262144. 15950 blocks available

smb: \pictures\> cd ..

smb: \>

smb: \> exit

taufanlubis@zyrex:~$

 

Well, you’ve done the 4 practices. Now, we can go further with our lesson.

 

 

Firewall and Security

Samba need port 137 and 139 for the connection. If you are using Firewall application (Such as Firestarter, smoothwall or others), please make sure that you enable this port. Usually, every firewall applications block these ports as a default. If you are using Iptables and you want to open this ports, you can see my article about setting ports using Iptables.

 

Starting Samba when the machine boot

You set the Samba server to run automatically when the system booting. (see my articles about Run Level)

taufanlubis@zyrex:~$ sudo update-rc.d samba defaults

Adjust the configuration file to your need

For example, you want to create a directory for training_modules and only 5 persons can access and modify that directory. First you create the training_modules directory, Second add the configuration at smb.conf and restart the Samba Server and the Third, don’t forget to add the user to Samba Server User List (Practice 3, part 2).

 

[Training_modules]

path = /home/training_modules/

comment = Training_modules directory at Ubuntu

public = no

read only = no

browseable = yes

security = user

valid users = amanda, alice, mark, taufanlubis, nadine

force user = training_modules

force group = training_modules

 

 

Read Full Post »

Samba Server

Part 1 of 2

What is Samba?

Samba is the same like NFS which is used to share files and printers in Linux. Not like NFS, Samba implements SMB (Server Message Block) network protocol so it can be used for windows networking. In Windows and OS/2, they name it CIFS (Common Internet File System).

Future versions of Samba will incorporate Kerberos support for stronger authentication, as well as better integration with existing Windows. NFS is ‘Native’ to Linux, Solaris and Mac OS and much more to ‘Unix’ way of sharing files. If you want to use NFS, use NFS version 3 or better. NFS version 2 or older will have some issues with file sizes.

It can use to replace a very expensive, unstable Windows servers. Samba can replicate nearly all of Windows Server functionally. It appears in the Network Neighborhood like any other Windows machine and function in the same way. And perhaps, some server on your network right now could be running Samba instead of Windows and no want would ever notice.

 

Why we use Samba?

  • IT’S FREE.

  • The forforming is over Microsoft Windows Server 2000.

  • Reliable. (No malfunctions except if you have problem with the hardware).

  • Relatively easy for administrator.

  • Customizable. (You can set from a simple printer server to complex Windows Domain Contoller).

  • Secure. (No security holes known in current release).

  • Available for many platforms.

  • Integrated into existing network. (Very rare compability problems).

 

Samba consist of 2 main programs:

  • smbd

a server daemon that provides file sharing and printing services to Windows clients

  • nmbd

a server that understands and can reply to Net BIOS over IP name service requests, like those produced by SMB/CIFS clients such as Windows 95/98/ME, Windows NT, Windows 2000, Windows XP and LanManager clients. It also participates in the browsing protocols which make up the Windows “Network Neighborhood” view.

Other additional program are smbclient, smbpasswd etc.

 

There 4 main functions of Samba:

- File service (Sharing Folders with Linux or Windows clients.)

- Printer service (Sharing Printers with Linux or Windows clients. Event you can add a PDF pseudo-printer so all the computers in your network may write PDF files.)

- Authentication and Authorization (Act as a domain controller in Windows network.)

- Name resolution

 

When you don’t need samba?

Access shared folders, drives and printers on Windows computer. Mean you are a client to windows server. You just need a smbfs Plugin.

- Sharing files among Linux, just use NFS service.

- Sharing printer among Linux, just use remote lpd.

- Share you printer on network with Windows computer, just use CUPS.

- Sharing directories between 2 Linux computers, just use NFS or setup a FTP server on one computer and a FTP client to the other computer.

 

If everything, can be done without Samba then why we still need it?

If you have a Linux server with Windows clients and you want them to go to the Authorization process first before they can access your server directories or printers then you need Samba.

 

Step 1. Installing Samba Server

taufanlubis@zyrex:~$ sudo apt-get install samba

Reading package lists… Done

Building dependency tree

Reading state information… Done

samba is already the newest version.

0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

taufanlubis@zyrex:~$

If you have Samba installed already in your system then the message will be same like above.

 

Step 2. Configuring Samba Server and Restart it

 

Always make a back up when you change a configuration file.

taufanlubis@zyrex:~$ cd /etc/samba

taufanlubis@zyrex:/etc/samba$ ls -l

total 28

-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands

-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf

-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~

 

taufanlubis@zyrex:/etc/samba$ sudo cp smb.conf smb.conf.bak

 

taufanlubis@zyrex:/etc/samba$ ls -l

total 28

-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands

-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf

-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~

-rw-r–r– 1 root root 10533 2007-08-20 06:16 smb.conf.bak

taufanlubis@zyrex:/etc/samba$

Now you have a back up already, then you can continue to change the smb.conf. Delete all content and replace with the configuration below. I create a simple configuration for our practice.

 

There are few configurations that you can set for Samba:

- Practice 1: Anonymous Read Only File Server (Provide read only directories)

- Practice 2: Anonymous Read Write File Server (Provide read/write directories)

- Practice 3: Restricted File Server (Provide restricted directories)

- Practice 4: Primary Domain Controller (Provide center Authorization and Authentication for directories).

 

Practice 1. Anonymous Read Only File Server (Provide read only directories)

Before we start, better we create a directory for our shared-directory. In this sample, I will put our directory in home/ directory.

taufanlubis@zyrex:~$ cd /home

taufanlubis@zyrex:/home$ sudo mkdir sharing_data

 

Change the permission so it can be read, written and deleted from client computers (only ‘group’ can delete files not everybody(other)).

taufanlubis@zyrex:/home$ sudo chmod uog+r sharing_data

You can copy any data into sharing_data directory for practice.

 

After that, edit samba configuration file, delete the content and replace with our new configuration.

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[Global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

security = share

hosts allow = 192.168.0.1/24 127.0.0.1

 

[sharing_data]

path = /home/sharing_data

comment = Taufan Sharing directory at Ubuntu

public = yes

read only = yes

browseable = yes

 

Save the file and restart the Samba server.

taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart

* Stopping Samba daemons… [ OK ]

* Starting Samba daemons… [ OK ]

taufanlubis@zyrex:~$

 

To test our practice, connect to Samba server with any web browser using command ‘smb://192.168.0.2‘ (in Linux). When I open my Samba server from OpenSuse10 using Konqueror (you can use any web browser or file manager), I can see the ‘sharing_data’ directory displayed on the screen. I can browse the directory but when I save a file in it, I get a message says ‘Access Denied. Could not write to smb://192.168.0.2/sharing_data/testingfile.odt‘.

Mean, that our configuration is working.

If you can access your ‘sharing_data’ directory mean you’ve completed our first practice.

 

This configuration says that you want to share ‘/home/sharing_data’ directory in the network.

It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.

It is read only but browseable.

Only computers in this IP range can open the directory.

 

Practice 2: Anonymous Read Write File Server (Provide read/write directories)

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[Global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

security = share

hosts allow = 192.168.0.1/24 127.0.0.1

 

[sharing_data]

path = /home/sharing_data

comment = Taufan Sharing directory at Ubuntu

public = yes

read only = no

browseable = yes

 

This configuration says that you want to share ‘/home/sharing_data’ directory in the network.

It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.

It is writeable and browseable.

Only computers in this IP range can open the directory.

The different with Sample 1 is only change the Read Only in [sharing_data] from ‘yes‘ to ‘no‘.

 

Save the file and restart the Samba server.

taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart

* Stopping Samba daemons… [ OK ]

* Starting Samba daemons… [ OK ]

taufanlubis@zyrex:~$

If you can save a file in this directory, you’ve completed our second practice.

 

Practice 3. Anonymous Read Only File Server (Provide read only directories)

Part 1. Create username and password

First you have to create an account for ‘angela’. It will create an ‘amanda/’ directory in ‘home/’ directory.

Add new account using: System > Administration > Users and Groups

Click ‘Add User

Fill:

User name: amanda

Real Name: Amanda

User Password: ****** (minimum 6 character, in this practice I put 123456)

Confirm Password: ****** (retype the password)

Click ‘OK‘, then close the screen.

 

Check the amanda directory.

taufanlubis@zyrex:~$ cd /home

taufanlubis@zyrex:/home$ ls -l

…….

drwxr-xr-x 2 root root 4096 2007-10-22 07:52 amanda

…….

taufanlubis@zyrex:/home$

Copy some files into home/amanda/ for practice.

 

Part 2. Add the usename into Samba server user List.

Without register to Samba server, amanda will not entitle to access her directory.

taufanlubis@zyrex:~$ sudo smbpasswd -a amanda

[sudo] password for taufanlubis:

New SMB password:

Retype new SMB password:

Added user angela.

taufanlubis@zyrex:~$

 

Part 3. Edit the Samba configuration file for amanda

[global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

hosts allow = 192.168.0.0/24 127.

 

[sharing_data]

path = /home/taufanlubis/sharing_data/

comment = Taufan Sharing directory at Ubuntu

public = yes

security = share

read only = yes

browseable = yes

 

[Amanda]

path = /home/amanda/

comment = Angela directory at Ubuntu

public = no

read only = no

browseable = yes

security = user

valid users = amanda

force user = amanda

force group = amanda

 

If you see the configuration above, I moved the ‘security = share’ from [global] into [sharing_data] and [amanda]. So, each directory will has their own security access level.

 

Amanda can access her directory after entering her username and password.

Just type: smb://192.168.0.2 and choose amanda diretory

sambaserver_amanda.jpg

type: smb://amanda@192.168.0.2/Amanda directly on the Konqueror or Firefox textbox location then enter her username and password.

sambaserver_login.jpg

 

Continue to part 2 ….

Read Full Post »

FTP Server

What is FTP?

FTP (File Transfer Protocol) is a program to exchange files between two computers or to other computers in a local network or over inter networks (internet). May be you don’t know that you’ve already used it before when you download something from the internet. Most often, a computer with a FTP address is dedicated to receive a FTP connection.

What is ftp sites?

Ftp site is the like old Filling cabinets where you put your datas in it. Organized and labeled so it will easier next time you or any one who need the files can take it back next time.

That concept is applied in ftp sites. You can take any files that you want to download based access level provided. The Administrator can set which files to keep locked and which open to public.

What is ftp Server?

Ftp server is a machine that serves the authorized users to get the requested files. The FTP file sharing protocol is an old protocol which was created when internet was still a secure place. That’s why the default FTP protocol is not that secure. Mean that your username and password for login are transmitted in plain text, well… which is not secure for sure.

 

There are several configurations that you can set for your proftpd server.

  • as chrooted at /home directory

  • as anonymous proftpd user to read only

  • as anonymous proftpd user to read/write

  • as anonymous proftpd user to directory outsite /home/ftp

 

In this article, I want to show you how you can create a ftp server in a short time. In this practice, I use ‘proftpd’ as our ftp server. The file is not too big and it’s not difficult to install.

 

Step 1. Download and Installing ‘proftpd’ program for FTP server

taufanlubis@zyrex:~$ sudo apt-get install proftpd

Reading package lists… Done

Building dependency tree

Reading state information… Done

Suggested packages:

proftpd-doc

The following NEW packages will be installed:

proftpd

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 784kB of archives.

After unpacking 2331kB of additional disk space will be used.

Get:1 http://archive.ubuntu.com feisty/universe proftpd 1.3.0-21ubuntu1 [784kB]

Fetched 784kB in 14s (54.1kB/s)

Preconfiguring packages …

Selecting previously deselected package proftpd.

(Reading database … 155004 files and directories currently installed.)

Unpacking proftpd (from …/proftpd_1.3.0-21ubuntu1_i386.deb) …

Setting up proftpd (1.3.0-21ubuntu1) …

——— IMPORTANT INFORMATION FOR XINETD USERS ———-

The following line will be added to your /etc/inetd.conf file:

ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd

 

If you are indeed using xinetd, you will have to convert the

above into /etc/xinetd.conf format, and add it manually. See

/usr/share/doc/xinetd/README.Debian for more information.

———————————————————–

Adding system user `proftpd’ (UID 118) …

Adding new user `proftpd’ (UID 118) with group `nogroup’ …

Not creating home directory `/var/run/proftpd’.

Adding system user `ftp’ (UID 119) …

Adding new user `ftp’ (UID 119) with group `nogroup’ …

Creating home directory `/home/ftp’ …

`/usr/share/proftpd/templates/welcome.msg’ -> `/home/ftp/welcome.msg.proftpd-new’

ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration.

taufanlubis@zyrex:~$

 

Step 2. Test it to run

taufanlubis@zyrex:~$ sudo /etc/init.d/proftpd start

Password:

ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration.

taufanlubis@zyrex:~$

This error occurs because we haven’t set the configuration file yet.

 

Step 3. Create your proftpd directory

For this practice, I create ftp_shared directory at home/ directory.

taufanlubis@zyrex:/home$ sudo mkdir ftp_shared/

Then I create 2 more directories inside ftp_shared directory.

taufanlubis@zyrex:/home$ cd ftp_shared/

taufanlubis@zyrex:/home/ftp_shared$ sudo mkdir download

taufanlubis@zyrex:/home/ftp_shared$ sudo mkdir upload

 

Set security permission

taufanlubis@zyrex:/home/ftp_shared$ cd ..

taufanlubis@zyrex:/home$ sudo chmod 755 ftp_shared/

taufanlubis@zyrex:/home$ cd ftp_shared/

taufanlubis@zyrex:/home/ftp_shared$ sudo chmod 755 download/

taufanlubis@zyrex:/home/ftp_shared$ sudo chmod 777 upload/

taufanlubis@zyrex:/home/ftp_shared$ ls -l

total 8

drwxr-xr-x 2 root root 4096 2007-10-17 19:31 download

drwxrwxrwx 2 root root 4096 2007-10-17 19:31 upload

taufanlubis@zyrex:/home/ftp_shared$

Step 4. Create your proftpd user

Just add a user from ‘Users and Groups’ Ubuntu menu.

System > Administration > Users and Groups then just click Add user.

or you can do this job through linux console

taufanlubis@zyrex:/home$ sudo useradd userftp -p 123456 -d /home/ftp_shared

 

Step 5. Configuring proftpd server

The final preparation is configure your proftpd server.

The proftpd configuration file is located at /etc/proftpd/proftpd.conf.

taufanlubis@zyrex:~$ cd /etc/proftpd/

taufanlubis@zyrex:/etc/proftpd$ ls -l

total 12

-rw-r–r– 1 root root 738 2007-10-08 07:20 modules.conf

-rw-r–r– 1 root root 4491 2007-10-08 07:20 proftpd.conf

taufanlubis@zyrex:/etc/proftpd$

Create a backup file

Always create a back before you change any configuration files.

taufanlubis@zyrex:/etc/proftpd$ sudo cp proftpd.conf proftpd.conf.original

taufanlubis@zyrex:/etc/proftpd$ ls -l

total 20

-rw-r–r– 1 root root 738 2007-10-08 07:20 modules.conf

-rw-r–r– 1 root root 4491 2007-10-08 07:20 proftpd.conf

-rw-r–r– 1 root root 4491 2007-10-09 04:26 proftpd.conf.original

taufanlubis@zyrex:/etc/proftpd$

 

Edit proftpd configuration file

Replace the content with our new configuration data.

taufanlubis@zyrex:/etc/proftpd$ sudo gedit proftpd.conf

Include /etc/proftpd/modules.conf

 

# ———————————————–

UseIPv6 off

ServerName “UbuntuFtp”

ServerType standalone

DeferWelcome on

 

MultilineRFC2228 on

DefaultServer on

ShowSymlinks off

 

TimeoutNoTransfer 600

TimeoutStalled 600

TimeoutIdle 1200

 

DisplayLogin welcome.msg

DisplayFirstChdir .message

ListOptions “-l”

 

RequireValidShell off

Timeoutlogin 20

RootLogin off

DenyFilter \*.*/

 

# ———————————————–

#Port 21 is the standard FTP port, just change

#to another port for security reason

Port 2007

 

MaxInstances 9

User userftp

Group nogroup

Umask 022 022

 

MaxClients 8

MaxClientsPerHost 8

MaxClientsPerUser 8

MaxHostsPerUser 8

 

AllowOverwrite on

PersistentPasswd off

 

UseSendFile off

 

#Display a message after login

AccessGrantMsg “Welcome to Ubuntu ftp Server!!!”

 

ServerIdent on “you’re at home”

DefaultRoot /home/ftp_shared

 

MaxLoginAttempts 5

 

#Create your log file

ExtendedLog /var/log/ftp.log

TransferLog /var/log/proftpd/xferlog

SystemLog /var/log/proftpd/proftpd.log

 

# ———————————————–

<Limit LOGIN>

AllowUser userftp

Deny All

</Limit>

 

<Directory /home/ftp_shared>

Umask 022 022

AllowOverwrite off

<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>

DenyAll

</Limit>

</Directory>

 

<Directory /home/ftp_shared/download/*>

Umask 022 022

AllowOverwrite off

<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>

DenyAll

</Limit>

</Directory>

 

<Directory /home/ftp_shared/upload/>

Umask 022 022

AllowOverwrite on

<Limit READ RMD DELE>

DenyAll

</Limit>

</Directory>

# ———————————————–

Save the edited file and restart the FTP server.

taufanlubis@zyrex:~$ cd /etc/init.d/

taufanlubis@zyrex:/etc/init.d$ sudo ./proftpd start

* Starting ftp server proftpd [ OK ]

 

or

 

taufanlubis@zyrex:~$ sudo /etc/init.d/proftpd start

* Starting ftp server proftpd [ OK ]

taufanlubis@zyrex:~$

 

Now, you have your own ftp server already.
You can test it using FileZilla or Firefox (any web browsers).

Access ftp server using FileZilla
Enter Host: 192.168.0.2 (my ip address), username: userftp, password: 123456, port: 2007

Access ftp using FileZilla

Access ftp server using Firefox

Type: ftp://192.168.0.2:2007 in your firefox Url box.
Enter user name: userftp

Enter password: 123456
Access ftp using Firefox

loginftp2.png

Read Full Post »

Older Posts »

Follow

Get every new post delivered to your Inbox.

Join 75 other followers