Introduction to Samba

From Webmin Documentation
Jump to: navigation, search

SMB (Server Message Block) is the protocol used by Windows systems to share files and printers across a network, just like the NFS and LPR protocols are used by Unix systems. Any time you use the Network Neighborhood, My Network Places, or map network drive features of Windows, the SMB protocol is being used. Because it is the standard method of file sharing on Windows systems, it has become the most commonly used method of sharing files on local networks.

Even though SMB is thought of as a Windows protocol, it was originally developed by DEC and has been implemented by many different companies and in many products. These days it is often referred to as CIFS (the Common Internet File System), even though the protocol itself has not changed. In fact, many ancient clients will still be able to access modern SMB servers like Samba.

An SMB server is a system that has files or printers that it wants to allow other hosts access to. An SMB client is a system that wants to read or write files on a server, or print to a server's printer. A single system can be both a client and a server, and all releases of Windows from 95 onwards include software for these purposes. However, on a typical organization's network there is a single large server system and many smaller clients that access files on it.

Every host that uses the SMB protocol has a hostname, which is typically the same as its DNS name. A server host can have multiple shares, each of which has a unique name and corresponds to a directory or local printer on the server system. Shares are referred to using the \\hostname\sharename notation, such as \\corpserver\documents. On Windows clients, file shares are normally mapped to drive letters such as S: so that they can be more easily referred to. All Windows applications can read and write files on a server in exactly the same way that they would for local files.

Shared printers accessed by a client are not assigned a drive letter, but may be connected to a fake printer port such as lpt2:. Clients can send jobs to the printer, view those that are currently waiting to be printed and cancel jobs submitted by the same user. Unlike the Unix LPR protocol, clients using a remote printer must have the appropriate driver installed, and must send data to the server in the format that the printer actually accepts.

Fortunately, it is possible for Linux and Unix systems to participate in SMB file and printer sharing as well, or this would be a very short chapter. The Disk and Network Filesystems module (covered in chapter 5) allows your Linux system to mount shares from SMB servers, so that the files they contain can be accessed like any others. The Printer Administration module (from chapter 22) can be used to set up printers on your system that send jobs to Windows printer shares.

Those two chapters explain how your system can act as an SMB client, while this one covers setting up a server so that Windows (and Linux) clients can access its files and print to its printers. The software that makes this all possible is called Samba, a completely free re-implementation of the SMB protocol for Unix systems. Samba has been available and under development for many years, ever since the SMB protocol first started to be used on DOS systems. It allows a Unix system to do as good a job of serving Windows clients as a real Windows server would - in fact, some would say that it is even better.

Samba uses two daemon processes, named smbd and nmbd. The first handles actual file or printer share requests from clients, while the second responds to SMB name lookup requests. Both daemons use the smb.conf configuration file, which is usually found in the /etc directory. Any change made to this file (either manually or by using Webmin) will be immediately detected by both daemons, and will take effect at once. Unlike most other Unix server processes, they do not need to be signaled to re-read the configuration file if it changes.

Unfortunately, there are some complexities that arise when sharing files between Unix and Windows systems. The SMB protocol has no support for concepts such as file ownership or permissions, at least not in the form that they exist on Unix systems. NTFS filesystem access control lists (used on Windows NT, 2000, XP and Vista) are supported instead, which are incompatible with normal Unix permissions. Samba does have some support for them, but setting it up is complex and not covered in this page.

The SMB protocol supports authentication, so that clients can be forced to provide a valid username and password to the server before they can access a share. The Samba server uses the standard Unix user database to validate clients, although actual Unix passwords cannot be used (for reasons explained later). When a client logs in to a Samba server, it accesses files with the permissions of the Unix user that it authenticated as - just as an FTP client would. This means that all the normal file permission and ownership rules apply.

Samba can be compiled on every version of Unix supported by Webmin, and has the same features on all of them. This means that the module's user interface is the same as well, although differences in the default configuration may cause some features to be initially inaccessible.

See also