Before setting up Samba, we need to consider a few key system parameters. Domain or workgroup?
The majority of installations of Linux filesharing that I've done are in a workgroup setup, because in an SME there's not a massive amount of benefit to be gained from using Windows domains (it's harder and the server goes slower). So we'll stick with workgroups. Fileshares
We also need to decide what shared folders we want. A common one is to give each user their own "private" directory and to have a communal "shared" directory into which people can temporarily drop stuff so others can grab it. We'll also pretend we have a directory set aside to which only the Accounts department have access, so they can share files among themselves but non-Accounts people can't see them. Basic setup
On our installation (a Red Hat 9.0 PC) the Samba configuration file lives in /etc/samba and is called smb.conf. So we need to edit this file and tell it about our world. The first section in the config file reflects the system-wide preferences – the domain/workgroup name, logging details and so on.
[global] workgroup = KORANA server string = DSC-LAB
log file = /var/log/samba/%m.log max log size = 0
security = user
encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes
[homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 printable = no
[Shared] comment = Shared filestore path = /tmp read only = no public = yes printable = no
[Accounts] comment = Accounts department path = /home/accounts public = no writable = yes printable = no write list = @accounts
As we've already hinted, Samba has its own separate password file from Linux, and so you need to set up your users' accounts under Samba. It's dead easy to do – you use the smbpasswd command:
smbpasswd –a testuser
When you've set the Samba control file up, you do need to double-check that you set up your various directory permissions and ownership correctly. The 'Shared' and home directories are probably set OK anyway, because Linux will have created them and they'll have the right permissions. The /home/accounts directory should be given the right permissions, though.
chmod –R 770 /home/accounts
chown root.accounts /home/accounts
The first thing you want to do is run the testparm application before you try out the new settings. This checks the syntax (and some of the semantics) of the configuration file for silly errors. Once you've done this, it's simply a case (under Red Hat, anyway), of kicking off the service:
/etc/init.d/smb stop /etc/init.d/smb start