ComprehensiveSambaGuide

This tutorial will help you setup older versions of Ubuntu to access files on Windows home computers. It covers the steps needed for both operating systems.

NOTE - To learn how to setup file-sharing on Ubuntu please refer to the guide, http://help.ubuntu.com/community/SettingUpSamba

This guide is compatible with the following versions of Ubuntu:

  • Dapper Drake (6.06)
  • Edgy Eft (6.10)
  • Feisty Fawn (7.04)

It should also work on these versions of Microsoft Windows (with a Workgroup configuration, not Domain).

  • Windows 2000 Professional
  • Windows XP Home
  • Windows XP Professional
  • Windows XP 64-bit Edition

It has however only been tested on "Feisty Fawn" and "Windows XP 64-bit Edition" so far.

In this guide we will set up a share on Windows and access it from Linux. This appears to be the most reliable and natural configuration.

Info (!) Samba is Linux's implementation of Windows' SMB (Server Message Block) protocol.

Configuring SMB on Windows

Installing the SMB Protocol

On your Windows machine, right-click on the My Network Places icon, then select Properties. If you do not have a network icon you can instead open a command prompt by going to the start menu and pressing run. Type cmd and click OK. In the command prompt, type this command (the > prefix should be ignored):

> control netconnections 

In the list of network properties, right-click on the icon of your primary network adapter and select Properties. Ensure File and Printer Sharing... is listed. If it is not you can use the Install button to install that service.

Info <!> If you have the XP firewall enabled, ensure that File and Printer Sharing is selected under the Exceptions tab for the firewall configuration. Likewise, make sure any other firewall you are using does not restrict SMB (sharing) access.

Configuring Workgroup and Computer Name

Right click on My Computer on the desktop and go to Properties. Choose the Computer Name tab at the top. Click Change... and use Workgroup. In this example we will use MSHOME for the workgroup name as that is also the default in Ubuntu's Samba. Also enter a computer name (in this example, DEVMACHINE). Workgroup and computer names are not case-sensitive. It is important to reboot now if it wants you to. Please reboot, don't simply log out.

Setting Up Access Control

We will need to add a group and user to effectively control access to our Windows shares.

Go back to your command line, and type these lines. Change ShareAccessPassword to a password of your choice.

> net localgroup UbuntuSMB /add
> net user ubuntu ShareAccessPassword /add /passwordchg:no /expires:never
> net localgroup UbuntuSMB ubuntu /add
> net localgroup Users ubuntu /delete 

We're also going to have to make sure the password never expires. Type:

> compmgmt.msc 

Find the Local Users and Groups section under System Tools. Right click on the ubuntu user and select Properties. Enable Password Never Expires and click OK.

Disable Simple Sharing

This feature does not make sharing any easier; it's basically a roadblock. Open the Control Panel double click Folder Options, Click the View tab and disable Use simple file sharing. Click OK to exit the dialog.

Setting Up Your Shares

In Explorer, find a drive or folder that you would like to share. In my example I will be sharing a folder at c:\shares. Right click the folder or drive and select Properties. Go to the Sharing tab and enable Share this folder. Enter a proper share name (shares in this example). Click Permissions and remove the Everyone group from the list. Now add the UbuntuSMB group (Add... and type in UbuntuSMB and click OK). Set the desired permissions for how Ubuntu should be able to access this share (in my example, I enabled full read/write access). This should mean that nobody is allowed to access the share, except for users in the UbuntuSMB group. If you explicitly press Deny on Everyone, that would also Deny UbuntuSMB since Deny has precedence over Allow and we don't want that.

Info <!> If you connect to the share by using a user that is not in the UbuntuSMB group, the connection will succeed but the mount point will not at all be accessible, even by root. The listing will appear as such:

?---------  ? ?    ?          ?                ? winshares 

Info (!) You can change the Access Control List (ACL), the permissions, while the share is mounted without having to restart any service on either operating system. The changes will immediately take effect. [As of: Feisty Fawn; Windows XP 64-bit Edition]

Configuring Samba on Ubuntu

Installing Samba

Open a terminal by going to Applications->Accessories->Terminal and type the following.

$ sudo apt-get install samba smbfs
$ sudo mkdir -p /media/winshares
$ sudo addgroup smb
$ sudo adduser $USER smb 

You must now log out to ensure your user is now in the smb group. You do not have to reboot.

Is it true that smbfs is deprecated? According to a blog post by Joey Stanford we need to use CIFS instead of smbfs!

  • -- Yes, unless you're using a version of Windows older than 2000, you really should be using 'cifs' rather than 'smbfs'. smbfs is unmaintained whereas cifs has more features and is actively worked on. -- JelmerVernooij

Testing Your Shares

Now let's try and mount our Windows share! Remember to replace ShareAccessPassword with the ubuntu user's password. The user name for the login is not case-sensitive, although the password is. Also, use the proper workgroup and share names. "//DEVMACHINE/shares" is called our share path. This is a type of UNC path where the format is //COMPUTER_NAME/SHARE_NAME. In Windows, backslashes are used instead of forward slashes to access UNC paths. Recall that we used "DEVMACHINE" for our computer name and "shares" for our share name.

$ sudo mount -t cifs -o username=ubuntu,password=ShareAccessPassword,workgroup=MSHOME,gid=smb,uid=$USER,file_mode=770,dir_mode=770,rw //DEVMACHINE/shares /media/winshares 

Info <!> By using the 770 permission, we are giving full access to the owner (the current user), to everybody in the smb group, and no access at all to users not in the smb group.

Info <!> If your share name contains a space, you must enclose the share name in double quotes, e.g. for a share named "Share with Spaces":

  • $ sudo mount -t cifs -o username=ubuntu,password=ShareAccessPassword,workgroup=MSHOME,gid=smb,uid=$USER,file_mode=770,dir_mode=770,rw "//DEVMACHINE/Share with Spaces" /media/winshares 
    You must do something else in the fstab entry which will be mentioned later.

To test another share you must specify another share path (e.g. //DEVMACHINE/shares) and target (e.g. /media/winshares).

Break Down

  • sudo mount -- this is the command to mount a drive to a target.

  • -t cifs -- this specifes that we would like to use "cifs" (Common Internet File System, replacing deprecated smbfs).

  • -o username=... -- these are the parameters we pass to "cifs" to make a proper connection to a share.

  • gid=smb -- this specifies that we would like the "smb" group to have ownership of the mount point.

  • file_mode=777,dir_mode=777 -- these are the permissions we are giving to the owner, all users of the "smb" group.

  • rw -- this specifies that we would like read/write access to the share. ro will do read-only.

If your terminal printed nothing, it probably mounted just fine. Verify that the permissions are what you expect.

$ stat -c %a /media/winshares 

If they are different than 770 as specified, verify that you typed the mount command properly.

Info <!> Vital Note: you can not mount a whole computer to one location. For example, you can not mount the whole //DEVMACHINE/ computer to one folder on your Linux system. You also need to be careful about how you specify your share path. //DEVMACHINE/shares will work, but //DEVMACHINE/shares/ will return the following!

25034: tree connect failed: ERRDOS - ERRnosuchshare (You specified an invalid share name)
SMB connection failed 

Automatically Mounting the Shares

Securing Our Password

  • Let's unmount every share that we may have test-mounted from the last step.

    $ sudo umount -a -t cifs 

    We don't want our username and password to be in plaintext and visible to everybody in /etc/fstab. Thus, we can use a credentials file that only root can see since only root should be mounting this share. Type the following.

    $ sudo touch /etc/smbcredentials
    $ sudo chmod 600 /etc/smbcredentials 

    Open /etc/smbcredentials using your favorite text editor.

    • Ubuntu/GNOME:

      $ gksu gedit /etc/smbcredentials 

      Kubuntu/KDE:

      $ kdesu kate /etc/smbcredentials 

    Type the following into the /etc/smbcredentials file:

    • username = ubuntu
      password = ShareAccessPassword  

    Save it and close your text editor. Note: don't leave any spaces around '='. Some text editors make a back-up of the file by appending a ~ to the filename. Let's ensure this file is removed so nobody can get our login and password. Be sure to type the ~ at the end in the following.

     $ sudo rm /etc/smbcredentials~

Registering Our Shares

  • Open /etc/fstab the same way you opened /etc/smbcredentials. For each share you want mounted at boot-up, add a line like the following.

    //DEVMACHINE/shares     /media/winshares        cifs   auto,credentials=/etc/smbcredentials,workgroup=MSHOME,gid=smb,uid=1000,file_mode=770,dir_mode=770,rw       0       0

    uid=1000 is assumed to be the user you are using now. Change it to your current user's ID or name as necessary. This must all be on one line in fstab. It may appear word-wrapped in your text editor, but as long as there are no actual line feeds, you're fine. Save and exit your text editor.

    Info <!> If your share name contains a space, you must replace all spaces with \040, e.g. for a share named "Share with Spaces":

    //DEVMACHINE/Share\040with\040Spaces     /media/winshares        cifs   auto,credentials=/etc/smbcredentials,workgroup=MSHOME,gid=smb,uid=1000,file_mode=770,dir_mode=770,rw       0       0

Testing fstab

  • Type the following to test our automatic Samba mounts.

    $ sudo mount -a -t cifs
    $ mount | grep cifs 
    Your Samba share should be listed. It should also be accessible and have the correct permissions. If it does not, I suggest you review the previous steps.

Congratulations

Your shares should be working perfectly now, secure and reliable. The shares should appear in your filesystem at boot-up automatically.

Troubleshooting

For now this section is empty. Please add any errors and solutions to them that you may find.

This document seems to do a good job documenting how to access files on a Windows machine from a Ubuntu machine. So ... How do I read and write files on a Ubuntu fileserver from a Windows machine? Does some other wiki.ubuntu page that describes that? Please link to it here. -- Davidcary 2007-04-30 23:24:30

ComprehensiveSambaGuide (last edited 2009-02-11 15:23:48 by bsmith1051)