Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

How to Use the Linux Samba Server

DZone's Guide to

How to Use the Linux Samba Server

You can use a Linux server to provide file sharing, printing, and other services to other non-native Linux clients such as Microsoft Windows.

· Performance Zone ·
Free Resource

Container Monitoring and Management eBook: Read about the new realities of containerization.

Linux Samba Server is one of the powerful servers that helps you to share files and printers with Windows-based and other operating systems. It is an open-source implementation of the Server Message Block/Common Internet File System (SMB/CIFS) protocols.

This means you can use a Linux server to provide file sharing, printing, and other services to other non-native Linux clients such as Microsoft Windows.

How SMB Works

To understand Linux/Samba/Windows relationship, you need to understand the relationships of the operating systems to their files, printers, users, and networks.

In Linux, the login/password mechanism is radically different from the Windows Active Directory model.

Thus, it’s important for the system administrator to maintain consistency in the logins and passwords across both platforms.

Users may need to work in different environments and may need access to the different platforms for various reasons. So, it is useful to make working in such environments as seamless as possible so that you don't have to worry about users needing to authenticate again.

Relative to Samba, several options are available for handling username and password issues in different environments like:

  • Linux pluggable authentication modules (PAMs). This option allows you to authenticate users against a domain controller (DC). This means you still have two user lists (one local and one on the DC), but your users need to keep track of their passwords only on the Windows system.
  • Samba as a DC. This option allows you to keep all your logins and passwords on the Linux system, while all your Windows boxes authenticate with Samba.
  • Custom script. You can create scripts for maintaining logins and passwords. This can be done using a cross-platform scripting language like Python.

The Samba Server is composed of several components and daemons. The three main daemons are smbd, nmbd, and winbindd.

  • The smbd daemon handles the actual sharing of files and printers. It is also responsible for user authentication and resource-locking issues. This daemon uses port 139 or port 445 to listen for requests.
  • The nmbd daemon is responsible for handling NetBIOS name service requests. It uses port 137 to listen for requests and handles requests from master browsers, domain browsers, and WINS servers (like when you open My Network Places in Windows). With Windows 2000, Microsoft moved to  the DNS naming convention as part of its support for Active Directory to make name services more consistent. You shouldn’t need nmbd anymore unless you intend to allow very old Windows hosts on your network to access your Samba shares.
  • The winbindd daemon can be used to query native Windows servers for user and group information.

Install Samba

To install Linux Samba Server, you need to install three packages.

For Red Hat-based distros, you can install them like this: $ dnf -y install samba.

This package provides an SMB server: $ dnf -y install samba-common-tools.

It also provides files necessary for both the server and client: $ dnf -y install samba-client.

For Debian-based distros, you can install them like this:

$ apt-get -y install samba

$ apt-get -y install samba-common-tools

$ apt-get -y install samba-client

Then, you can start the Samba service and enable at startup:

$ systemctl start smb

$ systemctl enable smb

Samba File Sharing

Of course, you can use web-based or GUI utilities to manage your Linux Samba server. However, it is useful to understand what GUI/web tools are doing in the back-end.

So, we will share a folder named myfolder$ chmod -R 755 myfolder. 

Now, open up the Samba configuration file /etc/samba/smb.conf and add the following lines at the end:

[likegeeks]

path=/home/likegeeks/Desktop/myfolder

public=yes

writable=no

guest ok=yes

The first line is the name that SMB clients will see when they try to browse the shares stored on the Samba server. The second line is the path to the folder that will be shared. The third line means that the share will available to everyone. If set to no, only authenticated and permitted users are allowed. The fourth line means that you cannot create or modify the stored files on the shared folder.

You can check for SMB configuration errors using $ testparm.

Now, restart the SMB service: $ systemctl restart smb.

Access Samba Shared Files

Now we need to access what we’ve shared. The smbclient utility is a command line tool that allows your Linux-based system to act as a Windows client. You can use this utility to connect to other Samba servers or even to actual Microsoft Windows servers.

smbclient can browse other servers, send and retrieve files from them: $ smbclient -L localhost -U%.

Here, we list the shares on the Linux Samba server again without being prompted for a password using the -U% option.

Linux samba server using smbclient

As you can see, our shared folder is on the list.

You can access this shared folder from Windows by just typing the IP address in the windows explorer: \\192.168.1.3\.

The smbclient utility allows you to access files on a Windows server or a Linux Samba server like this: $ smbclient -U% //192.168.1.2/My_Folder.

Once you’ve connected, you can use Linux commands to list and travel between files. You can transfer files using GET, PUT, MGET, and MPUT commands.

If you are using iptables firewall, don’t forget to allow the ports 137, 139, and 445. I recommend that you review my Linux iptables firewall post.

Mounting Samba Shares

Most Linux kernels support the SMB file system. You can mount a Windows share or Samba share onto your local system using the mount command.

First, we create a mount point: $ mkdir /mnt/smb.

Then, we mount the SMB shared folder: $ mount -t cifs -o guest //192.168.1.2/My_Folder /mnt/smb.

If the shared folder is password protected, then you should supply the username and password with: 

$ mount -t cifs username=likegeeks,password=mypassword//192.168.1.2/My_Folder.

To unmount the SMB shared folder, use $ umount /mnt/smb.

On Debian-based distros you might need to install the cifsutils package: $ apt-get -y install cifs-utils.

Creating Samba Users

Here, we will add a sample user that already exists in the /etc/passwd file to the Samba user database.

To create a Samba entry for an existing system user, use $ pdbedit -a likegeeks.

The new user will be created in the Samba default user database in the /var/lib/samba/private/passdb.tdb file.

With a Samba user created, we can make the shares available only to authenticated users, such as the one we just created for the user likegeeks.

If the user likegeeks wants to access a resource on the Linux Samba Server that has been configured strictly for him, this can be done with $ smbclient -U likegeeks -L //192.168.1.3.

If you want to change the SMB user password, use $ smbpasswd likegeeks.

Authenticate Users Using Windows Server

The Samba setup that we’ve seen had its own user database that mapped to Linux users. But what if we want to deploy a Linux Samba Server in an environment with existing Windows servers that are being used to manage all users in the domain, and we don’t want to have to manage a separate user database in Samba?

Here, winbind is introduced. The winbin daemon is used for resolving user accounts information from native Windows servers.

First, install the winbind package: $ dnf -y install samba-winbind.

Next, start the service like this: $ systemctl start winbind.

Then, add the following options in the /etc/samba/smb.conf file:

workgroup = windows-domain

password server = 192.1638.1.5

realm = windows-domain.com

kerberos method = secrets and keytab

winbind nss info = rfc2307

winbind use default domain = yes

winbind enum users = yes

winbind enum groups = yes

winbind refresh tickets = yes

winbind normalize names = yes

domain master = no

local master = no

Edit /etc/nsswitch.conf:

passwd: files winbind

shadow: files winbind

group: files winbind

Edit the /etc/resolv.conf file and change the primary DNS server:

Search windows-domain.com

nameserver 192.168.1.5

Now, join the Linux Samba server to the Windows domain using:

$ net join -w WINDOWS-DOMAIN -s ' win-server' -U Administrator%password

You can list the users in the Windows domain using $ wbinfo -u.

For any problem diagnostics, you can check the samba log files under /var/log/samba/. Use testparm to check your configuration after you modify the Samba configuration file.

That’s all. I hope you find Linux Samba Server easy to use now. Keep coming back!

Take the Chaos Out of Container Monitoring. View the webcast on-demand!

Topics:
linux ,samba ,linux servers ,performance ,tutorial

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}