Samba service
Introduction
Samba provides Windows networking services using a Unix machine.
The resources available on a Windows Network is called the browse list. The browse list is maintained on a computer called the Master Browser. For a Windows network spanning multiple subnets, a domain master browser collects the browse list for the entire domain. The fys domain master brower is intra. You can view the current browse list from a unix machine using, the smbclient command:
smbclient -L intra
This could look like this:
Password:
Domain=[INTRA] OS=[Unix] Server=[Samba 3.0.9-1.3E.5]
Sharename Type Comment
--------- ---- -------
camp Disk CAMP group shared directory
mossbauer Disk Mossbauer group shared directory
mossbauerWWW Disk Mossbauer group WWW directory
mossstud Disk Mossbauer group student directory
WWW Disk World Wide Web data for dcwww.fys.dtu.dk
wwwstm Disk STM WWW-files (restricted access)
cinfWWW Disk CINF WWW-server files (restricted access)
NanoteketWWW Disk Nanoteket WWW-server files (restricted access)
cinfDB Disk CINF Database files (access only for CINF)
IPC$ IPC IPC Service (INTRA FYS Samba Server)
ADMIN$ IPC IPC Service (INTRA FYS Samba Server)
camp4200 Printer Created by redhat-config-printer 0.6.x
lhansen Disk Home Directories
Domain=[INTRA] OS=[Unix] Server=[Samba 3.0.9-1.3E.5]
Server Comment
--------- -------
Workgroup Master
--------- -------
AABOULEVARD RUBECH
ARBEJDSGRUPPE FARSLAPTOP
FYS INTRA
MSHOME MATRIXII
WORKGROUP STREBELNOTEBOOK
NetBIOS resolution of names across subnet is done, not using DNS, but Windows Internet Name Service or WINS. WINS provides a dynamically updated central database, which can be used to resolve hostnames into IP adresses.
The smb.conf file
This section describes the changes from the default smb.conf at fys:
Global:
workgroup = FYS
server string = INTRA FYS Samba Server # Replace "INTRA" by actual server name
hosts allow = 130.225.86. 130.225.87. 127.l
max log size = 1000
password level = 2
username level = 2
local master = yes
os level = 60
domain master = yes
preferred master = yes
wins support = yes
wins proxy = yes
dns proxy = yes
# local setup
display charset = UTF8
utmp = yes
create mask = 0644
directory mask = 0755
Other shares defined at fys:
homes
mossbauer
In these setting the netbios name is not set explicitly. The netbios name will in this case get the first part of DNS name.
The netbios name can be changed using:
netbios name = intra
SAMBA password database
We use Samba’s default database for storing passwords, as configured in smb.conf
:
security = user
passdb backend = tdbsam
Use this command to list the contents of the TDBSAM password database:
/usr/bin/pdbedit -L
/usr/bin/pdbedit -L -w -u <USERNAME>
Use the pdbedit -i
command to insert a new user into the database.
To delete an existing user from the database:
pdbedit -x -u <USERNAME>
Location of SAMBA password database
The TDBSAM password database file is passdb.tdb
.
With Samba version 3.3 and above (used by RHEL6/CentOS6), the password database is located in:
/var/lib/samba/private/
The Samba-3 docs show a general method for determining the TDB Database File Information
where the file location is given by PRIVATE_DIR
:
root# smbd -b | grep PRIVATE_DIR
PRIVATE_DIR: /etc/samba/private
WINS server
The FYS Workgroup spans across mutiple TCP/IP subnets. NETBIOS name resolution in this situation relies on a WINS (Windows Internet Name Service) server to resolve NETBIOS names. In our case the Samba server is set up to be the WINS server. This is done in the smb.conf file (wins support = yes).
The IP adress of the WINS server must be supplied to dhcpd via the netbios-name-servers:
option netbios-name-servers 130.225.86.4;