Before you install Samba you first need to make sure that the computer that you will be transferring files to has a static IP address, if possible. If you have a true router, it should let you modify the DHCP settings such that your machines are given fixed leases. If you're a cheapskate and you went with your ISP's router (like we did), chances are this option's not available to you. In this case, you'll still be able to use Samba, but because you're not guaranteed that your Linux box (or your Windows computer, for that matter) will have the same IP address every day (because most routers set DHCP to renew the lease every 24 hours) you may have to configure both machines to "see" each other every time you want to share files. If you don't have to use Samba that much this may not bother you, but it's definitely impractical in a business environment :)
With this out of the way we can install Samba:
sudo aptitude -V install samba smbfs
Now we have to configure Samba, like so:
cd /etc/samba/
sudo mv -f smb.conf smb.conf.old
sudo nano smb.conf
Copy and paste the following into your console window:
[global]
netbios name = ... ;; Hostname (open a command prompt; it's the part after the @).
;; Also called "Computer Name" in Windows.
server string = ... ;; Description of host.
workgroup = ... ;; Name of home network (make sure it's the same as whatever you set in Windows).
;;; Don't quite know what these do but I'm sure they're important:
announce version = 5.0
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
passdb backend = tdbsam ;; The format Samba password info is stored in (don't have to touch).
security = user ;; Type of security (don't have to touch either).
null passwords = true ;; You want this b/c many people leave their passwords blank.
username map = /etc/samba/smbusers ;; Can leave alone (we won't be editing this anyway).
name resolve order = hosts wins bcast ;; Don't know what this does.
wins support = no ;; So you can enter \\COMPUTER_NAME\public instead of \\192.168.1.69\public
;; (only works if you have a static IP).
syslog = 1
syslog only = yes
[SHARENAME] ; The name of the share folder as visible by Windows (see note below)
comment = ... ;; Name that will appear when you run "net view" in Windows.
path = ... ;; The share folder on this machine.
browseable = yes ;; Whether or not users on the other end can browse the share folder.
read only = no ;; Whether or not users on the other end can change its contents.
create mask = 0777 ;; Affects the permissions of the files that be given to files that come in from a Windows.
;; machine. The DOS-permissions are bitwise-AND'ed with the setting here to obtain the end permissions.
directory mask = 0777 ;; Same as above, except applies to directories.
force user = ... ;; Who will end up owning the files that come in. Probably best to just use your username, since you're the one who'll be accessing this stuff :)
force group = ... ;; You can make this the same as the last.
case sensitive = yes ;; Make sure that Windows knows that "FILE" and "file" are //not// the same :)
fstype = Samba ;; This will show up in the sidebar in Windows, it doesn't really affect anything.
(Note that you want to replace SHARENAME above with something else, such as public. The address that you'll have to enter in Windows to access the share folder will come from this value.)
(Also, you can learn more about smb.conf here.)
To make sure that you got the config file right, you can run:
testparm
Now, create users just for Samba:
sudo smbpasswd -a USERNAME # Now Samba knows about this user.
sudo smbpasswd -e USERNAME # Now the user is enabled.
Make sure that USERNAME refers to an actual user on your Linux box. You can either create a dummy user to use just for Samba, or you can use your username.
Now. In Windows, pull up My Computer and Tools -> Map a Network Drive, entering something like this for the address: \\YOUR.IP.ADDRESS\SHARENAME, replacing SHARENAME with whatever you entered in smb.conf above. Windows should ask you for a username and password. Enter the same ones that you just made when you ran smbpasswd. If you configured everything correctly, you should be presented with the share folder.
One last thing we need to do though: set the firewall. Set the firewall?? you ask. I don't have any firewall software installed. Yeah, you actually do: Ubuntu comes preinstalled with iptables, which is like a firewall in that it controls what goes in and out. Chances are that you'd be blocked from accessing another computer within your network, so we have to prevent this from happening. Let's just find out, though. First run this:
sudo aptitude -V install firestarter
This installs Firestarter, which is an interface to iptables. Then, go to System -> Administration -> Firestarter, and after entering your password, click on the Events tab. Then click on the pull up the share folder in Nautilus.
Now switch to your Windows machine and try to copy some files in there. Windows will try to do it but it's probably gonna spit out an error after about 30 seconds. Now switch back to your Linux machine and check the Firestarter window. Do you see some messages in there — something like this?
| Time | Port | Source | Protocol | Service |
|---|---|---|---|---|
| Aug 17 21:34:12 | 138 | 192.168.1.97 | UDP | Samba (SMB) |
| Aug 17 21:37:05 | 137 | 192.168.1.97 | UDP | Samba (SMB) |
These entries represent attempts by Windows to communicate with your Linux box, but Firestarter prevented that from happening. (Bad Firestarter.) Let's correct that. Switch to the Policy tab, pull-down the drop-down menu there, and choose Inbound traffic policy. Right-click within the first pane ("Allow connections from host") and choose Add Rule. In the text field, enter the IP address of the Windows machine (you can get this by pulling up Command Prompt and running ipconfig /all), and press OK. Then right-click within the second pane and choose Add Rule. Pull down the Name menu and choose Samba (SMB); the Port field should be updated automatically (to 137-139 445). For When the source is… choose Anyone. Press OK. Now choose Outbound traffic policy from the dropdown menu, and do the same thing for that.
Now you should be set! Try it out by switching back to your Windows machine and moving a file there. It should show up in your share folder on your Linux machine… magic, huh?
Helpful places
- HOWTO: Setup Samba peer-to-peer with Windows (gave me 80% of what I needed to know)
- SettingUpSamba (the other 80%)
- Ubuntu Guide: How to share folders with read/write permissions (helpful with configuring Firestarter)
- The Samba Debug Howto (in case you get stuck, though I didn't find I need this)