SAMBA - PowerPoint PPT Presentation

1 / 38
About This Presentation
Title:

SAMBA

Description:

SAMBA Server Message Block File & Print Server * Samba Client If you do not specify username%password, smbclient will use the upper case version of USER or LOGNAME ... – PowerPoint PPT presentation

Number of Views:493
Avg rating:3.0/5.0
Slides: 39
Provided by: compDitIe5
Category:

less

Transcript and Presenter's Notes

Title: SAMBA


1
SAMBA
  • Server Message Block File Print Server

2
Service Profile
  • Type System-V managed service
  • Packages samba-common, samba-client
  • Daemons nmbd, smbd
  • Script smb
  • Ports 137/udp, 138/udp 139/tcp
  • Configuration /etc/samba/smb.conf

3
SaMBa
  • Client Server for the Common Internet File
    System (CIFS)
  • Microsoft's name for its SMB protocol
    implementation
  • Contains components of the LanManager and NetBIOS
    protocols
  • Samba may provide performance improvements over
    native CIFS
  • Hhtp//www.samba.org

4
The goal of SAMBA
  • A single integrated work-group spanning Windows
    and Linux machines

5
The view from Windows
  • Linux based resources look identical to Windows
    based resources.
  • Using Universal Naming conventions (UNC)
  • \\toltec\spirit

6
The view from Linux
  • smbstatus
  • Processing section "homes
  • Processing section "printers
  • Processing section "spirit
  • Samba version 2.2.6
  • Service uid gid pid machine
  • spirit jay jay 7735 maya
    (172.16.1.6) Sun Aug 12 1217 2005
  • spirit jay jay 7779 aztec
    (172.16.1.2) Sun Aug 12 1249 2005
  • jay jay jay 7735 maya
    (172.16.1.6) Sun Aug 12 1256 2005

7
The view from Linux
  • Locked files
  • Pid DenyMode R/W Oplock
    Name
  • --------------------------------------------------
    --------------------------------------------------
    -
  • 7735 DENY_WRITE RDONLY NONE
    /u/RegClean.exe Sun Aug 12 130122 2005
  • Share mode memory usage (bytes) 1048368(99)
    free 136(0) used 72(0) overhead
    1048576(100) total

8
Samba Services
  • Authentication Authorization of users
  • File Printer Sharing
  • Name Resolution
  • Comprises part of WINS, allows mapping of NetBIOS
    names to IP addresses
  • WINS is independent of DNS
  • Browsing (service announcements)

9
WINS
  • Windows Internet Naming Service (WINS)
  • Microsoft's implementation of NetBIOS Name Server
    (NBNS) on Windows
  • Handles naming in NetBIOS
  • Workstations preload names at boot
  • Distributed model
  • No hierarchy
  • Deprecated from Windows 2000 onwards
  • DNS and Active Directory preferred but may still
    be present in mixed environments.

10
NetBIOS Names
  • 16 Bytes in length
  • 15 bytes for the selected name
  • All standard characters a-z, A-Z, 0-9 and ! _at_
    ( ) - ' . are allowed.
  • It is normal practice to use the same machine
    name for the DNS record and the NetBIOS record.
  • The 16th byte indicates the unique service
    provided by the machine
  • E.g. Standard Workstation Service is 00

11
Querying NetBIOS names
  • C\gtnbtstat -a toltec
  • NetBIOS Remote Machine Name Table
  • Name Type Status
  • ---------------------------------------------
  • TOLTEC lt00gt UNIQUE Registered
  • TOLTEC lt03gt UNIQUE Registered
  • TOLTEC lt20gt UNIQUE Registered
  • ...

12
Workgroups
  • SMB groups are the same as Windows Workgroups.
  • There are predefined group resource types.
  • Nbtstat output
  • NetBIOS Remote Machine Name Table
  • Name Type Status
  • --------------------------------------------------
    --------------
  • METRAN lt00gt GROUP Registered
  • METRAN lt1Egt GROUP Registered
  • ..__MSBROWSE__.lt01gt GROUP Registered

13
Smb.conf sections
  • Similar layout to the windows.ini file split into
    different sections
  • global generic server or global settings which
    apply to each share
  • homes used to grant some or all users access
    to their home directories
  • printers defines printer resources and services

14
Sample global section
  • Simple global section
  • global
  • Log file /var/log/samba/samba.log
  • Load printersyes
  • Max log size50
  • Netbios nameRHL
  • Server stringSamba Server
  • WorkgroupTardis

15
Configuring File and Directory Sharing
  • Shares should have their own section
  • Options include
  • Public- can be accessed by guest account
  • Browseable share is visible in browse lists
  • Writeable resource is read and write enabled
  • Printable resource is a printer, not a disk
  • Group all connections to the share use the
    specified group as their primary group

16
Example
  • share Ronans Home Dir
  • ronan-home
  • Comment Ronans Home Directory
  • Path /home/rbradley
  • Browseableyes
  • Writeableyes
  • Public yes
  • createMode0664
  • DirectoryMode0775
  • maxConnections1
  • Printable no

17
Printing
  • Printers defined in /etc/cups/printers.conf
  • Global options as follows
  • printers
  • path /var/spool/samba
  • browsable yes
  • public yes
  • guest ok yes
  • writeable no
  • printable yes

18
Printing
  • LibertyLane
  • Comment Staff Printer LaserJet 5
  • printer prll
  • valid users rbradley smcneally
  • path /var/spool/prll
  • public no
  • writeable no
  • printable yes
  • By default, samba assumes printing is via cups,
    this can be overridden with the printing
    parameter in the global section

19
Other examples
  • lp
  • print command lpr -s -P p s rm s
  • printable yes
  • browseable no
  • nec-raw
  • comment Main PostScript printer driver for
    Windows clients printer
  • driver NEC SilentWriter 95
  • printable yes
  • browseable yes

20
Supporting WINS
  • Turn WINS support on add in global
  • wins support yes
  • Specify the name resolution order
  • name resolve order wins lmhosts hosts bcast
  • This step is unncessary as the default order is
    host lmhosts wins bcast

21
Name resolution options
  • host means use the system resolver library to
    determine the IP address of a name
  • lmhosts means to read name-IP mappings from the
    NetBIOS lmhosts file /etc/samba/lmhosts
  • If this doesnt exist, lmhosts lookup will be
    skipped
  • wins tells the server to maintain a WINS database
  • Names will be added and updated as clients
    connect
  • bcast uses the NetBIOS broadcast mechanism to
    find the addresses of all hosts
  • Broadcast storms

22
Authentication
  • There are a number of mechanisms for implementing
    Authentication in Samba
  • By setting the security setting this can be
    controlled by administrators
  • User Validation is done on a per-user basis,
    requiring a local smbpasswd file and also
    smbusers file
  • Server Validation done by another server

23
Local file based Authentication
  • When local file based authentication is used,
    specify that passwords should be stored encrypted
    in smb.conf
  • encrypted passwords yes
  • When server based authentication is used, specify
    the servers to be contacted for authentication
    information (used when security option is not
    user).
  • password server host1 host2 host3

24
Adding users and setting passwords with local
authentication
  • To add a user
  • smbadduser ronan.bradleyrbradley
  • UNIX Username Windows Username, need not match
  • Encrypted (by default) passwords stored in
    /etc/samba/smbpasswd
  • Users added with smbadduser and smbpasswd
  • Users defined in /etc/samba/passwd must exist in
    /etc/passwd

25
Passwords with local authentication
  • Encrypted passwords stored in /etc/samba/smbpasswd
  • Users added with smbadduser and smbpasswd
  • Users defined in /etc/samba/passwd must exist in
    /etc/passwd
  • To add a user
  • smbadduser rbradleyrbradley
  • UNIX Username Windows Username, need not match
  • Use smbpasswd for subsequent password changes
    for all users

26
Winbind
  • winbind maps between windows user and group IDs
    and unix user and group IDs
  • COMPrbradley or STUDENT\srooney6 or COMP\STAFF
    or STUDENTFT211-4

27
Linux Client access with Samba
  • Smbclient is the standard client utility, useful
    for testing and for scripts
  • Smbfs is an optional kernel component which
    allows Linux to mount an SMB share directly, in
    similar fashion to mounting an NFS share
  • Not available on UML

28
Smbclient syntax
  • If you do not specify usernamepassword,
    smbclient will use the upper case version of USER
    or LOGNAME variable and the PASSWORD variable (if
    set)
  • If you use the U option
  • smbclient U rbradleyletmein
  • Not a great idea, as the command issued is
    visible in the history and in the ps information
  • Smbclient includes an ftp-like shell

29
Sample smbclient L output
  • smbclient -L toltec
  • added interface ip172.16.1.1 bcast172.16.1.255
    nmask255.255.255.0
  • Password
  • DomainMETRAN OSUnix ServerSamba 2.2.5
  • Sharename Type Comment
  • --------- ------ --------------
  • test Disk For testing
    only, please
  • IPC IPC IPC Service (Samba
    2.2.5)
  • HP Printer HP 932C on Maya
  • ADMIN Disk IPC Service (Samba
    2.2.5)
  • Server Comment
  • --------- -------
  • MAYA Windows 98
  • MIXTEC Samba 2.2.5
  • TOLTEC Samba 2.2.5
  • ZAPOTEC
  • Workgroup Master

30
Samba Daemons
  • Nmbd NetBIOS name server
  • Resource browsing
  • WINS server
  • Smbd SMB/CIFS server
  • Authentication and authorization
  • File and Printer Sharing

31
Samba Daemon
  • When an SMB client starts, it needs to know the
    IP address being used by a particular host
  • Client broadcasts this request on the network and
    receives a response from nmbd containing the
    NetBIOS information

32
Configuration Testing
  • testparm is used to test the correct
    configuration of your samba settings
  • To check what access will be granted to a given
    host, you can also supply the IP address of a
    given host
  • testparm 147.252.224.78
  • Will return which resources are accessible to
    that host

33
Samba Client
  • smbclient can be used as a command-line file
    retrieval/transfer tool
  • smbclient //machine/resource
  • cd directory
  • get file
  • Also allows simple view of shared resources
  • smbclient L hostname
  • userpassword may be specified with the U option
    or by setting and exporting USER and PASSWORD
    environment variables

34
Samba Client
  • If you do not specify usernamepassword,
    smbclient will use the upper case version of USER
    or LOGNAME variable and the PASSWORD variable (if
    set)
  • If you use the U option
  • smbclient U rbradleyletmein
  • Not a great idea, as the command issued is
    visible in the history and in the ps information
  • Smbclient includes an ftp-like shell

35
Sample smbclient L output
  • smbclient -L toltec
  • added interface ip172.16.1.1 bcast172.16.1.255
    nmask255.255.255.0
  • Password
  • DomainMETRAN OSUnix ServerSamba 2.2.5
  • Sharename Type Comment
  • --------- ------ --------------
  • test Disk For testing
    only, please
  • IPC IPC IPC Service (Samba
    2.2.5)
  • HP Printer HP 932C on Maya
  • ADMIN Disk IPC Service (Samba
    2.2.5)
  • Server Comment
  • --------- -------
  • MAYA Windows 98
  • MIXTEC Samba 2.2.5
  • TOLTEC Samba 2.2.5
  • ZAPOTEC
  • Workgroup Master

36
smbmount
  • SMB file system can be supported by the LINUX
    kernel
  • Not available in UML
  • Can use smbmount to mount a SMB-shared resource
  • smbmount service mountpoint o options
  • smbmount //server/resource /mnt/smb o
    usernamesmbuser
  • Must set CONFIG_SMB-FS set on for smbmount to work

37
Samba mounts in /etc/fstab
  • Samba mounts can be performed automatically upon
    system boot by editing /etc/fstab
  • Specify
  • the UNC path
  • the local mount point
  • smbfs as the file system and a
  • username
  • //server1/resource /mnt/smb smbfs
    deaults,usernamenobody 0 0

38
Samba Resources
  • http//info.ccone.at/INFO/Samba/introduction.html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SAMBA" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!