Using The SWAT Wizard (SAMBA) - PART6

The SWAT utility has a Wizard button that can be used to configure your server as a PDC quickly. However the defaults may not be to your liking, for example, the default domain is MYGROUP and some of the [global] parameters mentioned previously will be set to auto.

The [homes] Section

Part of the process of adding a user to a Samba domain requires you to create a Linux user on the Samba PDC itself. When you log into the Samba PDC, you'll see a new drive, usually named Z:, added to your PC. This is actually a virtual drive that maps to the corresponding Linux users' login directories on the Linux PDC.

Samba considers all directories to be shares that can be configured with varying degrees of security. The [homes] section governs how Samba handles default login directories.

Table 10-3 explains the minimum settings you need to create a functional [Homes] section.

Table 10-3 : smb.conf Minimum Settings, "Home" Section

Parameter	Value	Description
browseable	No	Doesn't allow others to browse the contents of the directory
read only	No	Allows the samba user to also write to their Samba Linux directory
create mask	0664	Makes new files created by the user to have "644" permissions. You want to change this to "0600" so that only the login user has access to files.
directory mask	0775	Makes new sub-directories created by the user to have "775" permissions. You want to change this to "0700" so that only the login user has access to directories.

Here's how to set the values using SWAT:

1. Click on the SWAT shares button to proceed to where shared directories are configured.
2. Click the Advanced button to see all the options.
3. Choose the Homes share.
4. Make your changes and click on the Commit Changes button when finished.
5. Your smb.conf file should resemble this when finished. You can view the contents of the configuration file by logging in to the samba server via a command prompt and using the cat /etc/samba/smb.conf to verify your changes as you do them.

[homes]
  read only = No
  browseable = No
  create mask = 0644
  directory mask = 0755

Windows, Linux, and Samba - PART 1(Introduction)

Samba is a suite of utilities that allows your Linux box to share files and other resources, such as printers, with Windows boxes. This chapter describes how you can make your Linux box into a Windows Primary Domain Controller (PDC) or a server for a Windows Workgroup. Either configuration will allow everyone at home to have:

• their own logins on all the home windows boxes while having their files on the Linux box appear to be located on a new Windows drive
• shared access to printers on the Linux box
• shared files accessible only to members of their Linux user group.

What's the difference between a PDC and Windows Workgroup member? A detailed description is beyond the scope of this chapter, but this simple explanation should be enough:

• A PDC stores the login information in a central database on its hard drive. This allows each user to have a universal username and password when logging in from all PCs on the network.
• In a Windows Workgroup, each PC stores the usernames and passwords locally so that they are unique for each PC.

This chapter will only cover the much more popular PDC methodology used at home. By default, Samba mimics a Windows PDC in almost every way needed for simple file sharing. Linux functionality doesn't disappear when you do this. Samba Domains and Linux share the same usernames so you can log into the Samba based Windows domain using your Linux password and immediately gain access to files in your Linux user's home directory. For added security you can make your Samba and Linux passwords different.

When it starts up, and with every client request, the Samba daemon reads the configuration file /etc/samba/smb.conf to determine its various modes of operation. You can create your own smb.conf using a text editor or the Web-based SWAT utility which is easier. Keep in mind, however, that if you create /etc/samba/smb.conf with a text editor then subsequently use SWAT to edit the file, you will lose all the comments you inserted with the text editor. I'll explain how to use both SWAT and a text editor to configure Samba later in this chapter.

Note: As your smb.conf is constantly being accessed, you're better off editing a copy of it if you decide not to use SWAT.