OPS335 Samba Lab
Revision as of 15:44, 2 January 2014 by Peter.callaghan (talk | contribs) (moved OPS335 Lab 9 to OPS335 Samba Lab: Moving away from numbered labs to make re-ordering easier.)
Samba - A Windows SMB/CIFS fileserver for UNIX
Configuring a Samba Server on Linux
- On your host F17 system install Samba
yum install samba
- Create a backup of the file /etc/samba/smb.conf, and create a new one that includes only the following:
[global] workgroup = <yourlearnid>.org server string = "put your real name here without the quotes" encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd hosts allow = 142.204.141. <first three octets of network address followed by period e.g. "192.168.6."> ; note: the above line will allow access from the Seneca domain in lab T2107 [home] comment = "put your real name here without the quotes" path = /home/<learnid> valid users = <learnid> ; remember <learnid> is your learnid account name public = no writable = yes printable = no create mask = 0765
- Create a Samba password for user <learnid> with the command
smbpasswd -a <learnid>
- If you need to, you can change a user's password by using the command
smbpasswd <username>
- Confirm the user you created has been added using the following command
pdbedit -L -v
- Test and review your configuration with the command
testparm
- You can now start your Samba server
systemctl start smb.service
- Ensure your server starts at boot.
- You will need to determine which ports you need to open to allow connections to your server (hint: there are a total of six port and protocol combinations needed).
- Test if you have a connection with the command
smbclient -U <learnid> -L vm02
- It will show you a list of all available shares.
Connecting to a Linux SMB Server from a Linux Client
There are many ways that a Linux client can connect to an SMB server.
Using smbclient
- In a full installation you should not need to install samba-client on your vm01, but if it is not present then do so.
- From vm01 use the "smbclient" command in a terminal window.
smbclient '\\vm02\home' -U <learnid>
- After entering your password you should get a prompt similar to
smb: \>
- Enter the ls command to see a list of the files in your home directory - you may receive the following error.
smb: \> ls NT_STATUS_ACCESS_DENIED listing \*
- SE Linux should be in Enforcing and will need to be adjusted (on the samba server) for this to work.
setsebool -P samba_enable_home_dirs 1
- Once you have access to the directory use the get and put commands (similar to ftp) to move files
- When you are finished close the connection.
Using 'mount -t cifs'
- The next way is to use the mount command.
- Use the mount command on vm01 to mount your home directory
mkdir /tmp/vm02-home mount -t cifs //vm02/home /tmp/vm02-home -o username=<learnid> ls /tmp/vm02-home
- Start a graphical interface on vm01.
- Use the "Activities" menu from the desktop on open 'files'.
- From the menu in the side-bar of the files tool, choose 'Connect to Server'.
- Enter 'smb://vm02/home' as the location, and enter your samba password in the prompt.
- Where vm02 is the name of the server, and home is the name of the directory it is sharing.
- After you have checked that you can access your files, unmount the share by right-clicking its icon in the side-bar and clicking 'Unmount'.
Using a browser
- You can also use a web browser with support for the SMB protocol such as Konqueror.
- Note that firefox does not have such support.
- If Konqueror is not installed then install it with the command:
yum install kdebase
- Start Konqueror, the web/file browser, and in the address bar enter the following
smb://vm02/home
- Enter your username and password when prompted.
- Double click on a file you have some text in.
- Open it with gedit, make some changes, and save it.
- When prompted, choose to upload the file.
- Close Konqueror.
- cat the file on your host machineto ensure the changes were properly uploaded.
Connecting to a Linux SMB Server from a Windows Client (Windows 7)
- Power up a Windows 7 system in the lab and login using your LEARN username and password.
- Add the prerouting and forwarding rules to your iptables necessary to redirect samba traffic to your VM 2.
- Open up Explorer and Right click on Computer > Map network drive.. > Select a Drive Letter and '\\<ip-address-of-host>\home' > you will then be asked for your username and password.
- You should now be able to browser, drag and drop your files to and from the Windows machine.
Completing the Lab
While completing this lab you have gained experience using a service designed to allow interaction from a variety of client tools on multiple OS platforms. You have also experienced service related tools that allow you to view configuration parameters and errors in real-time.
Answer the following questions
- What is the purpose of the testparm command?
- What does SMB stand for? CIFS?
- What does the text inside square brackets in the smb.conf file mean? (e.g., "[home]").
- Explain the meaning of the line "create mask = 0765" in the smb.conf file?
- What does the smbpasswd command do?
- What did the setsebool command do?