Post on 21-Jul-2016
Embed Size (px)
DESCRIPTIONtell us about file server
At the end of this Session, you will be able to understand
NFS (Network File system) Server
FTP (File Transfer Protocol) Server
Summary & References
Samba is a suite of programs that enables UNIX-like operating systems, including Linux, Solaris, FreeBSD, and Mac OS X, to work with other operating systems, such as OS/2 and Windows, as both a server and a client.
As a server, Samba shares Linux files and printers with Windows systems. As a client, Samba gives Linux users access to files on Windows systems. Its ability to share files across operating systems makes Samba an ideal tool in a heterogeneous computing environment.
This chapter starts by providing a list of Samba tools followed by some basic information. The section following that covers how to use swat, a Web-based advanced configuration tool, to set up a Samba server. The final server section discusses how to set up a Samba server by using a text editor to manually edit the files that control Samba.
10.0.1 Samba Utilities & Daemons:
net This utility has the same syntax as the DOS net command and, over time, will eventually replace other Samba utilities such as smbpasswd.nmbd The NetBIOS nameserver program, run as a daemon by default. Provides NetBIOS over IP naming services for Samba clients. Also provides browsing support (as in the Windows Network Neighborhood or My Network Places view).nmblookup Queries the NetBIOS name.pdbedit Maintains Samba user database.smbclient Displays shares on a Samba server such as a Windows machine; uses ftplike commands.smbd The Samba program, run as a daemon by default. Provides file and print services for Samba clients.smbpasswd Changes Windows NT password hashes on Samba and Windows NT servers,smbstatus Displays information about current smbd connections.smbtar Backs up and restores data from Samba servers; similar to tar.smbtree Displays a hierarchical diagram of available shares.
swat Samba Web Administration Tool. A browser-based editor for the smb.conf file.testparm Checks syntax of the smb.conf file.10.0.2 Common Samba Terms
The Samba server normally uses UDP ports 137 and 138 and TCP ports 139 and
445. If the Samba server system is running a firewall, you need to open these ports.
Using iptables open these ports by setting a policy that allows service for Samba.
Under Samba, an exported directory hierarchy is called a share.
MAPPING A SHARE
The Samba term mapping a share is equivalent to the Linux term mounting a directory hierarchy.
The name Samba is derived from SMB, the protocol that is the native method of file and printer sharing for Windows.
You must set up a root password to use swat to change the Samba configuration.
10.0.3 Samba Users, User Maps, and Passwords
For a Windows user to access Samba services on a Linux system, the user must provide a Windows username and a Samba password. In some cases, Windows supplies the username and password for you. It is also possible to authenticate using other methods. For example, Samba can use LDAP or PAM instead of the default password file. Refer to the Samba documentation for more information on authentication methods.
The username supplied by Windows must be the same as a Linux username or must map to a Linux username.
You can create a file, typically named /etc/samba/smbusers, to map Windows usernames to Linux usernames.
By default, Samba uses Linux passwords to authenticate users. However, linux
sets passdb backend to tdbsam, causing Samba to use trivial database passwords. Change this parameter to smbpasswd in smb.conf to cause
Samba to use Linux passwords.
10.1 Setting up a Samba Server
This section describes how to install and configure a Samba server using both the shares-admin utility and the swat browser-based configuration tool.
Install the following packages:
smbfs (the only package needed to mount a Windows share)
swat (optional, but useful)
openbsd-inetd (needed to run swat; installed as a swat dependency)
samba-doc (optional documentation; installed with swat)
samba-doc-pdf (optional; documentation in PDF format)
Smbd Init Script
When you install the samba package, the dpkg postinst script configures Samba to run as a normal daemon (not from inetd), copies all Linux users to the list of Samba users, sets up Samba to use encrypted passwords, and starts the smbd and nmbd daemons. After you configure samba, give the following command to restart the smbd and nmbd daemons:
$ sudo service smbd restart
smbd start/running, process 4662
10.2 Configuring Samba Server using system-config-samba
One of the most asked features for Samba is a graphical user interface to help with configuration and management;there are now several GUI interfaces to Samba available, one of these tools is samba server configuration tool.
"The Samba Server Configuration Tool is a graphical interface for managing Samba shares, users, and basic server settings. It modifies the configuration files in the /etc/samba/ directory. Any changes to these files not made using the application are preserved."
First thing we need to do is to install samba, go to Software center in Ubuntu and search for samba then install the package. If you want to install it via terminal then copy this command :
# apt-get install samba samba-common
Installing Samba Server configuration Tool:
Now install the graphical interface System-config samba
# apt-get install system-config-samba
Now we will try for example to share the directory /home/shared.
First open GUI sambaserver configuration tool by going to Applications--> Administration-->Samba or at the terminal type: # system-config-samba
You will get a dialogue box similar to this; Now over here we have to add thefolder we want to share and setup the permissions access.
First create a folder and provide the permissions to the folder. Now share it using the Sharing Options available from right click menu on the folder.
Now Click on the + tab to add a new share. When you will click on this tab you will get a screen as this;
The window consists of Basic and Access Tab. Now on the basic tab click on the browse button and select the directory to share. Then provide it with a share name and description. Remember to click on the writeable and visible button to grant the access.
Now it comes to the security of the file server. There are basically two modes in SAMBA File Server; Anonymous and Authenticated.
First let us discuss the anonymous mode for accessing the file server.
Now when you go on access tab and Select the Allow access to everyone tab, then your file server becomes anonymous and will entertain all the connections.
Now let us consider using a secured file server which gives a prompt for a username and password, suing the authenticated mode.
Now for securing the server we select Only allow access to specific users tab.
Now under this tab there are the system users listed, select the user you want to grant the acces to, in this case I have selected sedulity. Click Ok tab to proceed.
Now the next step is to provide the user a password for authentication. First click on the Preferences > Samba Users. Select the suer you want to authenticate. At this stage you will get a tab similar to this;
Now click on the Edit User icon to proceed.
Provide the username and password you want to give for authentication.
Now we are done let us try to access the share:
In this when you try to open the share you will make use of ;
Here all the folders shared will be listed. However, when you will try to open the share you will get a username and password prompt.
Now when your authentication will match with the samba username and password you will get the share.
10.3 SWAT (SAMBA WEB ADMINISTRATION TOOL)
The swat (Samba Web Administration Tool, swat package) utility is a browser-based graphical editor for the /etc/samba/smb.conf file. For each of the configurable parameters, it provides Help links, default values, and a text box to change the value. The swat utility is a well-designed tool in that it remains true to the lines in the smb.conf file you edit: You can use and learn from swat, so that, if you want to use a text editor to modify smb.conf, the transition will be straightforward. The swat utility is run from inetd (openbsd-inetd package). When you install the swat package, it installs openbsd-inetd as a dependency and places the following line in /etc/inetd.conf:
swat stream tcp nowait.400 root /usr/sbin/tcpd /usr/sbin/swat
This line enables swat when xinetd is running. If necessary, give the following command to restart inetd so that it rereads its configuration file:#