5.2. Configuring a SAMBA server

5.2. Configuring a SAMBA server
Prev	Chapter 5. Samba and NFS	Next

5.2.1. The Configuratiion Files

5.2.1.1. `smb.conf`

The SAMBA server configuration file smb.conf is usually in /etc/samba/.

This is the main configuration file. It is read by both the smbd and nmbd daemons.

5.2.1.2. `smbusers`

This file is used to alias UNIX and SMB names. Here is a sample:

cat /etc/samba/smbusers 

# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest

	Note
	Not all users need to be listed in `smbusers`. Only users with different UNIX and NT names need an alias

5.2.1.3. `smbpasswd`

This file contains the list of SMB users. The passwords are used to connect to services that require login.

cat /etc/samba/smbpasswd 

tux:660:1D0B273898 ...[snip]... 65A6:[U   ]:LCT-434B951B:
gnu:670:3BSL639205 ...[snip]... 34E2:[U   ]:LCT-434B56C1:

	Note
	The user `guest` has no password and is not listed in `smbpasswd`. This implies that `guest` can access any services that do not require authentication (using the `guest = ok` option)

5.2.1.4. `lmhosts`

The LanManager hosts file. This file is usually in the same directory as the smb.conf file and is read by nmbd to resolve netBIOS hostnames. The file content is similar to /etc/hosts:

10.0.0.20	accounts

The SAMBA server uses two daemons called nmbd and smbd implementing NMB and SMB services respectively. Both daemons are started with the single rc-script:

/etc/rc.d/init.d/smb start

5.2.2. The `smb.conf` Sections

The smb.conf configuration file is devided into sections. Each section (apart from [global] and [printers]) is the name of a share as it will appear on a listing.

Example listing:

smbclient -L //server

Sharename       Type      Comment

IPC$            IPC       Remote IPC
Training        Disk      Example disk share
laserprinter    Printer   Shared printer      
NETLOGON        Disk      Logon server share

Some sections such as [global], [home] and [printers] have a special meaning.

5.2.2.1. The `[global]`section

The following parameters can be set in the [global] section:

workgroup = STRING: The name of the Domain or the Workgroup
server string = STRING: A description of the server
printcap name = PATH: Path to the printcap file. This is usually /etc/printcap
guest account = UNIX ACCOUNT: When a share is set to public, it can be accessed as the user guest which is mapped to nobody. This option can be used to set an alternative username as the guest account
encrypt passwords = yes/no: Use encrypted passwords
username map = PATH: Path to smbusers file. This file is used to associate UNIX account names with one or more NT names
os level = n: This number determines how quickly the server should respond during a browser election.
domain logons = yes/no: Say yes if the server has to act as a logon server.

5.2.2.2. The `[printers]`section

In this section it is possible to share the printers defined with either CUPS or LPR. See Section 5.3.2, “Sharing Printers” for a sample configuration.

5.2.2.3. The `[homes]`section

Every SMB user is also a UNIX user. It is possible to make the UNIX home diretory available to the user.

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

For an SMB user called tux this home directory can be accessed using the names homes or tux.

5.2.3. Main Options in `[share]` Sections

All options in smb.conf are of the form

parameter = option

public or guest ok = yes/no: Determines if a share can be accessed as the guest user
browsable or browseable = yes/no: Determines if a share is visible when doing a network listing
writeable = yes/no: Determines if a share is writable
printable = yes/no: Determines if a share is writable only through spooled operations on a printing service
guest only = yes/no: Allow/dissallow only guest logins for the service. This option has an effect only if used with the guest ok option