If you have a network of Windows and Linux machines and you want to share between them. You can achieve this by using a useful tool called Samba. It is an open source tool that allows you to access shared resources including files, printers, etc.
This is one of the most common ways to network Ubuntu and Windows computers, configuring Samba as a file server. The shared files of the Samba server can be accessed from Windows or Linux clients.
In this article, using Ubuntu to install and configure a Samba server, explain how to install and configure Samba as a file storage system for Windows and Linux operating systems. Also includes how to access Samba shared files using other Linux and Windows client operating systems. Before accessing shared files, please make sure your server and client OS are in the same IP subnet. If it is an Ubuntu virtual machine, please use the NAT network connection.
what is samba
Samba is a free and open source implementation of the SMB/CIFS protocol for Unix and Linux that allows file and print sharing between Unix/Linux, Windows and macOS machines within a local area network.
[ Server Message Block (SMB)/Common Internet File System (CIFS) protocol ]
Samba is usually installed and run on Linux. It consists of several programs serving different but related purposes, the two most important of which are .
- smbd: Provides SMB/CIFS services (file sharing and printing), and can also act as a Windows domain controller.
- nmbd: This daemon provides the NetBIOS name service and listens for name server requests. It also allows other computers on the network to find the Samba server.
Install Samba on Ubuntu
Press Ctrl+Alt+T to start the terminal, first update the APT package repository cache update the APT package repository cache.
$ sudo apt update
Then enter the following command to install Samba:
$ sudo apt install samba
Verify SAMBA installation
You can verify that Samba is successfully installed and running by typing the following command. It will show the status of the Samba service.
$ sudo systemctl status smbd nmbd
Or check the samba status:
$ sudo smbstatus
View version:
$ smbd --version
View the installation file:
$ whereis samba
Set up a Samba share using the GUI
Once Samba is installed, you can share directories graphically through Nautilus, Ubuntu's default file manager.
If the following dialog appears, click Add the permissions automatically.
Once you have shared a directory, the icon for that directory should be changed, as you can see in the screenshot below.
Configure Samba users and permissions
After installing samba, in addition to directly setting the share on the above graphical interface, there is also a way to use configuration files to better control various functions of samba.
The main configuration file for Samba is located in /etc/samba/smb.conf. The default configuration file has extensive comments to document various configuration directives.
Not all available options are included in the default configuration file. See the man page for more details: The Official Samba 3.5.x HOWTO and Reference Guide
In a computer network, a work group is a collection of computers connected to a LAN that share common resources and responsibilities. In Microsoft's terminology, Workgroup generally refers to a peer-to-peer local area network.
The concept opposite to Work group is domain, domain. A domain is one in which the computers that make up the domain rely on centralized authentication.
So in the smb.conf configuration file, there are two key/value pairs in the [global] section:
workgroup = EXAMPLE
...
security = user
The workgoup here should be configured the same, and the samba server and client computer should be consistent. If the client uses domain instead of workgroup, just keep the default.
Workgroup: This controls which workgroup your server will appear in when queried by clients.
Default: workgroup = WORKGROUP
Example: workgroup = MYGROUP
Security:
The default is security = user, as this is the most common setting, for standalone file servers or DCs (Domain controllers).
Other options are security=ads or security=domain, which support joining Samba to a Windows domain.
If you want to primarily set up shares without passwords (guest shares), you should use security=user and map to guest=Bad User. This is typically used for shared printer servers.
About map to guest:
This parameter can take four different values, which tell smbd how to handle login requests from users who somehow do not qualify as valid UNIX users.
The four settings are:
Never - Means to deny login requests for users with invalid passwords. This is the default.
Bad User - Means that a user with an invalid password is denied login, unless the username does not exist, in which case it is considered a guest login and is mapped to the guest account.
Bad Password - means that a user login with an invalid password is considered a guest login and is mapped to the guest account. Note that this can cause problems, as it means that any user who enters their password incorrectly will silently be logged in as a "guest" -- and have no idea why they can't access files they think they should -- There will be no message telling them their password is wrong. The people at Helpdesk services will hate you if you set parameters like this.
Default: map to guest = Never
Example: map to guest = Bad User // Use this parameter to allow guest access
About the DC domain controller:
A domain controller is a computer server that responds to security authentication requests and authenticates users in a computer network domain. The controller is a gatekeeper that allows hosts to access domain resources. It also enforces security policies, stores user account information, and authenticates users for a domain.
Configure Samba shares
1. First, we will need to create a Samba directory where all shared data will be stored. Open a terminal and run the following command as sudo:
$sudo mkdir -p /srv/samba/share
$sudo chown nobody:nogroup /srv/samba/share/
File owner's group and password files: /etc/group, /etc/passwd
Configure the folder as the nobody user, because the guest user is this account by default.
It will create new subdirectory samba under the root directory.
Alternatively, we can choose an existing directory as the Samba shared directory.
2. Back up the configuration file by copying it in the same directory or in another directory. To copy the file, run the following command as sudo:
$ sudo cp /etc/samba/smb.conf /etc/samba/smb_backup.conf
It will make a backup file in the same directory.
3. Now edit the configuration file. Samba's configuration files are located in a file called smb.conf in /etc/samba/. You can use Gedit, Nano or Vim to edit configuration files. To edit this file using the nano editor, open a terminal and run the following command as sudo:
$ sudo nano /etc/samba/smb.conf
After editing, press Ctrl+O to save and Ctrl+X to exit.
Configure Samba Shares Using Configuration Files
Now we will configure our new directory samba as a share. To do this, we will add at the bottom of the Samba configuration file smb.conf file:
[share]
comment = Ubuntu File Server Share
path = /srv/samba/share
browsable = yes
guest ok = yes
read only = no
create mask = 0755
in
[share] = name of the share
comment= add a short description of the share
Path= shared directory.
Read only= It specifies whether the user is allowed to write
Browsable= Whether the share should be listed in the share list, so that Windows clients can use Windows Explorer to browse the shared directory. If it is set to no, only the shared directory can be accessed.
Create mask: Determines the permissions that new files will have when they are created.
Guest ok: Allows guests to connect to the share without providing a password.
There is an opposite setting to read only, writeable = yes.
If you want to control the users who access the samba server, you can use: valid users = @samba Tom, where @ is followed by the Linux Group name, and Tom is a single user name.
The path used in this example is /srv/samba/sharename because /srv is where specific data should be served according to the Filesystem Hierarchy Standard (FHS). Technically, Samba shares can be placed anywhere on the filesystem as long as the permissions are correct, but we recommend sticking to the standard.
After modifying the configuration file, you can run the following command to check for syntax errors:
$ testparm
Setting Up Samba User Accounts
Now, set up a user account for Samba. Samba uses system accounts to access shares (Samba user accounts are linked with the local Linux system accounts), but it does not accept passwords for system accounts. Therefore, we will need to set a password for this account, enter the following command as sudo. When asked for a password, enter a new password.
$ sudo smbpasswd -a username
The username here is the system username, if you don't know the system username you use, you can use: $(whoami) to replace.
You can also add a new user name, and then add this user to samba.
$ sudo adduser username
$ sudo smbpasswd -a username
If you want to control specific users to access the share, you can create a new group samba, add this user to this group, and then set valid users = @samba in smb.conf to indicate that only users in the samba group can access the share.
$ sudo groupadd samba
$ sudo gpasswd -a username samba
At the same time, make sure that the shared folder is readable and writable for the samba group:
$ sudo setfacl -R -m "g:samba:rwx" /srv/samba/share
The ACL settings for guest access were introduced earlier:
$sudo chown nobody:nogroup /srv/samba/share/
If it is accessible by guest, it can also be set:
$ sudo setfacl -R -m "u:nobody:rwx" /srv/samba/share
Restart the Samba service
Once you have completed all the configurations, restart the Samba service by running the following command:
$ sudo systemctl restart smbd.service nmbd.service
Normal service startup method:
$ sudo systemctl start smbd nmbd
Once started, smbd will listen on TCP ports 139 and 445, and nmbd will listen on UDP ports 137 and 138.
TCP 139: Used for file and printer sharing and other operations.
TCP 445: NetBIOS-less CIFS port.
UDP 137: Used for NetBIOS network browsing.
UDP 138: Used for NetBIOS name service.
If you have enabled UFW firewall on Ubuntu, then you need to open the above ports in the firewall with the following command.
$ sudo ufw allow samba
Connect to the Samba share
As mentioned earlier, you should be accessing files from a Samba server within a LAN. This means your Samba server's IP and the clients connecting to it should be on the same network.
For example, in my scenario, I have a Samba server and two clients: one is Linux and the other is Windows. All three machines are on the same network.
* IP of Samba (Server): 192.168.36.129/24
* IP of Linux (Client): 192.168.36.130/24
* IP of Windows (Client): 192.168.36.1/24
IP configuration of Samba server
You can check the IP address of any machine by running ifconfig in terminal.
$ ifconfig
The following is the IP configuration of my Samba server:
Method 1: Connect from Linux
There are two methods that allow you to connect to a Samba share from a Linux client.
1. Using the command line
2. Using the GUI
Below is the IP configuration of my Linux client.
1. Using the command line
To connect to a Samba share via the Linux command line, you will need the smbclient tool. To install smbclient, open a terminal and run the following command as sudo:
$ sudo apt install smbclient
Once installed, access the Samba share by running the command using the following syntax.
$ sudo smbclient //[IP_address or Host_name]/share_name –U username
[IP_address or Host_name] is the IP address or host name of the Samba server.
[share_name] is the name of the Samba share
[username] is the name of the user accessing the share
It will prompt for a password. After you enter your password, you will be logged into the Samba CLI. You can type help to see a list of various commands.
2. Using the GUI
To access the Samba share through the GUI, open a Linux file manager. Click Connect to Server in the left pane of the file manager window.
In the "Connect to Server" window, enter the Samba server address in the following syntax and click "Connect".
smb:// [IP_address or Host_name]/[share_name] 。
The following screen will appear. Connect As, select Registered User.
Enter the Samba username and password. Leave the domain as default, and click Connect.
You will see the connection established. Now you can access files on the Samba server.
Or click Network directly, you can see the machine with samba share, click to enter, you can access samba share.
Method 2: Connect from Windows
You can connect to a Samba share using a Windows operating system in two ways.
1. Use the running tool
2. Using the file browser
Below is the IP configuration of my Windows client machine.
1. Use the running tool-Run utility
Press Windows key + R to launch the Run tool. Enter the address to access the Samba share in the syntax below and press Enter.
\\[IP-address]\[share_name]
It will prompt for credentials. Enter the credentials for the Samba share and click OK.
You will see the connection established. Now you can access files on the Samba server.
2. Using File Explorer
Launches File Explorer in a window. In the left pane, right-click This PC. Then select Add a network location from the drop-down options.
It will launch the "Add Network Location" wizard. Keep clicking "Next" until the following screen appears. Add the Samba shared address according to the syntax, and click Next.
\\[Ip-address]\share_name
On the next screen, you can change the name of the shared location. Click Next, then Finish to complete the process.
When the above process is complete, it will prompt for credentials, enter the credentials for the Samba share and click OK.
You will see the connection established. Now you can access files on the Samba server.
Similar to Linux, you can also directly click Network to see the machines with samba shares, click to enter, and you can access samba shares.
You can also use Map network drive.
So, to summarize, we have learned how to install and configure Samba on Ubuntu to create shares. We have learned how to connect these shares using Linux and Windows operating systems.
Possible problemsTroubleshooting Tip
If your Samba server is not working as expected, you can check the log files in the /var/log/samba/ directory. If you want to log more information, you can add the following line to the [global] section of the /etc/samba/smb.conf file to increase the log level.
log level = 2
If it shows that you do not have permission to connect, you can try the following command:
net use \\samba-server-ip\share-name /delete
net use \\samba-server-ip\share-name /user:samba-username password
Win10 can sometimes ping the server, or user login credentials can be added:
win key+R, enter "control userpasswords2", select the advanced tab, click password management or manage passwords.
Select windows credentials, then add, add your virtual machine's IP, username and password.
There is another way:
Run gpedit.msc, Computer Configuration->Administrative Templates->Network->Lanman Workstation->Enable insecure guest logon
There are also possible issues:
Windows function: enable or disable it, open win10 support for smb1.0/cifs file sharing
Win10 can ping but cannot access the virtual machine Ubuntu 14.04 samba (solved)
Make sure to select "SMB1.0/CIFS file sharing support", and then restart the computer to take effect.
reference:
How to Install and Configure Samba on Ubuntu – VITUX
How to Install Samba on Ubuntu
Install and Configure Samba Server on Ubuntu for File Sharing