Now quite often in one local network you can find computers running Linux and Windows. The reasons for such symbiosis can be different: for example, the owners of the Internet cafe did not have enough funds to purchase a licensed OS for all computers, or the system administrator simply attracted the positive aspects of Linux. The popularity of Microsoft operating systems is largely determined by client software for Windows. It is no secret that this Software Sector is very developed. Many firms have made serious efforts to this and created really good, and most importantly, convenient to use programs that can easily master the ordinary user. But as a server, the position of Windows is not so unequivocal. The Unix server is traditionally distinguished by reliability, stability in operation, safety, and often smaller requirements for system resources. But in any case, simply by connecting computers with different software platforms to the network, we will not get the expected result. The whole problem is that these two systems are used different principles Network resources, incompatible among themselves.
Since the gravity of Microsoft does not have to wait, and Windows is unlikely to learn to work with the UNIX network file system (NFS) standard means, and third-party programs, to be honest, I do not know, the most popular way is an attempt to teach UNIX "pretending" that it is - Windows NT.

Interaction in the network of computers running Windows built on the use of the protocol SMB (Server Message Block)- Blocks of server messages. It provides all the tasks of opening and closing, reading and writing, searching for files, creating and deleting directories, setting the task for printing and removing it from there. All necessary for this action are implemented in UNIX-like operating systems through the use of the package Samba.. The possibilities can be divided into two categories: the provision of resources (under which it means access to the system of printers and files) for windows customers and access to customer resources. That is, a computer running Linux can act as the role of the server and the client. To begin with, consider the SAMBA server version.

What should Samba provide for normal operation on the Windows Machines? First, access control, which can be implemented either at the resource level (Share Level), when a password is assigned to any resource on the network and the corresponding use rules (for example, read-only), and the username does not have absolutely no value; Or a more advanced and flexible organization at the user level, when for each user is created accountwhere, in addition to the name and password, contains all the necessary information About resource access rights. Before you access the required resource, each user passes authentication, after which it is given rights according to accounts. Secondly, it is necessary to emulate the rights of access defined by the File System. The thing is that the system of access rights in question and the disk catalogs are organized in different ways. In UNIX, there are traditionally three categories of users of files: owner (owner), group (Group)and other. Each of these subjects can be provided reading Rights (READ), recording (WRITE)and execute (execute). In Windows NT, the access system is somewhat flexible, access is provided to multiple groups or users, and the corresponding access rights are determined separately for each entity. Therefore, it is impossible to fully emulate the Samba tools in NTFS.

With clients running Windows 9X.The situation is different. Since the time of the grandfather of Dosa, due to the fact that the system is single-user and about no users and even more groups and could not be speech for file systems FAT. Four attributes are defined - only reading (read only), system (SYSTEM), archive (Archive) and hidden (hidden). Plus, everything in Windows, unlike UNIX, has a special meaning of the file extension - those that are intended for execution have extensions.exe, .com or.bat. When copying files from UNIX machines to computers running Windows, attributes are installed as follows:

only for reading- reading, recording for the owner;

archival - execution for the owner;

systemic - execution for the group;

hidden - execution for the group.

The network of Windows machines can be organized as a working group (workgroup) when computers are independent of each other and each has its own password base and logins with its security policy, as well as the NT domain. The entire base for authentication of users and computers is managed. chief Domain Controller (PDC, PRIMARY DOMAIN CONTROLER). centrally. SAMBA allows you to restrict access at all these levels and performs the functions of the "main browser" in the context of the working group or the domain controller.

With corporate issues dealt with. Let's see now specifically to implement and configure the Samba server in Linux. For the samba server, it is necessary to run two demon: sMBD.providing the operation of the print service and separating files for Samba clients (such as Windows of all stripes), and nMBD.providing NetBIOS name service (it can also be used to request other names of names of names). Protocol is used to access customers TCP / IP.. As a rule, Samba is installed along with the Linux distribution. How to check? Just give the command:

$ WHEREIS SAMBA.

and you must get something like this:

Samba: / usr / samba / samba / etc / samba / samba/share/man/man7/samba.7.gz

If it does not turn out to be in the standard delivery, then welcome to ftp://ftp.samba.org/pub/samba/samba-lateest.tar.gz or practically any server with programs for Linux. The package is easy to install, so not to take places, we assume that it is installed. Now let's check if the demon launched:

$ PS -Aux | Grep SMBD ROOT 1122 0.0 0.6 4440 380? S 16:36 0:00 SMBD -D

I already have, as you can see, running. If you do not have, and you want it to run when loading the system, then in Linux Mandrake, for example, check the item in Drakconf.— start Servicesor in Red Hat Sontrol-Panel— Servise Configuration.This usually happens enough. Or manually run: ./etc/rc.d/init.d/smb Start. The only SAMBA configuration file is called SMB.conf and is usually in the / ETC directory (although Altlinux, for example, it lies in the / etc / samba directory). Samba reads it every 60 seconds, so the changes made to the configuration take effect without rebooting, but do not apply to already established compounds.

That's what I love Linux, it is for the fact that configuration files are conventional text (besides well commented inside), and in order to use most of the parameters, it is enough to solve the corresponding line. File SMB.conf is no exception. It consists of named sections starting with the name of the section concluded in square brackets. Inside each section there is a number of parameters in the form Key \u003d Value. The configuration file contains four special partitions:, and individual resources (Shares). As the name follows, the section contains the most common characteristics that will be used everywhere, but which, however, can then be overridden in sections for individual resources. Some parameters of this partition are related to the configuration of the SAMBA client part.

Typical Settings Section global:

WorkGroup \u003d Name group # Name of the Working Group NetBios Name \u003d Server Network On Server String Network \u003d Comment that is visible in the Guest Ok \u003d YES Viewer Properties window (Guest OK \u003d NO - Guest Login is prohibited) Guest Account \u003d Nobody # Name under which the guest input is allowed in the Security \u003d User # level of access. User - at user level, Security \u003d Share - authentication based on the name and password. When storing the password base on another SMB server, use the values \u200b\u200bof Security \u003d Server and Password Server \u003d Name_Server_NT. If the server is a member of the domain, use the Security \u003d Domain value, the access password is specified in the file defined using the SMB Passwd File \u003d / Path / To / File option.

In addition, when registering can be used encrypted and unencrypted (Plain-Text) Passwords. The latter are used in old Windows (Windows for Workgroups, Windows 95 (OSR2), all versions of Windows NT 3.x, Windows NT 4 (to Service Pack 3)). To enable the encrypted password option, the Encrypt Password \u003d YES option is used. Please pay special attention to this option. In old Linux distributions, which were created in the Windows 95 era (and with more old version Samba) by default password encryption is disabled, and Samba to version 2.0this regime does not support at all (by the way, this option and similar to it - those that do not concern access to specific resources are used in the client).

To properly display the Russian file names, the following options are needed: Client Code Page \u003d 866 and CHARACTER SET \u003d KOI8-R. In distributions with good localization, for example, derivatives from Mandrake and Russians, this line is already there, sometimes it is enough to simply revaluate, but in most others it must be addicted to himself.

The interfaces \u003d 192.168.0.1/24 option indicates which network should work in which network (interface) if the server is connected immediately to several networks. When installing the BIND interfaces only \u003d yes, the server will respond to requests only from these networks.

hosts Allow \u003d 192.168.1. 192.168.2. 127. - Specifies customers for which access to the service is allowed.

In the Global section, it is possible to use various variables for more flexible server operation. After installing the connection, real values \u200b\u200bare substituted instead. For example, in the Log File \u003d /Var/log/samba/%M.LOG directive, the% m parameter helps determine a separate log file for each client machine. Here are the most common variables used in the Global section:

% A - OS architecture on the client machine (possible values \u200b\u200b- Win95, Win NT, Unknown, etc.);

% m - NetBIOS-name of the client's computer;

% L - NetBIOS name SAMBA server;

% V - SAMBA version;

% I - the IP address of the client's computer;

% T - date and time;

% u - the name of the user working with the service;

% H - home directory of user% u.

Also, the Include directive using the above variables is used for a more flexible setting. For example: include \u003d /etc/samba/smb.conf.%M - now when requesting from a computer Sales if there is a /etc/samba/smb.conf.sales file, the configuration will be taken from this file. If a separate file is for some machine, there will be no sharing file to work with it.

There is also an interesting opportunity. create virtual Server . To do this, use the NetBIOS Aliases parameter:

NetBIOS Aliases \u003d Sales Accounting Admin

Now order a samba so that for each virtual server it uses your configuration file:

Include \u003d /etc/samba/smb.conf.%L.

Three servers will be visible in the network browser window: sales, accounting., admin..

Enabling PRESERVE CASE and SHORT PRESERVE CASE parameters cause the server to save all the information you enter, taking into account the symbol register (in Windows, the register does not matter, in all UNIX - on the contrary).

The section allows users to connect to their working catalogs without explicitly described. When requesting the client of its directory // Sambaserver / Sergej, the machine is looking for an appropriate description in the file and if it does not find it, then browsing the presence of this partition. If the section exists, the password file is searched for to search for the user's working directory by sending a request, and when it makes it available to the user.

A typical description of this section looks like this:

Comment \u003d Home Directories # Comment that is visible in the Browseable \u003d NO # network properties window determines whether to output the resource in the view list. Writable \u003d Yes # Allows (no - prohibits) Recording to the Create Mode \u003d 0750 # Home directory of access for newly created files Directory Mode \u003d 0775 # too, but only for directories

After setting up the default settings, you can create network resources, which can be accessed by a specific user or user group. This resource is created from the already existing directory, for this in the file we write:

Comment \u003d Public Stuff Path \u003d / Home / Samba Public \u003d YES Writable \u003d NO Printable \u003d No Write List \u003d Administrator, @salees

The PATH parameter indicates a directory in which the resource is located; PUBLIC parameter indicates whether the guest can use the resource, and Printable is whether this resource can be used. The WRITE LIST parameter allows you to identify users that are allowed to write to a resource, regardless of the Writable value (in this example, this is an Administrator user and the Sales group). It is possible to use and the opposite list - Read List. If there is a need to hide some files, then in UNIX / Linux for this file name must start from the point (Hide Dot Files parameter, which adjusts the display of hidden files, is equal to default yes). In addition, it is possible to set the name templates of hidden files, for which the Hide Files parameter is used. Each pattern begins and ends with a slash symbol (/) and may contain characters used in regular expressions. For example: Hide Files \u003d /*.log/??.tmp/. Such tricks are bypass by Windows users just setting the "Show hidden and system files»Explorer. For confident availability limit (deletion capabilities) File (directory) Use the Veto Files and Delete Veto Files parameters.

With CD drives the situation is somewhat more complicated. The fact is that in UNIX-like systems, the concept of a disk is missing as such, and in order to access the desired device, it should initially be mounted in the directories tree (# Mount -t ISO9660 / DEV / CDROM / MNT / CDROM) , And after use, not to destroy the file system, necessarily unmounted (# umount / dev / cdrom), otherwise the device simply will not give the disk. If you have a demon on the server autofs.The problem is simply solved. In order for a device that is not used for some time, it was automatically unmounted, set the desired Timeout parameter value in the /etc/auto.master file. For example:

/ MNT / AUTO / etc / --timeout \u003d 5

(Such a row is already there, it only needs to be reduced). Then set the parameters for the appropriate device in the /etc/auto.tab file:

Cdrom -fstype \u003d auto, ro: / dev / cdrom

After all, we prescribe the following lines in /etc/smb.conf to make this resource available:

PATH \u003d / MNT / CDROM WRITABLE \u003d NO

The second option is to use the Preexec and Postexec directives, which indicate which commands must be performed when accessing the resource and after disconnecting from it (these parameters can be specified for any resource and even in the Global section, which opens up great opportunities).

PATH \u003d / MNT / CDROM read only \u003d yes root preexec \u003d mount / mnt / cdrom # mount resource has the right only root root postexec \u003d umount / mnt / cdrom # naturally, these mount points should be described in the / etc / fstab file, otherwise You must specify the rest of the data.

Now the CD-ROM is automatically mounted when accessing the resource, and sometimes unmounted. The whole problem is that the decision to close the resource must take the server - customers, as a rule, are not informed about it. But usually it happens because a resource simultaneously uses several users at once or an open file is left on this resource (Device Busy). Therefore, the CD-ROM is not automatically unformed, the only acceptable way to free up the resource is to see using the utility. smbStatus.the process number using this resource and kill it with the # kill PID_Number (or Kill -S Hup Pid_Number) command.

By setting the necessary configuration, now create user accounts (with the exception of guest entry with minimal NOBODY rights). SAMBA user identification uses / etc / samba / smbpasswd, which contains names and encrypted user passwords. Since the encryption mechanism in Windows-machine networks is not compatible with standard UNIX-mechanisms, a separate utility is used to fill the password file - sMBPasswd..

# USERADD -S / BIN / FALSE -D / HOME / SAMBA / SERGEJ -G SALES SERGEJ # SMBPASSWD -A SERGEJ # SMBPASSWD SERGEJ

This example adds a new user. sergej.belonging to the group sales, with a fictitious shell (options / sbin / nologin, / dev / null) and home catalog / home / samba / sergej. Then create a password for the user SergeJ and recent step Turn on the user access, because By default, it is disabled. An interesting point that can sometimes confuse. The fact is that when connected to the computer's Samba-server with Windows NT / 2000, the user is invited to enter, as it should be, login and password, and if a computer is used to access the Windows 9x / Me OS, the user is invited to enter only the password, and Login is formed automatically based on the registration name.

You can also map multiple Windows users to one Linux / Unix user. To do this, the /etc/smbusers.map mapping file is created, in which each mapping is specified by each row:

User_ Linux \u003d user_win1 user_win2 user_winn

In the section, add the Username Map \u003d /etc/smbusers.map string. At the same time, the Windows user must register with the password of the user with which it is compared.

With Samba, you can organize the ability to network printing from Windows running Windows (if a separate print server is planned, then there can be enough machines on the basis of 486-processor).

To do this, in the section you need to record such lines:

Printcap Name \u003d / etc / Printcap # file descriptions connected to the Load Printers \u003d Yes # system indicates the need to automatically turn on the printing list Printing \u003d LPRNG # print system (for Linux can still be used BSD).

PATH \u003d / VAR / SPOOL / SAMBA # Indicates a directory in which the print jobs are placed Browseable \u003d YES Printable \u003d YES Read Only \u003d YES

After creating a file, test it with the utility testParm.. Unfortunately, using this program, you can detect only syntactic errors, and not logical, so there is no warranty that the services described in the file will work correctly (all installations will be displayed when testing, even those that are set by default are attentively reviewing result). But if the program does not swear, you can hope that when starting the file will be downloaded without problems. Correctness printers worklisted in the / etc / printcap file, with the Samba server you can check with the utility testPrns.. Plus Do not forget about.Log files: If there are problems, you can sometimes find a solution.

Now a little about good. SAMBA configuration is a rather complicated procedure, but a WEB-based administration tool is supplied with a distribution. swat.(Samba Web Administration Tool,). Swat starts in the form of a service or using the Apache server and is designed to edit the SMB.conf file, as well as to check the status, start and stop SAMBA demons, change user passwords. To work in the form of service, the file / etc / service must be attended by the SWAT 901 / TCP string, and in the /etc/inetd.conf file - Swat Stream TCP Nowait.400 root / USR / Local / Samba / Bin / Swat SWAT (this is if a network demon is used inetd., as a rule, in old distributions; In modern distributions, a more secure option is used - xinetd.). To use SWAT in the /etc/xiNet.d directory, create a SWAT file of such a content:

Service SWAT (Disable \u003d NO port \u003d 901 socket_type \u003d stream wait \u003d no only_from \u003d 127.0.0.1 # is a string to start only from the local machine user \u003d root server \u003d / usr / sbin / swat log_on_failure + \u003d userid)

Now to start the SWAT in the browser window, enter:

Http: // LocalHost: 901

But before this, be sure to create a user admin.the method described above. And never start the Samba service on behalf root.

After all changes in the file, SMB.conf sometimes need to restart the demon:

SMB: /etc/rc.d/init.d/smb Restart

If after all of the listed actions, it was not possible to organize access to SAMBA resources, such utilities will help in further configuration. ping.(To check the availability of a node on the network), nmblokup.(To query NetBIOS names), or to the extreme case tCPDUMP.. And do not forget about access rights, because I assign directory to the user / GDE / TO / W / Glubine for the user, you will provide him with the opportunity to read (right to execute) and previous directories.

Now let's talk about using the Samba client, because we (Linux users) also want to work with Windows network resources. In order to find out which resources are available, you must enter the / usr / bin / smbclient -l host_name command. The program will request a password, in response to which in most cases it is enough to press ENTER. Now, to connect to the desired resource, enter the computer name and the required resource. For example:

# / usr / bin / smbclient \\\\ alex \\ sound

(Here we try to connect to the SOUND folder on the ALEX computer). As a result, if the command is entered correctly and such a network resource exists, you must receive an invitation to enter the password. Enter it or press Enter if the password is not needed for access. In response, you will receive an invitation to Samba-client: SMB:\u003e. In the future, the work occurs by a set of commands, with which you can produce all the necessary operations for working with files (copying, creating, movement, etc.). For help, enter SMB:\u003e HELP. This mode is somewhat inconvenient, so in most cases the module is used sMBFS.included in samba; But in oldest distributions, the kernel can be collected without SMBFS support, and then it will have to rebuild it. In order to mount the required resource, type something like this:

MOUNT -T SMBFS -O UserName \u003d User, Password \u003d 123456, ocharset \u003d Koi8-R, CodePage \u003d 866 // Alex / Sound / MNT / SOUND.

If you do not specify the username and password, the system itself will ask you. Do not forget that by viewing the ~ home / .bash_history file, you can, by the commands that you gained, find out the password. Another subtlety: if the SmbClient program displays the files with Russian names correctly, the SMBFS module sometimes does not pay absolutely no attention to another encoding, even if you specify it clearly. They say it can be corrected by a patch, but I haven't found it for my red hat yet.

If you want the SMB resource to be mounted automatically when the system is started, add approximately such a line to the / etc / fstab file:

//[Email Protected]/ Sound / MNT / Alex / Sound SMBFS RW, NoAuto 0 0.

In this example, on behalf of the user guest(If the resource supports this user and if this user has access only by password, do not worry: you will certainly ask you) SOUND network resource on the ALEX computer is mounted in the / MNT / Alex / Sound folder with the ability to record this catalog. By the way, the Samba client perfectly sees hidden network resources, i.e. Those who have a network name ends with $.

As you can see, you have to work with the command line, which at the modern user causes a quiet horror. And here the world of OpenSource went to meet him - a lot of utilities created, allowing to work with Samba resources more familiar, pressing the buttons in the graphic shells. SAMI popular programincluded in the Mandrake distribution and derivatives from it, as well as Debian - gnomba.. In any case, it can be found on most servers with software for Linux (on ftp://ftp.altlinux.ru/ saw exactly). This utility allows you to view available network resources () and, if necessary, mounted on the desired directory, and an option of mounting is possible with an indication of the input log and password for those resources that you need. Possible to launch a file manager when mounting (default gMC.), Creating directories for mounted resources, setting the automatic scanning option when you start the program (possibly using the default SMB protocol) and scan by IP addresses (scheduled using WINS protocol). For non-clear reasons in some distributions when scanning with the SMB protocol, network resources were not displayed, so I always use the second method, it acts correctly, you only need to set the range of IP addresses to scan (if you know). In order to display the right Russian file names, do not forget to install Koi8-R fonts in the tab Options\u003e Font Selection, as well as check the strings indicating Cyrillic encoding in the SMB.conf file (see above).

If gnomba can only mount and unmount resources, then the program xsmbrowser.allows you to enter them as in the folder on the local computer (). True, I have not yet been able to force this program to understand the files with Russian names, but there are also positive parties: when this program is working, all teams on mount and various network requests are displayed on the console, which makes it easy to understand them. KDE developers also tried: through Preferences\u003e Informationutility available Samba Status.Displays all connections to / from local computerSimultaneously being a convenient viewing tool .Log files. Similar information represents the utility komba.which can be found at http://linux.tucows.com/ ().

No matter how much I want to tell you more, but the magazine has a magazine - you will not fit all. Next to help you will come omnipresent MAN and Info. Also, all the necessary reference information can be obtained from the SWAT utility, and also in Red Hat 7.3, the book Using Samba has been found Robert "a eckstein" a(English language is bad, completely free - well: / usr / share / swat / using_samba), affordable also from SWAT (). The / usr / Share / Doc / Samba catalog you can find additional documentation, FAQ and examples of configuration files. In various forums, you can find quite controversial opinions about the work of Samba, from extremely negative to complete delight. Personally, I am on the side of this windows emulator NT, In addition, according to the results of tests with the same hardware, the SamBA server shows a capacity of approximately 25-30% higher than a computer running a Microsoft system. Successes.

Now quite often in one local network you can find computers running Linux and Windows. The reasons for such symbiosis can be different: for example, the owners of the Internet cafe did not have enough funds to purchase a licensed OS for all computers, or the system administrator simply attracted the positive aspects of Linux. The popularity of Microsoft operating systems is largely determined by client software for Windows. It is no secret that this Software Sector is very developed. Many firms have made serious efforts to this and created really good, and most importantly, convenient to use programs that can easily master the ordinary user. But as a server, the position of Windows is not so unequivocal. The Unix server is traditionally distinguished by reliability, stability in operation, safety and often smaller system resource requirements. But in any case, simply by connecting computers with different software platforms to the network, we will not get the expected result. The whole problem is that these two systems use different principles of the organization of network resources incompatible with each other.
Since the gravity of Microsoft does not have to wait, and Windows is unlikely to learn to work with the UNIX network file system (NFS) with standard tools, and third-party programs, to be honest, I don't know, the most popular way is the attempt to teach UNIX "pretend" He would be Windows NT.

Interaction in the network of computers running Windows built on the use of the protocol SMB (Server Message Block)- Blocks of server messages. It provides all the tasks of opening and closing, reading and writing, searching for files, creating and deleting directories, setting the task for printing and removing it from there. All necessary for this action are implemented in UNIX-like operating systems through the use of the package Samba.. Its possible can be divided into two categories: the provision of resources (under which it means access to the system of printers and files) for Windows clients and access to customer resources. That is, a computer running Linux can act as the role of the server and the client. To begin with, consider the SAMBA server version.

What should Samba provide for normal operation on the Windows Machines? First, access control, which can be implemented either at the resource level (Share Level), when a password is assigned to any resource on the network and the corresponding use rules (for example, read-only), and the username does not have absolutely no value; Or a more advanced and flexible organization at the User level, when an account is created for each user, where, in addition to the name and password, it contains all the necessary information about the rights to access the resource. Before you access the required resource, each user passes authentication, after which it is given rights according to accounts. Secondly, it is necessary to emulate the rights of access defined by the File System. The thing is that the system of access rights in question and the disk catalogs are organized in different ways. In UNIX, there are traditionally three categories of users of files: owner (owner), group (Group)and other. Each of these subjects can be provided reading Rights (READ), recording (WRITE)and execute (execute). In Windows NT, the access system is somewhat flexible, access is provided to multiple groups or users, and the corresponding access rights are determined separately for each entity. Therefore, it is impossible to fully emulate the Samba tools in NTFS.

With clients running Windows 9X.The situation is different. Since the time of grandfather Dosa, due to the fact that the system is single-user and about any users and even more groups and could not be speech, for the FAT file system, only four attributes are defined - only reading (read only), system (SYSTEM), archive (Archive) and hidden (hidden). Plus, everything in Windows, unlike UNIX, has a special meaning of the file extension - those that are intended for execution have extensions.exe, .com or.bat. When copying files from UNIX machines to computers running Windows, attributes are installed as follows:

only for reading- reading, recording for the owner;

archival - execution for the owner;

systemic - execution for the group;

hidden - execution for the group.

The network of Windows machines can be organized as a working group (workgroup) when computers are independent of each other and each has its own password base and logins with its security policy, as well as the NT domain. The entire base for authentication of users and computers is managed. chief Domain Controller (PDC, PRIMARY DOMAIN CONTROLER). centrally. SAMBA allows you to restrict access at all these levels and performs the functions of the "main browser" in the context of the working group or the domain controller.

With corporate issues dealt with. Let's see now specifically to implement and configure the Samba server in Linux. For the samba server, it is necessary to run two demon: sMBD.providing the operation of the print service and separating files for Samba clients (such as Windows of all stripes), and nMBD.providing NetBIOS name service (it can also be used to request other names of names of names). Protocol is used to access customers TCP / IP.. As a rule, Samba is installed along with the Linux distribution. How to check? Just give the command:

and you must get something like this:

Samba: / usr / samba / samba / etc / samba / samba/share/man/man7/samba.7.gz

If it does not turn out to be in the standard delivery, then welcome to ftp://ftp.samba.org/pub/samba/samba-lateest.tar.gz or practically any server with programs for Linux. The package is easy to install, so not to take places, we assume that it is installed. Now let's check if the demon launched:

$ PS -Aux | Grep SMBD ROOT 1122 0.0 0.6 4440 380? S 16:36 0:00 SMBD -D

I already have, as you can see, running. If you do not have, and you want it to run when loading the system, then in Linux Mandrake, for example, check the item in Drakconf.- start Servicesor in Red Hat Sontrol-Panel- Servise Configuration.This usually happens enough. Or manually run: ./etc/rc.d/init.d/smb Start. The only SAMBA configuration file is called SMB.conf and is usually in the / ETC directory (although Altlinux, for example, it lies in the / etc / samba directory). Samba reads it every 60 seconds, so the changes made to the configuration take effect without rebooting, but do not apply to already established compounds.

That's what I love Linux, it is for the fact that configuration files are conventional text (besides well commented inside), and in order to use most of the parameters, it is enough to solve the corresponding line. File SMB.conf is no exception. It consists of named sections starting with the name of the section concluded in square brackets. Inside each section there is a number of parameters in the form Key \u003d Value. The configuration file contains four special partitions:, and separate resources (Shares). As the name follows, the section contains the most common characteristics that will be used everywhere, but which, however, can then be overridden in sections for individual resources. Some parameters of this partition are related to the configuration of the SAMBA client part.

Typical Settings Section global:

WorkGroup \u003d Name group # Name of the Working Group NetBios Name \u003d Server Network On Server String Network \u003d Comment that is visible in the Guest Ok \u003d YES Viewer Properties window (Guest OK \u003d NO - Guest Login is prohibited) Guest Account \u003d Nobody # Name under which the guest input is allowed in the Security \u003d User # level of access. User - at user level, Security \u003d Share - authentication based on the name and password. When storing the password base on another SMB server, use the values \u200b\u200bof Security \u003d Server and Password Server \u003d Name_Server_NT. If the server is a member of the domain, use the Security \u003d Domain value, the access password is specified in the file defined using the SMB Passwd File \u003d / Path / To / File option.

In addition, when registering can be used encrypted and unencrypted (Plain-Text) Passwords. The latter are used in old Windows (Windows for Workgroups, Windows 95 (OSR2), all versions of Windows NT 3.x, Windows NT 4 (to Service Pack 3)). To enable the encrypted password option, the Encrypt Password \u003d YES option is used. Please pay special attention to this option. In the old Linux distributions, which were created in the Windows 95 era (and with the older version of Samba), the default password encryption is disabled, and Samba to version 2.0this regime does not support at all (by the way, this option and similar to it - those that do not concern access to specific resources are used in the client).

To properly display the Russian file names, the following options are needed: Client Code Page \u003d 866 and CHARACTER SET \u003d KOI8-R. In distributions with good localization, for example, derivatives from Mandrake and Russians, this line is already there, sometimes it is enough to simply revaluate, but in most others it must be addicted to himself.

The interfaces \u003d 192.168.0.1/24 option indicates which network should work in which network (interface) if the server is connected immediately to several networks. When installing the BIND interfaces only \u003d yes, the server will respond to requests only from these networks.

hosts Allow \u003d 192.168.1. 192.168.2. 127. - Specifies customers for which access to the service is allowed.

In the Global section, it is possible to use various variables for more flexible server operation. After installing the connection, real values \u200b\u200bare substituted instead. For example, in the Log File \u003d /Var/log/samba/%M.LOG directive, the% m parameter helps determine a separate log file for each client machine. Here are the most common variables used in the Global section:

% A - OS architecture on the client machine (possible values \u200b\u200b- Win95, Win NT, Unknown, etc.);

% m - NetBIOS-name of the client's computer;

% L - NetBIOS name SAMBA server;

% V - SAMBA version;

% I - the IP address of the client's computer;

% T - date and time;

% u - the name of the user working with the service;

% H - home directory of user% u.

Also, the Include directive using the above variables is used for a more flexible setting. For example: include \u003d /etc/samba/smb.conf.%M - now when requesting from a computer Sales if there is a /etc/samba/smb.conf.sales file, the configuration will be taken from this file. If a separate file is for some machine, there will be no sharing file to work with it.

# sudo vim / etc / samba / sambacreds username \u003d PROFT Password \u003d 1 username \u003d noboy password \u003d

Exhibit access rights 0600

Sudo Chmod 0600 / etc / samba / Sambacreds

New string for mounting

Mount -t Cifs //192.168.24.101/public / Home / ProFt / Shares / Public -o user \u003d PROFT, Credentials \u003d / etc / samba / sambacreds, workgroup \u003d workgroup, ip \u003d 192.168.24.101

And example for / etc / fstab

//192.168.24.101/public / HOME / PROFT / SHARES / PUBLIC CIFS NOAUTO, UserName \u003d PROFT, Credentials \u003d / etc / Samba / Sambacreds, Workgroup \u003d Workgroup, IP \u003d 192.168.24.101 0 0

Open the resource in the Nautilus / NEMO / ETC file manager by this path sMB: //192.268.24.101.

If Nemo writes NEMO CANNOT HANDLE "SMB" LOCATIONS. So lacking package gVFS-SMB..

Access to the server with Windows and Android Customer

Under Windows, find out the working group from the console using

Net Config Workstation

Open Resources On a remote machine, you can typing in the Explorer (Explorer) line or Run (START - RUN) UNC address: \192.168.24.101 .

Under Android can be connected to the server using ES File Explorer., On the Network tab, add the server, simply by IP (without specifying the schema, SMB). After that, it is possible to open shared resources. For statistics: The HDRip film goes without slowing down.

Additional fiction

And maybe just interest and curiosity pushing users to search for various suitable software. SAMBA refers to such software. You need to know how to configure Samba to Ubuntu Server if you wish to make a database or file storage from your computer.

Installing Samba on Ubuntu Server makes it possible to create a database.

If you thought the page is devoted to the study of dance, you are slightly mistaken. Samba - Free Software Disseminated. It implements access to printers and files. And does it on various operating systems.

What is needed for?

In comparison with other software packages, the samba has several advantages and features.

• Allows you to connect a UNIX-like system to each other, i.e. any system on Linux, and Windows. And not only Windows. The program is very "omnivorous": MacOS, Solaris and other OS different degrees of popularity.
• Samba allows Windows users to use computers to Ubuntu as a server. That is, use the files to which access is established, as well as part of the connected devices.
• Supports the NT Domain domain structure, manages NT users, supports participant functions, primary controller.

Probably, for many, the main thing from this is a connection with the machines on Windows. In this case, they act as a client, and the computer on Ubuntu is as a server. On the other hand, Ubuntu user can also access Windows network folders.

Samba has already been made since 1992. And that the main thing, the new versions come out so far. The latter was released on the seventh of March 2017. Every year, developers are trying to establish compatibility with a large number of different versions of operating systems, but the main chip is the connection of Linux systems with Microsoft. In comparison with Windows Server Samba, it may give to it due to the lack of support for the part of the protocols and the infrastructure of the nodes. However, many argue that the speed of samba is much higher.

Customize Samba.

Before configuring directly, the program must be installed. The SAMBA installation is performed in the same way as in the case of other programs - using the command to the terminal:

sudo Apt-Get Install Samba

Immediately note: all actions that will be described, including the installation of the program, can be performed both on a simple Ubuntu and on Ubuntu Server. Only the latter is available exceptionally text interface.

After installation, you should make a configuration file backup:

$ sudo mv /etc/samba/smba/smb.conf.bak

$ sudo vi /etc/samba/smb.conf

Either edit an existing one. This file contains basic samba server settings. To figure out what we will do next, you need to understand what different lines mean.

• Workgroup is a working group. The value of this parameter will also often be a WorkGroup, since the Domain of the Working Group does the default domain look like that.
• NetBIOS Name - Ubuntu computer name, which see windows users . Here you can enter the value to your discretion.
• Security - user authorization mode. The default is user, that is, the user-level authentication. So far, it is better to leave.
• OS Level - Specifies the priority that Samba has over other clients (PC) in the local or Internet network.
• Name Resolve Order - Opelness of the permission of IP addresses on the NetBIOS name.
• Read only - the privilege of reading or record directory. The value may be "Yes" - exclusively reading, "NO" - recording.

Create a user

This is the simplest action from which you can start working with sump.

Add a user in OS itself:

$ USERADD -M -L -S / SBIN / Nologin Username

Create a password for it:

Let us bring our user to the samba base:

$ SMBPASSWD -A UserName

Using the $ SMBPASSWD command, you can perform other different actions:

• $ SMBPASSWD UserName - Password Change
• $ SMBPASSWD -X UserName - User Delete
• $ SMBPASSWD -D UserName - user

The server must be restarted if you make changes to the configuration file. This is done using the team:

$ SystemCTL Restart SMB

This is the basic SAMBA settings. Now you can try to apply the program in practice.

Access to the folder

First, let's try to create a folder, access to which will be opened to all users, even to those who are not authorized in Samba.

Create a folder with which we will then work on two computers:

$ sudo mkdir -p / samba / access

Now we make advanced access for this folder so that any client of our local network can open it:

$ CD / SAMBA
$ sudo chmod -r 0755 Access
$ sudo chown -r nobody: Nogroup Access /

The owner according to the code is Nobody.

Now in the server configuration file you need to make two partitions: the first containing the basic information:

Workgroup \u003d Workgroup
Server String \u003d Samba Server% V
NETBIOS NAME \u003d SRVR1
Security \u003d user.
Map to Guest \u003d Bad User
Name Resolve Order \u003d BCast Host
DNS Proxy \u003d No
#==============
And the second containing data about the Access folder:

Path \u003d / Samba / Access
Browsable \u003d Yes.
Writable \u003d Yes.
Guest Ok \u003d YES
read only \u003d no

Follow the sections with each other in the same order.

Update server change:

$ Sudo Service SMBD Restart

Actions with a computer on Windows

On Windows also requires some actions so that you can easily open a new common folder and edit it.

1. Open the command line. It is advisable to do this with extended rights, i.e. on behalf of the administrator.
2. We execute the command:
3. notePad C: \\ Windows \\ System32 \\ Drivers \\ ETC \\ HOSTS
4. The file in which we enter the following line are open:
5. 168.0.1 srvr1.domain.com SRVR1
   Thanks to her, the folder will become available.
6. You can open it using the "Run" string. Click Win + R, enter: After that, we will open the folder.

Closed folder

The configured Samba server can also be used to create network folders with limited access. Such a folder also need to first create, and then add to the SAMBA configuration.

We make a folder called "Closed":

$ sudo mkdir -p / samba / allaccess / closed

We make a special group that can have access to this folder:

$ sudo addgroup securedgroup

Create special rights for different groups:

$ CD / SAMBA / Access
$ sudo chown -r richard: secredgroup closed
$ sudo chmod -r 0770 closed /

Also, as in the case of an open folder, add information to the configuration:

PATH \u003d / SAMBA / Access / Closed
Valid Users \u003d @SecuredGroup
Guest OK \u003d NO
Writable \u003d Yes.
Browsable \u003d Yes.

Restart the server.

How can I understand, we made the folder closed inside Access. Thus, Access can open each user of a local network, but to watch and edit closed, you need to have special rights.

To make sure that everything works exactly as we asked in the command file, you can perform a few simple actions.