Unit –III CHAP-I 1 Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce

 Samba is a powerful suite of applications for allowing UNIX-based systems (such as Linux) to interoperate with Windows-based and other operating systems.  It is an open source implementation of the Server Message Block/Common Internet File System (SMB/CIFS) protocol suite.  Samba transparently provides file and print sharing services to Windows clients.  It is able to do this through the use of the native Microsoft networking protocols SMB/CIFS. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 2

 From a system administrator’s point of view, this means being able to deploy a UNIX-based server without having to install Network File System (NFS), and some kind of UNIX- compatible authentication support on all the Windows clients in the network. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 3

 The Linux/UNIX login/password mechanism is radically different from the Windows PDC (Primary Domain Controller) model and the Windows Active Directory model.  Thus, it’s important for the system administrator to maintain consistency in the logins and passwords across both platforms.  Users may need to work in heterogeneous environments and may need access to the different platforms for various reasons. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 4

 It is thus useful to make working in such environments as seamless as possible without having to worry about users needing to reauthenticate separately on the different platforms or worry about cached passwords that don’t match between servers, etc. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 5

 Relative to Samba, there are several options for handling username and password issues in heterogeneous environments. Some of these are 1. The Linux Pluggable Authentication Modules (PAM) allows you to authenticate users against a PDC. This means you still have two user lists—one local and one on the PDC—but your users need only keep track of their passwords on the Windows system. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 6

2. Samba as a PDC allows you to keep all your logins and passwords on the Linux system, while all your Windows boxes authenticate with Samba.  When Samba is used with a Lightweight Directory Access Protocol (LDAP) back-end for this, you will have a scalable and extensible solution. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 7

3. Roll your own solution using Perl Allows you to use your own custom script.  For sites with a well-established system for maintaining logins and passwords, it isn’t unreasonable to come up with a custom script.  This can be done using WinPerl and Perl modules that allow changes to the Security Access Manager (SAM) to update the PDC’s password list.  A Perl script on the Linux side can communicate with the WinPerl script to keep accounts synchronized. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 8

 Assuming you have a working connection to the Internet, installing Samba can be as simple as issuing this command: ~]# yum -y install samba  You can similarly install the samba-client package like so: ~]# yum -y install samba-client Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 9

 the service command and the chkconfig utility can be used to manage Samba’s startup and shutdown.  For example, to start the smbd daemon, you can execute this command: ~]# service smb status  And to stop the service, type ~]# service smb stop  After making any configuration changes to Samba, you can restart it with this command to make the changes go into effect: ~]# service smb restart Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 10

Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 11

 When you connect to SWAT and log in as root, you’ll see the main menu shown in Figure. From here, you can find almost all the documentation you’ll need for Samba’s configuration files, daemons, and related programs.  At the top of SWAT’s main page are buttons for the following menu choices: P.T.O. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 12

 Home The main menu page  Globals Configuration options that affect all operational aspects of Samba  Shares For setting up disk shares and their respective options  Printers For setting up printers  Wizard This will initiate a Samba configuration wizard that will walk you through setting up the Samba server  Status The status of the smbd and nmbd processes, including a list of all clients connected to these processes and what they are doing (the same information that’s listed in the smbstatus  command-line program)  View The resulting smb.conf file  Password Password settings Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 13

 Globals The Globals page lists the settings that affect all aspects of Samba’s operation. These settings are divided into five groups: base, security, logging, browse, and WINS. To the left of each option is a link to the relevant documentation for the setting and its values.  Shares In Microsoft Windows, setting up a share can be as simple as selecting a folder (or creating a new one), right-clicking it, and allowing it to be shared. Additional controls can be established by right-clicking the folder and selecting Properties. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 14

 Printers The Printers page for SWAT lets you configure Samba-related setting for printers that are currently available on the system. Through a series of menus, you can add printer shares, delete them, modify them, etc.  Status The Status page shows the current status of the smbd and nmbd daemons. This information includes what clients are connected and their actions Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 15

 View As you change your Samba configuration, SWAT keeps track of the changes and figures out what information it needs to put into the smb.conf file. Open the View page, and you can see the file SWAT is putting together for you.  Password Use the Password page if you intend to support encrypted passwords. You’ll want to give your users a way to modify their own passwords without having to log into the Linux server. This page allows users to do just that. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 16

 The smbclient program is a command-line tool that allows your Linux-based system to act as a Windows client. You can use this utility to connect to other Samba servers or even to actual Microsoft Windows servers.  smbclient is a flexible program and can be used to browse other servers, send and retrieve files from them, or even print to them. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 17

 Using smbclient with the -L option allows you to view the offerings of a Windows file server or Samba server without having to use a GUI.  Here’s the format of the command: ~]# smbclient -L hostname where hostname is the name of the server. For example, if we want to see what the local host (i.e., serverA) has to offer, we type ~]# smbclient -L localhost Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 18

 The smbclient utility allows you to access files on a Windows server or a Samba server  with a command-line hybrid Disk Operating System (DOS)/File Transfer Protocol (FTP) client interface.  For its most straightforward usage, you’ll simply run the following:  ~]# smbclient //server/share_name  where server is the server name (or IP address), and share_name is the share name to which you want to connect.  By default, Samba automatically sets up all users’ home directories as shares Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 19

 The following are some command-line parameters you may need to use with smbclient to connect to a server: Parameter for smbclient  Description - I destIP  The destination IP address to which you want to connect.  - U  username The user you want to connect as. This will be used  instead of the user you are logged in as. - W  name Sets the workgroup name to name. - D  directory Starts from directory. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 20

 Once connected, you’ll be able to browse directories using the cd, dir, and ls commands.  You can also use get, put, mget, and mput to transfer files back and forth.  We’ll use the smbclient utility to connect to the server, connecting as a guest by specifying the -U% option. After connecting, we will be dropped down to an smb shell with the prompt “smb: \>”. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 21

 with the prompt “smb: \>”.  While connected, we’ll do a listing of the files available on the share using the ls command. Then we’ll try to download one of the files that resides on the share using the FTP-like command get.  Finally, end the connection using quit.  A sample session on clientB connecting to  serverA is shown here:  ~]# smbclient -U% //serverA/samba-share  The output will be  Domain=[MYGROUP] OS=[Unix] Server=[Samba fc8] Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 22

 After that apply ls command as follows:-  smb: \> ls  We will get output as follows:-. D 0 Sat Mar 15 15:27: D 0 Sat Mar 15 15:27: foo1 A 0 Sat Mar 15 15:27: foo2 A 0 Sat Mar 15 15:27: moo3 A 0 Sat Mar 15 15:27: blocks of size blocks available Apply get command as follows  smb: \> get foo2 getting file \foo2 of size 0 as foo2 (0.0 kb/s) (average 0.0 kb/s)  smb: \> quit  The file (foo2) that was downloaded from serverA should be in the current working directory on the local file system of clientB. Created By Asst. Prof. Ashish Shah, J.M.Patel College of Commerce 23