Chapter 1. Introduction to Samba

David Lechnyr

Unofficial HOWTO

<david@lechnyr.com>

April 14, 2003

Table of Contents

Background
Terminology
Related Projects
SMB Methodology
Epilogue
Miscellaneous

“ -"If you understand what you're doing, you're not learning anything." +Chapter 1. Introduction to Samba

Chapter 1. Introduction to Samba
Prev	Part I. General Installation	Next

Chapter 1. Introduction to Samba

David Lechnyr

Unofficial HOWTO

<david@lechnyr.com>

April 14, 2003

Table of Contents

Background
Terminology
Related Projects
SMB Methodology
Epilogue
Miscellaneous

“ +"If you understand what you're doing, you're not learning anything." -- Anonymous ”

Samba is a file and print server for Windows-based clients using TCP/IP as the underlying @@ -7,7 +7,7 @@ transport protocol. In fact, it can support any SMB/CIFS-enabled client. One of strengths is that you can use it to blend your mix of Windows and Linux machines together without requiring a separate Windows NT/2000/2003 Server. Samba is actively being developed by a global team of about 30 active programmers and was originally developed by Andrew Tridgell. -

Background

Once long ago, there was a buzzword referred to as DCE/RPC. This stood for Distributed Computing Environment/Remote Procedure Calls and conceptually was a good idea. It was originally developed by Apollo/HP as NCA 1.0 (Network Computing Architecture) and only @@ -15,12 +15,12 @@ ran over UDP. When there was a need to run it over TCP so that it would be compa with DECnet 3.0, it was redesigned, submitted to The Open Group, and officially became known as DCE/RPC. Microsoft came along and decided, rather than pay $20 per seat to license this technology, to reimplement DCE/RPC themselves as MSRPC. From this, the -concept continued in the form of SMB (Server Message Block, or the "what") using the -NetBIOS (Network Basic Input/Output System, or the "how") compatibility layer. You can +concept continued in the form of SMB (Server Message Block, or the "what") using the +NetBIOS (Network Basic Input/Output System, or the "how") compatibility layer. You can run SMB (i.e., transport) over several different protocols; many different implementations arose as a result, including NBIPX (NetBIOS over IPX, NwLnkNb, or NWNBLink) and NBT (NetBIOS over TCP/IP, or NetBT). As the years passed, NBT became the most common form -of implementation until the advance of "Direct-Hosted TCP" -- the Microsoft marketing +of implementation until the advance of "Direct-Hosted TCP" -- the Microsoft marketing term for eliminating NetBIOS entirely and running SMB by itself across TCP port 445 only. As of yet, direct-hosted TCP has yet to catch on.

@@ -33,23 +33,23 @@ been dutifully waded through during the information-gathering stages of this pro are *still* many missing pieces... While often tedious, at least the way has been generously littered with occurrences of clapping hand to forehead and muttering 'crikey, what are they thinking? -

Terminology

- SMB: Acronym for "Server Message Block". This is Microsoft's file and printer sharing protocol. +

Terminology

+ SMB: Acronym for "Server Message Block". This is Microsoft's file and printer sharing protocol.
- CIFS: Acronym for "Common Internet File System". Around 1996, Microsoft apparently - decided that SMB needed the word "Internet" in it, so they changed it to CIFS. + CIFS: Acronym for "Common Internet File System". Around 1996, Microsoft apparently + decided that SMB needed the word "Internet" in it, so they changed it to CIFS.
Direct-Hosted: A method of providing file/printer sharing services over port 445/tcp only using DNS for name resolution instead of WINS.
- IPC: Acronym for "Inter-Process Communication". A method to communicate specific + IPC: Acronym for "Inter-Process Communication". A method to communicate specific information between programs.
Marshalling: - A method of serializing (i.e., sequential ordering of) variable data suitable for transmission via a network connection or storing in a file. The source data can be re-created using a similar process called unmarshalling.
- NetBIOS: Acronym for "Network Basic Input/Output System". This is not a protocol; + NetBIOS: Acronym for "Network Basic Input/Output System". This is not a protocol; it is a method of communication across an existing protocol. This is a standard which was originally developed for IBM by Sytek in 1983. To exaggerate the analogy a bit, it can help to think of this in comparison your computer's BIOS -- it controls the @@ -60,15 +60,15 @@ thinking? brilliant people tend to interchange NetBIOS with terms like NetBEUI without a second thought; this will cause no end (and no doubt) of confusion.
- NetBEUI: Acronym for the "NetBIOS Extended User Interface". Unlike NetBIOS, NetBEUI + NetBEUI: Acronym for the "NetBIOS Extended User Interface". Unlike NetBIOS, NetBEUI is a protocol, not a standard. It is also not routable, so traffic on one side of a router will be unable to communicate with the other side. Understanding NetBEUI is not essential to deciphering SMB; however it helps to point out that it is not the same as NetBIOS and to improve your score in trivia at parties. NetBEUI was originally - referred to by Microsoft as "NBF", or "The Windows NT NetBEUI Frame protocol driver". + referred to by Microsoft as "NBF", or "The Windows NT NetBEUI Frame protocol driver". It is not often heard from these days.
- NBT: Acronym for "NetBIOS over TCP"; also known as "NetBT". Allows the continued use + NBT: Acronym for "NetBIOS over TCP"; also known as "NetBT". Allows the continued use of NetBIOS traffic proxied over TCP/IP. As a result, NetBIOS names are made to IP addresses and NetBIOS name types are conceptually equivalent to TCP/IP ports. This is how file and printer sharing are accomplished in Windows 95/98/ME. They @@ -82,8 +82,8 @@ thinking?
W3K: Acronym for Windows 2003 Server

If you plan on getting help, make sure to subscribe to the Samba Mailing List (available at -http://www.samba.org). -

Related Projects

+http://www.samba.org). +

Related Projects

There are currently two network filesystem client projects for Linux that are directly related to Samba: SMBFS and CIFS VFS. These are both available in the Linux kernel itself.

@@ -103,23 +103,23 @@ Again, it's important to note that these are implementations for client filesyst nothing to do with acting as a file and print server for SMB/CIFS clients.
There are other Open Source CIFS client implementations, such as the -jCIFS project +jCIFS project which provides an SMB client toolkit written in Java. -

SMB Methodology

Traditionally, SMB uses UDP port 137 (NetBIOS name service, or netbios-ns), UDP port 138 (NetBIOS datagram service, or netbios-dgm), and TCP port 139 (NetBIOS session service, or netbios-ssn). Anyone looking at their network with a good packet sniffer will be amazed at the amount of traffic generated by just opening up a single file. In general, SMB sessions are established in the following order:

- "TCP Connection" - establish 3-way handshake (connection) to port 139/tcp + "TCP Connection" - establish 3-way handshake (connection) to port 139/tcp or 445/tcp.
- "NetBIOS Session Request" - using the following "Calling Names": The local + "NetBIOS Session Request" - using the following "Calling Names": The local machine's NetBIOS name plus the 16th character 0x00; The server's NetBIOS name plus the 16th character 0x20
- "SMB Negotiate Protocol" - determine the protocol dialect to use, which will + "SMB Negotiate Protocol" - determine the protocol dialect to use, which will be one of the following: PC Network Program 1.0 (Core) - share level security mode only; Microsoft Networks 1.03 (Core Plus) - share level security mode only; Lanman1.0 (LAN Manager 1.0) - uses Challenge/Response @@ -135,9 +135,9 @@ up a single file. In general, SMB sessions are established in the following orde to a service type (e.g., IPC$ named pipe)

A good way to examine this process in depth is to try out -SecurityFriday's SWB program. +SecurityFriday's SWB program. It allows you to walk through the establishment of a SMB/CIFS session step by step. -

Epilogue

“ +

Epilogue

“ What's fundamentally wrong is that nobody ever had any taste when they did it. Microsoft has been very much into making the user interface look good, but internally it's just a complete mess. And even people who program for Microsoft @@ -161,14 +161,14 @@ halts in the middle of something that shouldn't be strange. Normally it works fine and then once in a blue moon for some completely unknown reason, it's dead, and nobody knows why. Not Microsoft, not the experienced user and certainly not the completely clueless user who probably sits there shivering thinking -"What did I do wrong?" when they didn't do anything wrong at all. +"What did I do wrong?" when they didn't do anything wrong at all. ”

“ -That's what's really irritating to me." +That's what's really irritating to me." ”

-- -Linus Torvalds, from an interview with BOOT Magazine, Sept 1998 -

Miscellaneous

+Linus Torvalds, from an interview with BOOT Magazine, Sept 1998 +

Miscellaneous

This chapter is Copyright 2003 David Lechnyr (david at lechnyr dot com). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license is available at http://www.gnu.org/licenses/fdl.txt. -

Prev	Up	Next
Part I. General Installation	Home	Chapter 2. How to Install and Test SAMBA

Prev	Up	Next
Part I. General Installation	Home	Chapter 2. How to Install and Test SAMBA

-- cgit