[OpenBSD 4.9 i386 | samba-3.5.8p2 | Samba Book | HOWTO]
Table of Contents
The Samba suite of programs allows you to share Unix resources with SMB Clients (in many cases MS Windows clients.) This significantly simplifies client access to OpenBSD printing and file resources. Users on SMB client machines access Samba resources as they would any other (file/print) resource available from SMB servers such as Microsoft Windows Workstations (e.g. XP, Vista, 7) and Microsoft Windows Servers (e.g. 2003, 2008 R2).
We use OpenBSD/Samba to allow our network users to use the same tools for accessing their files on the OpenBSD/Samba box as they previously did when the same resources were on the Win NT boxes. Users can open their files from within their applications or use Windows Explorer to browse through the OpenBSD/Samba shares.
Install the package using pkg_add
sudo su export PKG_PATH=ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.9/packages/i386 pkg_add samba
The package system will respond with a list of available packages it can identify with the same start string that you specified (and if it finds just one then it will install that for you.)
Ambiguous: samba could be samba-3.5.8p2-ads samba-3.5.8p2-cups-ads samba-3.5.8p2-cups-ldap samba-3.5.8p2-cups samba-3.5.8p2-ldap samba-3.5.8p2 samba-docs-3.5.8
SMB and CIFS client and server for UNIX The Samba suite is a set of programs that implement a server for the Windows file- and printer-sharing protocols (SMB/CIFS). Samba allows Windows clients to use filesystem space and printers of your OpenBSD system as if they were local drives or printers. While configuration for larger sites can be quite complex, the default installation of this package allows for immediate use of your OpenBSD machine as a server for Windows clients. Available flavors: cups Enable CUPS support ldap Enable LDAP support ads Enable Active Directory support Available subpackage: docs Documentation in HTML and PDF (man pages are part of the base package) Maintainer: Ian McWilliam
We can pick the package that best meets our current needs.
The package system will download and install the specified package, and all packages needed for minimal functionality.
The default configuration file installed on /etc/samba/smb.conf, the quickest way to start Samba is:
sudo /etc/rc.d/smbd start sudo /etc/rc.d/nmbd start
To ensure that Samba services are available between system restarts.
Include or extend the list of rc.d(8) rc_scripts, such as the below
In OpenBSD 5.0, the macro name is changed from rc_scripts to pkg_scripts.
[Config file: /etc/samba/smb.conf | Utility: smbclient]
A quick diagnostic test to verify whether the nmbd/smbd daemons are working is to use the smbclient program, one of the tools supplied with the samba suite of programs. smbclient attempts a client connection to an smb server, so one simple test is to attempt a connection to our localhost smb server.
smbclient -U% -L localhost
The -U% specifies attempt the connection with User % (% expands to be root, or current login) -L specifies the hostname to connect to (localhost.) The above command should show the Shares available on the localhost server (ipc$ et. al.) as well as other machines in the Work-group.
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.8] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server) Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.8] Server Comment --------- ------- Workgroup Master --------- -------
Basic configuration file settings that can be used to approximate the initial part of what your samba server should look like to to set the following settings in the configuration file /etc/samba/smb.conf
workgroup = **myworkgroup** encrypt passwords = **yes** smb passwd file = **/etc/samba/smbpasswd** unix password sync = **yes** passwd program = **/usr/bin/passwd %u** interfaces ** ip_for_eth0 ip_for_eth1**
ip_for_eth0 and ip_for_eth1 - These are the ip-addresses for the Ethernet cards on your server that you wish Samba to service through. For example, if you had one ethernet card for your LAN (eth0:192.168.101.5) and one ethernet card for your external connection (ISP eth1:188.8.131.52) then you can specify something like:
This would allow machines on your local LAN access to the samba server, but not machines connected through any other devices.
Encrypt Passwords: All the clients i am using with my samba server will be Win98 or Win2000 and i want passwords encrypted when passed between the server and machines in preparation for when the sites go live on the internet. Likewise, i don’t want to spend the time setting up the script to modify all the clients to send clear-text passwords.
!!! ATTENTION !!! The default passdb backend has been changed to 'tdbsam'! That breaks existing setups using the 'smbpasswd' backend without explicit declaration! Please use 'passdb backend = smbpasswd' if you would like to stick to the 'smbpasswd' backend.
Associate your user accounts such as below:
$ sudo pdbedit -a -u login-id
To make sure that you can access the smb shares from other clients, create (associate) samba user accounts to system user accounts using smbpasswd
smbpasswd -a login-id