Objective

The objective is to configure basic Samba server to share user home directories as well as provide read-write anonymous access to selected directory.

There are myriads of possible other Samba configurations, however the aim of this guide is to get you started with some basics which can be later expanded to implement more features to suit your needs.

Operating System and Software Versions

  • Operating System: - Ubuntu 18.04 Bionic Beaver
  • Software: - Samba Version 4.7.4-Ubuntu or higher

Requirements

Privileged access to your Ubuntu 18.04 Bionic Beaver will be required.

Difficulty

MEDIUM

Conventions

  • # - requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
  • $ - requires given linux commands to be executed as a regular non-privileged user

Scenario

The below configuration procedure will assume a following scenario and pre-configured requirements:
  • Server and MS Windows client are located on the same network and no firewall is blocking any communication between the two
  • MS Windows client can resolve samba server by hostname ubuntu-samba
  • MS Windows client's Workgroup domain is WORKGROUP

Instructions

Install Samba Server

Let's begin by installation of Samba server. This is rather a trivial task. First, install tasksel command if it s not available yet on your system. Once ready use tasksel to install Samba server.
$ sudo apt install tasksel
$ sudo tasksel install samba-server

Configuration

We will be starting with a fresh clean configuration file, while we also keep the default config file as a backup for reference purposes. Execute the following linux commands to make a copy of an existing configuration file and create a new one:
$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf_backup
$ sudo bash -c 'grep -v -E "^#|^;" /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf'


Homes share

In this section we will be adding user home share directories into our new /etc/samba/smb.conf samba configuration file.

Samba has its own user management system. However, any user existing on the samba user list must also exist within /etc/passwd file. If your system user does not exist yet, hence cannot be located within /etc/passwd file, first create a new user using the useradd command before creating any new Samba user. Once your new system user eg. linuxconfig exits, use the smbpasswd command to create a new Samba user:
$ sudo smbpasswd -a linuxconfig
New SMB password:
Retype new SMB password:
Added user linuxconfig.
Next, use your favorite text editor to edit our new /etc/samba/smb.conf samba configuration file:
$ sudo nano /etc/samba/smb.conf
and add the following lines:
[homes]
   comment = Home Directories
   browseable = yes
   read only = no
   create mask = 0700
   directory mask = 0700
   valid users = %S

Create Anonymous Share

In this section we will add a new publicly available read-write Samba share accessible by anonymous/guest users. First, create a directory you wish to share and change its access permission. Example:
$ sudo mkdir /var/samba
$ sudo chmod 777 /var/samba/
Next, add the following lines into Samba configuration file using your favorite text editor sudo nano /etc/samba/smb.conf:
[public]
  comment = public anonymous access
  path = /var/samba/
  browsable =yes
  create mask = 0660
  directory mask = 0771
  writable = yes
  guest ok = yes
Your current Samba configuration file should look similar to the one below:

[global]
   workgroup = WORKGROUP
   server string = %h server (Samba, Ubuntu)
   dns proxy = no
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   server role = standalone server
   passdb backend = tdbsam
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user
   usershare allow guests = yes
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   guest ok = no
   read only = yes
   create mask = 0700
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no
[homes]
   comment = Home Directories
   browseable = yes
   read only = no
   create mask = 0700
   directory mask = 0700
   valid users = %S
[public]
  comment = public anonymous access
  path = /var/samba/
  browsable =yes
  create mask = 0660
  directory mask = 0771
  writable = yes
  guest ok = yes


Restart Samba Server

Our basic Samba server configuration is done. Remember to always restart your samba server, after any change has been done to /etc/samba/smb.conf configuration file:
$ sudo systemctl restart smbd
Once you restart your Samba server, confirm that all shares have been configured correctly:
$ smbclient -L localhost
WARNING: The "syslog" option is deprecated
Enter WORKGROUP\linuxconfig's password: 
Anonymous login successful

        Sharename       Type      Comment
        ---------       ----      -------
        print$          Disk      Printer Drivers
        homes           Disk      Home Directories
        public          Disk      public anonymous access
        IPC$            IPC       IPC Service (ubuntu server (Samba, Ubuntu))
Reconnecting with SMB1 for workgroup listing.
Anonymous login successful

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------
        WORKGROUP            UBUNTU
Optionally create some test files. Once we successfully mount our Samba shares, the below files should be available to our disposal:
$ touch /var/samba/public-share 
$ touch /home/linuxconfig/home-share 
Lastly, confirm that your Samba server is up and running:
$ sudo systemctl status smbd
● smbd.service - Samba SMB Daemon
   Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-01-31 19:50:19 AEDT; 1min 12s ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 3561 (smbd)
   Status: "smbd: ready to serve connections..."
    Tasks: 5 (limit: 4915)
   CGroup: /system.slice/smbd.service
           ├─3561 /usr/sbin/smbd --foreground --no-process-group
           ├─3578 /usr/sbin/smbd --foreground --no-process-group
           ├─3579 /usr/sbin/smbd --foreground --no-process-group
           ├─3590 /usr/sbin/smbd --foreground --no-process-group
           └─3611 /usr/sbin/smbd --foreground --no-process-group

Mount Samba Shares

At this stage we are ready to turn our attention to MS Windows. Mounting network drive directories might be slightly different for each MS Windows version. This guide uses MS Windows 7 in a role of a Samba client.


Mount user Home Directory

To start, open up you Windows Explorer then right-click on Network and click on Map network drive... tab. Select drive letter and type Samba share location. Make sure you tick Connect using different credentials if your username and password is different from the one created previously:

imag description


Enter your Samba user name and password:

imag description


You should now have a read-write access to your user's home directory:

imag description

Mount Anonymous Samba Share

Similarly, mount your anonymous/guest Samba share. However this time no username and password will be required:

imag description


imag description
ARE YOU LOOKING FOR A LINUX JOB?
Submit your RESUME or create a JOB ALERT on LinuxCareers.com job portal.
DO YOU NEED ADDITIONAL HELP?
Get extra help by visiting our LINUX FORUM or simply use comments below.