22.4. Configuring a Samba Server
/etc/samba/smb.conf) allows users to view their home directories as a Samba share. It also shares all printers configured for the system as Samba shared printers. In other words, you can attach a printer to the system and print to it from the Windows machines on your network.
22.4.1. Graphical Configuration
/etc/samba/directory. Any changes to these files not made using the application are preserved.
system-config-sambaRPM package installed. To start the Samba Server Configuration Tool from the desktop, go to the (on the Panel) > > > or type the command
system-config-sambaat a shell prompt (for example, in an XTerm or a GNOME terminal).
Figure 22.3. Samba Server Configuration Tool
22.214.171.124. Configuring Server Settings
Figure 22.4. Configuring Basic Server Settings
server stringoptions in
Figure 22.5. Configuring Security Server Settings
- Authentication Mode — This corresponds to the
securityoption. Select one of the following types of authentication.
- ADS — The Samba server acts as a domain member in an Active Directory Domain (ADS) realm. For this option, Kerberos must be installed and configured on the server, and Samba must become a member of the ADS realm using the
netutility, which is part of the
samba-clientpackage. Refer to the
netman page for details. This option does not configure Samba to be an ADS Controller. Specify the realm of the Kerberos server in the Kerberos Realm field.
NoteThe Kerberos Realm field must be supplied in all uppercase letters, such as
EXAMPLE.COM.Using a Samba server as a domain member in an ADS realm assumes proper configuration of Kerberos, including the
- Domain — The Samba server relies on a Windows NT Primary or Backup Domain Controller to verify the user. The server passes the username and password to the Controller and waits for it to return. Specify the NetBIOS name of the Primary or Backup Domain Controller in the Authentication Server field.The Encrypted Passwords option must be set to Yes if this is selected.
- Server — The Samba server tries to verify the username and password combination by passing them to another Samba server. If it can not, the server tries to verify using the user authentication mode. Specify the NetBIOS name of the other Samba server in the Authentication Server field.
- Share — Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server.
- User — (Default) Samba users must provide a valid username and password on a per Samba server basis. Select this option if you want the Windows Username option to work. Refer to Section 126.96.36.199, “Managing Samba Users” for details.
- Encrypt Passwords — This option must be enabled if the clients are connecting from a system with Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transferred between the server and the client in an encrypted format instead of as a plain-text word that can be intercepted. This corresponds to the
encrypted passwordsoption. Refer to Section 22.4.3, “Encrypted Passwords” for more information about encrypted Samba passwords.
- Guest Account — When users or guest users log into a Samba server, they must be mapped to a valid user on the server. Select one of the existing usernames on the system to be the guest Samba account. When guests log in to the Samba server, they have the same privileges as this user. This corresponds to the
188.8.131.52. Managing Samba Users
Figure 22.6. Managing Samba Users
22.4.2. Command Line Configuration
/etc/samba/smb.confas its configuration file. If you change this configuration file, the changes do not take effect until you restart the Samba daemon with the command
service smb restart.
workgroup = WORKGROUPNAME server string = BRIEF COMMENT ABOUT SERVER
smb.conffile (after modifying it to reflect your needs and your system):
[sharename] comment = Insert a comment here path = /home/share/ valid users = tfox carole public = no writable = yes printable = no create mask = 0765
caroleto read and write to the directory
/home/share, on the Samba server, from a Samba client.