|
|
| (17 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| =={{hide|navbar}}==
| | <hide> |
| [[category:Samba]][[computing]]: [[software]]: [[Samba]] | | [[page type::article]] |
| ==Overview== | | [[thing type::software]] |
| [[Samba]] is a program which allows "[[Network Neighborhood]]"-style communication between Windows and other platforms such as [[Linux]]. It is named after the [[SMB protocol]], which is what Windows uses for "Network Neighborhood" communication. | | [[software type::server]] |
| | | [[category:software]] |
| ==Commands== | | </hide> |
| * '''User commands''' | | ==About== |
| ** [[net (Samba command)|net]]
| | [[Samba]] is open-source server software which allows "[[Network Neighborhood]]"-style communication between [[Microsoft Windows]] and other [[operating system]]s such as [[Linux]]. It is named after the [[SMB protocol]], which is what Windows uses for "Network Neighborhood" communication. |
| ** [[nmblookup]]
| | ==Pages== |
| ** [[smbclient]]
| | * {{l/sub|browser}}: debugging master/domain browser issues |
| ** [[smbpasswd]]
| | * {{l/sub|commands}} for interacting with Samba |
| ** [[testparm]]
| | * {{l/sub|how-to}}: specific things |
| * '''System commands''' (not usually run by the user)
| | * {{l/sub|printing}}: using Samba to serve shared printers |
| ** [[smbd]]: the Samba [[daemon]]
| | * {{l/sub|files}}: what the files mean and where they are kept |
| ** [[nmbd]]: the NetBIOS name servernmbd [[daemon]]
| | ==Errors== |
| | | * [[The list of servers for this workgroup is not currently available]]: a Samba-related error on Windows XP |
| ==Related Articles==
| |
| * [[printing with Samba]]: using Samba to serve shared printers
| |
| * '''files'''
| |
| ** [[smb.conf]]: the Samba configuration file
| |
| ** [[smbusers]]: the Samba users file
| |
| | |
| ==How To==
| |
| ===Debug connection/access issues===
| |
| Samba maintains activity logs in /var/log/samba/. There seem to be two logs, log.nmbd and log.smbd; log.smbd generally has information about connections and access, while log.nmbd has more to to with network-name resolution. The nature of the log files is configurable somewhat through [[smb.conf]] (see '''log level''', among others). Use '''[[tail (command)|tail]] -f /var/log/samba/log.smbd''' (for example) to monitor a logfile in real-time.
| |
| | |
| ===Restart the Samba Server===
| |
| If you have Fedora Core, there's a convenient little "services" application you can use to restart Samba and several dozen other services. For the rest of us, however, there's a command you have to execute from a root terminal.
| |
| | |
| On [[Ubuntu]], and probably other [[Debian]]-based systems:
| |
| [[sudo]] /etc/init.d/samba restart
| |
| On [[SuSE]] 10.0 and [[Fedora Core]] 4:
| |
| [[sudo]] /etc/init.d/smb restart
| |
| | |
| This will ask for a password; type in your password (not root's) unless you have reconfigured your sudo setup. (This assumes you have sudo privileges; if not, [[su]] to get root access and then type the rest of the command without the "sudo".)
| |
| | |
| On [[Red Hat Linux|Red Hat]], I'm told the command would be:
| |
| /sbin/samba restart
| |
| | |
| (Possibly substituting "smb" for "samba"; ls the directory in question to find a list of services.) This is the same general technique used for restarting services, which should itself probably be documented somewhere. (The Samba share configuration GUI program really ought to have a "restart Samba server" button, though, even if it does this automatically when you change parameters -- because there is no way to know if it is doing this otherwise.)
| |
| | |
| ===Configure Samba for "guest" logins===
| |
| As most home operating systems are now moving towards requiring users to have login accounts, this is becoming less necessary -- but it is still useful under some circumstances (such as wanting to give access to Win9x machines with the login dialogue bypassed).
| |
| | |
| Configuration for [[smb.conf]]:
| |
| * In the [global] section: | |
| guest account = <u>guestuser</u>
| |
| guest ok = yes
| |
| security = share
| |
| | |
| ...where <u>guestuser</u> should be a standard Linux user (typically "sambaguest") who has the necessary permissions on the target system for whatever sort of access you want to grant through the share. If the user doesn't have the correct permissions, client machines will probably be able to see the share but not to access anything inside it. Check /var/log/samba/ for log files which may help trace problems (the actual log filespecs are defined by the "log file =" parameter in [[smb.conf]]).
| |
| | |
| The following settings '''have not been tested successfully''' and aren't actually necessary, but can apparently be helpful if there are permissions conflicts (e.g. files created by <u>guestuser</u> can't be written or deleted by anyone else):
| |
| | |
| force group = <u>browsegroup</u>
| |
| force create mode = 0060
| |
| create mask = 0775
| |
| | |
| ...where <u>browsegroup</u> is the groupname for users who should have access to shared stuff; I usually use "lanusers". "force group" may be unnecessary if <u>guestuser</u> is created as a member of <u>browsegroup</u> instead of its own private group:
| |
| | |
| {{linuxcmd|sudo}} {{linuxcmd|adduser}} --ingroup <u>browsegroup</u> --no-create-home <u>guestuser</u>
| |
| | |
| After editing and saving smb.conf. restart the Samba daemon for changes to take effect. ''Note for the future: it may actually be a better idea to leave off the --no-create-home option, because the <u>guestuser</u>'s home directory actually makes a very sensible place for folders to be shared from.''
| |
| | |
| '''A bit of explanation''': The "guest account" setting is the filesystem user which the Samba server uses for accessing files on its host system, regardless of what username is sent by remote systems. Files created on the Samba server using a "guest" connection will be owned by <u>guestuser</u> and <u>guestuser</u>'s primary group. If the "force group" setting is used, then the group ownership for those files will instead be <u>browsegroup</u>.
| |
| | |
| The actual names for <u>guestuser</u> and <u>browsegroup</u> are arbitrary; "sambaguest" and "lanusers" seem to work fine.
| |
| | |
| ===Automatic resolution of Network Neighborhood names=== | |
| Some explanation, for technical purists:
| |
| * '''Problem''': How can we add [[Network Neighborhood]] machine names to the search space used by [[Linux]]'s [[domain name resolver]]? | |
| * '''Justification''': This is needed so that commands which accept a domain name as input (e.g. ftp, ssh, mysql) can accept a machine name instead, removing the necessity to manually look up the machine's IP address. For example, I should be able to type '''ssh <u>machinename</u>''' instead of having to first look up <u>machinename</u>'s IP address via other methods, and then paste or retype that address (both methods prone to error) after the ssh command.
| |
| | |
| '''Note''': Under some circumstances, Samba appears to set itself up this way automatically, but results have been inconsistent.
| |
| | |
| I researched this extensively for many months and found many hideously complicated or otherwise inadequate solutions. It turns out, however, that there is quite a simple solution (which is probably trivially obvious to anyone with a solid understanding of how Linux networking is structured, and hence not worth mentioning):
| |
| * install [[winbind]] (usually available in standard repositories; Ubuntu 6.06 and 6.10 have it)
| |
| * edit /etc/[[nsswitch.conf]]
| |
| ** change the "hosts" line to include "wins" before "dns" (see the [[nsswitch.conf|examples]])
| |
| | |
| This tells Linux's [[domain name resolver]] to check [[WINS]] before it checks [[DNS]] when resolving domain names. No further action should be required (you don't even have to restart the networking daemon); test the change by trying to ping a local machine by name.
| |
| ====related useful information====
| |
| The command '''{{linuxcmd|nmblookup}} <u>machinename</u>''' returns an IP address, as will '''{{linuxcmd|net}} lookup <u>machinename</u>'''. nmblookup apparently sends out a broadcast request ("anyone here named <u>machinename</u>?"), while net lookup checks a central list (presumably on the Samba master browser).
| |
| | |
| ====explanations====
| |
| [[WINS]] is a method of [[domain name resolution]], as is [[DNS]]. [[WINS]] (a protocol) originally used [[NetBIOS]] (another, lower-level protocol), but more recently has switched to using [[TCP]].
| |
| | |
| ==Reference==
| |
| *[[Wikipedia:Samba software]]
| |
| *[[Wikipedia:Server Message Block]]: SMB protocol
| |
| ==Links== | | ==Links== |
| * [http://searchopensource.techtarget.com/tip/1,289483,sid39_gci1138772,00.html Managing Samba: Choose your weapon -- Windows network ID basics]: seems to cover some useful concepts | | ===Official=== |
| | * [http://samba.org official site] |
| | ===Reference=== |
| | * '''Wikipedia''': |
| | ** {{l/wp|Samba software}} |
| | ** {{l/wp|Server Message Block}}: the SMB protocol |
| | ===Articles=== |
| | * '''1999-11''' [http://www.oreilly.com/catalog/samba/chapter/book/ch03_01.html Chapter 3: Configuring Windows Clients] from the book ''Using Samba'' by Robert Eckstein, David Collier-Brown, Peter Kelly (this shows how to set up [[Win9x]] machines for non-anonymous connection to Samba) |
| | * [http://searchopensource.techtarget.com/tip/1,289483,sid39_gci1138772,00.html Managing Samba: Choose your weapon – Windows network ID basics]: seems to cover some useful concepts |
