SAMBA:
——————————————————————————–
SAMBA CLIENT ALL:
install SAMBA:
bos.cifs_fs.5.3.0.0.I
bos.cifs_fs.rte.5.3.0.62.U
bos.cifs_fs.smit.5.3.0.60.bff
smitty cifs_fs
lscifsmnt
rmcifsmnt -f /smb_mnt
mkcifsmnt -f /mnt -d share1 -h server1 -c user1
smitty cifs_fs:
first it will do in read-only, later have to come back again and set it again
If Share name is like this: \server name\share name, it is enough to write “share name” (\server.. not needed)
[Entry Fields]
- Pathname of mount point /homes/ftp/Test
SERVER name [10.10.40.10]
User Name [SSH01]
Password []
Share name [Test] <–what has been shared on the other system
Mount as a READ-ONLY system [no] <–first it will be read-only, come back again +
uid [6027083]
gid [6000116]
Mode [777]
Domain to Authenticate against [] <–once on windows I had to set here: ads
Remount now, add change to /etc/filesystems, [Both]
/etc/filesystems entry will mount on start [no]or both
Mount Type name []
After these the credential file has to be set as well:
smitty cifs_fs -> Credential configuration
/etc/cifs_fs/cifscred file allows future mounting of CIFS shares with stored credentials
lscifscred lists the server or user entries stored in the /etc/cifs_fs/cifscred file (mkcifscred, rmcifscred, chcifscred)
other methods:
/usr/sbin/mkcifsmnt -t rw -f /homes/ftp/29/test -d test -h 10.10.15.24 -c SSG01 -p xyz -u 32292 -g 6000116 -x 777
mount -v cifs -n 10.10.15.24/SSG01/xyz -o uid=32292,gid=200,fmode=775 test /homes/ftp/29/test
Once on Win side had to change something in order to work:
“I have changed something on the server - from “Send NTLMv2 response only. Refuse LM NTLM” to “ Send LM & NTLM - use NTLMv2 session security if negotiated” So I hope, this fixes the problem”
——————————————————————————–
——————————————————————————–
SAMBA SERVER ALL:
Needed ports:
netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp # NETBIOS Name Service
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp # NETBIOS Datagram Service
netbios-ssn 139/tcp # NETBIOS Session Service
netbios-ssn 139/udp # NETBIOS Session Service
microsoft-ds 445/tcp # Microsoft-DS
microsoft-ds 445/udp # Microsoft-DS
netbios is Windows file & printer sharing
Microsoft-DS (Microsoft Directory Services) is a port used for file sharing. It was introduced with Windows 2000 and gives you the possibility to use SMB protocol (stands for Server Message Block, but is also known as Samba) directly over TCP-IP on port 445.
In www.samba.org, written this:
UDP/137 - used by nmbd
UDP/138 - used by nmbd
TCP/139 - used by smbd
TCP/445 - used by smbd
INSTALL:
/mnt/MISC/SAMBA
-rwxrwxrwx 1 root sys 67379200 Jun 28 2005 samba-3.0.4.0.bff
smitty install:
root@aix31: /mnt/MISC/SAMBA # lslpp -l | grep -i samba
freeware.samba.rte 3.0.4.0 COMMITTED Samba Version 3.0.4
SWAT (SAMBA Web Administartion Tool) configuration: (not necessary, only if you want it)
It is a GUI for SAMBA, a web browser is needed for SWAT, and X11 as well.
/etc/services:
swat 901/tcp
/etc/inetd.conf:
swat stream tcp nowait root /usr/local/samba/sbin/swat swat
in browser:
http://localhost:901
SAMBA tools:
install dir: /usr/local/samba
/usr/local/samba/sbin/nmbd <–provides netbios nameserver supports to clients (nameserver for samba)
/usr/local/samba/sbin/smbd <–smb daemon
/usr/local/samba/sbin/smbd -b <–shows configuration infos. i.e.: path for the config file: smbd -b|grep smb.conf
/usr/local/samba/bin/smbstatus <–shows actual sharings and connections
/usr/local/samba/bin/testparm <–test the smb.conf file for any typo
/usr/local/samba/bin/pdbedit -a user123 <–creates users (on AIX I created before)
/usr/local/samba/bin/smbpasswd <–changes pw (-a: add a user who can access the shares from a client)
/usr/local/samba/bin/smbclient <–it is an SMB client program for UNIX machines, it provides an ftp like interface,
to transfer files between a windows 'server' and a unix 'client'
PROCESS OF SAMBA CONFIGURATION:
check ports: a 137,138,139,445 (if needed firewall opening)
rpcinfo, telnetcheck where is smb.conf:
/usr/local/samba/sbin/smbd -b <–shows version of SAMBA etc.,and the path to smb.confedit smb.conf:
/usr/local/samba/lib/smb.conf (it is a link to /etc/samba/smb.conf)
Create a similar entry:
[samba_share] <–use this name for connection
comment = share test <–anything can be written here
path = /home/samba_share <–path of the dir what we want to share
read only = no
guest ok = yes
read list = user123 <–users who will be able to read it (space separated)
write list = user123 <–users who will be able to write to it (space separated)
Important:
-check owner,rights of the given directory (in the path)
-after chacnging the conf file, daemons have to be restarted in order changes be refreshed
this is good for read only:
[samba_share]
comment = share test
path = /home/samba_share
read only = no
guest ok = yes
3.SAMBA user creation:
/usr/local/samba/bin/smbpasswd -a user123 <– -a: add user as well
Same user has to be created, to what we gave in the conf file
For root we can create one:
/usr/local/samba/bin/smbpasswd -a root
(root passw is needed)
- testing smb.conf:
/usr/local/samba/bin/testparm <–test the smb.conf file for any typo (default conf file)
testing not the default conf file:
/usr/local/samba/bin/testparm /etc/samba/smb.conf
starting daemons:
/usr/local/samba/sbin/smbd -D <– -D: handling it as daemon (this is the default)
/usr/local/samba/sbin/nmbd -Dconnecting to SAMBA:
LOCALLY (AIX):
/usr/local/samba/bin/smbclient //localhost/samba_share <–samba_share: which has been created in conf file
password is what has been created with smbpasswd for the user
if not root user, than check permissions of the conf file (if needed give read permission)
another way: /usr/local/samba/bin/smbclient -U% -L localhost
REMOTELY (WINDOWS):
(tools->map network drive->choose a drive)
the command: \10.10.101.78\samba_share <–it will map that directory
“Connect using a different username”: If on Windows and AIX users are identical this is not needed.
If user/pw created in SAMBA is different of the actual windows user/pw, then here we can give the SAMBA user/pw.
- Checks, tests:
/usr/local/samba/bin/smbstatus <–shows connections (if we could connect)
/usr/local/samba/bin/smbclient -L 10.10.101.78 <–shows which shares are available on a given host
!!!2 different SAMBA version (rpm and a fileset one) should no be installed at the same time (daemons did not started for me)!!!!
——————————————————————————–
I had this error:
(Samba was installed from rpm and it was started from inetd.)
smbclient -L localhost -U
added interface ip=10.10.10.8 bcast=10.10.35.31 nmask=255.255.255.224
session request to LOCALHOST failed (Call returned zero bytes (EOF)
)
session request to *SMBSERVER failed (Call returned zero bytes (EOF)
)
check samba logs (I turned this on)
vi /etc/inetd.conf: netbios-ssn stream tcp nowait root /usr/sbin/smbd -l /var/log/samba.log smbd
refresh -s inetd
(probably in syslog you can find where it is logging)cat samba.log
…
[2012/10/11 09:20:11, 0] tdb/tdbutil.c:tdb_log(531)
tdb(/etc/secrets.tdb): rec_free_read bad magic 0x2f73616d at offset=812 <–shows problems with /etc/secrets.tdb
[2012/10/11 09:20:11, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
pdb_generate_sam_sid: Failed to store generated machine SID.
[2012/10/11 09:20:11, 0] smbd/server.c:main(793)
ERROR: Samba cannot create a SAM SID.stop samba
vi /etc/inetd.conf -> comment lines smbd, nmbd
refresh -s inetdremove /etc/secrets.tdb
mv /etc/secrets.tdb /etc/secrets.tdb.oldstart samba
vi /etc/inetd.conf -> uncomment smbd, nmbd lines
refresh -s inetdtest login
smbclient -L localhost -U
added interface ip=10.10.10.8 bcast=10.10.35.31 nmask=255.255.255.224
Password:
I had this “error”:
smbstatus
Samba version 2.2.7
Service uid gid pid machine
Failed to open byte range locking database
ERROR: Failed to initialise locking database
Can’t initialise locking module - exiting
This is not an error after first successful login it will be OK.
I did: smbclient -L localhost -U
After that: smbstatus
Samba version 2.2.7
Service uid gid pid machine
No locked files