HOWTO: Setup Samba peer-to-peer with Windows

[Eiríkr]

Hello Januszky --

Welcome to the fora! I hope your time in Linux Land, no matter which distribution, is ultimately a successful and positive experience. There's definitely a learning curve, but it sounds like you're already well aware of that.

Reading over your post, I noted that you're working on a no-password setup. This can be tricky with Samba, due to Samba's default user access mode being backed by the Unix-y user-based permissions model. That said, let's go over your smb.conf options and see what we can find. Here, I skip all options that look fine. I also link each listed option to the relevant section of the official Samba conf file online man page for reference -- if you have any questions at all about an option, this is what you want to read.

------------------------------------------------------------
[global]

security = user
This is already the default value. This line can thus be safely omitted from your conf file -- simple is good.

null passwords = true
This is *only* needed if you have Samba usernames explicitly defined with no passwords (using the sudo smbpasswd -a USERNAME command).

max log size = 50
The value here is the size of the log file in KB:

Samba periodically checks the size and if it is exceeded it will rename the file, adding a .old extension.
...
Default: max log size = 5000

50KB seems quite small to me, but it's no biggie.

username map = /etc/samba/smbusers
This is key to your setup. From the man page:

This option allows you to specify a file containing a mapping of usernames from the clients to the server. This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows machines to those that the UNIX box uses. The other is to map multiple users to a single username so that they can more easily share files.

The 'other' purpose mentioned here sounds exactly like what you're trying to do. Would you be so kind as to post the output of less /etc/samba/smbusers? Feel free to change the names to protect the innocent. The key point here is the local usernames you are mapping to, and whether the permissions on your shared folders are configured to allow access to those usernames.

smb passwd file = /etc/samba/smbpasswd
Default value. Omitable.

name resolve order = hosts wins bcast
This is *almost* the default -- the default starts with lmhosts with the rest all the same. This is most likely omitable.


[private]

path = /usr/smbroot/private
A couple thoughts strike me here. First off, the /usr directory on Unix-y systems has traditionally been set aside for user applications and utilities, whereas the /home directory is more often used for user data. (More info here if you're interested.) This is neither here nor there with regard to Samba specifically, but it's something to think about in terms of how you want to organize your hard drive(s) and partitions. By way of an alternate example, I set up a separate /data directory into which I put all user data aside from settings files -- things like documents, music files, and the like. I also put this directory in its own partition -- this way I can wipe the root partition and install a completely different distro, and I don't have to worry about losing my data files (provided I'm careful with the partitions).

My second thought has more to do with your specific problems, and that is permissions -- it'd be very helpful if you could post the output of ls -l /usr/smbroot/private. This will allow us to see the owner, group, and access permissions for this directory, which could be part of what's causing your problems.

public = no
Synonym for guest ok. Default value. Omitable.

valid users = @private
write list = @private
These two together seem redundant -- the write list option is only relevant if you want to allow *some* users to access as read-only, and others as writeable. The valid users option defines only those users allowed to access this share. Your option values here make it look like you want to allow write access to everyone allowed to access at all -- so you can probably omit the write list line.


[public]

path = /usr/smbroot/public
Much like for your private directory, please post the output of ls -l /usr/smbroot/public.

write list = @public
With no valid users specification, *any* non-guest user that can log onto your Samba setup (i.e. any user properly mapped to a local Linux username in your smbusers file, since you specify one) will be able to read this directory, but only members of the public Linux group will be able to write to it.


[temp]
path = /usr/smbroot/tmp
Much like for your private directory, please post the output of ls -l /usr/smbroot/tmp.

public = yes
Synonym for guest ok. From the man page:

If this parameter is yes for a service, then no password is required to connect to the service. Privileges will be those of the guest account.

It's important to look into what your guest account is, if you have any intention of allowing guest users. The guest account can be specified in the smb.conf file by using the guest account [global] option. Note that the guest Samba account defaults to the nobody Linux user account, and this account usually has permission to access almost nothing in the filesystem, by default.

------------------------------------------------------------

I suspect your problem comes down to filesystem permissions and username mapping. The command output requested above should provide some very useful clues to getting your config fully sorted out.

HTH,

-- Eiríkr

[dmizer]

PROBLEM DESCRIPTION
Although the Linux network ethernet settings use auto IP (BOOTP/DHCP), the IP address is a static assignment by the router (for all LAN).

I am able to ping to/from all machines with IP addresses and machine names. In the Linux box I am able to see shares I have set up but I am unable to access the shared docs on the Win XP machines. From Win XP machines, I do not see the Linux shares. Nada. Just message that path not found.

It seems like a firewall issue but the Linux box does not have a firewall running. The Windows XP machines have Zone Alarm configured to permit access of all machines on the LAN. There is nothing to indicate the router might be a problem but I did configure it to permit ports 131-139, 445.

There are two parts to a Samba configuration, a server and a client. This howto describes how to configure a Samba server. In other words, you've only configured your Ubuntu computer so that Windows computers can connect to it. If you want to use Ubuntu to connect to Windows computers, you'll need to configure Ubuntu as a client. To configure Ubuntu as a Samba client, please see the second link in my sig.

[januszky]

Eiríkr, dmizer --

Thanks for the ultra-fast response! Frankly, I am a bit shocked! I just posted my message just a few hours ago.

Okay, you have given me some things to do. I am eager to do these tasks ASAP -- after jury duty today (if I don't get into a long trial).

I will post back.

j

[januszky]

Eiríkr, here is the info you requested:

OUTPUT: SMBUSERS
[root@Triboot ~]# less /etc/samba/smbusers

# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
/etc/samba/smbusers lines 1-3/3 (END)

PERMISSIONS INFO
Note: each folder has copy of test file (dhcp config)

[root@Triboot ~]# ls -l /usr/smbroot/private
total 16
-rw-rw-r-- 1 bigjohn bigjohn 13739 2009-02-02 16:51 dhcp config

[root@Triboot ~]# ls -l /usr/smbroot/public
total 16
-rw-rw-r-- 1 bigjohn bigjohn 13739 2009-02-02 16:51 dhcp config

[root@Triboot ~]# ls -l /usr/smbroot/tmp
total 0


dmizer, I checked out the seond link and I am sorry but I'm not at that level. I only looked at the first 2-3 pages but not all 85. I gathered that it may be about a different approach with smbfs (which I know zero about). I know it is basic but not me . . . yet. So, please excuse my ignorance (not knowing). I'm an old guy who messed with a little DOS & BASIC decades ago and 'nix is new to me but I'm not uncomfortable with command line stuff given direction. I'm at a genuine beginning stage now.

Thanks for reading and helping!

j

[TechMansoor]

This is the error I'm getting when trying to edit the smb.conf. I'm trying to follow the original poster instructions but through ubuntu server as opposed to desktop.


"mansoor@LocalFileServer:/etc/samba$ sudo edit smb.conf
Warning: unknown mime-type for "smb.conf" -- using "application/octet-stream"
Error: no "edit" mailcap rules found for type "application/octet-stream"


I get an error everytime I try to: sudo gedit/edit/vi/vim


Any suggestions as to why I wouldn't be able to get into the smb.conf file?

Everything worked up until this point:

"And finally we need to open the file inside an editor

Code:

sudo gedit /etc/samba/smb.conf"

[Eiríkr]

This is the error I'm getting when trying to edit the smb.conf. I'm trying to follow the original poster instructions but through ubuntu server as opposed to desktop.


"mansoor@LocalFileServer:/etc/samba$ sudo edit smb.conf
Warning: unknown mime-type for "smb.conf" -- using "application/octet-stream"
Error: no "edit" mailcap rules found for type "application/octet-stream"


I get an error everytime I try to: sudo gedit/edit/vi/vim


Any suggestions as to why I wouldn't be able to get into the smb.conf file?

Everything worked up until this point:

"And finally we need to open the file inside an editor

Code:

sudo gedit /etc/samba/smb.conf"

Well, this is certainly bizarre, but I think I've found one possible problem -- the edit program is *not* a text editor, it is instead an alias for certain run-mailcap functionality. I confess I really don't understand what run-mailcap is supposed to be used for, even after reading through the somewhat cryptic man page...

Anyway, try sudo gedit /etc/samba/smb.conf instead, and let us know what happens.

HTH,

-- Eiríkr

[TechMansoor]

Well, this is certainly bizarre, but I think I've found one possible problem -- the edit program is *not* a text editor, it is instead an alias for certain run-mailcap functionality. I confess I really don't understand what run-mailcap is supposed to be used for, even after reading through the somewhat cryptic man page...

Anyway, try sudo gedit /etc/samba/smb.conf instead, and let us know what happens.

HTH,

-- Eiríkr

Well yeah, I actually stated I get a similar error when trying gedit as well.

But here is the official error when trying gedit:

(gedit:28371): Gtk-WARNING **: cannot open display:

Error when trying vi or vim is not exsistent, but it goes into a blank smb.conf file which means its a new file of sorts I believe.

Anywho..again any suggestions would be thoroughly appreciated..

[Eiríkr]

Eiríkr, here is the info you requested:

Hello Januszky --

Doh! I forgot to add the -d switch to the ls command -- this tells ls to output the info for the directory itself (which is what we need), instead of just the directory contents (which we don't need just now, maybe not at all). So, if you could also post the results of the following, it would be much appreciated!

Code:

ls -ld /etc/samba/private
ls -ld /etc/samba/public
ls -ld /etc/samba/tmp

The contents of your smbusers file raises numerous issues, which I don't have time to get into right at the moment -- I should have time later this evening, however. Hopefully by then you'll also have posted the ls -ld output, and we can really go to town!

Cheers,

-- Eiríkr

[Eiríkr]

Well yeah, I actually stated I get a similar error when trying gedit as well.

But here is the official error when trying gedit:

(gedit:28371): Gtk-WARNING **: cannot open display:

Error when trying vi or vim is not exsistent, but it goes into a blank smb.conf file which means its a new file of sorts I believe.

Anywho..again any suggestions would be thoroughly appreciated..

When you try to open gedit, are you ssh-ing into a different box, or are you opening a terminal locally, right on the same machine that has the smb.conf file?

Either way, it sounds like your environment variables are slightly borked. Try the following:

Code:

sudo export DISPLAY=:0
sudo gedit /etc/samba/smb.conf

If gedit comes up blank as vim does, then yes, your smb.conf file seems to be either missing or empty. If so, check ls /etc/samba/ and see if there might be a backup left over -- smb.conf~ would be the file you want. If that file exists but smb.conf does not, copy it over, and then edit:

Code:

sudo cp /etc/samba/smb.conf~ /etc/samba/smb.conf
sudo gedit /etc/samba/smb.conf

If there is no backup file, and gedit comes up blank, then I'm afraid you'll just have to copy in whatever template or options you want, and go from there. Thankfully, there are many sample smb.conf files here on the Ubuntu fora that you can choose from.

Cheers,

-- Eiríkr

[TechMansoor]

When you try to open gedit, are you ssh-ing into a different box, or are you opening a terminal locally, right on the same machine that has the smb.conf file?

Either way, it sounds like your environment variables are slightly borked. Try the following:

Code:

sudo export DISPLAY=:0
sudo gedit /etc/samba/smb.conf

If gedit comes up blank as vim does, then yes, your smb.conf file seems to be either missing or empty. If so, check ls /etc/samba/ and see if there might be a backup left over -- smb.conf~ would be the file you want. If that file exists but smb.conf does not, copy it over, and then edit:

Code:

sudo cp /etc/samba/smb.conf~ /etc/samba/smb.conf
sudo gedit /etc/samba/smb.conf

If there is no backup file, and gedit comes up blank, then I'm afraid you'll just have to copy in whatever template or options you want, and go from there. Thankfully, there are many sample smb.conf files here on the Ubuntu fora that you can choose from.

Cheers,

-- Eiríkr

Ok so I am definitely ssh'ng into a local box to do all these commands. I didn't have an smb.conf~ but I had an smb.conf.template that I created per the instructions in the original post. Indeed, after copying back over the template to the smb.conf file, I still get the same gedit error:

(gedit:28529): Gtk-WARNING **: cannot open display:


what next?? I'll try the directions prior to this one now