If you have a Solaris 10 system, the Samba software is likely already on the
system and you will likely just need to configure it. If you type ls
/usr/sfw/bin/smb* and see smblicent, smbstatus, etc.
then you already have it on the system. If not, try find / -name
smbclient to look for it.
If you have an account already on the Solaris system from which you wish to share files or folders you can use it and can skip to Configuring Samba support for account. But supposing you wish to create a new account specifically for sharing files to a Windows system, then follow the steps below. This explanation was written specifically for sharing files from a Xerox DocuSP system, but is generally applicable to setting up Samba on any Sun Solaris 10 system.
Adding a New Account
su - root.useradd command.
# useradd -u 40022 -g staff -c "DocuSP folder sharing" -m -s /usr/bin/bash docusp01
-u specifies the userid. It should be one not already used on the
system. You can type cat /etc/passwd to see all of the accounts
on the system. The UID value is the number after the second colon in each
line.-g specifies the group the account belongs to and can be
staff, if you don't have another group you wish to use.-c allows you to put a comment in the entry.-m specifies that a home directory be created for the new user.
In this case it will be /export/home/docusp01. It
is in the form base_dir/account_name where base_dir is the
base directory for the new home directories and account_name is the name for
the new account.-s specifies the
shell to use
for the new account, which in this case the
BASH shell, which is located
in /usr/bin.
# passwd docusp01
If you need to later change any parameters for the account, you can use
the usermod command.
Now that you have created the account you wish to use, you can configure Samba support for that account.
Configuring Samba support for account
You need to edit /etc/sfw/smb.conf (You may wish to create a
backup copy first), e.g. cp -p /etc/sfw/smb.conf
/etc/sfw/smb.conf.old.
Change the line workgroup = WORKGROUP to match whatever
workgroup or domain you use for your Windows systems, e.g.
workgroup = SOMECOMPANY.
You can also change server string to be whatever you wish.
I changed it from the default of server string = XXP240250
to the following:
server string = Xerox DocuColor 250
Choose which systems should have access to shared folders on the Solaris system
by adding a hosts allow line. There is one in the smb.conf
file to show you how to configure this line, but it is commented out.
# hosts allow = 192.168.1. 192.168.2.0./24 192.168.3.0/255.255.255.0 127.0.0.1
If my systems are on a 192.168.0.0/24 subnet, i.e. systems have an address
of 192.168.0.x and use a subnet mask of 255.255.255.0, I could allow access
from any system on the subnet by using 192.168.0.0/24 or
192.168.0. If I only want to allow access from two specific
systems, say 192.168.0.25 and 192.168.0.36, plus the Solaris system itself for
testing using the loopback address 127.0.0.1, I would add the following line:
hosts allow = 192.168.0.25 192.168.0.36 127.0.0.1
If you wish to set a maximum size for the log file that records information
about Samba connections, find #max log size = 50, remove
the comment character, # and change the number to whaterver
you wish to use, e.g. 16384 for 16 MB.
I also uncommented the line that specifies where the log file is located, but changed the line from:
#log file = /usr/local/samba/var/log.%m
To the following line instead:
log file = /var/log/samba/log.%m
I also created a samba directory under /var/log to hold the Samba logs and then changed its protection so only root can view the logs.
# mkdir /var/log/samba
# chmod 700 /var/log/samba
At the end of the smb.conf file, you can add information about the folder you wish to share. In this case for the DocuSP system, I want to share the folder /var/spool/XRXnps/saved. I want to make it browseable from the Windows systems to which I am granting access, but I don't want them to be able to add files or modify files in the directory. And I only want to grant acces to the new account, docusp01, that I created, so I added the following lines:
# DocuSP folder shared read-only to Windows systems
[DocuSP]
comment = DocuSP XRXnps saved
path = /var/spool/XRXnps/saved
valid users = docusp01
browseable = yes
public = yes
writable = no
printable = no
The valid users = docusp01 will limit access to only the
docusp01 account I created.
I need to grant access to the /var/spool/XRXnps/saved directory. Xerox recommends granting read, write, execute access to everyone for this directory using the command below:
# chmod 777 /var/spool/XRXnps/saved
I issued that command, though I am still restricting access through
/etc/smb.conf.
The default permission on the directory prior to issuing that command is
shown below:
# ls -ld /var/spool/XRXnps/saved
drwxr-xr-x 43 root other 2048 Mar 23 12:55 /var/spool/XRXnps/saved
When I checked while setting up the system, Samba appeared to be running, i.e., I saw smbd running and when I checkd the services on the system, I saw Samba listed:
# ps -ef | grep smb | grep -v grep
root 1005 1 0 Mar 23 ? 0:00 /usr/sfw/sbin/smbd -D
root 1007 1005 0 Mar 23 ? 0:00 /usr/sfw/sbin/smbd -D
# svcs | grep samba
legacy_run Mar_23 lrc:/etc/rc3_d/S90samba
So I stopped and restarted it.
# /etc/init.d/samba stop
# /etc/init.d/samba start
Once I did that, I saw the system appear as SIP-8 in the workgroup used by the company for whom I was setting it up, when I checked on what systems were in the workgroup. But you may not always see the system show up immediately.
C:\>net view /domain:frostinc Server Name Remark ------------------------------------------------------------------------------- \\FROSTINC26 Cindy's Dell Dimension 3000 \\PCWORKSTATION Gateway Profile 4 \\SIP-8 Xerox DocuColor 250 The command completed successfully.
But to allow access from a Windows PC using the account I created,
I needed to set a Samba password for the docusp01 account I created on the
Solaris system. You can
use the smbpasswd command to create a Samba password for the
account that can be used to access the shared folder from a Windows system.
This can be the same as the one you use for logging into the account under
Solaris, but doesn't necessarily have to be the same as the password for
the account.
# /usr/sfw/bin/smbpasswd -a docusp01
New SMB: password:
The -a specifies that you are adding a new account password rather
than changing an existing one. When I first ran the command I received the
error message shown below.
# /usr/sfw/bin/smbpasswd docusp01
New SMB password:
Retype new SMB password:
startsmbfilepwent_internal: file /opt/XRXnps/XRXsamba/private/smbpasswd did not exist. Couldn't create new one. Error was: No such file or directoryUnable to open passdb database.
Failed to find entry for user docusp01.
Failed to modify password entry for user docusp01In the /etc/sfw/smb.conf file, the lines below appeared:
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /opt/XRXnps/XRXsamba/private/smbpasswd
Once I realized that the directory XRXsamba did not exist, I created it and the private subdirectory beneath it.
# ls /opt/XRXnps/XRXsamba
/opt/XRXnps/XRXsamba: No such file or directory
# mkdir /opt/XRXnps/XRXsamba
# mkdir /opt/XRXnps/XRXsamba/private
I was then able to use the smbpasswd command without the
prior error occurring.
# /usr/sfw/bin/smbpasswd -a docusp01
New SMB password:
Retype new SMB password:
startsmbfilepwent_internal: file /opt/XRXnps/XRXsamba/private/smbpasswd did not
exist. File successfully created.
Added user docusp01.
And when I looked in the smbd.log file, I saw an entry indicating the encrypted password file had been created.
# cat /var/log/samba/log.smbd
[2007/03/25 22:27:58, 0] passdb/pdb_smbpasswd.c:(195)
startsmbfilepwent_internal: file /opt/XRXnps/XRXsamba/private/smbpasswd did not exist. File successfully created.
I was then able to access the shared folder from one of the Windows PCs to which I had granted access to the shared folder by listing its IP address in /etc/smb.conf. To access the shared folder on the Solaris system from the PC, I used the username of SIP-8\docusp01 and the password for that account.
C:\>net view \\sip-8 Shared resources at \\sip-8 Xerox DocuColor 250 Share name Type Used as Comment ------------------------------------------------------------------------------- DocuSP Disk (UNC) DocuSP XRXnps saved The command completed successfully.
And from the Solaris system, I could issue the smbstatus
command and see the access from the Windows PC.
# /usr/sfw/bin/smbstatus creating lame upcase table creating lame lowcase table Samba version 3.0.11 PID Username Group Machine ------------------------------------------------------------------- 8446 docusp01 staff pcworkstation (192.168.0.26) Service pid machine Connected at ------------------------------------------------------- DocuSP 8446 pcworkstation Sun Mar 25 22:43:58 2007 No locked files
And I saw entries appear in /var/log/samba/log.pcworkstation for the connection from the PC.
I could also issue the smbclient command from the Solaris system
to view shared directories on the Windows PC.
# /usr/sfw/bin/smbclient -L 192.168.0.25 -U Smith
For the smbclient command, the -L parameter
specified the address of the PC and the -U parameter specified
an account on that Windows PC, for which I received a password prompt
I also set up Samba on a second DocuSP system, SIP-3. When I created a
shortcut on the Windows PC's desktop, I had to specify the IP address of
the Solaris DocuSP system instead of SIP-3, e.g. I had to use
\\192.168.0.36\docusp as the location. When prompted for the
userid and password, I entered
\\SIP-3\docusp-1 as the username and the password for that
account set up through smbpasswd on the Solaris system. It
was accepted and I was able to access files on the DocuSP system through
the shortcut. But the system wasn't showing up when I entered the
command net view /domain:somecompany
References:
Created: Monday March 26, 2007 9:16 PM