SAMBA service. Creating a home network using Samba for Windows devices, Linux, Android. Setting up common resources
And maybe just interest and curiosity pushing users to search for various suitable software. SAMBA refers to such software. You need to know how to configure Samba on Ubuntu ServerIf you want to make a database or file storage from your computer.
Installing Samba on Ubuntu Server makes it possible to create a database.
If you thought the page is devoted to the study of dance, you are slightly mistaken. Samba - Free Software Disseminated. It implements access to printers and files. And does it on different operating systems.
What is needed for?
In comparison with other software packages, the samba has several advantages and features.
- Allows you to connect a UNIX-like system to each other, i.e. any system on Linux, and Windows. And not only Windows. The program is very "omnivorous": MacOS, Solaris and other OS different degrees of popularity.
- Samba allows Windows users to use computers to Ubuntu as a server. That is, use the files to which access is established, as well as part of the connected devices.
- Supports the NT Domain domain structure, manages NT users, supports participant functions, primary controller.
Probably, for many, the main thing from this is a connection with the machines on Windows. In this case, they act as a client, and the computer on Ubuntu is as a server. On the other hand, Ubuntu user can also access Windows network folders.
Samba has already been made since 1992. And that the main thing, the new versions come out so far. The latter was released on the seventh of March 2017. Every year, developers are trying to establish compatibility with a large number of different versions of operating systems, but the main chip is the connection of Linux systems with Microsoft. In comparison with Windows Server Samba, it may give to it due to the lack of support for the part of the protocols and the infrastructure of the nodes. However, many argue that the speed of samba is much higher.
Customize Samba.
Before configuring directly, the program must be installed. The SAMBA installation is performed in the same way as in the case of other programs - using the command to the terminal:
sudo Apt-Get Install Samba
Immediately note: all actions that will be described, including the installation of the program, can be performed both on a simple Ubuntu and on Ubuntu Server. Only the latter is available exceptionally text interface.
After installation, you should make a configuration file backup:
$ sudo mv /etc/samba/smba/smb.conf.bak
$ sudo vi /etc/samba/smb.conf
Either edit an existing one. This file contains basic samba server settings. To figure out what we will do next, you need to understand what different lines mean.
- Workgroup is a working group. The value of this parameter will also often be a WorkGroup, since the Domain of the Working Group does the default domain look like that.
- NetBIOS Name - Name computer Ubuntu.which see Windows users. Here you can enter the value to your discretion.
- Security - user authorization mode. The default is user, that is, the user-level authentication. So far, it is better to leave.
- OS Level - Specifies the priority that Samba has over other clients (PC) in the local or Internet network.
- Name Resolve Order - Opelness of the permission of IP addresses on the NetBIOS name.
- Read only - the privilege of reading or record directory. The value may be "Yes" - exclusively reading, "NO" - recording.
Create a user
This is the simplest action from which you can start working with sump.
Add a user in OS itself:
$ USERADD -M -L -S / SBIN / Nologin Username
Create a password for it:
Let us bring our user to the samba base:
$ SMBPASSWD -A UserName
Using the $ SMBPASSWD command, you can perform other different actions:
- $ SMBPASSWD UserName - Password Change
- $ SMBPASSWD -X UserName - User Delete
- $ SMBPASSWD -D UserName - user
The server must be restarted if you make changes to configuration file.. This is done using the team:
$ SystemCTL Restart SMB
it basic settings Samba. Now you can try to apply the program in practice.
Access to the folder
First, let's try to create a folder, access to which will be opened to all users, even to those who are not authorized in Samba.
Create a folder with which we will then work on two computers:
$ sudo mkdir -p / samba / access
Now we make advanced access for this folder so that any customer of our local network:
$ CD / SAMBA
$ sudo chmod -r 0755 Access
$ sudo chown -r nobody: Nogroup Access /
The owner according to the code is Nobody.
Now in the server configuration file you need to make two partitions: the first containing the basic information:
workgroup \u003d Workgroup
server String \u003d Samba Server% V
nETBIOS NAME \u003d SRVR1
security \u003d user.
map to Guest \u003d Bad User
name Resolve Order \u003d BCast Host
dNS Proxy \u003d No
#==============
And the second containing data about the Access folder:
path \u003d / Samba / Access
browsable \u003d Yes.
writable \u003d Yes.
guest Ok \u003d YES
read only \u003d no
Follow the sections with each other in the same order.
Update server change:
$ Sudo Service SMBD Restart
Actions with a computer on Windows
On Windows also requires some actions so that you can easily open a new general folder And edit it.
- Open the command line. It is advisable to do this with extended rights, i.e. on behalf of the administrator.
- We execute the command:
- notePad C: \\ Windows \\ System32 \\ Drivers \\ ETC \\ HOSTS
- The file in which we enter the following line are open:
- 168.0.1 srvr1.domain.com SRVR1
Thanks to her, the folder will become available. - You can open it using the "Run" string. Click Win + R, enter: After that, we will open the folder.
Closed folder
SAMBA configured server can also be used to create network folders from limited access. Such a folder also need to first create, and then add to the SAMBA configuration.
We make a folder called "Closed":
$ sudo mkdir -p / samba / allaccess / closed
We make a special group that can have access to this folder:
$ sudo addgroup securedgroup
Create special rights for different groups:
$ CD / SAMBA / Access
$ sudo chown -r richard: secredgroup closed
$ sudo chmod -r 0770 closed /
Also, as in the case of an open folder, add information to the configuration:
pATH \u003d / SAMBA / Access / Closed
valid Users \u003d @SecuredGroup
guest OK \u003d NO
writable \u003d Yes.
browsable \u003d Yes.
Restart the server.
How can I understand, we made the folder closed inside Access. Thus, Access can open each user of a local network, but to watch and edit closed, you need to have special rights.
To make sure that everything works exactly as we asked in the command file, you can perform a few simple actions.
Create a user and add it to our closed group:
$ sudo usermod -a -g SecureDGroup Winston
Our name is your name, like a pack of cigarettes (or British Prime Minister).
We do for Winston Password:
$ Sudo Smbpasswd -a Winston
After that, we will be offered to enter a new password to go on a newly created account. Do not forget to reboot after that. Now you know how to configure the server through Sambu in Ubuntu.
Of course, Samba's capabilities are not exhausted only by creating simple folders. But these simple instructions And examples show what can be done using this program. It will be the first step towards understanding the essence of server PCs and their control.
Sometimes you need to configure the file ball very quickly on the server and open access to it. There is no need to make any complex configurations, access rights or something else. Just need operational access to information without any questions.
I, for example, recently, it took to open access to backups that were stored on the server. I did not want to understand myself and look for information, it was necessary to quickly give a person access to reading so that he himself found everything he needs.
I will not specifically operate with versions of operating systems. Samba configs the same almost everywhere where I had to work with them, especially in the simplest configurations.
So, set the samba by any suitable way for your operating system. Configurations are valid for the 3rd version of the Samba. Further we decide what we need:
- access to user and password,
- access by IP address,
- access to everyone in a row without restrictions.
Depending on this setting will be slightly different.
For password access We draw such a config:
Security \u003d User Passdb backend \u003d TDBSAM Workgroup \u003d MyGroup Server String \u003d Samba Path \u003d / MNT / Shara Valid Users \u003d @users force Group \u003d Users Create Mask \u003d 0660 Directory Mask \u003d 0771 Writable \u003d YES browseable \u003d yes
# USERADD Share-User -m -g Users -S / Sbin / Nologin
Importing this user to the samba and ask the password:
# SMBPASSWD -A Share-User
And try to go to the ball at:
\\\\ IP Server \\ Share
To organize access depending on the IP address, Make such settings in SMB.conf:
Security \u003d Share Workgroup \u003d MyGroup Server String \u003d Samba Map To Guest \u003d Bad User Path \u003d / MNT / Files Browsable \u003d YES Writable \u003d YES Guest OK \u003d YES Read Only \u003d No Hosts Allow \u003d 192.168.0.171
In this case, the full access will be at the address 192.168.0.171. To add the entire subnet, you need to specify the following:
Hosts Allow \u003d 192.168.0.
You can combine different subnets and addresses, separating them with spaces. In order to disable access to some separate addresses from the allowed subnet, you can make this:
Hosts Allow \u003d 192.168.0. Except 192.168.0.15
Access will be allowed to the entire subnet 192.168.0.0/24, except for the address 192.168.0.15.
We make a restart of the samba and check.
If you have SAMBA 4 installed, then this configuration does not work and you will get an error:
Warning: IGNORING INVALID VALUE "(! Lang: Share" for parameter "security" !}
For access to IP to work normally, you need to make the following changes to the above config:
Security \u003d User Map to Guest \u003d Bad Password
The remaining parameters leave the same. After that, IP access will work on the 4th version of the Samba.
If a access will be provided to everyone without restrictions.T. simplest configuration Samba will be like this:
Security \u003d User Workgroup \u003d MyGroup Server String \u003d Samba Guest Account \u003d Nobody Map to Guest \u003d Bad User Path \u003d / MNT / Files Browseable \u003d YES Guest OK \u003d YES Writeable \u003d YES Public \u003d YES
Do not forget to make rights for everyone to the folder:
# Chmod 0777 / MNT / Files
Restart the samba and try to go. Must be launched without unnecessary questions.
That's so literally in 5 minutes you can organize the simplest file server using Samba. And often harder and not necessary. For some file dying, the most last option will suit.
For more complex configurations, I have separate articles:
Online Linux course
If you have a desire to learn how to build and maintain highly accessible and reliable systems, I recommend to get acquainted with online course "Administrator Linux" in Otus. The course is not for beginners, for admission you need basic knowledge on networks and installation Linux on a virtual Training lasts 5 months, after which successful graduates of the course will be able to pass interviews from partners. What will give you this course:- Knowledge of Linux architecture.
- Mastering modern methods and data analysis and data processing tools.
- The ability to select the configuration for the necessary tasks, manage processes and ensure the security of the system.
- Possession of the main working instruments of the system administrator.
- Understanding the features of deployment, settings and maintenance of networks built on the basis of Linux.
- The ability to quickly solve emerging problems and ensure a stable and uninterrupted system operation.
Samba. Works on most UNIX-like systems, such as GNU / Linux, POSIX-compatible Solaris and Mac OS X Server, on various BSD options, in OS / 2, Windows. Samba. Included in almost all Distributions GNU / Linux, including, of course, in Ubuntu.
Installation
To make a shared folder in Ubuntu Desktop it is enough to click on the right mouse button on the folder and select the "Publish folder" menu item. There are no configuration files to edit any configuration files. Everything described below applies only to manual configuration, for example, in the case of creating a file server.
To install, just open the terminal and enter:
Sudo Apt-Get Install Samba
The application will be automatically loaded and installed.
Setting
Using the terminal, make a backup of the initial configuration file:
Sudo cp /etc/samba/smb.conf(,.bak)
Now you can edit the /etc/samba/smb.conf settings file, to do this, open it in any text editor With superuser's rights. For example, so:
Sudo Nano /etc/samba/smb.conf.
In general, generally speaking, just one specific scenario of using Samba, and in a huge amount of cases everything is configured absolutely wrong. The article needs to be corrected by focusing on the capabilities of Samba, and not only on the application of this program as file storage with local authorization. An example with a file store is better to endure in a separate detailed article.
An example of the SAMBA setting as a standalone file server with authorization:
; Global server settings; General Server Settings; The name of the computer that will be displayed in the network environment of NetBIOS Name \u003d Main-Server Server String \u003d; Workgroup working group Workgroup \u003d Workgroup Announce Version \u003d 5.0 Socket Options \u003d TCP_NodeLay iptos_lowdelay SO_KEEPALIVE SO_RCVBUF \u003d 8192 SO_SNDBUF \u003d 8192 PASSDB BACKEND \u003d TDBSAM Security \u003d User NULL Passwords \u003d True; USERNAME MAP \u003d ETC / SAMBA / SMBUSERS NAME RESOLVE ORDER \u003d HOSTS WINS BCAST; WINS Support is installed in YES if your NMBD (8) in the samba is a WINS server. Do not install this option in YES If you do not have several subnets and you do not want your NMBD to work like WINS server. Never install this parameter in YES more than one machine within the same subnet. WINS Support \u003d NO; Printing printer support \u003d Cups Printcap Name \u003d Cups; Log file log file \u003d /var/log/samba/log.%M syslog \u003d 0 syslog only \u003d no; Setting the binding to interfaces to which listen, if not listens to all interfaces; interfaces \u003d lo, eth0; bind interfaces only \u003d true; ; ; path \u003d / var / lib / samba / printers; browseable \u003d yes; Guest Ok \u003d YES; read only \u003d yes; Write List \u003d root; Create Mask \u003d 0664; Directory Mask \u003d 0775; ; ; PATH \u003d / TMP; printable \u003d yes; Guest Ok \u003d YES; browseable \u003d no; ; ; path \u003d / media / cdrom; browseable \u003d yes; read only \u003d yes; Guest Ok \u003d YES; Hard disk ball; The name of the balls is visible from customers; Path to the shackled Disk Path \u003d / Media / SDA1; Is it possible to view browseable \u003d yes read only \u003d no guest ok \u003d no create Mask \u003d 0644 Directory Mask \u003d 0755; Binding to a specific username or group, names via space; Force User \u003d User1 User2; Force Group \u003d Group1 Group2; Another hDD, By analogy with the fact that above Path \u003d / Media / SDE1 browseable \u003d yes read only \u003d no guest ok \u003d no create Mask \u003d 0644 Directory Mask \u003d 0755
Now you have to deal with users.
Samba uses users who already exist in the system, take for example the username, let's say that it is already in the system, you need to enter it into the SMB database and assign a password to access the shared resources, make it a team:
SMBPasswd -a user.
You will be prompted to enter a password, the user will be added to the database, now it is necessary to enable this user.
SMBPasswd -e user.
Next, create a pseudonym for the username User to make it easier to access Windows machines on which we have for example named Admin, for this we will create and edit the file / etc / samba / smbusers:
Sudo Touch / etc / Samba / Smbusers Sudo Gedit / etc / samba / smbusers
Enter a pair of lines to file
# Unix_name \u003d SMB_NAME1 SMB_NAME2 User \u003d Admin
On this setting is completed, restart Samba.
Install the easiest GUI for Samba by the command:
Sudo Apt-Get Install System-Config-Samba
He starts the team:
Sudo System-Config-Samba
All changes it writes to the SAMBA configuration file.
To remotely administer Samba as a web interface for Samba is perfectly suitable