Setting Samba Server
Samba digunakan di linux untuk compabilitas file sharing antara Linux dan windows, dengan samba file dan printer antara linux dan windows akan dapat berkomunikasi antara keduanya. Beberapa hal yang bisa dilakukan oleh samba :
- Sharing file di Linux dengan windows
- Akses sharing samba dan windows dengan Linux
Tiap bagian di dalam configurasi samba, terdapat header-header seperti [global], [homes], [printers]. [global] menyatakan akan configurasi global yang digunakan samba untuk sharing file dan printer, [homes] menyatakan akan configurasi sharing home directory dari tiap user di linux, [printers] menyatakan akan configurasi printer yang di sharing
Contoh :; /etc/samba/smb.conf
;
; Make sure and restart the server after making changes to this file, ex:
; # service stop
; # service start
[global]
; Uncomment this if you want a guest account
; guest account = nobody
log file = /var/log/samba-log.%m
lock directory = /var/lock/samba
share modes = yes
interfaces = 192.168.1.1/24
[homes]
comment = Home Directories
browseable = no
read only = no
create mode = 0750
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
Salah satu utility yang dimiliki samba untuk menge-cek format yang ada di smb.conf adalah testparm (manual ada di, man testparm), testparm berguna untuk cek kebenaran format configurasi di file /etc/samba/smb.conf. Entry Interface yang ada pada configurasi diatas menyatakan bahwa samba akan bind ke interface yang mempunyai network ip 192.168.1.1 dan netmask /24.
1. Sharing file di Linux dengan windowsContoh :
[public]
comment = Public Stuff
path = /home/public
public = yes
writable = yes
printable = no
Contoh configurasi sharing directory yang readable oleh public, dan hanya writable oleh user yang ada di group staff :
[public]
comment = Public Stuff
path = /home/public
public = yes
writable = yes
printable = no
write list = @staff
Sharing file dan printer antara Linux dan windows, memerlukan configurasi tambahan karena sharing file di windows yang default menggunakan encrypted password, sedangkan configurasi default dari samba di Linux belum menggunakan encrypted password, maka entry di bawah ini harus ditambahkan di
/etc/samba/smb.confencrypt passwords = yes
smb passwd file = /etc/smbpasswd
baca manual tentang encryption password di file ENCRYPTION.txt, Win95.txt dan WinNT.txt yang ada di distribusi samba. Untuk configurasi windows client untuk dapat melakukan koneksi dengan uncrypted password dapat dibaca juga pada file diatas.
Untuk Akses user ke home directory melalui samba, administrator harus membuatkan user mapping antara username di Linux dan Username di windows client :
# smbadduser user_di_linux:windows_login# smbadduser ichtus:admin
Untuk mengganti password suatu user :
# smbpasswd ichtus
Ada beberapa configurasi di samba untuk masalah compabilitas filename di windows dan Linux :
; Mangle case = yes seems to give the correct filenames
; for Win95/98/NT.
mangle case = yes
; If samba is case sensitive when looking for files
case sensitive = no
; Default case of files that are created
default case = lower
; Preserve case for all filenames
preserve case = yes
; Preserve case for dos (8.3) filenames
short preserve case = no
2. Akses sharing samba dan windows dengan Linux
Akses samba dari Linux client dapat dilakukan melalui utility smbclient:
# man smbclient
Untuk melihat sharing apa saja yang ada di samba server ataupun windows sharing
# smbclient -L host
host disini merupakan nama dari windows sharing atau samba server, karena
smbclient menggunakan NetBios name. Pada window sharing, maka nama host
merupakan Computer Name yang ada di Tab Identification pada Properties Network
atau dns name, Pada Linux client dapat diakses juga melalui dns name.
Contoh :
# smbclient -L mbone.petra.ac.id akses sharing ke linux/samba server.
# smbclient -L Desert\ Eagle akses sharing ke windows.
Sharename Type Comment
--------- ---- -------
NEW FOLDER Disk
BAGUS' DATA Disk
ADRIAN Disk
EYE'S ANGEL Disk
MY MUSIC Disk
IPC$ IPC Remote Inter Process Communication
Server Comment
--------- -------
DODO Pentium IV
HW_1
PKHW-INT
Workgroup Master
--------- -------
ELEKTRO ELEKTRO4
HARDWARE HW_1
MDKGROUP PETER2
MOLARD TORANUZ
PETRA PETRANTP2
PETRANET ELANGPERAK
PETRANET2000 MM01
Untuk akses ke file sharing :
# smbclient \\\\dodo.petra.ac.id\\New\ Folder atau
# smbclient //dodo.petra.ac.id/new\ folder
Unknown parameter encountered: "ssl CA certFile"
Ignoring unknown parameter "ssl CA certFile"
added interface ip=202.43.253.50 bcast=202.43.253.63 nmask=255.255.255.192
added interface ip=172.16.15.1 bcast=172.16.255.255 nmask=255.255.0.0
session request to DODO.PETRA.AC.I failed (Called name not present)
Password:
smb: \> ls
. D 0 Thu Jan 17 10:23:36 2002
.. D 0 Thu Jan 17 10:23:36 2002
disc1.dat R 765075068 Thu Nov 29 02:30:30 2001
disc2.dat R 761328332 Thu Nov 29 03:17:58 2001
jangan di hapus Tik.doc A 65024 Fri Mar 1 14:28:06 2002
y21123414.zip A 2750638 Sun Apr 28 12:30:16 2002
y21123414 D 0 Sun Apr 28 12:31:16 2002
59965 blocks of size 262144. 10310 blocks available
smb: \> h
ls dir du lcd cd
pwd get mget put mput
rename more mask del open
rm mkdir md rmdir rd
prompt recurse translate lowercase print
printmode queue cancel quit q
exit newer archive tar blocksize
tarmode setmode help ? !#
Contoh Lengkap file /etc/samba/smb.conf :
[global]
coding system =
client code page = 850
workgroup = LINUX
netbios name =
netbios aliases =
netbios scope =
server string = Hardware with Samba Server
interfaces =
bind interfaces only = No
security = USER
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min password length = 5
map to guest = Never
null passwords = No
password server =
smb passwd file = /etc/samba/smbpasswd
root directory = /
passwd program = /bin/passwd
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
username map = /etc/samba/smbusers
password level = 8
username level = 8
unix password sync = No
restrict anonymous = No
use rhosts = No
debug level = 2
syslog = 1
syslog only = No
log file = /var/log/samba/%m.log
max log size = 10
debug timestamp = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt acl support = Yes
announce version = 4.2
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = host wins lmhosts bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max disk size = 0
max open files = 10000
read prediction = No
read size = 16384
shared mem size = 1048576
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
stat cache size = 50
load printers = Yes
printcap name = /etc/printcap
printer driver file = /etc/samba/printers.def
strip dot = No
character set =
mangled stack = 50
stat cache = Yes
domain groups =
domain admin group =
domain guest group =
domain admin users =
domain guest users =
machine password timeout = 604800
add user script =
delete user script =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = Yes
os level = 20
lm announce = Auto
lm interval = 60
preferred master = No
local master = Yes
domain master = No
browse list = Yes
dns proxy = No
wins proxy = No
wins server =
wins support = Yes
wins hook =
kernel oplocks = Yes
ole locking compatibility = Yes
oplock break wait time = 10
smbrun = /usr/bin/smbrun
config file =
auto services =
lock directory = /var/lock/samba
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
time offset = 0
unix realname = No
NIS homedir = No
source environment =
panic action =
comment =
path =
revalidate = No
username =
guest account = guest
invalid users =
valid users =
admin users =
read list =
write list =
force user =
force group =
writeable = No
create mask = 0744
force create mode = 00
security mask = -1
force security mode = -1
directory mask = 0755
force directory mode = 00
directory security mask = -1
force directory security mode = -1
inherit permissions = No
guest only = No
guest ok = No
only user = No
hosts allow = 192.168. 127. 10. 202.43.253.
hosts deny =
status = Yes
max connections = 0
min print space = 0
strict sync = No
sync always = No
write cache size = 0
printable = No
postscript = No
printing = lprng
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer =
printer driver = NULL
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = No
oplock contention limit = 2
strict locking = No
share modes = Yes
copy =
include =
preexec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
[homes]
comment = Home Directories
writeable = Yes
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[tmp]
comment = Temporary file space
path = /tmp
writeable = Yes
guest ok = Yes
[public]
path = /home/public
writeable = Yes
guest only = Yes
guest ok = Yes
Catatan Tambahan :
Dengan setting diatas, apabila diakses dari windows 9.x client, maka setting
username harus sesuai dengan login name yang ada di windows, karena file server
dengan menggunakan samba ini mempunyai kemampuan mirip dengan NT family.
Untuk dokumentasi yang lebih lengkap dapat diakses di
/usr/share/doc/samba-2.2.1a/, atau dapat mencari howto di http://www.tldp.org
(SMB-HOWTO).