Samba is an open-source implementation of the Server Message Block (SMB) protocol. It allows Linux to work with the Windows operating system, as both a server and a client. Samba shares Linux files and printers with Windows systems, and also gives Linux users access to files on Windows systems. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does not need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
Several Samba packages are included with most of the Linux distributions:
- samba: Provides an SMB/Common Internet File System (CIFS) server that can be used to provide network services to SMB/CIFS clients
- samba-client: Provides some SMB/CIFS clients to complement the built-in SMB/CIFS file system in Linux. These clients allow access to SMB/CIFS shares and printing to SMB/CIFS printers.
- samba-common: Provides files necessary for both the server and client Samba packages
- samba-winbind: Provides the winbind daemon and client tools. winbind enables Linux membership in Windows domains and the use of Windows user and group accounts
- samba-winbind-clients: Provides the Network Security Services (NSS) library and Pluggable Authentication Modules (PAM) needed to communicate with winbind
Use “yum install [package_name]” to install the packages.
# yum install [package_name]
Samba Daemons and Services
The samba server package includes the following daemons and associated services:
smbd: The server daemon that provides file-sharing and printing services to Windows clients. It is also responsible for user authentication, resource locking, and data sharing through the SMB protocol.
nmbd: The NetBIOS nameserver daemon replies to name-service requests produced by SMB/CIFS in Windows-based systems. It also provides browsing support in the Windows Network Neighborhood view.
These daemons are controlled by their associated services, smb and nmb, for example:
# systemctl start smb # systemctl start nmb
The samba-winbind package includes the winbindd daemon and associated service:
winbindd
: Resolves user and group information on a server running Windows and makes this information understandable by Linux.
This daemon is controlled by the winbind service:
# systemctl start winbind
Samba Server Configuration
The main configuration file for Samba is /etc/samba/smb.conf. This configuration file is divided into sections, each beginning with text surrounded by square brackets. With the exception of the [global] section, each section describes a shared resource, known as a “share“. Typical sections are:
Section | Description |
---|---|
[global] | Defines global parameters |
[homes] | Defines shares in the homes directory |
[printers] | Defines printers |
[share name] | Defines a share |
Parameters within the section define the share attributes. Assuming that the global parameters are configured properly, the following example defines a share that gives any Windows user read-write permissions to the local /tmp directory:
# vi /etc/samba/smb.conf [tmp] comment = Insert a comment here path = /tmp writable = yes guest ok = yes
Refer to the smb.conf
man page for a description of all the parameters that you can set in the configuration file.
# man smb.conf
There are global parameters, security parameters, logging parameters, browser parameters, communication parameters, and share parameters. There are also several graphical user interfaces to configure and manage Samba. A list of these can be found at http://www.samba.org/samba/GUI/.
[homes] Share
Samba provides this share to make it easy for users to share their Linux home directories with a Windows system. The following is an example:
# vi /etc/samba/smb.conf [homes] comment = Insert a comment here browsable = no writable = yes
These settings prevent users other than the owners from browsing home directories while allowing logged-in owners full access.
Starting a Samba Server
To start a Samba server execute the command shown below.
# systemctl start smb
When making configuration changes to the /etc/samba/smb.conf file, issue a restart or reload:
# systemctl restart smb # systemctl reload smb
The reload argument does not stop and start the smb service; it only reloads the configuration file. Use the systemctl command to configure the service to start at boot time. Example:
# systemctl enable smb
Samba Server Types
– Server type is configured in the [global] section of the /etc/samba/smb.conf file. – A stand-alone server can be a workgroup server or a member of a workgroup. – A domain member server logs in to a domain controller and is subject to the domain’s security rules. – A Samba server can be a domain controller in a Windows NT domain but not in an Active Directory domain.
Accessing Linux Shares from Windows
To access a share on a Linux Samba server from Windows, open My Computer or Explorer and enter the host name of the Samba server and the share name in the following format:
\\servername\sharename
If you enter \\servername
, Windows displays the directories that the Linux system is sharing. You can also map a network drive to a share name by using the same syntax.
smbusers File
For a Windows user to access a Samba share on a Linux system, the user must provide a Windows username and a Samba password. The Windows username must be the same as the Linux username or must map to a Linux username. Samba stores these username maps in the /etc/samba/smbusers
file. Users with the same username on Linux and Windows do not need an entry in this file, but they still need a Samba password.
The /etc/samba/smbusers file has two default entries:
root = administrator admin nobody = guest pcguest smbguest
The first entry maps the Linux root user to the administrator and admin users in Windows. The second entry maps the Linux user nobody to three Windows usernames – guest, pcguest, smbguest.
To map the Windows username of john to the Linux username of user01, add the following entry to /etc/samba/smbusers:
# vi /etc/samba/smbusers user01 = john
Samba uses Samba passwords, not Linux passwords, to authenticate users. Add a password for the user01 user with the following command:
# smbpasswd –a user01 New SMB password: Retype new SMB password: Added user oracle.
Accessing Windows Shares from Linux
There are 2 Utilities to query Samba servers:
- findsmb
- smbtree
Use the findsmb
command to query a subnet for Samba servers. The command displays the IP address, NetBIOS name, workgroup, operating system, and version for each server found.
You can also use the smbtree
command, which is a text-based SMB network browser. It displays a hierarchy diagram with all the known domains, the servers in those domains, and the shares on the servers.
The GNOME and KDE desktops provide browser-based file managers to view Windows shares on the network. Enter smb:
in the location bar of the file managers to browse shares.
Use the smbclient
utility to connect to a Windows share from the command line. The format is as follows:
smbclient //[servername]/[sharename] [-U [username]]
The smb:\>
prompt is displayed after successfully logging in. Type help to display a list of commands. Type exit to exit smbclient.
To mount Samba shares, install the cifs-utils package:
# yum install cifs-utils
Use the mount.cifs
command with the following format to mount Samba shares:
# mount.cifs //[servername]/[sharename] /mount-point -o username=[username],password=[password]