Sharing Resources Using Samba
Samba is a suite of utilities that allows your Linux box to share files and other resources such as printers with Windows boxes. Either configuration will allow everyone at home to have their own logins on all the home windows boxes while having their files on the Linux box appear to be located on a new Windows drive shared access to printers on the Linux box shared files accessible only to members of their Linux user group.
Configure samba server
Prerequisites of samba server
linux server with ip address 184.108.40.206 and hostname Server
A window client with ip address 220.127.116.11 and hostname Client2
Updated/etc/hosts file on linux system
Running port map and xinetd services
Firewall should be off on server
Configuring SWAT (Samba web administration tool)
Samba has a web based configuration tool called SWAT that allows you configure your smb.conf file no need to remember all the formatting.
Each SWAT screen is actually a form that covers a separate section of the smb.conf file into which you fill in the desired parameters.
For ease of use, each parameter box has its own online help.
Basic SWAT setup
You must always remember that SWAT edits the smb.conf file but also strips out any comments you may have manually entered into it beforehand.
The original Samba smb.conf file has many worthwhile comments in it and should be saved as a reference before proceeding with SWAT which will remove them.
- For example, you could save the original file with the name /etc/samba/smb.conf.original as seen below.
[root@wilshire~]# cp /etc/samba/smb.conf /etc/samba/smb.conf.original
As you can see, using SWAT requires some understanding of the smb.conf file parameters because it eliminates these comments.
It is therefore always good practice to become familiar with the most important options in this file before proceeding with SWAT.
SWAT doesn’t encrypt your login password. This may be a security concern in a corporate environment.
Because of this, you may want to create a Samba administrator user that has no root privileges and/or only enable SWAT access from the GUI console or localhost.
port = 901
wait = no
user = root
server = /usr/sbin/swat log_on_failure += USERID disable = no only_from = localhost }
The formatting of the file is fairly easy to understand, especially as there are only two entries of interest. The
disable parameter must be set to
no to accept connections.
Therefore to activate SWAT
The default configuration only allows SWAT web access from the VGA console as user “root” on port 901 with the Linux root password.
This means you’ll have to enter
http://127.0.0.0:901in your browser to get the login screen.
You can make SWAT accessible from other servers by adding IP address entries to the only_from parameter of the SWAT configuration file.
Here’s an example of an entry to allow connections only from 18.104.22.168 and localhost. Notice there is no commas between the entries.
only_from = localhost 22.214.171.124
Therefore, in this case you can also configure Samba on your Linux server
Skynet IP with address 126.96.36.199 from PC 188.8.131.52 using the URL http://184.108.40.206:901.
Remember that most firewalls don’t allow TCP port 901 trough their filters. You may have to adjust your rules for this traffic to pass.
As with all xinetd controlled applications, the chkconfig command will automatically modify the “disable” field accordingly in the configuration file and activate the change.
[root@wilshire~] chkconfig swat
on Deactivating SWAT
[root@wilshire~] chkconfig swat off