Editorial review of Samba chapter.

Sponsored by:	iXsystems
This commit is contained in:
Dru Lavigne 2014-04-03 14:26:28 +00:00
parent 690284f371
commit 0ba4b9a16e
Notes: svn2git 2020-12-08 03:00:23 +00:00
svn path=/head/; revision=44427

View file

@ -4967,16 +4967,33 @@ DocumentRoot /www/someotherdomain.tld
</indexterm> </indexterm>
<para><application>Samba</application> is a popular open source <para><application>Samba</application> is a popular open source
software package that provides file and print services for software package that provides file and print services using the
&microsoft.windows; clients. Such clients can connect to and <acronym>SMB/CIFS</acronym> protocol. This protocol is built
use &os; filespace as if it was a local disk drive, or into &microsoft.windows; systems. It can be added to
&os; printers as if they were local printers.</para> non-&microsoft.windows; systems by installing the
<application>Samba</application> client libraries. The protocol
allows clients to access
shared data and printers. These shares can be mapped as a local disk drive and
shared printers can be used as if they were local printers.</para>
<para><application>Samba</application> software packages should <para>On &os;, the <application>Samba</application> client
be included on the &os; installation media. If they were not libraries can be installed using the
installed when first installing &os;, then they may be <package>net/samba-libsmbclient</package> port or package. The
installed from the <package>net/samba36</package> port or client provides the ability for a &os; system to access
package.</para> <acronym>SMB/CIFS</acronym> shares in a &microsoft.windows;
network.</para>
<para>A &os; system can also be configured to act as a
<application>Samba</application> server. This allows the
administrator to create <acronym>SMB/CIFS</acronym> shares on
the &os; system which can be accessed by clients running
&microsoft.windows; or the <application>Samba</application>
client libraries. In order to configure a
<application>Samba</application> server on &os;, the
<package>net/samba36</package> port or
package must first be installed. The rest of this section
provides an overview of how to configure a
<application>Samba</application> server on &os;.</para>
<!-- mention LDAP, Active Directory, WinBIND, ACL, Quotas, PAM, .. --> <!-- mention LDAP, Active Directory, WinBIND, ACL, Quotas, PAM, .. -->
@ -5006,10 +5023,9 @@ DocumentRoot /www/someotherdomain.tld
<para>The Samba Web Administration Tool (SWAT) runs as a <para>The Samba Web Administration Tool (SWAT) runs as a
daemon from <application>inetd</application>. Therefore, daemon from <application>inetd</application>. Therefore,
<application>inetd</application> must be enabled as shown in <application>inetd</application> must be enabled as shown in
<xref linkend="network-inetd"/>, and the following line in <xref linkend="network-inetd"/>. To enable
<filename>/etc/inetd.conf</filename> should be uncommented <application>swat</application>, uncomment the following line in
before <application>swat</application> can be used to <filename>/etc/inetd.conf</filename>:</para>
configure <application>Samba</application>:</para>
<programlisting>swat stream tcp nowait/400 root /usr/local/sbin/swat swat</programlisting> <programlisting>swat stream tcp nowait/400 root /usr/local/sbin/swat swat</programlisting>
@ -5017,21 +5033,20 @@ DocumentRoot /www/someotherdomain.tld
the <application>inetd</application> configuration must be the <application>inetd</application> configuration must be
reloaded after this configuration file is changed.</para> reloaded after this configuration file is changed.</para>
<para>Once <application>swat</application> has been enabled in <para>Once <application>swat</application> has been enabled,
<filename>inetd.conf</filename>, a web browser may be used use a web browser
to connect to <uri to connect to <uri
xlink:href="http://localhost:901">http://localhost:901</uri>. xlink:href="http://localhost:901">http://localhost:901</uri>.
At first login, the system <systemitem At first login, enter the credentials for <systemitem
class="username">root</systemitem> account must be class="username">root</systemitem>.</para>
used.</para>
<!-- XXX screenshots go here, loader is creating them <!-- XXX screenshots go here, loader is creating them
XXXTR: I'll believe it when I see it. --> XXXTR: I'll believe it when I see it. -->
<para>Once successfully logging on to the main <para>Once logged in, the main
<application>Samba</application> configuration page, the <application>Samba</application> configuration page and the
system documentation will be available, or configuration may system documentation will be available. Begin configuration
begin by clicking on the <guimenu>Globals</guimenu> tab. by clicking on the <guimenu>Globals</guimenu> tab.
The <guimenu>Globals</guimenu> section corresponds to the The <guimenu>Globals</guimenu> section corresponds to the
variables that are set in the <literal>[global]</literal> variables that are set in the <literal>[global]</literal>
section of section of
@ -5041,8 +5056,8 @@ DocumentRoot /www/someotherdomain.tld
<sect3> <sect3>
<title>Global Settings</title> <title>Global Settings</title>
<para>Whether <application>swat</application> is being used or <para>Whether <application>swat</application> is used or
<filename>/usr/local/etc/smb.conf</filename> is being edited <filename>/usr/local/etc/smb.conf</filename> is edited
directly, the first directives encountered when configuring directly, the first directives encountered when configuring
<application>Samba</application> are:</para> <application>Samba</application> are:</para>
@ -5051,7 +5066,7 @@ DocumentRoot /www/someotherdomain.tld
<term><literal>workgroup</literal></term> <term><literal>workgroup</literal></term>
<listitem> <listitem>
<para>NT Domain-Name or Workgroup-Name for the computers <para>The domain name or workgroup name for the computers
that will be accessing this server.</para> that will be accessing this server.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -5060,7 +5075,7 @@ DocumentRoot /www/someotherdomain.tld
<term><literal>netbios name</literal></term> <term><literal>netbios name</literal></term>
<listitem> <listitem>
<para>This sets the NetBIOS name by which a <para>The NetBIOS name by which a
<application>Samba</application> server is known. <application>Samba</application> server is known.
By default it is the same as the first component of By default it is the same as the first component of
the host's <acronym>DNS</acronym> name.</para> the host's <acronym>DNS</acronym> name.</para>
@ -5071,7 +5086,7 @@ DocumentRoot /www/someotherdomain.tld
<term><literal>server string</literal></term> <term><literal>server string</literal></term>
<listitem> <listitem>
<para>This sets the string that will be displayed with <para>The string that will be displayed with
the <command>net view</command> command and some other the <command>net view</command> command and some other
networking tools that seek to display descriptive text networking tools that seek to display descriptive text
about the server.</para> about the server.</para>
@ -5085,7 +5100,7 @@ DocumentRoot /www/someotherdomain.tld
<para>Two of the most important settings in <para>Two of the most important settings in
<filename>/usr/local/etc/smb.conf</filename> are the <filename>/usr/local/etc/smb.conf</filename> are the
security model chosen, and the backend password format for security model and the backend password format for
client users. The following directives control these client users. The following directives control these
options:</para> options:</para>
@ -5094,11 +5109,11 @@ DocumentRoot /www/someotherdomain.tld
<term><literal>security</literal></term> <term><literal>security</literal></term>
<listitem> <listitem>
<para>The two most common options here are <para>The two most common options are
<literal>security = share</literal> and <literal>security = share</literal> and
<literal>security = user</literal>. If the clients <literal>security = user</literal>. If the clients
use usernames that are the same as their usernames on use usernames that are the same as their usernames on
the &os; machine then user level security should be the &os; machine, user level security should be
used. This is the default security policy and it used. This is the default security policy and it
requires clients to first log on before they can requires clients to first log on before they can
access shared resources.</para> access shared resources.</para>
@ -5133,74 +5148,59 @@ DocumentRoot /www/someotherdomain.tld
backend is used, the backend is used, the
<filename>/usr/local/etc/samba/smbpasswd</filename> file <filename>/usr/local/etc/samba/smbpasswd</filename> file
must be created to allow <application>Samba</application> to must be created to allow <application>Samba</application> to
authenticate clients. To provide the &unix; user accounts authenticate clients. To provide &unix; user accounts
access from &windows; clients, use the following access from &windows; clients, use the following
command:</para> command to add each required user to that file:</para>
<screen>&prompt.root; <userinput>smbpasswd -a username</userinput></screen> <screen>&prompt.root; <userinput>smbpasswd -a <replaceable>username</replaceable></userinput></screen>
<note> <note>
<para>The recommended backend is now <para>The recommended backend is now
<literal>tdbsam</literal>, and the following command <literal>tdbsam</literal>. If this backend is selected, use the following command
should be used to add user accounts:</para> to add user accounts:</para>
<screen>&prompt.root; <userinput>pdbedit -a -u <replaceable>username</replaceable></userinput></screen> <screen>&prompt.root; <userinput>pdbedit -a -u <replaceable>username</replaceable></userinput></screen>
</note> </note>
<para>Please see the <link <para>This section has only mentioned the most commonly used
settings. Refer to the <link
xlink:href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/">Official xlink:href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/">Official
Samba HOWTO</link> for additional information about Samba HOWTO</link> for additional information about the
configuration options. With the basics outlined here, the available configuration options.</para>
minimal required start running
<application>Samba</application> will be explained. Other
documentation should be consulted in addition to the
information here.</para>
</sect3> </sect3>
</sect2> </sect2>
<sect2> <sect2>
<title>Starting <application>Samba</application></title> <title>Starting <application>Samba</application></title>
<para>The <package>net/samba36</package> port adds a new startup <para>To enable
script, which can be used to control <application>Samba</application> at boot time, add the following line to
<application>Samba</application>. To enable this script, so <filename>/etc/rc.conf</filename>:</para>
that it can be used for example to start, stop or restart
<application>Samba</application>, add the following line to
the <filename>/etc/rc.conf</filename> file:</para>
<programlisting>samba_enable="YES"</programlisting> <programlisting>samba_enable="YES"</programlisting>
<para>Or, for fine grain control:</para> <para>Alternately, its services can be started separately:</para>
<programlisting>nmbd_enable="YES"</programlisting> <programlisting>nmbd_enable="YES"</programlisting>
<programlisting>smbd_enable="YES"</programlisting> <programlisting>smbd_enable="YES"</programlisting>
<note> <para>To start
<para>This will also configure <application>Samba</application> now:</para>
<application>Samba</application> to automatically start at
system boot time.</para>
</note>
<para>It is possible then to start
<application>Samba</application> at any time by typing:</para>
<screen>&prompt.root; <userinput>service samba start</userinput> <screen>&prompt.root; <userinput>service samba start</userinput>
Starting SAMBA: removing stale tdbs : Starting SAMBA: removing stale tdbs :
Starting nmbd. Starting nmbd.
Starting smbd.</screen> Starting smbd.</screen>
<para>Please refer to <xref linkend="configtuning-rcd"/> for <para><application>Samba</application> consists of
more information about using rc scripts.</para> three separate daemons. Both the
<para><application>Samba</application> actually consists of
three separate daemons. Notice that both the
<application>nmbd</application> and <application>nmbd</application> and
<application>smbd</application> daemons are started by the <application>smbd</application> daemons are started by
<filename>samba</filename> script. If winbind, <varname>samba_enable</varname>. If winbind
name resolution services were enabled in name resolution services are enabled in
<filename>smb.conf</filename>, <filename>smb.conf</filename>,
the <application>winbindd</application> daemon will be the <application>winbindd</application> daemon is
started as well.</para> started as well.</para>
<para><application>Samba</application> may be stopped at any <para><application>Samba</application> may be stopped at any
@ -5211,8 +5211,8 @@ Starting smbd.</screen>
<para><application>Samba</application> is a complex software <para><application>Samba</application> is a complex software
suite with functionality that allows broad integration with suite with functionality that allows broad integration with
&microsoft.windows; networks. For more information about &microsoft.windows; networks. For more information about
functionality beyond the basic installation described here, functionality beyond the basic configuration described here,
please see <uri refer to <uri
xlink:href="http://www.samba.org">http://www.samba.org</uri>.</para> xlink:href="http://www.samba.org">http://www.samba.org</uri>.</para>
</sect2> </sect2>
</sect1> </sect1>