---

---

Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 422 · To run a Samba server, the following files are require and must be create or copied to their appropriated directories on your server. Copy the smb.conf and lmhosts files in the “/etc/” directory. Copy the smb script file in the “/etc/rc.d/init.d/” directory. Copy the samba file in the “/etc/logrotate.d/” directory. Copy the samba file in the “/etc/pam.d/” directory. You can obtain configuration files listed bellow on our floppy.tgz archive. Copy the following files from the decompressed floppy.tgz archive to their appropriated places or copy and paste them directly from this book to the concerned file. Configuration of the “/etc/smb.conf” file The “/etc/smb.conf” file is the main configuration file for Samba server, you can specify which directory you want to access from windows machine, which IP addresses are authorized and so on. The first few lines of the file under the [global] line contain global configuration directives, which are common to all shares (unless they are over-ridden on a per-share basis), followed by share sections. A lot options exist and it’s important to read the documentation that come with Samba for more information of different setting and parameters. The following configuration example is a minimal working configuration file for Samba with encrypted password support. Also it’s important to note that we comment in this Samba configuration only parameters that relate to security and optimization and let all the others to your own research and knowledge. In our example we are created just one directory “[tmp]” and are allowed only class C machine IP address range to connect on the Samba server. Also, we don’t use printer-sharing capability over Samba and Windows on this server. Edit the smb.conf file (vi /etc/smb.conf) and add/change the following parameters: [global]         workgroup = OPENARCH         server string = R&D of Open Network Architecture Samba Server         encrypt passwords = True         security = user         smb passwd file = /etc/smbpasswd         log file = /var/log/samba/log.%m          socket options = IPTOS_LOWDELAY TCP_NODELAY         domain master = Yes          local master = Yes          preferred master = Yes          os level = 65         dns proxy = No         name resolve order = lmhosts host bcast         bind interfaces only = True         interfaces = eth0 192.168.1.1          hosts deny = ALL         hosts allow = 192.168.1.0/24 127.0.0.1          debug level = 1         create mask = 0640         directory mask = 0750         level2 oplocks = True         read raw = no [homes]