ObjectiveThe objective is to configure basic Samba server to share user home directories as well as provide read-write anonymous access to selected directory.
There are myriads of possible other Samba configurations, however the aim of this guide is to get you started with some basics which can be later expanded to implement more features to suit your needs.
Operating System and Software Versions
- Operating System: - Ubuntu 18.04 Bionic Beaver
- Software: - Samba Version 4.7.4-Ubuntu or higher
RequirementsPrivileged access to your Ubuntu 18.04 Bionic Beaver will be required.
- # - requires given linux commands to be executed with root privileges either directly as a root user or by use of
- $ - requires given linux commands to be executed as a regular non-privileged user
ScenarioThe below configuration procedure will assume a following scenario and pre-configured requirements:
- Server and MS Windows client are located on the same network and no firewall is blocking any communication between the two
- MS Windows client can resolve samba server by hostname
- MS Windows client's Workgroup domain is
Install Samba ServerLet's begin by installation of Samba server. This is rather a trivial task. First, install
taskselcommand if it s not available yet on your system. Once ready use
taskselto install Samba server.
$ sudo apt install tasksel $ sudo tasksel install samba-server
ConfigurationWe will be starting with a fresh clean configuration file, while we also keep the default config file as a backup for reference purposes. Execute the following linux commands to make a copy of an existing configuration file and create a new one:
$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf_backup $ sudo bash -c 'grep -v -E "^#|^;" /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf'
Homes shareIn this section we will be adding user home share directories into our new
/etc/samba/smb.confsamba configuration file.
Samba has its own user management system. However, any user existing on the samba user list must also exist within
/etc/passwdfile. If your system user does not exist yet, hence cannot be located within
/etc/passwdfile, first create a new user using the
useraddcommand before creating any new Samba user. Once your new system user eg. linuxconfig exits, use the
smbpasswdcommand to create a new Samba user:
$ sudo smbpasswd -a linuxconfig New SMB password: Retype new SMB password: Added user linuxconfig.Next, use your favorite text editor to edit our new
/etc/samba/smb.confsamba configuration file:
$ sudo nano /etc/samba/smb.confand add the following lines:
[homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S
Create Anonymous ShareIn this section we will add a new publicly available read-write Samba share accessible by anonymous/guest users. First, create a directory you wish to share and change its access permission. Example:
$ sudo mkdir /var/samba $ sudo chmod 777 /var/samba/Next, add the following lines into Samba configuration file using your favorite text editor
sudo nano /etc/samba/smb.conf:
[public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yesYour current Samba configuration file should look similar to the one below:
[global] workgroup = WORKGROUP server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d server role = standalone server passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user usershare allow guests = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S [public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yes
Restart Samba ServerOur basic Samba server configuration is done. Remember to always restart your samba server, after any change has been done to
$ sudo systemctl restart smbdOnce you restart your Samba server, confirm that all shares have been configured correctly:
$ smbclient -L localhost WARNING: The "syslog" option is deprecated Enter WORKGROUP\linuxconfig's password: Anonymous login successful Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers homes Disk Home Directories public Disk public anonymous access IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu)) Reconnecting with SMB1 for workgroup listing. Anonymous login successful Server Comment --------- ------- Workgroup Master --------- ------- WORKGROUP UBUNTUOptionally create some test files. Once we successfully mount our Samba shares, the below files should be available to our disposal:
$ touch /var/samba/public-share $ touch /home/linuxconfig/home-shareLastly, confirm that your Samba server is up and running:
$ sudo systemctl status smbd ● smbd.service - Samba SMB Daemon Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2018-01-31 19:50:19 AEDT; 1min 12s ago Docs: man:smbd(8) man:samba(7) man:smb.conf(5) Main PID: 3561 (smbd) Status: "smbd: ready to serve connections..." Tasks: 5 (limit: 4915) CGroup: /system.slice/smbd.service ├─3561 /usr/sbin/smbd --foreground --no-process-group ├─3578 /usr/sbin/smbd --foreground --no-process-group ├─3579 /usr/sbin/smbd --foreground --no-process-group ├─3590 /usr/sbin/smbd --foreground --no-process-group └─3611 /usr/sbin/smbd --foreground --no-process-group
Mount Samba SharesAt this stage we are ready to turn our attention to MS Windows. Mounting network drive directories might be slightly different for each MS Windows version. This guide uses MS Windows 7 in a role of a Samba client.
Mount user Home DirectoryTo start, open up you
Windows Explorerthen right-click on
Networkand click on
Map network drive...tab. Select drive letter and type Samba share location. Make sure you tick
Connect using different credentialsif your username and password is different from the one created previously:
Enter your Samba user name and password:
You should now have a read-write access to your user's home directory: