Hello friends!. I will start by stating that It is not the same to use Samba what to write about him. As a great Hindu or Persian poet said (I can't remember well), "By moving your finger you write, and once written, not all your devotion nor all your tears will be able to erase something of what is written." I apologize in advance for the length of the article or for some inadvertent omission. Thank you!.
What is it Samba for UNIX / Linux users ?. Among other definitions, it is a tremendous form of dancing practiced in Brazil and in many other countries, which far exceeds my modest knowledge of How to Have Fun. 🙂 So, I go to my encyclopedia and find:
From Wikipedia: Samba is a free implementation of the Microsoft Windows file sharing protocol (formerly called SMB, recently renamed to CIFS) for UNIX-like systems. In this way, it is possible that computers with GNU / Linux, Mac OS X o Unix they generally look like servers or act like clients on Windows networks. Samba also allows users to validate by acting as the Main Domain Controller (PDC), as a domain member and even as a domain Active Directory for Windows-based networks; apart from being able to serve print queues, shared directories and authenticate with your own user archive.
We will see:
- Samba usage examples
- Let's install and read Documentation
- Samba 3.xxx and Samba 4.xxx versions
- Permissions and rights on folders and files in GNU / Linux
- Some Samba related programs on Wheezy
- Recommendations
Samba usage examples
The Immense Samba project is present in many programs and services in our Linux world: In the daily and simple access to shared resources in SMB / CIFS networks that we do daily that we have Linux installed on our workstations.
File and printer servers both with users who authenticate to the server itself, to an LDAP server, or to a Microsft Windows Active Directory. We'll also see him in the lead role in Microsoft's NT 4-style Domain Controllers, made on UNIX / Linux. Examples of those PDCs are ClearOS, Zentyal, Linux Artica Proxy, etc.
Now, with the stable output of Samba 4, we can also make an Active Directory on UNIX / Linux. In addition, it is the main actor of the so-called FreeNAS of the FreeBSD distribution. For more information, visit the Samba Official Site, whose slogan is: «Opening Windows to a Wider World. Samba is the standard Windows interoperability suite of programs for Linux and Unix«. The new "Look" of the site is very suggestive.
Let's install and read the Documentation
«There is no better manual or article than the documentation that comes with the samba-doc package«. In the Village www we find thousands -many more- articles, tutorials, howtos, and the divine ciborium of literature in all languages about Samba.
We do not intend, by any means, to replace the accompanying documentation, let alone the posts. Perhaps and very humbly give as always a Entry point to the fascinating world of Project Samba. To install the documentation we do it through Synaptic or we execute in a console as the user root:
aptitude install samba-doc samba-doc-pdf
Documentation is installed in folders / usr / share / doc / samba-doc y / usr / share / doc / samba-doc-pdf respectively. Please, even if it is in English, read the documentation. In case they can't, it's time to at least learn to read English. 🙂
Samba 3.xxx and Samba 4.xxx versions
We clarify that in the Wheezy repository, we will find the packages samba y samba4. The first is the version 3.6.6-6, while the second one is 4.0.0 ~ beta2 + dfsg1-3.2.
The fundamental difference between versions 3.xxx and 4.xxx, is that with the former we can install, among other types of services, a Main Domain Controller in the style of Microsoft's NT4; while with series 4, we can already make an Active Directory or «Active Directory»In the style of Active Directories with Microsoft Windows 2000 or higher.
Permissions and rights on folders and files in GNU / Linux
Very important: It is essential that before continuing reading, you download a copy of the article «Permissions and rights in GNU / Linux», by the author Juan Antonio Aguilera, from the UCI in Cuba. February 1, 2012 at 12:29 PM (taken from the site human.uci.cu). You can also read the Original article here.
One of the "difficult to understand" aspects about Samba is precisely the security inherent in the UNIX / Linux filesystem on which it sits and operates. This simple detail constitutes one of the main problems that tends to confuse many who start Samba and call it even "Diabolic". Poor Samba! 🙂
Many users who come from the Windows world are perplexed by the way shared resources are handled via Samba, basically because it does not behave as they expect. Some Microsoft Network Administrators are frequently confused regarding Network Access Control and how to guarantee access to users that they need, while protecting other resources from unauthorized access. On the other hand, UNIX / Linux Administrators, especially those who are not familiar with the Microsoft Windows environment, have difficulty in visualizing how to properly set access permissions to files and directories in a way that satisfies the wishes of Windows users.
The Fundamental Problem lies in how the file and directory permissions are assigned in each File System of each of the environments.
Samba cannot ignore or hide that reality even if it establishes a bridge or transition to some degree between the two environments. Samba was conceived to provide a means of exchanging data between different operating systems. Samba was not built to switch to the UNIX / Linux platform on a platform like Microsoft Windows. Instead, the initial purpose was to provide a sufficient level of data exchange between the two environments. However, what Samba is currently capable of doing, exceeds the plans and perspectives of its beginnings, despite the fact that the short distance between the two continues to decrease every day.
Some Samba related programs on Wheezy
If we do a search with the word «samba»By Description and name through Synaptic, it will return a fairly long list of packages. We can also obtain it if we execute the following command:
aptitude search ~ dsamba
If we want to save in a text file for a quiet reading about the information of all the related packages, we can do it by:
aptitude show ~ dsamba> samba-packages.txt
We were also able to run aptitude search ~ dsamba> samba-package-list.txt, and then calmly read the names. Also, it would be beneficial to do the same with the word "Smb". That task is left to your discretion. 🙂 We will limit ourselves only to very briefly describe some of them. In alphabetical order we select:
fusesmb: Client file system based on the SMB file transfer protocol. Provides the ability to seamlessly exchange files with Microsoft Windows servers, and UNIX servers running Samba. It is based on FUSE, the Linux user-space file system environment.
gadmin-samba: Tool for Samba configuration with GTK + graphical interface. gadmin-samba It is an easy-to-use program through which we can implement a file and printer server; a domain controller; fully manage users and shares, etc.
gnome-system-tools: Tools for GNOME configuration. Among its many features, we find the one related to sharing folders through Samba. We clarify that the level of control over user permissions is extremely basic and I personally do not recommend it for this task.
gosa: Major Word. Program that provides Systems Administration through a web interface, for implementation of services based on LDAP. Provides access to POSIX, Samba, Proxy, Fax, PureFTP, Kerberos accounts as implemented by the Massachusetts Institute of Technology MIT, and many other functions.
kdenetwork-filesharing: KDE module for the configuration of shared resources. Graphical interface to which we access via the Control Panel to configure shared resources through Network F System or Samba.
ldap-account-manager: Web interface for managing accounts in an LDAP directory. It runs on a web page server and allows us to manage user, group and machine accounts. Currently it supports account types Samba 3, Unix, Kolab2, and address book entries, among others.
samba: File, printer and identification server using SMB / CIFS on UNIX. Samba is an implementation of the SMB / CIFS protocol for UNIX systems, providing the ability to share files and printers between platforms such as Microsoft Windows, OS X, and other UNIX systems.
Samba can also function as a domain controller like an NT4 would, and can integrate with NT4 domains and Active Directory Realms as a member of a Realm ("Realm"). To use it in an NT4 domain or "Active Directory" realm, you will also need the package winbind. The package samba It is NOT required to connect to existing SMB / CIFS servers (see smbclient) or to mount remote file systems (see cifs-utils).
- cifs-utils: Common File System Utilities for the Internet or «Common Internet File System«. It contains the necessary tools to mount on the local file system, remote network file systems that support the CIFS protocol.
samba4: File, printer and identification server using SMB / CIFS on UNIX. Domain Controller Server type NT and Active Directory (version 4).
smb4k: Advanced and very good browser of equipment and shared resources in SMB / CIFS networks. It belongs to the KDE platform.
smbclient: Console tools to work with shared resources in SMB / CIFS networks. Contains command line utilities for accessing Windows and Samba servers: smbclient, smbtar, smbspool, smbtree and others.
SWAT: «Samber Web Aadministration Tool ». Allows you to manage a Samba server via the Web It is not going to be maintained any more by its developers. Furthermore, its default configuration is not safe for untrusted networks, according to the Debian Team.
winbind: Samba name service integration server. Integrates authentication mechanisms and directory services (searching for users and groups) from a Domain Controller or Windows Active Directory, on a UNIX / Linux machine
In Ubuntu we also have the program system-config-samba, which gives a basic level to manage shared resources and import Linux users into the Samba database. We will dedicate an article to how we can install and use this tool in Wheezy.
Recommendations
- Always go from the simple to the complex.
- Let's start with:
.- Use the tools to access and work with resources in SMB / CIFS networks.
.- Study and apply the Permissions and Rights in Folders and Files in GNU / Linux file systems.
.- Study the Definitions and Concepts of the documentation.
.- Start by sharing folders locally.
.- Learn to join our Debian to a Microsoft Domain.
.- Share local resources for users of a Windows Active Directory or Domain.
.- Go back to study and practice a lot.
.- Implement our own Domain Controller in Samba.
I do not want to end without first declaring that Samba is not a suitable subject for the Usual Suspects of falling into Despair and Haste, the latter considered the eighth Capital Sin according to Chinese Philosophy. 🙂
And until the next adventure, Friends !!!.
Thanks:
Taken from Samba Team Official Site
Samba Team Members
Here are contact addresses for some of the team members:
Samba Team Alumni
Many thanks to the following people for their contributions to Samba during their time as team members.
|
|
Very good article, I would appreciate some advice on the implementation of a PDC. Regards.
Yes, a HOW TO integrate linux computers into Active Directory domains would be great, especially the part of user authentication and shared folders. From what little information I found out, I think the complicated thing is to get the users of the active directory "Administrators" group to have super user permissions in Linux
argh! I can't (or don't know how to) edit my previous comment. I just wanted to thank the author for the post that he has worked on, which I almost missed!
PS: I had already heard of windbind but I haven't learned much yet. If I see that I manage to integrate linux computers into Active directory domains, maybe I dare to write my first post ...
Very good introduction !!
I suppose there are a long series of articles on installation, implementation, etc, etc, and some other video tutorial of Samba steps performed by a beautiful brunette ...
Thank you very much to ALL for your comments and thanks !!! The idea is precisely to go from the simplest to the most complex through a series of articles, because from experience I know that in the Samba theme you cannot burn stages. I insist on reading the accompanying documentation (unfortunately in English) and the topic of Permissions in folders and files. Do not despair that everything comes in due time. And if possible, a mulatto or a Cuban brunette, explaining how to dance Samba. 🙂
Some acquaintances are thinking of setting up an internet cafe and they told me if I could help them with server issues and stuff. I think this series of articles is going to fall in love with me. Thank you!
It has always worked for my samba, but for some reason it does not transfer the data to more than 900 kb / s XD
Hmm, do you have any extra security options enabled?
SAMBA is slow, but not that much ...
Samba is not slow at all. A slow network can be due to having a DNS or not a WINS service. It can be many factors unrelated to Samba. Try adding this line to smb.conf:
socket options = TCP_NODELAY SO_SNDBUF = 8192 SO_RCVBUF = 8192
A LAN without good DNS service slows down. A classic LAN with Windows clients, if you don't have a WINS service running -one only per subnet- it also becomes slow. A well-configured Samba file server is faster than one with Windows.
Sorry, I forgot the NO. I meant:
Samba is not slow at all. A slow network may be due to DO NOT it has a DNS or not a WINS service either. It can be many factors unrelated to Samba. Try adding this line to smb.conf:
socket options = TCP_NODELAY SO_SNDBUF = 8192 SO_RCVBUF = 8192
A LAN without good DNS service slows down. A classic LAN with Windows clients, if you don't have a WINS service running -one only per subnet- it also slows down. A well-configured Samba file server is faster than one with Windows.
Excellent 😀 I use samba only for file and printer sharing, smb4k a cool tool 😀
They finally start talking about Samba ... XDDDD
We are doing our best to write a bit about Samba.
Great. I remember that at some point, speaking with Elav, he had suggested that they write a little about the subject.
Good post, Fico. This will help me share folders from my Debian and make it visible on my home intranet that all Windows have.
Greetings Elio !!!. It will surely serve you. We will try to follow the order of the Recommendations themselves. The only thing I do not promise yet is an Active Directory, a very technical issue with many steps with possible mistakes. We'll see later
Good article I from samba had only seen him name the uncle in the shadow of the helicopter saying if it worked well or not xD
Dear Peak,
Excellent introduction about SAMBA and the great value and dedication that is given to this Post and the thousands that exist in this blog are appreciated, good to tell you that I would like to know if there would be the possibility of making a post about SAMBA as a domain controller it would be a good that they thought about it, good regards and I look forward to your prompt response.
Thank you.
I am an intern in a company where the printing service works perfectly using samba 3, but it seeks to use the latest technology and when using a server with samba 4 and using the smb.conf configuration of samba 3 in samba 4 it does not work for me
Dear Luis Correa. You say it worked correctly before upgrading from Samba version 3 to 4. You should send me the configuration file of when version 3 worked to analyze it in detail and see if I can help you. My email is federicotoujague@gmail.com. By the way, I invite you to follow my latest installments in the series of posts on Computer Networks for Medium and Small Businesses or SMEs.