Linux In a Windows Network with SAMBA
by Mark Rais,  Senior Editor ReallyLinux.com

Integrating Fedora Linux into a Windows network is reasonable and easy as long as you use the SAMBA utilities.  I share the main steps necessary to implement such a SAMBA server within most Windows environments.



Once integrated a Linux server looks and acts exactly like any other server on a Windows intranet.  You will have the ability to drag and drop files, view server contents and directories using Windows File Manager, and even edit files on a Linux server from any Windows desktop.

This article is a guide to setting up a full fledged FEDORA LINUX/SAMBA server.  If you need basic steps for connecting Linux with Windows please read my article Windows to Linux: Basic Networking.  If you're a system administrator and are planning to integrate the Linux server into your AD server environment, I'm sorry I do not go into details how to configure smb.conf for ADS usernames, although it can be done.  I will walk you through the main steps for installing a SAMBA Server.  This, in my opinion, is the first part to any future more advanced integration.

First, you must allow the Linux server full rights and access to the Windows workgroup and local domain.   That means that either in your Active Server environment you need to reserve an IP address for the Linux server, or you simply need to ensure a hard coded IP address is given to the Linux server.   The server must have a reserved IP address whether you deliver it via DHCP or statically assign it in the DNS. This also means that you need to ALLOW SMB DAEMON to operate. You can ensure your system security does this by editing your Firewall setup or using system-config-securitylevel .

Second, you must ensure that SAMBA (SAMBA tools and the SMB protocol) is installed and running on the Linux server.   Most versions of Fedora come with the necessary packages. You should also be sure to update your SAMBA security levels properly if you are having trouble accessing a shared directory. This is found under Samba Server Configuration tool, main menu Properties, option Server Settings, and then the tab: Security.

Now you are ready to configure your Fedora Linux/SAMBA machine... aka. SAMBA Server.


For further troubleshooting these two webpages may be helpful as well:

Samba Tech Doc

Samba Troubleshooting: Unknown User


EDITING THE SMB.CONF FILE

If you must edit the smb.conf file here are a few pointers:

1. Find your smb.conf file

The smb.conf file contains the key elements for configuring your SAMBA server. It is almost always located in the directory /etc/samba and so you get to it with the command: cd /etc/samba

2. Edit the smb.conf file

First use this command to make a backup of your file: cp smb.conf smb.conf.backup

3. Now edit the smb.conf file using your favorite text editor.

One of the most important lines is this:

# workgroup = NT-Domain-Name or Workgroup-Name

workgroup = workgroup

Be sure that the workgroup matches the Windows workgroup you want this server in. In the example it is set to “workgroup”.

If you're editing this file to allow for WindowsNT or ADS usernames, be sure next to wins server you specify the correct LINUX server IP address:

wins server = 10.1.2.20

The Share Definitions section is MOST VITAL. Under this section you must at least ensure that the username file is mapped correctly. In the basic example I am writing about you will map to the standard SAMBA username file.

username map = /etc/samba/smbusers

Notice that I've removed the ; so this parameter is actually used.

Now test that every change you've made at least passes the parameter test. At the command prompt type:

testparm

You should see zero errors.

4. Don't forget once you edit the smb.conf file you either need to run the command:

/etc/rc.d/init.d/smb restart

or you can simply reboot the server. But please do one of these or your changes will not get picked up!

If you run into problems or this part fails, download this example smb.conf file or restore your .backup file and try again.


INTEGRATING WITH MICROSOFT ADS OR NT LOGINS

Maybe at this point you're in dire need to figure out how to use the SAME exact logins/password for users on the LINUX/SAMBA server as in the rest of your ADS environment. I promised I would avoid the details of this but here are some helpful tips. In the smb.conf file you will need to add the obvious configuration lines for ADS, but also be sure to change this line:
unix password sync = yes
This is vital!

You may benefit from reviewing these two articles regarding username logins:
Samba Guide on ADS
Samba HOW-TO ADS Membership




Mark Rais has written several books and numerous articles on integrating Linux and Windows for a number of magazines. Besides serving as managing editor for reallylinux.com, Rais dedicates his time to helping solve the technology issues for government and businesses.

UPDATED version 4.34
Linux is a registered trademark of Linus Torvalds. Microsoft, Microsoft Windows, Active Directory Server, WindowsNT and WindowsXP are trademarks or registered trademarks of Microsoft Corporation both in the United States and Internationally. All other trademarks or registered trademarks in this article belong to their respective owners.