[vox-tech] Help Request with SAMBA and SWAT

ME vox-tech@lists.lugod.org
Mon, 15 Jul 2002 16:14:14 -0700 (PDT)


I see Pete has address some parts, so I will try to keep my focus more
narrow.

On Sun, 14 Jul 2002, Dick Ely using JPS-SMTP & POP wrote:
> I have been playing with smb.conf file and have some luck working with
> the manual sharing my Linux files...  But no luck yet sharing printers
> nor seeing the networked files on MS boxes connected.

This is often a problem for many , so you are not alone. :-)

> I understand that I should create my own smb.conf file and have been
> working with massive docs to do that.  But time is somewhat limited
> and I would be grateful for some help. My objective is to get to work
> and I am having limited success with smb.conf files.

the best place to check is:
$ man smb.conf

However, i will walk through some basic items you may want to try.

>   I would like to use SWAT or other recommended SAMBA set-up .
>
> SWAT simply hangs when I try to run it and when I try to log on  to 
> //localhost:901using gnome   I get *connection refused*.

Perhaps a firewall rule/filter is in place or perhaps the service is not
running. We can get to that later if something tested does not work.

> First:  Why cannot I log on to //localhost:901 using gnome?

Sorry, I dont use gnome. Another will have to field this question. :-/

> Second: Is SWAT a useful approach?  If so what is a good way to
> implement it.

I work from a mind-set where fewer services means less resource
consumption, and less need to read up on security lists for yet another
service. Fewer services save me time. Also, though SWAT is rather nifty,
I find a greater degree of granular control when I hand edit the smb.conf
file. I suggest using the smb.conf file to begin with and then later
switch over to it for testing and comparison. This will give you the power
you need to understand what swat is trying to do if for some reason swat
does not work they way you wish.

Make sure they are running.
how? things to try:
$ netstat -an | more
you should see at least 3 ports with entries like:
-------------------------------------------------------------------------
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
udp        0      0 0.0.0.0:138             0.0.0.0:*                           
udp        0      0 0.0.0.0:137             0.0.0.0:*                           
udp        0      0 0.0.0.0:177             0.0.0.0:*                           
-------------------------------------------------------------------------
as well as othe rentries. To "stop" looking at the output, press "q" (this
quits the pager, "more".

If you see ports 137, 138 and 139 open, then samba should be running.

If these ports are open with services, that is a good sign abnd you can
proceed. If they are not, then they may not be available for
starting. This is a point to stop if you dont see them above as some work
would be required to make sure they are running and available before going
on.

Assuming they are running... next, try this:
$ smbclient -L 127.0.0.1
if it asks for a password, just press return.
depending upon the setup of the server, it may list all of your shares or
may not. If it asks for a password, that is a good sign. If pressing
return gives you nothing or an error, please report the error. :-)

There are at least 3 common ways to set up your samba server:
As a member of a workgroup (what MS calls share based)
As a member of a domain with pass-thougth authentication to a domain
    controller.
a special hybrid that allows for user based authentication - not share
   based authentication, but not all of the features of a domain
   controller from MS.

For Samba's smb.conf check out what ou have set "security=" to be. Read up
in the man page for what the settings "share", "user", "server", and
"domain". The "easiest" to start with is probably "share", but fopr better
security, you may want to start with "user" or "server". If you go with
"user" or "server" then you may need to explicity add users to the
smbpasswd file before they can connect. Just for testing, you may want to
create a share with an entry:
guest ok = yes

Once you can actually see your shares with smbclient, then you can work
on. If you cant see the shares specified in your smb.conf you can try
restarting samba or tell it to re-read its config file.

If the shares are visible from smbclient, then we can go on...

printing...

Samba is much like netatalk when it comes to priting - both generally are
configured to use the OS's print spools, I use lprng, and have all of my
printers appropriately named in my /etc/printcap file. Then instead of
specifying each and every printer in Samba, I use the options:

load printers = yes
printing = LPRNG
printcap name = /etc/printcap

This allows samba to automagically use the printers I have defined and set
up as working on my linux box. It does however, require that I have
printing actually working from linux on the machine and it is using my
printcap entries.

In addition, I may sometimes use things like this in the [printers]
container:
[printers]
   path = /var/spool/samba/lpd
   printing = lprng
   browseable = no
   # temporary entry for allow guest access. Remove after testing.
   guest ok = yes
   printable = yes
   #not critical:
   print command        =       /usr/bin/lpr    -P%p -r %s
   lpq command          =       /usr/bin/lpq    -P%p
   lprm command         =       /usr/bin/lprm   -P%p %j
   lppause command      =       /usr/sbin/lpc   hold %p %j
   lpresume command     =       /usr/sbin/lpc   release %p %j
   queuepause command   =       /usr/sbin/lpc   -P%p stop
   queueresume command  =       /usr/sbin/lpc   -P%p start

This is for my own use on a private network and is not open to the public.

You can probably get by with just the first 5 or 6 lines in your printers
container. Check out your smb.conf file.

hope this helps. If you get stuck, post again with where you are stuck.

-ME

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ !PGP
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html