Quick and easy samba setup. Samba File Server Samba Commands

Samba is a program that allows UNIX/Linux computers to simulate Windows machines. Using Samba, computers can share files or manage print jobs as file servers or Windows print servers. Like operating system The UNIX/Linux on which it runs, Samba is open source software developed by many programmers.

SMB protocol is used Microsoft Windows 2000, NT and 95/98 for organizing access to disks and printers. Using the Samba suite of utilities from Andrew Tridgell ( [email protected]), UNIX machines (including Linux) can provide access to disks and printers for Windows machines. smbfs utilities written by Paal-Kr. Engstad ( [email protected]) and Volker Lendecke ( [email protected]), enable UNIX machines to mount SMB resources available on Windows or Samba machines.

Using Samba you can implement the following most common ones:

1. Give access to Linux disks Windows machines.
2. Access Windows disks for Linux machines.
3. Provide access to Linux printers for Windows machines.
4. Access Windows printers from Linux systems.

Installing and testing Samba

Installation, as you know, should begin with a detailed study of the documentation. True, the majority system administrators

they neglect this rule, guided by another: “If all else fails, read the documentation.” In general, we recommend starting the Samba installation with a simple command: $ man samba (Fig. 1). And also from reading the documentation available on the website http://www.samba.org/. It should be noted that to use Samba your machine must be on a single Ethernet segment local network, while using TCP protocol/IP.

Samba will not work when using others

To obtain the source code for the latest version of Samba, contact http://www.samba.org/ and select the mirror server closest to you: ftp://ftp.samba.org/. The Samba package is included in the distribution kits of a number of UNIX/Linux systems, for example Rad Hat or Suse Linux. Carefully study the documentation of your Linux, and it is quite possible that you will only need to insert the CD and install the Samba packages. In this case, you can continue reading the article from the next chapter.

After receiving this package, extract everything that is labeled *.tar.gz, for example, into the /tmp directory (and you don’t have to be root for this:), that is:

$ tar -zxvf samba-latest.tar.gz

If you have no problems extracting this package, you will find a new directory, such as samba-latest, with the extracted files in it. Go to it, look at the “README” and “Manifest” files - installation instructions are in the last file and look something like this:

$ ./configure $ make $ su # make install

Now you need to pay attention to where your configuration files are located. Most Samba distributions by default place them in the /etc directory and themselves in the /usr/local/samba directory.

Samba configuration

Basic Samba configuration information is found in the smb.conf file. This file should be handled with care. If you plan to change the running version in any way, be sure to make a copy.

In order to start the server for the first time, you must have a working version of the smb.conf file. Go to the directory where your configuration file should be located. Most likely it will be /etc or /usr/local/samba/lib. Make a copy of this file, for example smb.old, - this is possible if you have root rights. Now that you have a “clean” file, you can enter the simplest configuration, that is, type the following lines:

#Basic Samba configuration file (smb.conf) workgroup = PTO netbios name = GALKA

We'll look at what these lines in the configuration file mean below, but first we'll take a break from that for a moment and move on to the SMB daemons.

Launching daemons

There are two SMB daemons: /usr/sbin/smbd and /usr/sbin/nmbd. You can run Samba daemons from inetd or as a standalone process. Samba will respond slightly faster if it is running as a standalone process.

Sometimes it is necessary to check for lines like this in the /etc/services file:

Netbios-ns 137/tcp nbns netbios-ns 137/udp nbns netbios-dgm 138/tcp nbdgm netbios-dgm 138/udp nbdgm netbios-ssn 139/tcp nbssn

Make sure they are all uncommented. Depending on your distribution, you may even need to add them to this file. Samba will not be able to bind to the appropriate ports unless these lines are in the /etc/services file.

To start daemons from inetd, place the following lines in the inetd configuration file, /etc/inetd.conf:

# SAMBA NetBIOS services (for PC file and print sharing) netbios-ssn stream tcp nowait root /usr/sbin/smbd smbd netbios-ns dgram udp wait root /usr/sbin/nmbd nmbd

Then restart the inetd daemon by running the command:

Kill -HUP 1 `cat /var/run/inetd.pid`

To start daemons from system startup scripts, place the following script in the file /etc/rc.d/init.d/smb (for the RedHat distribution) or /etc/rc.d (for the Suse Linux distribution) and create symbolic links to it with names like /etc/rc.d/rcX.d/S91smb (starts SMB services in multi-user mode), /etc/rc.d/rcX.d/K91smb (kills SMB services when shutting down), /etc/rc.d/rc6 .d/K91smb (kills SMB services on reboot), where X is the system boot level number, usually a 2 or 3.

#! /bin/sh . /etc/rc.config # Determine the base and follow a runlevel link name. base=$(0##*/) link=$(base#*) # Force execution if not called by a runlevel directory. test $link = $base && START_SMB=yes test "$START_SMB" = "yes" || exit 0 # The echo return value for success (defined in /etc/rc.config). return=$rc_done case "$1" in start) echo -n "Starting SMB services:" startproc /usr/sbin/nmbd -D || return=$rc_failed startproc /usr/sbin/smbd -D || return=$rc_failed echo -e "$return" ;;

startd) echo -n "Starting SMB services:" startproc /usr/sbin/nmbd -D -d 10 || return=$rc_failed startproc /usr/sbin/smbd -D -d 10 || return=$rc_failed echo -e "$return" ;;

stop) echo -n "Shutting down SMB services:" killproc -TERM /usr/sbin/nmbd || return=$rc_failed killproc -TERM /usr/sbin/smbd || return=$rc_failed echo -e "$return" ;;

restart|reload) $0 stop && $0 start || return=$rc_failed ;;

status) echo -n "Checking for service smb: " checkproc /usr/sbin/nmbd && echo -n "OK " || echo -n "No process " checkproc /usr/sbin/smbd && echo "OK " || echo "No process" ;;

Now go to the very first tab “Configuration” and click on the “File and print sharing” button. In the window that appears, you need to check the boxes “The files on this computer can be shared” (I want to be able to give others access to my files) and “The printers on this computer can be shared” (I want to be able to allow others to print to my printer(s)).

And finally, we indicate to Windows that Samba is a WINS server and it will be the browse master. To do this, go to the properties of the TCP/IP protocol (Fig. 4). In the window that appears, select “WINS Configuration”. Check the box “Enable WINS Resolution”. In the “Primary WINS Server Search Order” field that appears, enter the IP address of the server (Samba) - 192.168.0.1 and click “Add” or simply... Go to the “Advanced” tab and click on “Browse Master” in the left window, and in the right window set the value to “Disabled” That’s all. Now all you have to do is click the “OK” button several times and restart Windows.

In Windows NT, the network properties screens are slightly different (shown in the pictures), but the basic concept remains the same.

After Windows restarts, feel free to click on “Network Neighborhood” and you will be able to see the Samba server, as well as your home directory on a Linux server. Now you can simply connect these resources as network drives and assign drive letters to them.

Let's complicate the configuration a little: we will make the /home/public directory readable by everyone, but we will only allow people from the ADMINS group to place information in it. To do this, change the entry as follows:

Comment = Public Stuff path = /home/public public = yes writable = yes printable = no write list = @ADMINS

There are many more examples of Samba file server settings that can be given, but it would be better if you look at the Samba documentation or man pages and figure them out yourself.

Accessing Windows Disks from Linux

It is unlikely that novice Linux OS users will be able to quickly understand the system for accessing Linux files from Windows, and vice versa. But it's not all that complicated. Access to Linux resources from Windows was briefly described above, and we will now consider access to Windows resources from Linux.

The SMB client program for UNIX/Linux machines is included in the Samba distribution. It provides an ftp-like interface command line. You can use this utility to transfer files between a Windows "server" and a Linux client.

To see what resources are available on a given machine, run the command:

/usr/sbin/smbclient -L host

where host is the name of the machine you want to see. This command will return a list of service names - that is, the names of drives or printers that can be accessed. Until the SMB server is configured without access control, it will prompt you for a password. When prompted, enter the password for the “guest” user or your personal password on this machine.

To use the client, run the following command:

/usr/sbin/smbclient service

where service is the name of the machine and service. For example, if you are trying to access a directory that is accessible as public on a machine called galka, then the service name should be \\galka\public.

You will receive a smbclient prompt:

Server time is Wen May 22 15:58:44 2001 Timezone is UTC+10.0 Domain= OS= Server= smb: \>

The commands for using Samba are the same as ftp, but if you don't know how to use either, type h for help.

Of course, you can use smbclient for testing, but very soon you will get tired of it. To work, you will most likely need the smbfs package. Smbfs comes with two simple utilities - smbmount and smbumount. They work similar to mount and umount for SMB resources. For example,

Smbmount//computer_name/catalog/Mountpoint -U user_name

As a result, you will receive a “mounted” resource with the ability to access it using the usual Explorer methods.

Print server for Linux

To access a Linux printer from Windows machines, you need to make sure that the printer runs on Linux. If you can print under Linux, then accessing the printer will be very simple.

Add the printer setting to your smb.conf file:

Printing = bsd printcap name = /etc/printcap load printers = yes log file = /var/log/samba-log.%m lock directory = /var/lock/samba comment = All Printers security = server path = /var/spool /lpd/lp browseable = no printable = yes public = yes writable = no create mode = 0700 security = server path = /var/spool/lpd/lp printer name = lp writable = yes public = yes printable = yes print command = lpr -r -h -P %p %s

Make sure that the path to the printer (in our case for ) matches the spool directory specified in the /etc/printcap file, that is, check for the presence of the lines:

Printcap name = /etc/printcap load printers = yes

These lines control whether all printers listed in /etc/printcap should be loaded by default. In this case, there is no need to configure each printer separately. The section specifies settings for printers that you want to define explicitly. If the print subsystem you are using does not work this way (BSD), then you will need to set up a fake printcap file (or use the "print command", see below). For getting additional information For the printcap system, see Printing-HOWTO.

Access to Windows printer from machines running Linux

To access the printer on a Windows machine, the following conditions must be met:

1. You need to have the correct entries in the /etc/printcap file to match the local directory structure (for the spool directory, etc.)
2. You should have the script /usr/bin/smbprint.
3. It comes with the Samba sources, but not all Samba binary distributions.

If you want to convert ASCII files to PostScript, you must have nenscript or its equivalent. The nenscript program is a PostScript converter that is usually installed in the /usr/bin directory. The entry in the /etc/printcap file below is for an HP 5MP printer on Windows server

N.T. The following fields in the /etc/printcap file are used: Cm - comment; lp - name of the device to be opened for output;

sd - printer spool directory (on

local machine

);

#!/bin/sh –x # # Debugging log file, change to /dev/null if you like. # logfile=/tmp/smb-print.log # logfile=/dev/null # # The last parameter to the filter is the accounting file name. # spool_dir=/var/spool/lpd/lp config_file=$spool_dir/.config # Should read the following variables set in the config file: # server # service # password # user eval `cat $config_file` # # Some debugging help, change the >> to > if you want to same space. # echo "server $server, service $service" >> $logfile (# NOTE You may wish to add the line `echo translate" if you want automatic # CR/LF translation when printing. echo translate echo "print -" cat) | /usr/bin/smbclient "\\\\$server\\$service" $password -U $user -N -P >> $logfile

Most Linux distributions come with a program called nenscript to convert ASCII documents to PostScript.

Conclusion

Until recently, Samba's capabilities were limited to those listed above. However, we can say with confidence that the new version of Samba 2.2 catches up with Windows 2000 in functionality and contains additional improvements. One of Samba's lead developers, Jeremy Allison, calls it a "major update" that will help Samba systems integrate more easily into Microsoft networks. The software provides savings not only because you don't have to pay for a server OS, but also because you don't have to pay for "client" licenses for all the computers that use the server.

About new features of Samba 2.2. read our article “Samba 2.2 - what new » .

ComputerPress 10"2001

Sometimes you need to very quickly set up a file share on the server and open access to it. In this case, there is no need to fence in any complex configurations, access rights or anything else. You just need quick access to information without unnecessary questions.

For example, I recently needed something like this to open access to backups, which were stored on the server. I didn’t want to figure it out and look for information myself; I needed to quickly give the person reading access so that he could find everything he needed.

I will not specifically deal with operating system versions. Samba's configs are the same almost everywhere I've worked with them, especially in the simplest configurations.

So, install Samba in any suitable way for your operating system. The configurations are valid for version 3 of samba. Next we decide what we need:

• access by user and password,
• access by IP address,
• access to everyone without restrictions.

Depending on this, the settings will be slightly different.

For password access draw the following config:

Security = user passdb backend = tdbsam workgroup = MYGROUP server string = Samba path = /mnt/shara valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes browseable = yes

# useradd share-user -M -G users -s /sbin/nologin

We import this user into Samba and set the password:

# smbpasswd -a share-user

And we try to go to the ball at the address:

\\server ip\share

To organize access depending on IP address, make the following settings in smb.conf:

Security = share workgroup = MYGROUP server string = Samba map to guest = bad user path = /mnt/files browsable = yes writable = yes guest ok = yes read only = no hosts allow = 192.168.0.171

In this case full access will be at the address 192.168.0.171. To add the entire subnet, you need to specify the following:

Hosts allow = 192.168.0.

You can combine different subnets and addresses, separating them with spaces. In order to disable access to some individual addresses from an allowed subnet, you can do this:

Hosts allow = 192.168.0. except 192.168.0.15

Access will be allowed to the entire subnet 192.168.0.0/24, except for the address 192.168.0.15.

We restart samba and check.

If you have samba 4 installed, then this configuration will not work and you will receive an error:

WARNING: Ignoring invalid value "share" for parameter "security" !}

For IP access to work properly, you need to make the following changes to the above config:

Security = user map to guest = Bad Password

Leave the rest of the parameters the same. After this, access via IP will work on version 4 of Samba.

If access will be provided to everyone without restrictions, then the simplest samba configuration will be like this:

Security = user workgroup = MYGROUP server string = Samba guest account = nobody map to guest = Bad User path = /mnt/files browseable = Yes guest ok = Yes writeable = Yes public = yes

Don't forget to give everyone rights to the folder:

# chmod 0777 /mnt/files

We restart Samba and try to log in. They should let you in without any questions asked.

This is how you can organize a simple file server using samba in just 5 minutes. And often it’s more difficult and it’s not necessary. For some kind of file dump, the latest option is suitable.

For more complex configurations I have separate articles:

Online course "Network engineer"

If you have a desire to learn how to build and maintain highly available and reliable networks, I recommend taking the Network Engineer online course from OTUS. This is an original program combined with remote practice on real equipment and a Cisco academic certificate! Students gain practical skills in operating equipment using a remote online laboratory based on a training partner - RTU MIREA: Cisco 1921, Cisco 2801, Cisco 2811 routers; Cisco 2950, ​​Cisco 2960 switches. Course features:

• The course contains two project works.;
• Students are enrolled in the official Cisco Academy (OTUS, Cisco Academy, ID 400051208) and gain access to all parts of the CCNA Routing and Switching course;
• Students can take the exam and receive, along with the OTUS certificate, a certificate for the “CCNA Routing and Switching: Scaling Networks” course;

Test yourself on the entrance test and see the program for more details.

The main Samba configuration file is /etc/samba/smb.conf. The initial configuration file has a significant number of comments to document the various configuration directives.

Not all possible options are included in the default settings file. See manual man smb.conf or Samba FAQ for more details.

1. First change the following key/value pairs in the section file /etc/samba/smb.conf:

Workgroup = EXAMPLE ... security = user

Parameter security is located much lower in the section and is commented out by default. Also replace EXAMPLE to something more appropriate to your surroundings.

2. Create a new section at the end of the file or uncomment one of the examples for the directory that you want to share:

Comment = Ubuntu File Server Share path = /srv/samba/share browsable = yes guest ok = yes read only = no create mask = 0755

comment: short description shared resource. Used for your convenience.

path: path to the shared directory.

This example uses /srv/samba/sharename because, according to the hierarchy standard file systems(FHS), the /srv directory is where all data related to a given site should be located. Technically, a Samba share can be placed anywhere on the file system where file access restrictions allow, but following standards is recommended.

browsable: Allows Windows clients to view the contents of a shared directory using Windows Explorer.

guest ok: Allows clients to connect to the shared resource without providing a password.

read only: Determines whether the resource is accessible with read-only or write privileges. Write privileges are only available when you specify no as shown in in this example. If the value yes, then access to the resource will be read-only.

create mask: Defines what access rights will be set for new files created.

3. Now that Samba is configured, you need to create a directory and set permissions on it. Enter in terminal:

Sudo mkdir -p /srv/samba/share sudo chown nobody.nogroup /srv/samba/share/

parameter -p tells mkdir to create a complete directory tree if it doesn't exist.

4. Finally, restart samba services to apply the new settings:

Sudo restart smbd sudo restart nmbd

Now you can search Ubuntu file server using Windows client and view its shared directories. If your client does not show your shares automatically, try accessing your server by its IP address, for example, \\192.168.1.1, from a Windows Explorer window. To check that everything is working, try creating a directory inside your share from Windows.

To create additional shares, create a new section in /etc/samba/smb.conf and restart Samba. Just make sure the shared directory is created and has the correct permissions.

Shared resource "" and the way /srv/samba/share- these are just examples. Set the resource name and directory name according to your environment. It is a good idea to use the name of the resource's directory on the file system as the name of the resource. In other words, the resource can be specified as for the /srv/samba/qa directory.

2. Gain access to Microsoft network resources.

3. Print documents on network printers Microsoft network, and also allow you to use your printer as a network printer.

During installation, the first step is to install the samba, samba-common and samba-client packages:

# rpm –ih /mnt/cdrom/Mandrake/RPMS/samba*

That being said, if you are using a different distribution (not Mandrake as stated in the example), go to desired directory.

The samba package consists of two main files - smbd and nmbd. The first one is an 8MB protocol carrier, and the second one provides support for NetBIOS names. Immediately after setting them up, your computer will appear on the network.

After installation, the smbd and nmbd services are configured as auto-start, that is, you do not have to do anything to start them yourself. You may not be happy with this option (for example, if they will be accessed rarely and you want to free up memory). In this situation, no one bothers to add them to the superserver configuration file /etc/inetd.conf and launch them “on demand”. Just remember to disable their autoloading using the system configurator.

This chapter will look at setting up the Samba package “manually”, that is, without resorting to the help of the configurator. You can use the netconf configurator (see Fig. 9.1), but in this case there is one “but”: if you configure Samba or any other server service in another distribution (not Red Hat or Mandrake), the configurator you are used to may not be available. not be, so you should at least know the purpose and location system files one or another server service.

Rice. 9.1. Samba configuration

If you still decide to use the configurator, run netconf and, going to the Server Tasks tab, select samba configuration (see Fig. 9.1).

Using the netconf configurator, you can completely customize the Samba package - from specifying general parameters (see Figure 9.2) to defining shared resources (see Figure 9.3).

Rice. 9.2. Common parameters

Rice. 9.Z. Defining shared resources

9.2. Setting up a file server

The main Samba server configuration file is /etc/smb.conf. It is here that all used and provided resources are specified. The format of this file resembles that of an INI file for Windows programs, for example, win.ini. The /etc/smb.conf file consists of several sections, at the beginning of each of which its name is indicated in square brackets. Parameters in each section are specified in the form of entries Name=3value. The main one is the section; an example of it is shown in Listing 9.1.

Listing 9.1. Global section example

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

interfaces = 192.168.1.1/24 192.168.2.1/24

The workgroup parameter specifies the workgroup or NT domain name. The comment parameter is similar to the NT Description parameter for Windows NT or Description for Windows 9x. The guest account parameter specifies the username. Specifying guest as a user means that users have access without registration. Or rather, registration still occurs, but a guest account is used.

The next parameter, the security parameter, can take three values:

share - the name of the user resource will be requested upon each access.

user - the username and password that are used to log in will be used for authentication Windows network. This is the default value.

server - an NT server will be used to check the password.

The printing and printcap name entries refer to the printing subsystem. The first of them specifies the BSD type printing system, and the second specifies where the file containing information about printers is located. We'll talk about setting up printers a little later.

The client code page and character set parameters are necessary for the correct display of Russian-language file names in the Windows file system.

In Windows NT, starting with Service Pack 3, passwords are transmitted over the network in encrypted form. Latest versions Samba allows you to support this feature. To do this, set the encrypt password parameter to yes. If your version of Samba does not support this feature, you can disable the use of encrypted passwords in Windows. Considering that you will have to manually change the registry setting of all Windows workstations, it seems to me that it is easier to update Samba. But if you are still interested in which parameter Windows registry needs to be changed, I will indicate it. In the Windows NT registry section:

you need to create an EnablePlainTextPassword key of type DWORD and set its value to 1. In Windows 9x, you need to create the same key, but in the section

In Windows 2000, you need to make changes to the registry key

The log file and max log size parameters specify the name of the log file and its maximum size. Socket options are specified using the socket option parameter.

If your computer has multiple network interfaces, you can configure Samba to use all of the interfaces. How I did this is shown in Listing 9.1.

Now let's move on to the next section, which defines the parameters of shared resources. This section is called . An example of the contents of this section is shown in Listing 9.2.

Listing 9.2. Section

The browseable=yes parameter (see Listing 9.2) enables the display of shared resources on the Microsoft network. The writable =yes parameter allows writing to directories (the read only=no parameter can be used instead of this parameter).

Now let's create a shared directory (see Listing 9.3). This is done in the section.

Listing 9.3. Section

Your knowledge is already enough to make further adjustments yourself. To conclude this section, I'll give you a couple of practical examples (see Listing 9.4). Note that in the smb.conf file, comments can be indicated by either a hash mark (#) or a semicolon (;).

Listing 9.4.

; NETLOGON directory for domain login

comment = Samba Netlogon Service

; Do not set to yes

; Profile for shared resources

path = /usr/local/samba/proflies

; Directory used by admin user

; The admin user must exist on the Samba server

9.3. Accessing SMB resources from Linux

Let's face it, Windows was designed for housewives. Every housewife uses the “Network Neighborhood” icon on the Windows desktop to view Microsoft network resources. Now imagine that this housewife is running Linux and wants to view network resources. Most likely, she will have some difficulties. Let's try to solve them now.

To view Microsoft network resources, use the smbclient program. Let's say you want to connect to the shared directory share on computer nt_ws1. Let's assume that your username is user and password 123456. In this case, the usage of the smbclient command is as follows:

$ smbclient //nt_ws1/share –U user%123456

If a password is not needed, then only the username is indicated without the percent sign.

After connecting to the share, more precisely, to the directory, you can use the same commands as when working with the ftp client (see Table 9.1).

smbclient program commands Table 9.1

Team	Description
Dir	Lists files in a directory
cd [directory]	Performs a transition to the specified directory on the server (note that it is on the server, not on the client computer). If the directory is not specified, then smbclient will simply return the name of the current directory
get [file] [loc. Name]	Gets the specified file from the share and stores it on the local computer. If a local name is specified, the file received from the server will be saved on the client computer under this name
put [file] [deleted, name]	Copies the file to remote computer(server) and saves it there under the name specified in the remote name field. Accordingly, if this name is not specified, the file will not be renamed when saved
rm [directory] rmdir [directory]	Deletes the specified directory on the remote computer (server)
md [directory] mkdir [directory]	Creates the specified directory on a remote computer (server)
mput [files]	Copies all specified files to a remote computer (server)
del [files]	Deletes the specified files on the server, if, of course, the user has the rights to do so
help	Help
exit or quit	Ending the smbclient program session

Using the smbclient program is not very convenient. It is much more convenient to use the smbmount program, which can mount a remote shared resource as a regular file system. At the same time, subsequently using the shared resource becomes much more pleasant and convenient. The following is an example command that mounts the customers share on computer nt using the username user. The mount point is the /mnt/customers directory, the user ID (UID) is 500, and the group ID (GID) is 100:

smbmount //nt//customers –U user –c "mount /mnt/customers –u 500 –g 100"

For the same purposes, you can use the command:

smbmount //nt/customers/ /mnt/customers –U user

Note. Only the root user can use the smbmount command. In order for a normal user to use this program, it must be set to Setuid root, but this solution is unsafe. A way out of this situation is to launch the smbmount program when the system boots. Add a call to the smbmount program to mount file systems in your startup scripts sharing, with whom you work most often. After this, ordinary users will be able to work with remote resources as with a regular local file system.

Rice. 9.4. Shared Resources

You can view the shared resources of your computer using the –L option (see Fig. 9.4).

The Browse list (see Figure 9.4) shows other SMB servers on the network with available resources. The -I option allows smbclient to work with DNS names. For example, if the domain is called domain.ru, then you can view the shared resources of the computer nt_ws1 with the command:

$ smbclient –L –I nt ws1.domain.ru

9.4. Linux printer access for Windows machines

We've already done almost everything we can to support printing. The load printers section parameter loads printers from the /etc/printcap file (see Listing 9.1). The BSD printing system is used. Now all that remains is to define the section of the smb.conf file (see Listing 9.5). This section sets global parameters for all printers, so there is no need to specify them separately for each printer.

Listing 9.5. Section

Some parameters used in this section (browseable, writable, comment) have the same meanings as in the section. The path parameter specifies the spool directory into which files will be copied before printing (the so-called spool printer). The public parameter set to yes allows printing from a guest account, that is, to everyone. To disable printing from a guest account, specify public=no. In this case, only users registered on the server will have access to the printer. Instead of the public parameter, its synonym is sometimes used - the guest ok parameter. The writable parameter is set to by so that only printable files can be written to the printer's spool directory.

You may need to allow only one or a few specific users to print on a specific printer. You can do this as shown in Listing 9.6.

Listing 9.6. Allow printing for a specific user

valid user = root admin administrator

Connecting a network printer connected to a Linux server or Linux station to a Windows computer is similar to connecting an ordinary network printer connected to workstation Windows. In the operating room Windows system 98 to do this, do the following:

1. Select the menu command Start→Settings→Printers.

2. Activate the Add Printer Wizard.

3. Select printer type: network.

4. Specify the path to the printer or click on the “Browse” button to automatically select a resource (see Fig. 9.5).

Rice. 9.5. Connecting a network printer

9.5. Accessing a Windows printer from computers running Linux

First of all, you need to create the correct entries in the /etc/printcap file. You can see the format of this file in Listing 9.7.

Listing 9.7. printcap file

# just a comment

:cm=HP 5MP Postscript hp5m on nt_wsl:\

# name of the device to open for output

# printer spool directory (on local machine)

# printer usage log file

# maximum file size.

# If specified, the value is “zero”, then the restriction is removed

Listing 9.7 provides a description (in the comments) of the fields in the printcap file, but I think it wouldn’t hurt to list them separately:

cm - sets a comment;

lp - name of the device to be opened for output;

sd - printer spool directory on the local machine;

af - printer usage accounting file;

mx - maximum file size. If the value “zero” is specified, then the restriction is removed;

if is the name of the input filter.

Returning to the access settings, make sure that the directory for the printer spool exists and is writable. You also need to specify an existing output device. In Listing 9.7, this device is /dev/lp0. The Samba package includes the smbprint script. This script allows you to print documents to a network printer using SMB services. It may not be included in your package, so I've recreated it in Listing 9.8. This listing is partly taken from the Samba package manual.

Listing 9.8. smbprint script

# This script is a filter for a printing system that uses

# It uses the smbclient program to print the file on the network

# a printer that is connected to a Windows workstation.

# smb:lp=/dev/null:sd=/usr/spool/smb:sh:if=/usr/local/samba/smbprint

# The entry creates a unix printer called "smb" which will

# print with this script. You need to create a directory

# spool /usr/spool/smb with appropriate rights and owner

# Set here the name of the server and the printer you want to print to.

# The script was further modified by Michael Hamilton

# so server, service and password can be read from file

# /usr/var/spool/lpd/PRINTNAME/.config

# For this to work, the entry in /etc/printcap must

# include usage log file (af=...):

# :cm=CD IBM Colorjet on 6th: \

# :sd=/var/spool/lpd/cdcolour: \

# :af=/var/spool/Ipd/cdcolour/acct: \

# :if=/usr/local/etc/smbprint:\

# The /usr/var/spool/lpd/PRINTNAME/.config file should contain

# File for debugging information, can be changed to /dev/null

config_file=$spool_dir/. config

echo "server $server, service $service" >> $logfile

) | /usr/bin/smbclient "\\\\$server\\$service" $password –U $user –N –P >> $logfile

You can now print to a network printer. But, nevertheless, I still recommend reading the Samba package manual for more information. detailed information about printing on network printers.

9.6. Example smb.conf file

Listing 9.9 is an example of my /etc/smb.conf file. Most likely it will work correctly for you too.

Listing 9.9. smb.conf file

log file = /var/log/samba/log.%m

# I commented out the following lines because they are typical

# only for my configuration

# socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# interfaces = 192.168.1.1/24 192.168.2.1/24

9.7. SWAT Configurator

The SWAT (Samba Web-based Administrative Tool) configurator is designed to configure the Samba package through the Web interface. Like other configurators such as netconf or linuxconf, SWAT provides a convenient graphical interface for administering a Samba server. The main advantage of this configurator is that you do not need to be at the computer that you administer. You can administer Samba servers from any computer on your network. As with other configurators, when working with SWAT you do not need to know the format of the configuration files, their name, or location.

To install SWAT you need to install the samba-swat package. This package is usually found on the second CD of your Linux installation kit. Install the package with the command:

rpm –ihv samba-swat-2.2.la-4.1386.rpm

After installing the package, ensure that you have the following entry in your /etc/services file:

The SWAT Configurator uses the TCP protocol and port 901 to operate. However, you can assign any other port. When changing the port number, be sure to change the port number in the /etc/inetd.conf or /etc/xinetd.conf file.

If you are using an inetd superserver, add the following line to your /etc/inetd.conf file (if it is not already there):

swatstream tcp nowait.400 root/usr/sbin/swat swat

When using the xinetd superserver, the following swat file will be added to the /etc/xinetd.conf directory (Listing 9.11):

Listing 9.11. File /etc/xinetd.conf/swat

# description: SWAT is the Samba Web Admin Tool. Use swat\

# to configure your Samba server. To use SWAT,\

# connect to port 901 with your favorite web browser,

If you want to configure the Samba server from any computer on your network, comment out the only_from = 127.0.0.1 entry or set any other SWAT access parameters.

Now you need to restart the superserver. To do this, enter the command:

You can also use the command:

When using inetd, you can restart the superserver with the command:

All! The SWAT setup is complete and you can now begin configuring Samba using SWAT. To do this, launch your favorite browser and enter the URL:

Once the connection is established, you will see a window asking for a username and password (see Figure 9.6).

Enter your username and password. Then you will see the main configurator window (see Fig. 9.7).

Rice. 9.7. Samba Web Administration Tool

From Fig. 9.7 you can see that in the SWAT configurator everything you need is at the administrator’s fingertips: from documentation to user passwords.

The Globals section defines the values ​​of global variables (Fig. 9.8). You can get help on a particular parameter by clicking on the Help link. You can set the default value by clicking the Set Default button.

Rice. 9.8. Samba Global Variables

The Shares section defines shared resources, and the Printers section defines shared printers. The status of the Samba server can be viewed in the Status section (see Fig. 9.9). Here you can start, stop and restart SMB and NMB services. In this section, you can terminate any connection to the Samba server, as well as view the connection status.

Rice. 9.9. Section Status

The Passwords section defines users who have access to the Samba server.