ServerBuddies Support Blog

How to Configure Samba

What is Samba?

Samba allows Linux boxes to share files and printers across a network connection by using the protocol SMB.

Installing Samba

You can get RPM package from http://www.samba.org or http://rpmfind.net. Also, you can install it using the utilities “yum” and “up2date”.

Configuration

Samba configuration file is located at /etc/samba/smb.conf, open this file and edit the following lines according to your requirement.

Let me explain the some important variables in this configuration file.

1. hosts_allow:

It allows only the mentioned IP addresses to share the Samba server. In the same manner, you can deny the IP addresses using the variable “hosts_deny”.

2. Security:

Samba has security modes such as: SHARE, USER, DOMAIN, ADS, and SERVER.

i) USER - In this mode, the client will send a session setup request directly following protocol negotiation. This request provides a username and password.

ii) SHARE - In Share Level security, the client authenticates itself separately for each share. It sends a password along with each tree connection (share mount).

The client expects a password to be associated with each share, independent of the user.

iii) DOMAIN - When Samba is operating in this mode, the Samba server has a domain security trust account (a machine account) and causes all authentication requests to be passed through to the Domain Controllers.

This method involves addition of the following parameters in the smb.conf file:

iv) ADS - Active Directory in native mode perfectly allows NT4-style Domain Members.

v) SERVER - In this mode, the Samba server takes the username/password that the client sends and attempts to login to the ‘password server’ by sending exactly the same username/password. If that server is in User Level Security and accepts the password, then Samba accepts the client’s connection. This allows the Samba server to use another SMB server as the password server.

This method involves the additions of the following parameters in the smb.conf file:

3. Encrypt Passwords:

By default, Samba uses plain text passwords to authenticate clients who access network resources and Microsoft SMB Protocol originally used plain text passwords. However, Windows NT 4.0 with Service Pack 3 or higher, Windows 98, Windows 2000, Windows ME, and Windows XP require encrypted Samba passwords.

So this option must be enabled if the clients are connecting from a Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transferred between the server and the client in an encrypted format instead of in as a plain-text word that can be intercepted.

To configure Samba to use encrypted passwords, follow these steps:

i) Create a separate password file for Samba. To create from existing /etc/passwd file, at a shell prompt, type the following command:

The mksmbpasswd.sh script is installed in your /usr/bin directory with the samba package.

ii) Change the permissions of the Samba password file so that only root has read and write permissions:

iii) To set each Samba user’s password, use the following command.

4. smb passwd file:

Refer 3i).

5. valid users:

The “valid users” directive specifies the users to which samba access is allowed.

5. browseable:

This directive specifies whether the users have the access to browse or not. If it is ‘yes’, then the users can browse.

6. writable:

This directive specifies that the users have write access, if it is “yes.

7. public:

It specifies the public access.

Once you configured this file correctly, start Samba service in Linux machine.

Client side configuration:

1. Windows explorer >> Tools >> map a network drive
2. select drive letter
3. enter the path (e.g. \\your_server_ip\shares)
4. click connect using different user name
5. enter your samba username and password
6. You can connect to your Linux machine now!

Tags: Configure, Samba

Trackback URI | Comments RSS