Setting Up a Samba Server

Like most administrative tasks on a SUSE Linux system, configuring and starting a Samba server is most easily done through YaST. You can start YaST in the same way as discussed earlier in the chapter in the section "Configuring a Samba client." To configure and start a Samba server, follow these steps:

1. Click the Network Services icon in the left pane of the YaST Control Center and scroll down the right pane until you see the Samba Server icon, as shown in Figure 18-12.

Figure 18-12: Samba Server icon in YaST

2. Click the Samba Server icon to display the Samba Server configuration pane, as shown in Figure 18-13.

2. Click the Samba Server icon to display the Samba Server configuration pane, as shown in Figure 18-13.

Figure 18-13: Samba Server configuration screen in YaST

Note If you have problems locating any of the configuration options or applications described in this section, see the section "Samba Client and Server Packages" later in this chapter for information about locating and installing any packages that might not have been installed during the installation process.

To PDC or Not to PDC

A domain controller supplies authentication information for a Windows domain. You will rarely want your Samba server to act as a primary domain controller if you want your Samba server to join an existing Windows domain (such as at the office) because your existing Windows domain probably already has a primary domain controller (which probably runs on a Windows system). Starting a second primary domain controller on an existing Windows domain will certainly confuse any Windows systems that are already members of that domain and will definitely irritate your system administrator. However, if you are configuring your Samba server to host a new Windows domain, you will want it to act as the primary domain controller for that domain.

If you are configuring your Samba server to act as a backup for another Samba server in your domain, you may want to configure it to act as a backup domain controller. If you define a Samba server as a backup domain controller, your primary domain controller must also be a Samba server because Samba cannot directly access authentication information that is stored in proprietary formats on a Windows primary domain controller. You will therefore have to configure your Samba backup domain controller to use the same authentication information as the primary domain controller. If your primary domain controller stores information in Lightweight Directory Access Protocol (LDAP), you can easily configure your backup domain controller to access the same LDAP server. If your primary domain controller stores authentication information in a Samba password file, you will have to manually replicate that file on your backup domain controller and make sure that the contents of the two files are always synchronized. Configuring and using an LDAP server is explained in Chapter 24. SUSE provides a number of tools for file synchronization, such as Unison, InterMezzo, and rsync, which are explained in the SUSE Administration Guide that you received with your SUSE distribution.

3. The first time you display the Samba Server configuration dialog (which is labeled "Samba Server Role"), the Disable Samba Server radio button will be selected, as shown in Figure 18-13. To begin defining a Samba server on your system, click the Enable Samba Server radio button to activate the server definition fields, as shown in Figure 18-14.

4. To configure how your Samba server interacts with authentication used on the other Windows systems on your network, select one of the File and Printer Sharing, Backup Domain Controller, or Primary Domain Controller radio buttons.

• Select the File and Printer Sharing radio button if you want your Samba server to be a member of a workgroup.

• Select one of the Backup Domain Controller or Primary Domain Controller (PDC) radio buttons if you want your Samba server to be a member of (or define) an existing domain.

Selection of Samba Server Rofe rn a nelwork. a Samba server can provide different degrees ol services and integration with the rest of the Windows network.

Selection of Samba Server Rofe rn a nelwork. a Samba server can provide different degrees ol services and integration with the rest of the Windows network.

ttthe server is not disabled, file arid Printer Sharing allows the server to provide directories and printers. Backup Domain Controller ¿>nd Primary Domain Controller allow Windows clients to log into a Windows domain. The backup controller uses another domain controller for vaii d ation. The p ri mary controller uses ils own triform ation about users and their passwords.

In Domain or Workgroup, specify the name of Ihe workgroup to which Ihis Samba server belongs. Browse presents ihe list or ail workgroups and

Figure 18-14: Enabling the Samba server in YaST

5. Next, enter the name of the domain or workgroup that you want to join or create, and enter a Server Description and Server NetBIOS Name for the Samba server that you are defining. The Server Description is a text field that enables you to specify information that will be displayed beside the entry for this SMB server when anyone browses the domain. The NetBIOS name is the name that will be assigned to this Samba server in your workgroup or domain. This will be the name that any Windows users will need to specify when connecting to resources on the Samba server that you are defining. Figure 18-15 shows the Samba Server Role screen with the values for the sample domain and server setup used throughout in this chapter and shown in Figures 18-5, 18-6, and 18-7.

Figure 18-15: Samba server configuration screen showing sample values

6. By default, your Samba server will authenticate users by looking them up in a Samba password file, which is a text file that is explained in the next section of this chapter, "Creating and Managing the Samba Password File." To set alternative sources of authentication information, click the Authentication Details button. The screen shown in Figure 18-16 displays. Specifying an alternate authentication mechanism is a completely optional step — most Samba servers in small and home environments use a Samba password file.

Figure 18-16: Customizing Samba server authentication

7. The dialog shown in Figure 18-16 enables you to specify alternate and auxiliary authentication methods. You may want to specify multiple methods if you want to be able to try various authentication services in order before falling through to the default Samba password file (/etc/samba/smbpasswd).

To specify an alternate authentication mechanism, click the Add button on the dialog shown in Figure 18-16. The pop-up shown in Figure 18-17 displays.

The pop-up shown in Figure 18-17 lists alternate Samba authentication mechanisms that you can add to the default smbpasswd file selection that is displayed when you first configure a Samba server. Available authentication mechanisms are the following:

• smbpasswd file (default) — Useful in small networks, but provides a limited amount of information and requires manual replication when multiple Samba servers share a single smbpasswd file.

• LDAP —Suggested for large sites with multiple Samba servers that share authentication information or that already use LDAP for other purposes.

• TDB database — A trivial database that stores single name/value pairs. Not recommended for sites with more than 250 users or that require sharing authentication information across multiple Samba servers.

• MySQL database — A useful authentication mechanism for sites already running MySQL and using it to store authentication information. Requires that you specify the identifier of the MySQL database that holds the authentication table as an argument in the pop-up that displays after you select this option. You can then add appropriate entries to the Samba configuration file (discussed later in this chapter) to identify the columns in your MySQL table that contain different portions of your user and authentication information.

If you select multiple authentication mechanisms, you can reorder them by selecting one and clicking the Up button to move it to the top of the authentication series or clicking the Down button to move it to the bottom of the authentication series.

8. Click the Next button to proceed. The dialog shown in Figure 18-18 displays.

Figure 18-18: Samba server Shared Resources dialog

The Shared Resources dialog enables you to specify which local resources your Samba server should export to SMB or CIFS clients. Select the Share Homes check box to share each user's home directory. Select the Share Printers check box to share any printers that have been defined on your system (including a default PDF file generator). You can also click the Advanced button to display a dialog that lets you identify specific directories that you want to share or to change the default directories associated with any existing shared resource.

9. Click the Finish button to finish configuring your Samba server, write appropriate entries to your Samba configuration file, and to start the Samba daemon (smbd) and the NetBIOS name daemon (nmbd).

Was this article helpful?

0 0

Post a comment