Creating a Samba server for a small office.
Ubuntu Linux and Samba can breathe new life into a retired PC and save an office money on new hardware/software. Our example server will have two hard disks, one exclusively for storing shared data.
1. Perform a default install of Ubuntu desktop or server. Samba is usually installed on a server, but a desktop will do, as well.
2. Set the root password for Ubuntu;
sudo passwd root
Enter your normal user password and then the new root password twice.
Make this password a complex and long password, known only to you and a secured document. A good random password generator can be found online at the GRC web-site.
3. Configure Ubuntu with a static IP address. Open up a terminal session and with your favorite text editor, enter the following command;
Enter a static IP address that is not currently in use on the network, 192.168.1.10 for example, followed by the subnet mask, default gateway.
Example interfaces file;
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
iface lo inet loopback
# The primary network interface
iface eth0 inet static
4. Restart the network service to make the new IP settings take effect;
5. Create a valid hostname for the server. Depending on the type of network the server will service, a valid hostname can always be helpful for clients trying to find the machine on the network. Edit the 'hosts' file with a text editor and set the server's hostname, 'smbsrv.domain.com' in this case.
Example hosts file;
127.0.0.1 localhost.localdomain localhost
192.168.1.10 smbsrv.domain.com smbsrv
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
Tell the 'hostname' file about the change;
echo server1.example.com > /etc/hostname
…and reboot the computer for the changes to take effect.
6. 2nd HDD. The server in this example has a second hard drive. Shares and their associated folders will be kept away from the server's own hard drive on the second disk. The disk is known as /dev/sdb. If you are not sure about the disk's name according to Linux, the command "sudo lshw -C disk" will list all of the detected hard drives in the computer. Providing the drive was installed correctly, it will show up.
description: ATA Disk
physical id: 1
bus info: scsi@1:0.0.0
logical name: /dev/sdb
size: 465GB (500GB)
capabilities: partitioned partitioned:dos
The drive is already partitioned and formatted. More information can be found on that topic here, https://help.ubuntu.com/community/InstallingANewHardDrive
As root, we must make a mount point for the drive in Ubuntu, then modify fstab to make sure the drive is mounted every time at boot.
Create the mount point (as root); sudo mkdir /media/2ndhdd
Edit fstab with a text editor ; /etc/fstab
Add this line to the bottom of the file; /dev/sdb1 /media/2ndhdd vfat defaults 0 2
Run "sudo mount -a"
, or reboot the computer to have the changes take effect.
7. Install and configure Samba. Run the following command to install the Samba components;
aptitude install libcupsys2 samba samba-common
Now we have to edit Samba's main configuration file, smb.conf, with a text editor to make the changes we need.
Uncomment the "security = user"
entry in the Global section by removing the # symbol. This is the very least we need to do to get Samba running, aside of creating the actual shares. A good idea would be to enable the WINS server component, or configure Samba to use an existing WINS server, already on the network. Change the WORKGROUP name to the name used by the Windows clients on the network, like 'MSHOME'
, or 'WORKGROUP'.
Close smb.conf and restart the Samba service.
sudo /etc/init.d/samba restart
Let's add some shares. For example, a share that will be read/write to all members of a group.
Create the actual folder: sudo mkdir -p /media/2ndhdd/allusers
Change the folder's owner: sudo chown -R root:users /media/2ndhdd/allusers/
Change the default permissions: sudo chmod -R ug+rwx,o+rx-w /media/2ndhdd/allusers
Edit smb.conf again, to add the 'allusers' share.
Add the following to the bottom of the file;
comment = All Users
path = /media/2ndhdd/allusers
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
writable = yes
The quickest way to get up and running is to just share a users home directory. To do this just un-comment (or create) the [homes] portion of the smb.conf file.
comment = Home Directories
browseable = no
valid users = %S
writable = yes
create mask = 0700
directory mask = 0700
Restart Samba: sudo /etc/init.d/samba restart
If you made Samba a WINS server, now would be the time to configure your hosts to use the server's IP address as their primary WINS server.
Samba is not going to share much, unless some users are added to the smbpasswd database/file.
Add a user to the Linux system: sudo useradd jane -m -G users
(The '-G- adds Jane to the users group)
Give Jane a password: sudo passwd jane
Add her to the Samba database: smbpasswd -a jane
Jane should be able to browse the network for the Samba server. If Jane's Linux username and password are identical to what she uses on Windows, she will not need to authenticate to the Samba server at all.
Further reading: http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html