22.4. Configuring a Samba Server
/etc/samba/smb.conf
) allows users to view their home directories as a Samba share. It also shares all printers configured for the system as Samba shared printers. In other words, you can attach a printer to the system and print to it from the Windows machines on your network.
22.4.1. Graphical Configuration
/etc/samba/
directory. Any changes to these files not made using the application are preserved.
system-config-samba
RPM package installed. To start the Samba Server Configuration Tool from the desktop, go to the (on the Panel) > > > or type the command system-config-samba
at a shell prompt (for example, in an XTerm or a GNOME terminal).

Figure 22.3. Samba Server Configuration Tool
Note
22.4.1.1. Configuring Server Settings

Figure 22.4. Configuring Basic Server Settings
workgroup
and server string
options in smb.conf
.

Figure 22.5. Configuring Security Server Settings
- Authentication Mode — This corresponds to the
security
option. Select one of the following types of authentication.- ADS — The Samba server acts as a domain member in an Active Directory Domain (ADS) realm. For this option, Kerberos must be installed and configured on the server, and Samba must become a member of the ADS realm using the
net
utility, which is part of thesamba-client
package. Refer to thenet
man page for details. This option does not configure Samba to be an ADS Controller. Specify the realm of the Kerberos server in the Kerberos Realm field.Note
The Kerberos Realm field must be supplied in all uppercase letters, such asEXAMPLE.COM
.Using a Samba server as a domain member in an ADS realm assumes proper configuration of Kerberos, including the/etc/krb5.conf
file. - Domain — The Samba server relies on a Windows NT Primary or Backup Domain Controller to verify the user. The server passes the username and password to the Controller and waits for it to return. Specify the NetBIOS name of the Primary or Backup Domain Controller in the Authentication Server field.The Encrypted Passwords option must be set to Yes if this is selected.
- Server — The Samba server tries to verify the username and password combination by passing them to another Samba server. If it can not, the server tries to verify using the user authentication mode. Specify the NetBIOS name of the other Samba server in the Authentication Server field.
- Share — Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server.
- User — (Default) Samba users must provide a valid username and password on a per Samba server basis. Select this option if you want the Windows Username option to work. Refer to Section 22.4.1.2, “Managing Samba Users” for details.
- Encrypt Passwords — This option must be enabled if the clients are connecting from a system with Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transferred between the server and the client in an encrypted format instead of as a plain-text word that can be intercepted. This corresponds to the
encrypted passwords
option. Refer to Section 22.4.3, “Encrypted Passwords” for more information about encrypted Samba passwords. - Guest Account — When users or guest users log into a Samba server, they must be mapped to a valid user on the server. Select one of the existing usernames on the system to be the guest Samba account. When guests log in to the Samba server, they have the same privileges as this user. This corresponds to the
guest account
option.
22.4.1.2. Managing Samba Users

Figure 22.6. Managing Samba Users