Part 1 of 2
What is Samba?
Samba is the same like NFS which is used to share files and printers in Linux. Not like NFS, Samba implements SMB (Server Message Block) network protocol so it can be used for windows networking. In Windows and OS/2, they name it CIFS (Common Internet File System).
Future versions of Samba will incorporate Kerberos support for stronger authentication, as well as better integration with existing Windows. NFS is ‘Native’ to Linux, Solaris and Mac OS and much more to ‘Unix’ way of sharing files. If you want to use NFS, use NFS version 3 or better. NFS version 2 or older will have some issues with file sizes.
It can use to replace a very expensive, unstable Windows servers. Samba can replicate nearly all of Windows Server functionally. It appears in the Network Neighborhood like any other Windows machine and function in the same way. And perhaps, some server on your network right now could be running Samba instead of Windows and no want would ever notice.
Why we use Samba?
-
IT’S FREE.
-
The forforming is over Microsoft Windows Server 2000.
-
Reliable. (No malfunctions except if you have problem with the hardware).
-
Relatively easy for administrator.
-
Customizable. (You can set from a simple printer server to complex Windows Domain Contoller).
-
Secure. (No security holes known in current release).
-
Available for many platforms.
-
Integrated into existing network. (Very rare compability problems).
Samba consist of 2 main programs:
-
smbd
a server daemon that provides file sharing and printing services to Windows clients
-
nmbd
a server that understands and can reply to Net BIOS over IP name service requests, like those produced by SMB/CIFS clients such as Windows 95/98/ME, Windows NT, Windows 2000, Windows XP and LanManager clients. It also participates in the browsing protocols which make up the Windows “Network Neighborhood” view.
Other additional program are smbclient, smbpasswd etc.
There 4 main functions of Samba:
– File service (Sharing Folders with Linux or Windows clients.)
– Printer service (Sharing Printers with Linux or Windows clients. Event you can add a PDF pseudo-printer so all the computers in your network may write PDF files.)
– Authentication and Authorization (Act as a domain controller in Windows network.)
– Name resolution
When you don’t need samba?
Access shared folders, drives and printers on Windows computer. Mean you are a client to windows server. You just need a smbfs Plugin.
– Sharing files among Linux, just use NFS service.
– Sharing printer among Linux, just use remote lpd.
– Share you printer on network with Windows computer, just use CUPS.
– Sharing directories between 2 Linux computers, just use NFS or setup a FTP server on one computer and a FTP client to the other computer.
If everything, can be done without Samba then why we still need it?
If you have a Linux server with Windows clients and you want them to go to the Authorization process first before they can access your server directories or printers then you need Samba.
Step 1. Installing Samba Server
taufanlubis@zyrex:~$ sudo apt-get install samba
Reading package lists… Done
Building dependency tree
Reading state information… Done
samba is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
taufanlubis@zyrex:~$
If you have Samba installed already in your system then the message will be same like above.
Step 2. Configuring Samba Server and Restart it
Always make a back up when you change a configuration file.
taufanlubis@zyrex:~$ cd /etc/samba
taufanlubis@zyrex:/etc/samba$ ls -l
total 28
-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands
-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf
-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~
taufanlubis@zyrex:/etc/samba$ sudo cp smb.conf smb.conf.bak
taufanlubis@zyrex:/etc/samba$ ls -l
total 28
-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands
-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf
-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~
-rw-r–r– 1 root root 10533 2007-08-20 06:16 smb.conf.bak
taufanlubis@zyrex:/etc/samba$
Now you have a back up already, then you can continue to change the smb.conf. Delete all content and replace with the configuration below. I create a simple configuration for our practice.
There are few configurations that you can set for Samba:
– Practice 1: Anonymous Read Only File Server (Provide read only directories)
– Practice 2: Anonymous Read Write File Server (Provide read/write directories)
– Practice 3: Restricted File Server (Provide restricted directories)
– Practice 4: Primary Domain Controller (Provide center Authorization and Authentication for directories).
Practice 1. Anonymous Read Only File Server (Provide read only directories)
Before we start, better we create a directory for our shared-directory. In this sample, I will put our directory in home/ directory.
taufanlubis@zyrex:~$ cd /home
taufanlubis@zyrex:/home$ sudo mkdir sharing_data
Change the permission so it can be read, written and deleted from client computers (only ‘group’ can delete files not everybody(other)).
taufanlubis@zyrex:/home$ sudo chmod uog+r sharing_data
You can copy any data into sharing_data directory for practice.
After that, edit samba configuration file, delete the content and replace with our new configuration.
taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf
[Global]
workgroup = UbuntuWorkgroup
netbios name = UbuntuZyrex
server string = UbuntuZyrexServer
security = share
hosts allow = 192.168.0.1/24 127.0.0.1
[sharing_data]
path = /home/sharing_data
comment = Taufan Sharing directory at Ubuntu
public = yes
read only = yes
browseable = yes
Save the file and restart the Samba server.
taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart
* Stopping Samba daemons… [ OK ]
* Starting Samba daemons… [ OK ]
taufanlubis@zyrex:~$
To test our practice, connect to Samba server with any web browser using command ‘smb://192.168.0.2‘ (in Linux). When I open my Samba server from OpenSuse10 using Konqueror (you can use any web browser or file manager), I can see the ‘sharing_data’ directory displayed on the screen. I can browse the directory but when I save a file in it, I get a message says ‘Access Denied. Could not write to smb://192.168.0.2/sharing_data/testingfile.odt‘.
Mean, that our configuration is working.
If you can access your ‘sharing_data’ directory mean you’ve completed our first practice.
This configuration says that you want to share ‘/home/sharing_data’ directory in the network.
It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.
It is read only but browseable.
Only computers in this IP range can open the directory.
Practice 2: Anonymous Read Write File Server (Provide read/write directories)
taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf
[Global]
workgroup = UbuntuWorkgroup
netbios name = UbuntuZyrex
server string = UbuntuZyrexServer
security = share
hosts allow = 192.168.0.1/24 127.0.0.1
[sharing_data]
path = /home/sharing_data
comment = Taufan Sharing directory at Ubuntu
public = yes
read only = no
browseable = yes
This configuration says that you want to share ‘/home/sharing_data’ directory in the network.
It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.
It is writeable and browseable.
Only computers in this IP range can open the directory.
The different with Sample 1 is only change the Read Only in [sharing_data] from ‘yes‘ to ‘no‘.
Save the file and restart the Samba server.
taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart
* Stopping Samba daemons… [ OK ]
* Starting Samba daemons… [ OK ]
taufanlubis@zyrex:~$
If you can save a file in this directory, you’ve completed our second practice.
Practice 3. Anonymous Read Only File Server (Provide read only directories)
Part 1. Create username and password
First you have to create an account for ‘angela’. It will create an ‘amanda/’ directory in ‘home/’ directory.
Add new account using: System > Administration > Users and Groups
Click ‘Add User‘
Fill:
User name: amanda
Real Name: Amanda
User Password: ****** (minimum 6 character, in this practice I put 123456)
Confirm Password: ****** (retype the password)
Click ‘OK‘, then close the screen.
Check the amanda directory.
taufanlubis@zyrex:~$ cd /home
taufanlubis@zyrex:/home$ ls -l
…….
drwxr-xr-x 2 root root 4096 2007-10-22 07:52 amanda
…….
taufanlubis@zyrex:/home$
Copy some files into home/amanda/ for practice.
Part 2. Add the usename into Samba server user List.
Without register to Samba server, amanda will not entitle to access her directory.
taufanlubis@zyrex:~$ sudo smbpasswd -a amanda
[sudo] password for taufanlubis:
New SMB password:
Retype new SMB password:
Added user angela.
taufanlubis@zyrex:~$
Part 3. Edit the Samba configuration file for amanda
[global]
workgroup = UbuntuWorkgroup
netbios name = UbuntuZyrex
server string = UbuntuZyrexServer
hosts allow = 192.168.0.0/24 127.
[sharing_data]
path = /home/taufanlubis/sharing_data/
comment = Taufan Sharing directory at Ubuntu
public = yes
security = share
read only = yes
browseable = yes
[Amanda]
path = /home/amanda/
comment = Angela directory at Ubuntu
public = no
read only = no
browseable = yes
security = user
valid users = amanda
force user = amanda
force group = amanda
If you see the configuration above, I moved the ‘security = share’ from [global] into [sharing_data] and [amanda]. So, each directory will has their own security access level.
Amanda can access her directory after entering her username and password.
Just type: smb://192.168.0.2 and choose amanda diretory
type: smb://amanda@192.168.0.2/Amanda directly on the Konqueror or Firefox textbox location then enter her username and password.
Continue to part 2 ….
ko semua artikelnya pake bahasa kampung saya yak?
jadi pengen pulang kampung…
😀
wah.. artikel bagus nggak ya…
nggak tau tuh…
kok nggak pake bahasa kampung saya aja.
saya kan orang kampung yang mau juga belajar buat sambal ehhh sory, maksudnya samba,
maklum orang kampung, nggak ngerti bahasa bule…
maksih oooommmm
Maklum aja, mas Taufan kan pengen gabung ke komunitas Ubuntu internasional, ya ga mas?
Tapi walaupun bahasanya bule, gpp deh lumayan lah sekalian buat belajar bahasanya bule…….
kata JAMRUD ‘Asal British’
keren neh artikelnya. benar2 jelas dan mudah di implementasikan. 🙂
Dear Sir,
I am greatfull to see your good work on Linux fileserver,but i haven seen how you has given the fileserver the read/write access(means of reading documents from window XP).
Thanks
Bruce
Yes, it’s only me. That’s why I named it ‘My adventure’.