4 >How to Install and Test SAMBA</TITLE
7 CONTENT="Modular DocBook HTML Stylesheet Version 1.57"></HEAD
23 >How to Install and Test SAMBA</A
32 >Step 0: Read the man pages</A
35 >The man pages distributed with SAMBA contain
36 lots of useful info that will help to get you started.
37 If you don't know how to read man pages then try
46 >nroff -man smbd.8 | more
51 >Other sources of information are pointed to
52 by the Samba web site,<A
53 HREF="http://www.samba.org/"
55 > http://www.samba.org</A
64 >Step 1: Building the Binaries</A
67 >To do this, first run the program <B
71 > in the source directory. This should automatically
72 configure Samba for your operating system. If you have unusual
73 needs then you may wish to run</P
86 >first to see what special options you can enable.
99 >will create the binaries. Once it's successfully
100 compiled you can use </P
112 >to install the binaries and manual pages. You can
113 separately install the binaries and/or man pages using</P
139 >Note that if you are upgrading for a previous version
140 of Samba you might like to know that the old versions of
141 the binaries will be renamed with a ".old" extension. You
142 can go back to the previous version with</P
155 >if you find this version a disaster!</P
163 >Step 2: The all important step</A
166 >At this stage you must fetch yourself a
167 coffee or other drink you find stimulating. Getting the rest
168 of the install right can sometimes be tricky, so you will
171 >If you have installed samba before then you can skip
180 >Step 3: Create the smb configuration file.</A
183 >There are sample configuration files in the examples
184 subdirectory in the distribution. I suggest you read them
185 carefully so you can see how the options go together in
186 practice. See the man page for all the options.</P
188 >The simplest useful configuration file would be
189 something like this:</P
192 CLASS="PROGRAMLISTING"
202 >which would allow connections by anyone with an
203 account on the server, using either their login name or
204 "homes" as the service name. (Note that I also set the
205 workgroup that Samba is part of. See BROWSING.txt for details)</P
214 > file. You need to create it
217 >Make sure you put the smb.conf file in the same place
218 you specified in the<TT
224 >/usr/local/samba/lib/</TT
227 >For more information about security settings for the
228 [homes] share please refer to the document UNIX_SECURITY.txt.</P
236 >Step 4: Test your config file with
243 >It's important that you test the validity of your
247 > file using the testparm program.
248 If testparm runs OK then it will list the loaded services. If
249 not it will give an error message.</P
251 >Make sure it runs OK and that the services look
252 reasonable before proceeding. </P
260 >Step 5: Starting the smbd and nmbd</A
263 >You must choose to start smbd and nmbd either
264 as daemons or from <B
268 to do both! Either you can put them in <TT
271 > and have them started on demand
275 >, or you can start them as
276 daemons either from the command line or in <TT
279 >. See the man pages for details
280 on the command line options. Take particular care to read
281 the bit about what user you need to be in order to start
282 Samba. In many cases you must be root.</P
284 >The main advantage of starting <B
291 > using the recommended daemon method
292 is that they will respond slightly more quickly to an initial connection
300 >Step 5a: Starting from inetd.conf</A
303 >NOTE; The following will be different if
304 you use NIS or NIS+ to distributed services maps.</P
310 What is defined at port 139/tcp. If nothing is defined
311 then add a line like this:</P
316 >netbios-ssn 139/tcp</B
320 >similarly for 137/udp you should have an entry like:</P
325 >netbios-ns 137/udp</B
333 and add two lines something like this:</P
336 CLASS="PROGRAMLISTING"
337 > netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd
338 netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd
342 >The exact syntax of <TT
346 varies between unixes. Look at the other entries in inetd.conf
349 >NOTE: Some unixes already have entries like netbios_ns
350 (note the underscore) in <TT
354 You must either edit <TT
361 > to make them consistent.</P
363 >NOTE: On many systems you may need to use the
364 "interfaces" option in smb.conf to specify the IP address
365 and netmask of your interfaces. Run <B
369 as root if you don't know what the broadcast is for your
373 > tries to determine it at run
374 time, but fails on some unixes. See the section on "testing nmbd"
375 for a method of finding if you need to do this.</P
377 >!!!WARNING!!! Many unixes only accept around 5
378 parameters on the command line in <TT
382 This means you shouldn't use spaces between the options and
383 arguments, or you should use a script, and start the script
393 it a HUP. If you have installed an earlier version of <B
396 > then you may need to kill nmbd as well.</P
404 >Step 5b. Alternative: starting it as a daemon</A
407 >To start the server as a daemon you should create
408 a script something like this one, perhaps calling
415 CLASS="PROGRAMLISTING"
417 /usr/local/samba/bin/smbd -D
418 /usr/local/samba/bin/nmbd -D
422 >then make it executable with <B
432 hand or execute it from <TT
438 >To kill it send a kill signal to the processes
447 >NOTE: If you use the SVR4 style init system then
448 you may like to look at the <TT
450 >examples/svr4-startup</TT
452 script to make Samba fit into that system.</P
461 >Step 6: Try listing the shares available on your
481 >You should get back a list of shares available on
482 your server. If you don't then something is incorrectly setup.
483 Note that this method can also be used to see what shares
484 are available on other LanManager clients (such as WfWg).</P
486 >If you choose user level security then you may find
487 that Samba requests a password before it will list the shares.
491 > man page for details. (you
492 can force it to list the shares without a password by
493 adding the option -U% to the command line. This will not work
494 with non-Samba servers)</P
502 >Step 7: Try connecting with the unix client</A
514 > //yourhostname/aservice</I
526 would be the name of the host where you installed <B
535 any service you have defined in the <TT
539 file. Try your user name if you just have a [homes] section
545 >For example if your unix host is bambi and your login
546 name is fred you would type:</P
554 >smbclient //bambi/fred
565 >Step 8: Try connecting from a DOS, WfWg, Win9x, WinNT,
566 Win2k, OS/2, etc... client</A
569 >Try mounting disks. eg:</P
573 >C:\WINDOWS\> </TT
577 >net use d: \\servername\service
582 >Try printing. eg:</P
586 >C:\WINDOWS\> </TT
591 \\servername\spoolservice</B
597 >C:\WINDOWS\> </TT
606 >Celebrate, or send me a bug report!</P
614 >What If Things Don't Work?</A
617 >If nothing works and you start to think "who wrote
618 this pile of trash" then I suggest you do step 2 again (and
619 again) till you calm down.</P
621 >Then you might read the file DIAGNOSIS.txt and the
622 FAQ. If you are still stuck then try the mailing list or
623 newsgroup (look in the README for details). Samba has been
624 successfully installed at thousands of sites worldwide, so maybe
625 someone else has hit your problem and has overcome it. You could
626 also use the WWW site to scan back issues of the samba-digest.</P
628 >When you fix the problem PLEASE send me some updates to the
629 documentation (or source code) so that the next person will find it
637 >Diagnosing Problems</A
640 >If you have installation problems then go to
656 >By default Samba uses a blank scope ID. This means
657 all your windows boxes must also have a blank scope ID.
658 If you really want to use a non-blank scope ID then you will
659 need to use the 'netbios scope' smb.conf option.
660 All your PCs will need to have the same setting for
661 this to work. I do not recommend scope IDs.</P
669 >Choosing the Protocol Level</A
672 >The SMB protocol has many dialects. Currently
673 Samba supports 5, called CORE, COREPLUS, LANMAN1,
676 >You can choose what maximum protocol to support
680 > file. The default is
681 NT1 and that is the best for the vast majority of sites.</P
683 >In older versions of Samba you may have found it
684 necessary to use COREPLUS. The limitations that led to
685 this have mostly been fixed. It is now less likely that you
686 will want to use less than LANMAN1. The only remaining advantage
687 of COREPLUS is that for some obscure reason WfWg preserves
688 the case of passwords in this protocol, whereas under LANMAN1,
689 LANMAN2 or NT1 it uppercases all passwords before sending them,
690 forcing you to use the "password level=" option in some cases.</P
692 >The main advantage of LANMAN2 and NT1 is support for
693 long filenames with some clients (eg: smbclient, Windows NT
696 >See the smb.conf(5) manual page for more details.</P
698 >Note: To support print queue reporting you may find
699 that you have to use TCP/IP as the default protocol under
700 WfWg. For some reason if you leave Netbeui as the default
701 it may break the print queue reporting on some systems.
702 It is presumably a WfWg bug.</P
710 >Printing from UNIX to a Client PC</A
713 >To use a printer that is available via a smb-based
714 server from a unix host you will need to compile the
715 smbclient program. You then need to install the script
716 "smbprint". Read the instruction in smbprint for more details.
719 >There is also a SYSV style script that does much
720 the same thing called smbprint.sysv. It contains instructions.</P
731 >One area which sometimes causes trouble is locking.</P
733 >There are two types of locking which need to be
734 performed by a SMB server. The first is "record locking"
735 which allows a client to lock a range of bytes in a open file.
736 The second is the "deny modes" that are specified when a file
739 >Record locking semantics under Unix is very
740 different from record locking under Windows. Versions
741 of Samba before 2.2 have tried to use the native
742 fcntl() unix system call to implement proper record
743 locking between different Samba clients. This can not
744 be fully correct due to several reasons. The simplest
745 is the fact that a Windows client is allowed to lock a
746 byte range up to 2^32 or 2^64, depending on the client
747 OS. The unix locking only supports byte ranges up to
748 2^31. So it is not possible to correctly satisfy a
749 lock request above 2^31. There are many more
750 differences, too many to be listed here.</P
752 >Samba 2.2 and above implements record locking
753 completely independent of the underlying unix
754 system. If a byte range lock that the client requests
755 happens to fall into the range 0-2^31, Samba hands
756 this request down to the Unix system. All other locks
757 can not be seen by unix anyway.</P
759 >Strictly a SMB server should check for locks before
760 every read and write call on a file. Unfortunately with the
761 way fcntl() works this can be slow and may overstress the
762 rpc.lockd. It is also almost always unnecessary as clients
763 are supposed to independently make locking calls before reads
764 and writes anyway if locking is important to them. By default
765 Samba only makes locking calls when explicitly asked
766 to by a client, but if you set "strict locking = yes" then it will
767 make lock checking calls on every read and write. </P
769 >You can also disable by range locking completely
770 using "locking = no". This is useful for those shares that
771 don't support locking or don't need it (such as cdroms). In
772 this case Samba fakes the return codes of locking calls to
773 tell clients that everything is OK.</P
775 >The second class of locking is the "deny modes". These
776 are set by an application when it opens a file to determine
777 what types of access should be allowed simultaneously with
778 its open. A client may ask for DENY_NONE, DENY_READ, DENY_WRITE
779 or DENY_ALL. There are also special compatibility modes called
780 DENY_FCB and DENY_DOS.</P
788 >Mapping Usernames</A
791 >If you have different usernames on the PCs and
792 the unix server then take a look at the "username map" option.
793 See the smb.conf man page for details.</P