Networking / Beginners

---

SMB Protocol

The SMB protocol is a server client request-response protocol. All Windows operating systems that can be used for networking-such as Windows 3.11,Windows 95,Windows 98,Windows ME,Windows NT,Windows 2000, and Windows XP-can run SMB as server, client, or both. This protocol is used mainly to connect systems with different operating systems, such as Windows, Linux, and so on.

SAMBA runs SMB over TCP/IP, with NetBIOS under it. Whenever an SMB client starts and needs to know the IP address of a specified host, it broadcasts its query over the network. It gets replies from the nmbd server in the form of clients' NetBIOS information. In this case, nmbd acts as a WINS server and keeps a record of all hosts connected in the network. This keeps the network safe from saturation caused by the broadcasts made by the SMB clients.

SAMBA Installation

SAMBA supports a variety of Linux distributions and other UNIX variants like Solaris, NetBSD, UNIXWARE, HP-UX, Digital UNIX, SCO Open Server, IRIX (SGI), SunOS, AIX, ULTRIX, BSDI, and so on.

You can download the latest version of SAMBA from www.samba.org. Installation manuals and other documents also are available with the SAMBA distributions.

SAMBA Configuration

The main configuration file of the SAMBA server is smb.conf. By default, this file is located in the /etc/samba directory. This file is huge and provides a number of directives that you can set to enable or disable various features of SAMBA. The same configuration file also allows users to add new and shared directories in SAMBA.

smb.conf is divided into sub sections, each headed by a caption enclosed in square brackets ([ ]). The parameters contained in the sections are in the form of name = value.

An example of a portion of the smb.conf file is shown here:

[global]
 workgroup = domain_name
 [share1]
comment = Linux SAMBA Server
path = /users/smbuser1
read only = yes

The preceding lines are the minimum lines required in the smb.conf file for the server to work. The options in the smb.conf file are discussed in the following list:

• [global]. This option describes the global settings for controlling the server.
• [share1]. This option is used when you need to define a new share that the SMB clients can access.
• comment. The label specified in the comment directive is shown in the users network neighborhood folder as the share name.
• path. This directive specifies the name of the directory that will be shared.

A few other directives that are important from the security point of view are discussed in the following list:

• public. This is a Boolean directive and can accept arguments in yes or no. If this directive is set, guest level users are able to access the share.
• browsable. This also is a Boolean directive and if it is set, network users are able to see the share in the network browse list.
• printable. This Boolean directive tells SAMBA that the device is a printer.
• users. This directive accepts user names as parameters. The users listed in this list are allowed to access the shared resource.
• group. This directive stores the group names that are allowed to access this particular shared resource.

Printer Sharing

All installed printers are defined in the /etc/printcap file. Only valid SAMBA users are allowed to use these printers. All printers in the /etc/printcap file are shared as resources by default. However, this can be changed to allow sharing of only specific printers. The following code shows the sample of the global printer option:

[printer]
	comment = printer x
	path = /var/spool/samba
	browsable = no
	public = yes
guest ok = yes
writable = no
printable = yes

You can define a specific printer by using the statement public = no and add another option, valid users, as shown in the following code:

valid users = userX userY userZ