|
|
Microsoft Windows uses the Server Message Block protocol to manage file and printer sharing across Windows-based networks. In order to integrate Windows machines into Linux or UNIX-based networks, the Linux machines must be able to communicate SMB to the Windows machines. Samba is the UNIX/Linux implementation of this protocol.
From the Windows user perspective, Samba is nearly transparent. When users click the Network Neighborhood or My Network Places icons on their desktop, they will see Samba shares represented just as they already see Windows machines on the network. This is an excellent way to keep important files on a central machine with tight security, while still allowing local users to access the data without having it stored on multiple insecure desktops.
Although there are other file and printer sharing facilities available in various Linux distributions, Samba is the most popular option. There are several reasons for its popularity:
Windows is still the most popular desktop operating system in most businesses and organizations.
In mixed computing environments, SMB is the most common protocol for sharing files and printers.
Samba, as opposed to other Windows servers, lets you run SMB protocols on more powerful computers for file and printer sharing (Linux scales up from PCs to supercomputers).
Samba allows your Linux machine to act as both an SMB server and a client, so that it can share its directories and printers with other Windows machines as well as pull those services from the Windows computers.
Samba can help your organization transition from proprietary Windows systems to Linux or UNIX.
In many environments, IT departments are reasonably content with Windows on desktop workstations. While the IT techies themselves may prefer UNIX-based software such as Linux, most people understand that most popular business software are usually available only for Windows.
When it comes to the servers and workhorse machines, however, many IT departments are moving away from Windows-based server software for a variety of reasons. Whatever the criteria for that choice, Samba makes it easy to administer a mixed-OS environment. Files can be shared across the network between servers and workstations, with little concern for the operating system on either end of the connection.
Anyone using Samba services must have a Samba user account. Samba requires an associated user account for access to files, directories, or printers. When users attempt to access a Samba share, or shared resource, they must provide a username and password so that the server can authenticate user access.
A Samba administrator can open access to any user by assigning one of the following values to a particular share when configuring that share in the /etc/samba/smb.conf configuration file:
guest ok = yes guest only = yes
The guest ok option allows you to assign varying permissions to the share, based on the user's profile. Individual known users may have different levels of access. The guest ok option defines a generic set of permissions based on those assigned to the guest user. If you choose the guest only option, only guest accounts are allowed to log into the share and there is only one set of associated permissions.
By default in Linux, the guest Samba user is assigned to the Linux user account called nobody. The default permissions given to nobody when a share is given guest access include:
May print to local printers
May access any files or directories with world readable and writable permissions
May not log directly into the Linux machine
If you prefer to reserve the nobody account for other purposes, you can create another guest account for Samba. First, add a user with a generic name, such as sambaguest, with the useradd command. After you have added this user to the system and assigned the appropriate permissions, you can assign the Samba guest account to the new user:
guest account = sambaguest
To fit seamlessly into the Windows environment, SMB shares are identified using the Universal Naming Convention (UNC). On a client Windows machine, that name will typically appear in the form
\\computer\share
where computer is the computer's NetBIOS name and share is the name of the shared resource.
Share names on the Linux machine must be constructed differently. Since backslashes are used as an escape character on the Linux command line, you cannot issue share names as shown above. Instead, you must issue the command with additional backslashes that escape the backslash character. For example, to use the smbmount command to mount a share identified as \\toys\Musicbox on the local /var/mytemp directory, you might issue the command
# smbmount "\\\\toys\\Musicbox" /var/mytemp
Some Linux software used to access SMB shares can use forward slashes instead of backslashes. For example, in Nautilus File Manager (which you can open by opening the Home icon on the desktop), you could access the \\toys\Musicbox share by typing the following into the Location box:
smb://toys/Musicbox
| Tip |
On a Windows machine connected over a Samba network, frequently used shares can be mapped to letter drives. |
|
|