1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>How to Install and Test SAMBA</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="PREVIOUS"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="NEXT"
TITLE="Quick Cross Subnet Browsing / Cross Workgroup Browsing guide"
HREF="browsing-quick.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="introduction.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="browsing-quick.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="INSTALL"
></A
>Chapter 1. How to Install and Test SAMBA</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN65"
>1.1. Obtaining and installing samba</A
></H1
><P
>Binary packages of samba are included in almost any Linux or
Unix distribution. There are also some packages available at
<A
HREF="http://samba.org/"
TARGET="_top"
>the samba homepage</A
>
</P
><P
>If you need to compile samba from source, check the
appropriate appendix chapter.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN70"
>1.2. Configuring samba</A
></H1
><P
>Samba's configuration is stored in the smb.conf file,
that usually resides in <TT
CLASS="FILENAME"
>/etc/samba/smb.conf</TT
>
or <TT
CLASS="FILENAME"
>/usr/local/samba/lib/smb.conf</TT
>. You can either
edit this file yourself or do it using one of the many graphical
tools that are available, such as the web-based interface swat, that
is included with samba.</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN75"
>1.2.1. Editing the smb.conf file</A
></H2
><P
>There are sample configuration files in the examples
subdirectory in the distribution. I suggest you read them
carefully so you can see how the options go together in
practice. See the man page for all the options.</P
><P
>The simplest useful configuration file would be
something like this:</P
><P
><PRE
CLASS="PROGRAMLISTING"
> [global]
workgroup = MYGROUP
[homes]
guest ok = no
read only = no
</PRE
></P
><P
>which would allow connections by anyone with an
account on the server, using either their login name or
"homes" as the service name. (Note that I also set the
workgroup that Samba is part of. See BROWSING.txt for details)</P
><P
>Note that <B
CLASS="COMMAND"
>make install</B
> will not install
a <TT
CLASS="FILENAME"
>smb.conf</TT
> file. You need to create it
yourself. </P
><P
>Make sure you put the smb.conf file in the same place
you specified in the<TT
CLASS="FILENAME"
>Makefile</TT
> (the default is to
look for it in <TT
CLASS="FILENAME"
>/usr/local/samba/lib/</TT
>).</P
><P
>For more information about security settings for the
[homes] share please refer to the document UNIX_SECURITY.txt.</P
><DIV
CLASS="SECT3"
><H3
CLASS="SECT3"
><A
NAME="AEN89"
>1.2.1.1. Test your config file with
<B
CLASS="COMMAND"
>testparm</B
></A
></H3
><P
>It's important that you test the validity of your
<TT
CLASS="FILENAME"
>smb.conf</TT
> file using the testparm program.
If testparm runs OK then it will list the loaded services. If
not it will give an error message.</P
><P
>Make sure it runs OK and that the services look
reasonable before proceeding. </P
><P
>Always run testparm again when you change
<TT
CLASS="FILENAME"
>smb.conf</TT
>!</P
></DIV
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN97"
>1.2.2. SWAT</A
></H2
><P
> SWAT is a web-based interface that helps you configure samba.
SWAT might not be available in the samba package on your platform,
but in a seperate package. Please read the swat manpage
on compiling, installing and configuring swat from source.
</P
><P
>To launch SWAT just run your favorite web browser and
point it at "http://localhost:901/". Replace <VAR
CLASS="REPLACEABLE"
>localhost</VAR
> with the name of the computer you are running samba on if you
are running samba on a different computer then your browser.</P
><P
>Note that you can attach to SWAT from any IP connected
machine but connecting from a remote machine leaves your
connection open to password sniffing as passwords will be sent
in the clear over the wire. </P
></DIV
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN103"
>1.3. Try listing the shares available on your
server</A
></H1
><P
><SAMP
CLASS="PROMPT"
>$ </SAMP
><KBD
CLASS="USERINPUT"
>smbclient -L
<VAR
CLASS="REPLACEABLE"
>yourhostname</VAR
></KBD
></P
><P
>You should get back a list of shares available on
your server. If you don't then something is incorrectly setup.
Note that this method can also be used to see what shares
are available on other LanManager clients (such as WfWg).</P
><P
>If you choose user level security then you may find
that Samba requests a password before it will list the shares.
See the <B
CLASS="COMMAND"
>smbclient</B
> man page for details. (you
can force it to list the shares without a password by
adding the option -U% to the command line. This will not work
with non-Samba servers)</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN112"
>1.4. Try connecting with the unix client</A
></H1
><P
><SAMP
CLASS="PROMPT"
>$ </SAMP
><KBD
CLASS="USERINPUT"
>smbclient <VAR
CLASS="REPLACEABLE"
> //yourhostname/aservice</VAR
></KBD
></P
><P
>Typically the <VAR
CLASS="REPLACEABLE"
>yourhostname</VAR
>
would be the name of the host where you installed <B
CLASS="COMMAND"
> smbd</B
>. The <VAR
CLASS="REPLACEABLE"
>aservice</VAR
> is
any service you have defined in the <TT
CLASS="FILENAME"
>smb.conf</TT
>
file. Try your user name if you just have a [homes] section
in <TT
CLASS="FILENAME"
>smb.conf</TT
>.</P
><P
>For example if your unix host is bambi and your login
name is fred you would type:</P
><P
><SAMP
CLASS="PROMPT"
>$ </SAMP
><KBD
CLASS="USERINPUT"
>smbclient //bambi/fred
</KBD
></P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN128"
>1.5. Try connecting from a DOS, WfWg, Win9x, WinNT,
Win2k, OS/2, etc... client</A
></H1
><P
>Try mounting disks. eg:</P
><P
><SAMP
CLASS="PROMPT"
>C:\WINDOWS\> </SAMP
><KBD
CLASS="USERINPUT"
>net use d: \\servername\service
</KBD
></P
><P
>Try printing. eg:</P
><P
><SAMP
CLASS="PROMPT"
>C:\WINDOWS\> </SAMP
><KBD
CLASS="USERINPUT"
>net use lpt1:
\\servername\spoolservice</KBD
></P
><P
><SAMP
CLASS="PROMPT"
>C:\WINDOWS\> </SAMP
><KBD
CLASS="USERINPUT"
>print filename
</KBD
></P
><P
>Celebrate, or send me a bug report!</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN142"
>1.6. What If Things Don't Work?</A
></H1
><P
>Then you might read the file HOWTO chapter Diagnosis and the
FAQ. If you are still stuck then try the mailing list or
newsgroup (look in the README for details). Samba has been
successfully installed at thousands of sites worldwide, so maybe
someone else has hit your problem and has overcome it. You could
also use the WWW site to scan back issues of the samba-digest.</P
><P
>When you fix the problem <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>please</I
></SPAN
> send some
updates of the documentation (or source code) to one of
the documentation maintainers or the list.
</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN147"
>1.6.1. Scope IDs</A
></H2
><P
>By default Samba uses a blank scope ID. This means
all your windows boxes must also have a blank scope ID.
If you really want to use a non-blank scope ID then you will
need to use the 'netbios scope' smb.conf option.
All your PCs will need to have the same setting for
this to work. I do not recommend scope IDs.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN150"
>1.6.2. Locking</A
></H2
><P
>One area which sometimes causes trouble is locking.</P
><P
>There are two types of locking which need to be
performed by a SMB server. The first is "record locking"
which allows a client to lock a range of bytes in a open file.
The second is the "deny modes" that are specified when a file
is open.</P
><P
>Record locking semantics under Unix is very
different from record locking under Windows. Versions
of Samba before 2.2 have tried to use the native
fcntl() unix system call to implement proper record
locking between different Samba clients. This can not
be fully correct due to several reasons. The simplest
is the fact that a Windows client is allowed to lock a
byte range up to 2^32 or 2^64, depending on the client
OS. The unix locking only supports byte ranges up to
2^31. So it is not possible to correctly satisfy a
lock request above 2^31. There are many more
differences, too many to be listed here.</P
><P
>Samba 2.2 and above implements record locking
completely independent of the underlying unix
system. If a byte range lock that the client requests
happens to fall into the range 0-2^31, Samba hands
this request down to the Unix system. All other locks
can not be seen by unix anyway.</P
><P
>Strictly a SMB server should check for locks before
every read and write call on a file. Unfortunately with the
way fcntl() works this can be slow and may overstress the
rpc.lockd. It is also almost always unnecessary as clients
are supposed to independently make locking calls before reads
and writes anyway if locking is important to them. By default
Samba only makes locking calls when explicitly asked
to by a client, but if you set "strict locking = yes" then it will
make lock checking calls on every read and write. </P
><P
>You can also disable by range locking completely
using "locking = no". This is useful for those shares that
don't support locking or don't need it (such as cdroms). In
this case Samba fakes the return codes of locking calls to
tell clients that everything is OK.</P
><P
>The second class of locking is the "deny modes". These
are set by an application when it opens a file to determine
what types of access should be allowed simultaneously with
its open. A client may ask for DENY_NONE, DENY_READ, DENY_WRITE
or DENY_ALL. There are also special compatibility modes called
DENY_FCB and DENY_DOS.</P
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="browsing-quick.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>General installation</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Quick Cross Subnet Browsing / Cross Workgroup Browsing guide</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
|