From 53601faba8f69c3454ad07acaceeef9165cb3743 Mon Sep 17 00:00:00 2001 From: bubulle Date: Mon, 6 Sep 2010 20:54:34 +0000 Subject: Merge 3.5.4 in upstream branch git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3574 fc4039ab-9d04-0410-8cac-899223bdd6b0 --- docs/htmldocs/using_samba/ch03.html | 2086 ----------------------------------- 1 file changed, 2086 deletions(-) delete mode 100644 docs/htmldocs/using_samba/ch03.html (limited to 'docs/htmldocs/using_samba/ch03.html') diff --git a/docs/htmldocs/using_samba/ch03.html b/docs/htmldocs/using_samba/ch03.html deleted file mode 100644 index 16e86f4f6d..0000000000 --- a/docs/htmldocs/using_samba/ch03.html +++ /dev/null @@ -1,2086 +0,0 @@ - - - - - -

Chapter 3. Configuring Windows Clients

- - -

Configuring Windows to use -your new Samba server is really quite simple. SMB is -Microsoft's native language for resource sharing on -a local area network, so much of the installation and setup on the -Windows client side have been taken care of already.

- - -
- -

Windows Networking Concepts

- -

Windows is different from Unix in -many ways, including how it supports networking. Before we get into -the hands-on task of clicking our way through the dialog boxes to -configure each version of Windows, we need to provide you with a -common foundation of networking technologies and concepts that apply -to the entire family of Windows operating systems.

- -

For each Windows version, these are the main issues we will be -dealing with:

- -
  • -

    Making sure required networking components are installed and bound to -the network adapter

    -
  • -

    Configuring networking with a valid IP address, netmask and gateway, -and WINS and DNS name servers

    -
  • -

    Assigning workgroup and computer names

    -
  • -

    Setting the username(s) and password(s)

    -
-

In addition, some minor issues involving communication and -coordination between Windows and Unix are different among Windows -versions.

- -

One can go crazy thinking about the ways in which Unix is different -from Windows, or the ways in which members of the Windows family are -different from each other in underlying technology, behavior, or -appearance. For now let's just focus on their -similarities and see if we can find some common ground.

- - -
- -

Components

- -

Unix -systems historically have been monolithic in nature, requiring -recompilation or relinking to create a kernel with a customized -feature set. However, modern versions have the ability to load or -unload device drivers or various other operating-system features as -modules while the system is running, without even needing to reboot.

- -

Windows allows for configuration by installing or uninstalling -components. As far as networking goes, -components can be one of three things:[1]

- -
  • -

    Protocols

    -
  • -

    Clients

    -
  • -

    Services

    -
-

Since Samba works using the TCP/IP protocol, of course -we'll want to have that installed. In some cases, we -also will want to find protocols to uninstall. -For example, if Netware protocol (IPX/SPX) is not required on the -network, it might as well be removed.

- -

NetBEUI protocol should be removed if -possible. Having NetBEUI running at the same time as NetBIOS over -TCP/IP causes the system to look for services under two different -protocols, only one of which is likely to be in use. When Windows is -configured with one or more unused protocols, 30-second delays will -result when Windows tries to communicate with the unused protocol. -Eventually, it times out and tries another one, until it finds one -that works. This fruitless searching results in terrible performance.

- -

The other two items in the list, client and service components, are -pretty much what you'd expect. Client components -perform tasks related to connecting with network servers, and service -components are for making the local system into a server of resources -on the network. In Chapter 1 we told you that SMB -systems can act as both clients and servers, offering resources on -the network at the same time they request resources. In accordance -with that, it is possible to install a component for SMB client -services and, separately, a service component that allows file and -printer shares on the local system to be accessible from other -systems on the network.

- - -
- -

Bindings

- -

Once -a networking component is installed, it must be -bound to a hardware interface, or -adapter, to be used on the network. At first -this might seem like an odd complication; however, it is a conceptual -model that allows the associations between hardware and software to -be clearly displayed and easily modified through a graphical -interface.

- -

We will want to make sure that your Windows client has both TCP/IP -and the client component for SMB networking installed and also that -it is bound to the network adapter that connects to our Samba -network, which in most cases will be an Ethernet adapter.

- - -
- - -
- - -
- -

IP Address

- -

Just like any Unix system (or any other system that is using TCP/IP), -your Windows systems will need an IP address. If you are using -DHCP -on your network, you can configure Windows to obtain its IP address -automatically by using a DHCP server. Otherwise, you will need to -assign a static IP address manually along with a netmask.[2]

- -

If you are on a private network where you have the authority to -assign your own IP addresses, you can select from addresses in one of -three ranges:[3]

- -
  • -

    10.0.0.1 through 10.255.255.254

    -
  • -

    172.16.0.1 through 172.31.255.254

    -
  • -

    192.168.0.1 through 192.168.255.254

    -
-

These address ranges are reserved for private networks not directly -connected to the Internet. For more information on using these -private network addresses, see RFC 1918.

- -

If you're not maintaining your own separate network, -see your system administrator for some available addresses on your -network, as well as for the proper netmask to use.

- -

You should also be prepared to enter the IP address of the default -gateway for the network. In some networks, the default gateway is the -system or router that connects the LAN to the Internet. In other -cases, the default gateway connects a subnet into a larger -departmental or enterprise network.

- - -
- - -
- -

Name Resolution

- -

Name resolution is the function of -translating human-friendly hostnames, such as -hopi, or fully qualified domain names (FQDNs), -such as mixtec.metran.cx, into IP addresses, such -as 172.16.1.11 or 172.16.1.7.

- -

Unix systems can perform name resolution using an -/etc/hosts file at the minimum, and more commonly can -also incorporate services such as -DNS (Domain Name System) -and NIS (Network Information Service). -Thus, name resolution is not necessarily performed by one isolated -part of the operating system or one daemon, but is a system that can -have a number of dispersed parts (although the -name -service switch, with its -/etc/nsswitch.conf configuration file, helps to tie them -together).

- -

Although the specific implementation is different, name resolution in -Windows is also performed by querying a number of resources, some of -which are similar (or even identical) to their Unix counterparts.

- - -
- -

Broadcast name resolution

- -

On the other hand, there is one way in which Windows is not at all -similar to Unix. If a Windows workstation is set up with no WINS name -server, it will use the broadcast method of -name resolution, as described in Chapter 1,[4] probably resulting in a -very busy network. And even if you provide name servers for your -Windows system to use, it might still resort to broadcast name -resolution if it is unsuccessful at querying the name servers. For -this reason, we recommend that you provide multiple reliable name -servers for your Windows computers on the network.

- -

If that weren't enough to get you interested in -setting up WINS and DNS servers, broadcast name resolution is usually -limited to working on the local subnet because routers are usually -configured not to forward broadcast packets to other networks.

- - -
- - - -
- -

WINS

- -

We've already told you about WINS in Chapter 1, and we don't have much more -to say about it here. WINS can translate simple NetBIOS computer -names such as huastec or -navajo into IP addresses, as required on an SMB -network. Of course, the interesting thing here is that Samba can act -as a WINS server if you include the line:

- -
wins support = yes
- -

in your Samba server's -smb.conf file. -This can be a good thing, to be sure, and we highly recommend it. Not -only will you have a reliable WINS server to reduce the number of -broadcast packets, but you won't need to run Windows -NT/2000/XP to get it.

-

WARNING

-

One caveat about using Samba as a WINS server is that Samba (up to Version -2.2, at least) cannot synchronize with other WINS servers. So if you -specify a Samba server as your Windows system's WINS -server, you must be careful not to specify any additional (i.e., -secondary) WINS servers. If you do, you are likely to run into -problems because the servers will not be able to synchronize their -databases with each other. In Samba's defense, if -you are using a Samba WINS server (running on a typically reliable -Unix host), you will probably have little need for a secondary WINS -server anyway.

-
- - -
- - - -
- -

LMHOSTS

- -

All Windows versions support a backup method of name resolution, in -the form of a file called -LMHOSTS [5] -that contains a lookup table of computer names and IP addresses. This -exists for "historical purposes," -and is a rather awkward method of name resolution because it requires -the administrator (i.e., you!) to keep copies of -LMHOSTS up to date on every single Windows -system on the network. To be fully effective, -LMHOSTS would have to be updated every time a -new system were added to (or removed from) the network. Of course, -there might be ways to automate that process, but a better option -would be simply to run a WINS name server that is intentionally -designed to solve that specific problem.

- -

There are perhaps a couple of reasons why you might want to bother -with LMHOSTS files. In rare situations, there -might be no WINS server on the network. Or maybe a WINS server -exists, but it's unreliable. In both cases, if the -Windows system has a valid LMHOSTS file, it can -help to avoid your network bogging down from those dreaded broadcast -name queries.

- -

The format of the LMHOSTS file is simple and -similar to the /etc/hosts file with which you -might be familiar from running Unix systems. Here are the contents of -a sample LMHOSTS file:

- -
172.16.1.1      toltec
-172.16.1.2      aztec
-172.16.1.3      mixtec
-172.16.1.4      zapotec
-172.16.1.5      huastec
-172.16.1.6      maya
-172.16.1.7      olmec
-172.16.1.8      chichimec
-172.16.1.11     hopi
-172.16.1.12     zuni
-172.16.1.13     dine
-172.16.1.14     pima
-172.16.1.15     apache
-172.16.1.21     inca
-172.16.1.22     qero
- -

As you can see, the format is like that of -/etc/hosts, except that instead of an FQDN -(e.g., toltec.metran.cx), only a NetBIOS computer -name (toltec) is given. One way to create an -LMHOSTS file for your Windows systems is to copy -a /etc/hosts file and edit out the parts you -don't need. This will work great if your network -doesn't have a DNS (or NIS) name server and the Unix -system is dependent on /etc/hosts for its own -name service. But if your Unix system is querying a DNS server (which -is the most frequent case on anything larger than the very smallest -networks), you would be better advised to look in the DNS -server's configuration files for your source of -computer names and IP addresses.

- -

If you do not have administrative access to your -network's DNS server, you might be able to use tools -such as nslookup, -nmap, and -dig to query the server and obtain the -information you need.

- - -
- - - -
- -

DNS

- -

The DNS -is responsible for translating human-readable, Internet-style -hostnames such as pima.metran.cx or -sales.oreilly.com into IP addresses.

- -

On your first reading of this section, you might be wondering what a -section on DNS is doing in a book about NetBIOS and SMB networking. -Remember, we told you that Windows can use more than WINS (NetBIOS -Name Service) in its strategy for performing name resolution. Because -DNS is also able to supply IP addresses for simple hostnames (which -are usually the same as NetBIOS computer names), it can be helpful to -configure Windows to know about a DNS server on your network. This is -slightly more important for newer Windows versions than older ones, -and more so for Windows NT/2000/XP than for Windows 95/98/Me, because -nowadays Microsoft is focusing more on TCP/IP as the standard -protocol and DNS as the primary name service.

- -

To find the address of your DNS server, look at the file -/etc/resolv.conf on your Samba server or any other Unix -system on the local network that is using DNS. It looks like the -following:

- -
#resolv.conf 
-domain metran.cx
-nameserver 127.0.0.1 
-nameserver 172.16.1.53
- -

In this example, the first name server in the list is 127.0.0.1, -which indicates that the Samba server is also a DNS server for this -LAN.[6] In that case, you would use its network IP -address (not 127.0.0.1, its localhost address) -for your DNS server when configuring Windows. Otherwise, use the -other addresses you find in the lines beginning with -nameserver. Try to select ones on your own -network. Any name servers listed in -/etc/resolv.conf should work, but -you'll get better performance by using a server -nearby.

- -

All versions of Windows can be configured to know of multiple domain -name servers, and you might wish to take advantage of this for -increased reliability. If the first domain name server does not -respond, Windows can try others in its list.

- - -
- - - -
- -

HOSTS

- -

Similar to how the LMHOSTS file can be added to -supplement WINS, the -HOSTS file on a Windows system can be optionally -added to supplement DNS name resolution. Most of our comments -regarding LMHOSTS also apply here.

- -

This time the format of the file is not just similar to that of -/etc/hosts found on Unix—the format is -exactly the same. You can simply copy -/etc/hosts from your Samba server or other Unix -system to the proper directory on your Windows system.

- -

On Windows 95/98/Me, the HOSTS file goes in the -Windows installation directory, which is usually -C:\Windows. Note that a file called -hosts.sam is already there, which is a sample -HOSTS file provided by Microsoft.

- -

On Windows NT/2000/XP, the HOSTS file goes in -the \system32\drivers\etc directory under the -Windows installation directory, which is usually -C:\WINNT.

- - -
- - -
- - -
- -

Passwords

- -

Unix systems use -username and password pairs to authenticate users either on a local -system or in an NIS domain. Windows NT/2000/XP are very similar; a -user supplies his username and password to log on to the local system -or to a Windows domain.

- -

When the SMB network is set up as a workgroup, things are different. -There is no domain to log on to, although shares on the network can -be password-protected. In this case, one password is associated with -each password-protected share, rather than with individual users.

- -

Samba's default user-level -authentication in a workgroup is -different from that of Windows. To access shares on the Samba host, -users are required to supply a valid username and password for an -account on the Samba host. This will be discussed in more detail in -Chapter 9.

- -

An unfortunate -complication arises with passwords. In the first release of Windows -95 and in Windows NT 4.0 with Service Pack 2 (SP2) or less, as well -as in all previous versions of Windows, passwords are allowed to be -sent over the network in plain text. But in Windows 95 with the -network redirector update,[7]

- -

Windows NT 4.0 SP3 or later, and all subsequent releases of Windows, -a registry setting must be modified to enable plain-text -passwords. These more modern versions of Windows prefer to send -encrypted passwords, and if you are working with one of them (and -don't want to have to modify the registry), you must -have the line:

- -
encrypt passwords = yes
- -

in the [global] section of your -smb.conf file. In addition, you must run the -command:

- -
# smbpasswd -a username
- -

for each user on the Samba host to add their passwords to -Samba's collection of encrypted passwords. We showed -you how to do this in Chapter 2.

- -

If your first attempt to access a Samba share results in a dialog box -asking for a password for -IPC$, as shown in Figure 3-1, it is probably because you neglected either -or both of these two steps, and the Samba server did not recognize -the encrypted password that the Windows system sent to it. Another -possible dialog box that might come up is the one shown in Figure 3-2, which was presented by a Windows 2000 client.

- -

Figure 3-1. Windows 98 asking for IPC$ password

- -

Figure 3-2. Windows 2000 logon error dialog

- -

The rest of this chapter is divided into four sections. The first -section covers setting up Windows 95/98/Me computers, and the rest of -the sections cover Windows NT 4.0, Windows 2000, and Windows XP -individually. Each section roughly parallels the order in which -we've introduced networking concepts in this -section. You need to read only the section that applies to the -Windows version with which you are working, and once you have -finished reading it, you can continue at the beginning of the next -chapter where we will start covering more advanced Samba features and -networking issues.

- -

TIP

-

Keep in mind that we are continuing our example from Chapter 2, in which we are setting up a very simple -prototype network using a workgroup that has very lax security. After -you have the basics working, we recommend you continue with later -chapters to learn how to implement both better security and a Samba -domain.

-
- - -
- - -
- - - -
- -

Setting Up Windows 95/98/Me Computers

- -

The Windows 95/98/Me operating systems are very -similar to each other, and as far as this chapter is concerned, it is -possible to treat them with a common set of directions.

- - -
- -

Setting Up the Network

- -

Samba uses TCP/IP to communicate with clients on the network, so you -will need to make sure there is support for TCP/IP on each Windows -client. Unlike Unix operating systems, Windows does not necessarily -have support for TCP/IP installed. However, when Windows is installed -on a computer with a network card or a network card is added to a -system already running Windows, TCP/IP support is installed by -default, along with the Client for Microsoft Networks, which supports -SMB file and printer sharing.

- -

To make sure both services are installed on your Windows system, -double-click the Network icon in the Control Panel to open the -Network dialog box, as shown in Figure 3-3.

- -

Figure 3-3. The Windows 95/98/Me Network dialog

- -

You should see at least the Client for Microsoft Networks component -installed on the system, and hopefully a networking device -(preferably an Ethernet card) bound to the TCP/IP protocol. If there -is only one networking hardware device, you'll see -the TCP/IP protocol listed below the device to which it is bound, as -shown in Figure 3-1.

- -

You might also see "File and printer sharing for -Microsoft Networks," which is used to make the -system into a server. In addition, you might see NetBEUI or Novell -Networking. Definitely remove NetBEUI unless you are sure you need -it, and if you don't have any Novell servers on your -network, you can remove Novell (IPX/SPX) as well. To remove a -service, simply click its name and then click the Remove button.

- - -
- -

Adding TCP/IP

- -

If -you don't see TCP/IP listed, you'll -need to install the protocol.

- -

You can add the protocol by inserting the Windows distribution CD-ROM -in your CD-ROM drive and clicking the Add button below the component -window. Indicate that you wish to add a protocol by selecting -Protocol and clicking "Add..." on -the following dialog box, which should look similar to Figure 3-4.

- -

Figure 3-4. Selecting a component type

- -

After that, select manufacturer Microsoft, then protocol TCP/IP, as -shown in Figure 3-3, then click OK. After doing so, -you will be returned to the network dialog. Click OK to close the -dialog box, and Windows will install the necessary components from -the CD-ROM and request that the system be rebooted. Go ahead and -reboot the system, and you're set.

- -

If Client for Microsoft Networks is not in the list, you can add it -similarly. The only significant difference is that you are adding a -client instead of a protocol, so make sure to select -"Client" rather than -"Protocol" when asked.

- - -
- - - -
- -

Configuring TCP/IP

- -

If you have more than one networking -device (for example, both an Ethernet card and a modem for dial-up -networking), the protocol to hardware bindings will be indicated by -arrows, as shown in Figure 3-5.

- -

Figure 3-5. Selecting a protocol to install

- -

Select the TCP/IP protocol linked to the networking device that will -be accessing the Samba network. If you have only one networking -device, simply click the TCP/IP item. Now click the Properties button -to open the TCP/IP Properties dialog. You should see something -similar to Figure 3-6.

- -

Figure 3-6. Selecting the correct TCP/IP protocol

- - -
- - - -
- -

IP Address tab

- -

The -IP Address tab is shown in Figure 3-7.

- -

Figure 3-7. The IP Address tab

- -

If you use DHCP on your network to provide IP addresses automatically -to Windows systems, select the "Obtain an IP address -automatically" radio button. Otherwise, click the -"Specify an IP address" radio -button and enter the client's address and subnet -mask in the space provided. You or your network manager should have -selected an address for the client on the same subnet (LAN) as the -Samba server.

- - -
- - - -
- -

WINS Configuration tab

- -

If you've -enabled WINS on Samba or are choosing to make use of another WINS -server on your network, you must tell Windows the -server's address. After selecting the WINS -Configuration tab, you will see the dialog box shown in Figure 3-8.

- -

Figure 3-8. The WINS Configuration tab

- -

This is for Windows 98/Me; Windows 95 is just a little different, -having separate spaces for the primary and backup WINS server IP -addresses.

- -

Select the "Enable WINS Resolution" -radio button, and enter the WINS server's address in -the space provided, then click the Add button. Do not enter anything -in the Scope ID field.

-

WARNING

-

A bug in Windows 95/98 sometimes causes the IP address of the WINS -server to disappear after the OK button is clicked. This happens only -when only a primary WINS server has been specified. The workaround is -to fill in the fields for both primary and secondary WINS servers, -using the same IP address for each.

-
- - -
- - - -
- -

DNS Configuration tab

- -

Unless you are using DHCP, you -will need to provide the IP address of one or more DNS servers. Click -the DNS tab, then click the "Enable -DNS" radio button, and type the IP address of one or -more DNS servers into the appropriate field, shown in Figure 3-9, to add the server's address -to the top DNS Server Search Order field.

- -

Figure 3-9. The DNS Configuration tab

- -

Also, provide the hostname (which is the same as the NetBIOS computer -name) of the Windows 95/98/Me computer and your Internet domain. (You -will need to enter the computer name again later, along with the -workgroup. Make sure to enter the same name each time.) You can -safely ignore the Domain Suffix Search Order field for anything -related to Samba.

- - -
- - - -
- -

LMHOSTS file

- -

If -you want to install an LMHOSTS file, it must be -placed in your Windows installation directory (usually -C:\Windows). In the same directory, Microsoft -has provided a sample LMHOSTS file named -lmhosts.sam, which you might want to look at for -further information on the file's format.

- - -
- - - -
- -

NetBIOS tab

- -

This tab -appears in Windows 98/Me, but not in Windows 95. All you need to do -here is make sure the checkbox is checked, enabling NetBIOS over -TCP/IP. If TCP/IP is your only protocol installed (as we recommended -earlier), the selection will be grayed out, with the box checked so -that you couldn't uncheck it even if you wanted to.

- - -
- - - -
- -

Bindings tab

- -

The -final tab to look at is Bindings, as shown in Figure 3-10.

- -

Figure 3-10. The Bindings tab

- -

You should have a check beside Client for Microsoft Networks, -indicating that it's using TCP/IP. If you have -"File and printer sharing for Microsoft -Networks" in the dialog, it should also be checked, -as shown in Figure 3-10.

- - -
- - -
- - -
- -

Setting the Computer Name and Workgroup

- -

Finally, click the OK button in the -TCP/IP configuration dialog, and you'll be taken -back to the Network Configuration dialog. Then select the -Identification tab, which will take you to the dialog box shown in -Figure 3-11.

- -

Figure 3-11. The Identification tab

- -

This is where you set your system's NetBIOS name -(which Microsoft likes to call "computer -name"). Usually, it is best to make this the same as -your DNS hostname, if you are going to have one for this system. For -example, if the system's DNS name is -huastec.metran.cx, give the computer a NetBIOS -name of huastec on this tab.

- -

You also set your workgroup name here. In our case, -it's METRAN, but if you used a different one in -Chapter 2, when creating the Samba configuration -file, use that instead. Just don't call it WORKGROUP -(the default workgroup name) or you'll be in the -same workgroup as every misconfigured Windows computer on the planet!

- -

You can also enter a comment string for this computer. See if you can -come up with some way of describing it that will remind you of what -and where it is when you see the comment in a list displayed on -another computer. Everyone on the network will be able to see your -comment, so be careful not to include any information that might be -useful to crackers.

- -

Finally, click the OK button and follow whatever instructions Windows -provides. (You might have to insert your Windows distribution CD-ROM -and/or reboot.)

- - -
- - -
- -

Username and Password

- -

You have probably already given -Windows a username and password by now. However, to authenticate with -the Samba server, your Windows username and password must match with -a valid account on the Samba server.

- -

It is simple to add a new user and password to a Windows 95/98/Me -system. Just reboot or log out, and when you are prompted for a -username and password, enter your Unix username and password. (If you -are using encrypted passwords, you must run -smbpasswd on the Unix host to enter them into -Samba's password database, if you have not already -done so.) You can use this method to add as many users as you want, -so as to allow more than one user to use the Windows system to gain -access to the Samba shares.

- -

If you mistakenly entered the wrong password or your Unix password -changes, you can change your password on the Windows system by going -to the Control Panel and double-clicking the Passwords icon. This -will bring up the Passwords Properties dialog. Click the Change -Passwords tab, and you will see the dialog shown in Figure 3-12. Now click the "Change -Windows Password..." button, which will bring up the -Change Windows Password dialog box, shown in Figure 3-13. As indicated by the text entry fields in the -dialog, enter your old password, and then the new password, and again -to confirm it. Click the OK button and then the Close button on the -Password Properties dialog box. Reboot or log out, and use your new -password when you log in again.

- -

Figure 3-12. The Password Properties dialog

- -

Figure 3-13. The Change Windows Password dialog

- - -
- -

Logging in for the first time

- -

If you don't have a Change Passwords tab in the -Passwords Properties window, it is because networking is not fully -set up yet. Assuming you've followed all the -directions given so far, you just need to reboot; when the system -comes up, it will ask you to log in with a username and a password.

- -

Now for the big moment. Your Samba server is running, and you have -set up your Windows 95/98/Me client to communicate with it.

- - -
- - - -
- -

Accessing the Samba Server from Windows 95/98

- -

Double-click the Network Neighborhood -icon on the desktop. You should see your Samba server listed as a -member of the workgroup, as shown in Figure 3-14.

- -

Figure 3-14. Windows 95/98 Network Neighborhood

- -

Double-clicking the server name will show the resources that the -server is offering to the network, as shown in Figure 3-15 (in this case, the test -directory).

- -

Figure 3-15. The test shared folder on the Toltec server

- - -
- - - -
- -

Accessing the Samba Server from Windows Me

- -

Double-click the My Network Places icon on the desktop. You should -see the test shared directory as shown in Figure 3-16.

- -

Figure 3-16. My Network Places on Windows Me

- -

Double-click the Entire Network icon, and you should see an icon for -your workgroup, as shown in Figure 3-17.

- -

Figure 3-17. Entire Network window, showing the Metran workgroup

- -

Double-clicking the workgroup icon will bring up a window showing -every computer in the workgroup, which should include your Samba -server, as shown in Figure 3-18.

- -

Figure 3-18. Computers in Metran workgroup

- -

Double-click the Samba server's icon, and you will -get a window showing its shared resources (in this case, the test -directory) as shown in Figure 3-19.

- -

Figure 3-19. View of shares on the Toltec server

- -

If you don't see the server listed, it might be that -browsing is not working correctly or maybe the server is just taking -a few minutes to show up in the browse list. In either case, you can -click the Start button, then select -"Run...". This will give you a -dialog box into which you can type the name of your server and the -share name test in the Windows UNC format -\\server\test, -as we did in Chapter 1. This should open a window -on the desktop showing the contents of the folder. If this does not -work, there is likely a problem with name resolution, and you can try -using the server's IP address instead of its -computer name, like this:

- -
\\172.16.1.1\test
- -

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong -with the network.

- -

If it works, congratulations! Try copying files to and from the -server using the Windows drag-and-drop functionality. You might be -pleasantly surprised how seamlessly everything works.

- - -
- - -
- - -
- - - -
- -

Setting Up Windows NT 4.0 Computers

- -

Configuring Windows NT -is a little different than configuring Windows 95/98/Me. To use Samba -with Windows NT, you will need both the Workstation service and the -TCP/IP protocol. Both come standard with NT, but -we'll work through installing and configuring them -to make sure they are configured correctly.

- - -
- -

Basic Configuration

- -

This section presents the steps -to follow for TCP/IP-related configuration on Windows NT to get it to -cooperate with Samba. If you need more details on Windows NT network -administration, refer to Craig Hunt and Robert Bruce -Thompson's -Windows NT TCP/IP Network Administration -(O'Reilly), an excellent guide.

- -

You should perform the following steps as the -Administrator or another user in the -Administrators group.

- - -
- -

Installing the TCP/IP protocol

- -

From -the Control Panel, double-click the Network icon, click the Protocols -tab in the Network dialog box, and look to see if you have the TCP/IP -protocol installed, as shown in Figure 3-20.

- -

Figure 3-20. The Protocols tab

- -

If the protocol is not installed, you need to add it. Click the Add -button, which will display the Select Network Protocol dialog box -shown in Figure 3-21. You should immediately see the -TCP/IP protocol as one of the last protocols listed.

- -

Figure 3-21. Select Network Protocol dialog box

- -

Select TCP/IP as the protocol and confirm it. If -possible, install only the TCP/IP protocol. If you see anything other -than TCP/IP listed in the Protocols tab and it is not a protocol that -you need, you can remove it. If you try to remove a protocol and get -an error message saying that the protocol is being used by another -service, you need to click the Services tab and remove that service -before you can remove the protocol. For example, to remove the NWLink -IPX/SPX Compatible Transport protocol, you would need to remove the -Client Service for Netware first.

- - -
- - - -
- -

Installing the Workstation service

- -

After installing TCP/IP, click the -Services tab in the Network dialog, and check that you have a -Workstation service, as shown at the end of the list in Figure 3-22.[8]

- -

Figure 3-22. Network Services tab

- -

This service is actually the Microsoft Networking Client, which -allows the computer to access SMB services. The Workstation service -is mandatory. The service is installed by default on both Windows NT -Workstation 4.0 and NT Server 4.0. If it's not -there, you can install it much like TCP/IP. In this case you need to -click the Add button and then select Workstation Service, as shown in -Figure 3-23.

- -

Figure 3-23. Select Network Service dialog box

- - -
- - - -
- -

Configuring TCP/IP

- -

After you've installed -the Workstation service, return to the Protocols tab and select the -TCP/IP Protocol entry in the window. Then click the Properties button -below the window. The Microsoft TCP/IP Protocol dialog will be -displayed. There are five tabs in the dialog, and you will need to -work with four of them:

- -
  • -

    IP Address

    -
  • -

    WINS Address

    -
  • -

    DNS

    -
  • -

    Bindings

    -
- -
- -

IP Address tab

- -

The IP -Address tab is shown in Figure 3-24.

- -

Figure 3-24. Microsoft TCP/IP Properties dialog for Windows NT

- -

Select the "Specify an IP address" -radio button, and enter the computer's IP address -and netmask in the space provided for the proper adapter (Ethernet -card). You or your network manager should have selected an address -for the client on the same subnet (LAN) as the Samba server. For -example, if the server's address is 172.16.1.1 and -its network mask is 255.255.255.0, you might use the address -172.16.1.13 (if it is available) for the NT workstation, along with -the same netmask. If you use DHCP on your network, select the -"Obtain an IP Address from a DHCP -server" button instead.

- -

The gateway field refers to a system typically known as a -router. If you have routers connecting multiple -networks, you should enter the IP address of the one on your subnet. -In our example, the gateway happens to be the same system as the -Samba server, but they do not by any means have to be the same.

- - -
- - - -
- -

WINS Address tab

- -

Click the -WINS Address tab, shown in Figure 3-25, and you can -begin to enter information about name servers. Enter the address of -your WINS server in the space labeled Primary WINS Server. If your -Samba server is providing WINS service (in other words, you have the -line wins support -= yes in the -smb.conf file of your Samba server), provide the -Samba server's IP address here. Otherwise, provide -the address of another WINS server on your network.

- -

Figure 3-25. The WINS Address tab

- -

You probably noticed that there is a field here for the network -adapter. This field must specify the Ethernet adapter on which -you're running TCP/IP so that WINS will provide name -service on the correct network. For example, if you have both a LAN -and a dial-up adapter, make sure you have the LAN's -network card specified here.

- -

The checkboxes in the lower half of the dialog are for enabling two -other methods of name resolution that Windows can incorporate into -its name service. Samba doesn't require either of -them, but you might want to enable them to increase the reliability -or functionality of name service for your client. See Chapter 7 for further information on name resolution -issues.

- -

If you'd like to use a DNS server, select the Enable -DNS for Windows Resolution checkbox. In addition, you will need to do -some configuration to allow the Windows system to find the DNS -server, unless you're using DHCP.

- - -
- - - -
- -

DNS tab

- -

Click -the tab for DNS, as shown in Figure 3-26. Enter the -IP addresses for one or more DNS servers in the space provided. Also, -enter the hostname (which should be the same as the NetBIOS computer -name). You will enter this again later in another control panel, so -make sure they match. Finally, enter the DNS domain on which this -system resides. For example, if your workstation has a domain name -such as metran.cx, enter it here. You can safely -ignore the other options.

- -

Figure 3-26. The DNS tab

- - -
- - - -
- -

The LMHOSTS file

- -

If you want to install an -LMHOSTS file, it -must be placed in the directory -\system32\drivers\etc under your Windows -installation directory (usually C:\WINNT). The -easy way to make sure it gets to the proper location is to use the -Import LMHOSTS button on the WINS Address tab. (But if you want to do -it over the network, you will have to do that after file sharing is -configured!) Remember to click the Enable LMHOSTS Lookup checkbox on -the WINS Address tab to enable this functionality.

- -

When you are satisfied with your settings for IP Address, WINS -Address, and DNS, click OK to return to the Network dialog box.

- - -
- - - -
- -

Bindings

- -

Now click the -Bindings tab, and check the bindings of network hardware, services, -and protocols. Set the "Show Bindings -for" field to "all -services," and click all the + buttons in the tree. -You should see a display similar to Figure 3-27, -which shows that the NetBIOS, Server, and Workstation interface -services are connected to the WINS client running TCP/IP protocol, -and that the WINS client is bound to the Ethernet adapter of the -local area network.

- -

Figure 3-27. The Bindings tab

- -

You can safely leave the default values for the remainder of the tabs -in the Network dialog box. Click the OK button to complete the -configuration. Once the proper files are loaded (if any), you might -need to reboot for your changes to take effect.

- - -
- - -
- - -
- - -
- -

Computer Name and Workgroup

- -

The next -thing you need to do is to give the system a NetBIOS computer name. -From the Control Panel, double-click the Network icon to open the -Network dialog box. The first tab in this dialog box should be the -Identification tab, as illustrated in Figure 3-28.

- -

Figure 3-28. The Identification tab

- -

Here, you need to identify your computer with a name and change the -default workgroup to the one you specified in the -smb.conf file of your Samba server. Click the -Change button below the two text fields. This will open an -Identification Changes dialog box, where you can set the workgroup -and the computer name, as shown in Figure 3-29.

- -

Figure 3-29. The Identification Changes dialog

-

WARNING

-

You entered the computer name earlier as a DNS hostname while -configuring TCP/IP, so be sure that the two names match. The name you -set here is the NetBIOS name. You're allowed to make -it different from the TCP/IP hostname, but doing so is usually not a -good idea. Don't worry that Windows NT forces the -computer name and the workgroup to be all capital letters; -it's smart enough to figure out what you mean when -it connects to the network.

-
- - -
- - -
- -

Adding a User

- -

In all -the previous steps, you were logged into your Windows NT system as -Administrator or another user in the -Administrators group. To access resources on the -Samba server, you will need to have a username and password that the -Samba server recognizes as valid. Generally, the best way to do this -is to add a user to your NT system, with the same username and -password as a user on the Samba host system.

- -

TIP

-

The directions in this section assume that your network is set up as -a workgroup. If you have already set up your network as a domain, as -we describe in Chapter 4, you do not need to -follow the instructions here for adding a local user on the Windows -NT client system. Simply log on to the domain from the client using a -username and password in Samba's -smbpasswd account database, and continue with -the next section, Section 3.3.4.

-
- -

To add a new user, open the Start menu, navigate through the Programs -submenu to Administrative Tools (Common), and select User Manager for -Domains. Click the User menu and select the first item, Add User..., -shown in Figure 3-30.

- -

Figure 3-30. User Manager for Domains window

- -

This brings up the New User dialog box shown in Figure 3-31.

- -

Figure 3-31. The New User dialog

- -

Fill it out as shown, using the username and password that were added -in the previous chapter, and make sure that only the checkbox labeled -Password Never Expires is checked. (This is not the default!) Click -the Add button to add the user, and then click the Close button. You -should now see your new account added to the list in the User Manager -dialog box.

- -

Now open the Start menu, select Shut Down, and select the -"Close all programs and log on as a different -user?" radio button. Click the Yes button, then log -in as the user you just added.

- - -
- - -
- -

Connecting to the Samba Server

- -

Now for the big moment. Your Samba -server is running, and you have set up your NT client to communicate -with it. Double-click the Network Neighborhood icon on the desktop, -and you should see your Samba server listed as a member of the -workgroup, as shown in Figure 3-32.

- -

Figure 3-32. The Windows NT Network Neighborhood

- -

Double-clicking the server name will show the resources that the -server is offering to the network, as shown in Figure 3-33. In this case, the test -directory and the default printer are offered to the Windows NT -workstation.

- -

Figure 3-33. Shares offered by the Toltec server

- -

If you don't see the server listed, -don't panic. Select Run... from the Start menu. A -dialog box appears that allows you to type the name of your server -and its share directory in Windows format. For example, you would -enter -\\toltec\test, -as shown in Figure 3-34, and use your -server's hostname instead of -"toltec".

- -

Figure 3-34. Opening a shared directory, using the server's NetBIOS name in the UNC

- -

This will work even if browsing services are not set up right, which -is a common problem. You can also work around a name-service problem -by entering the server's IP Address (such as -172.16.1.1 in our example) instead of the Samba -server's hostname, as shown in Figure 3-35. Go back and check your configuration, and if -things still aren't right, go to Section 12.2 to troubleshoot what is wrong with the -network.

- -

Figure 3-35. Opening a shared directory, using the server's IP address in the UNC

- -

If it works, congratulations! Try copying files to and from the -server by dragging their icons to and from the folder on the Samba -share. You might be pleasantly surprised how seamlessly everything -works.

- - -
- - -
- - - -
- -

Setting Up Windows 2000 Computers

- -

Although -Windows 2000 is based on NT technology and is similar to Windows NT -in many respects, configuring it for use with Samba is quite -different.

- -

You should perform the following steps as the -Administrator or another user in the -Administrators group.

- - -
- -

Networking Components

- -

Go to the Control Panel and -double-click the Network and Dial-up Connections icon. You should see -at least one Local Area Connection icon. If there is more than one, -identify the one that corresponds to the network adapter that is -connected to your Samba network. Right-click the Local Area -Connection icon, and click the Properties button. (Or double-click -the Local Area Connection icon, and then click the Properties button -in the dialog box that comes up.) You should now be looking at the -Local Area Connection Properties dialog box, as shown in Figure 3-36.

- -

Figure 3-36. Windows 2000 Local Area Connection Properties dialog

- -

First of all, you might want to click the Configure button under the -field for the network adapter, to make sure you see the message -"This device is working properly" -in the Device status window. If there is a problem, make sure to -correct it before continuing. You should also see the message -"Use this device (enable)" in the -Device usage field of the dialog box. Make sure to set it this way if -it is not already. Click OK or Cancel to get back to the Local Area -Connection Properties dialog box.

- -

You should see at least the following two components:

- -
  • -

    Client for Microsoft Networks

    -
  • -

    Internet Protocol (TCP/IP)

    -
-

If you do not see either Client for Microsoft Networks or Internet -Protocol (TCP/IP) in your list, you will need to add them. For -either, the method is to click the Install... button, click the type -of component (Client or Protocol), and then click the Add... button. -Next, click the component you want to add, and click the OK button. -You should see the component added to the list with the others.

- -

Some components should be removed if you see them in the list:

- -
  • -

    NetBEUI Protocol

    -
  • -

    NWLink NetBIOS

    -
  • -

    NWLink IPX/SPX/NetBIOS Compatible Transport Protocol

    -
  • -

    Client Service for Netware

    -
-

If you see anything other than TCP/IP listed as a protocol, and it is -not a protocol that you need, you can remove it. Uninstall NetBEUI, -unless you are sure you need it, and the other three if you do not -need to support Netware. If you try to remove a protocol and get an -error message saying that the protocol is being used by another -service, you need to remove that service before you can remove the -protocol. For example, to remove the NWLink IPX/SPX Compatible -Transport Protocol, you would need to remove the Client Service for -Netware first.

- -

To remove a component, click the component in the list, click the -Uninstall button, and then click Yes in the dialog box that pops up. -In some cases, Windows might need to reboot to put the change into -effect.

- - -
- - -
- -

Bindings

- -

Next to each -client, service, or protocol listed in the window in the Local Area -Connections Properties dialog box, you will see a checkbox. Make sure -the checkbox is checked for both Client for Microsoft Networks and -Internet Protocol (TCP/IP). The check marks indicate the networking -components are bound to the network adapter shown at the top of the -dialog box.

- - -
- - -
- -

Configuring TCP/IP

- -

Now click Internet Protocol (TCP/IP), -and then click Properties to open the Internet Protocol (TCP/IP) -Properties dialog box, shown in Figure 3-37.

- -

Figure 3-37. Internet Protocol (TCP/IP) Properties dialog

- - -
- -

IP address

- -

If -you are using DHCP on your network to assign IP addresses -dynamically, select the "Obtain IP address -automatically" radio button. Otherwise, select the -"Use the following address:" radio -button, and fill in the computer's IP address and -netmask in the spaces provided. You or your network manager should -have selected an address for the client on the same subnet (LAN) as -the Samba server. For example, if the server's -address is 172.16.1.1 and its network mask is 255.255.255.0, you -might use the address 172.16.1.14, if it is available, along with the -same netmask. You can also fill in the IP address of the default -gateway.

- - -
- - - -
- -

DNS server

- -

In -the lower part of the dialog box, click the "Use the -following DNS server addresses:" radio button, and -fill in the IP address of your DNS server.

- -

Now click the Advanced... button to bring up the Advanced TCP/IP -Settings dialog box, and then click the WINS tab.

- - -
- - - -
- -

WINS server

- -

Enter the -address of your WINS server in the space labeled -"WINS addresses, in order of use:". -If your Samba server is providing WINS service (in other words, you -have the line wins service -= yes in the -smb.conf file of your Samba server), provide the -Samba server's IP address here. Otherwise, provide -the address of another WINS server on your network.

- -

Near the bottom of the dialog box, select the radio button labeled -"Enable NetBIOS over TCP/IP". Figure 3-38 shows what your Advanced TCP/IP Settings -dialog box should look like at this point.

- -

Figure 3-38. Advanced TCP/IP Settings dialog, showing WINS tab

- - -
- - - -
- -

The LMHOSTS file

- -

If you want to install an -LMHOSTS file, -it must be placed in the \system32\drivers\etc -directory under your Windows installation directory (usually -C:\WINNT ). The easy way to make sure it gets to -the proper location is to use the Import LMHOSTS... button on the -WINS Address tab. (But if you want to do it over the network, you -will have to do that after file sharing is configured!) Remember to -click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to -enable this functionality.

- -

When you are satisfied with your settings for IP Address, WINS -Address, and DNS, click the OK buttons in each open dialog box to -complete the configuration. Windows might need to load some files -from the Windows 2000 distribution CD-ROM, and you might need to -reboot for your changes to take effect.

- - -
- - -
- - -
- -

Computer and Workgroup Names

- -

From -the Control Panel, double-click the System icon to open the System -Properties dialog box. Click the Network Identification tab, and your -System Properties dialog box will look similar to Figure 3-39.

- -

Figure 3-39. System Properties dialog, showing Network Identification tab

- -

To give your system computer a name and a workgroup, click the -Properties button, which will bring up the Identification Changes -dialog box, as in Figure 3-40.

- -

Figure 3-40. Identification Changes dialog

- -

You need to identify your computer with a name and change the -workgroup to the one you specified in the -smb.conf file of your Samba server. -Don't worry that Windows forces the computer name -and the workgroup to be all capital letters; it's -smart enough to figure out what you mean when it connects to the -network.

- -

Click the More... button to bring up the DNS Suffix and NetBIOS -Computer Name dialog box, shown in Figure 3-41.

- -

Figure 3-41. DNS Suffix and NetBIOS Computer Name dialog

- -

Enter the DNS domain name of this computer in the text field labeled -Primary DNS Suffix for this computer:, and then click OK. You should -now see the FQDN of this system underneath the label -"Full computer name:". Click the OK -button and then reboot when requested to put your configuration -changes into effect. Once again, log in using your administrative -account.

-

WARNING

-

There have been reports of authentication problems with Samba when a -username on a Windows 2000 system is the same as its computer name.

-
- - -
- - -
- -

Adding a Samba-Enabled User

- -

So far, -you have been logged into your Windows 2000 system as a user in the -Administrators group. To access resources on the -Samba server, you will need a username and password that the Samba -server recognizes as valid. If your administrative account has such a -username and password, you can use it, but you might want to access -your system and the network from a nonadministrative user account -instead.

-

WARNING

-

The directions in this section assume that your network is set up as -a workgroup. If you have already set up your network as a domain, as -we describe in Chapter 4, you do not need to -follow the instructions here for adding a local user on the Windows -2000 client system. Simply log on to the domain from the client using -a username and password in Samba's -smbpasswd account database, and continue with -the next section, Section 3.4.6.

-
- -

To add a new user, open the Control Panel, and double-click the Users -and Passwords icon to open the Users and Passwords dialog box, shown -in Figure 3-42.

- -

Figure 3-42. Users and Passwords dialog

- -

The first thing to do is make sure the checkbox labeled -"Users must enter a user name and password to use -this computer." is checked. Next, click the Add... -button to bring up the first dialog box of the User Wizard, shown in -Figure 3-43.

- -

Figure 3-43. Adding a new user

- -

Fill out the fields, using the username of a valid user account on -the Samba host, and then click the Next > button to enter and -confirm the user's password. This password must be -the same as the user's password on the Samba host. -If you are using encrypted passwords, make sure this username and -password are the same as what you used when you ran the -smbpasswd program. Click the Next > button, -which brings up the final dialog box, shown in Figure 3-44.

- -

Figure 3-44. Specifying a group for the new user

- -

Pick a group for the user (the default Standard User should do), and -click the Finish button. You should now see your new account added to -the list in the Users and Passwords dialog box. Click the OK button -to complete the process.

- -

Now return to the Users and Passwords control panel window, click the -Advanced tab, then click on the Advanced button. Click the Users -folder in the left side of the Local Users and Groups window that -appears, and then double-click the account you just added in the -right side of the window. In the Properties window that opens, click -the checkbox labeled Password never expires. You are done! Click the -OK buttons in all the dialog boxes, and close all open windows.

- -

Open the Start menu, select Shut Down, and select Log off -username from the drop-down menu. Click the OK -button, then log on with the username and password you just added.

- - -
- - -
- -

Connecting to the Samba Server

- -

Now for the big moment. Your Samba server is running, and you have -set up your Windows 2000 client to communicate with -it. Double-click the My Network Places icon on the desktop, and then -double-click the Computers Near Me icon to browse the workgroup. You -should see your Samba server listed as a member of the workgroup, as -shown in Figure 3-45.

- -

Figure 3-45. The Computers Near Me window, showing computers in the workgroup

- -

Double-clicking the server name will show the resources that the -server is offering to the network, as shown in Figure 3-46.

- -

Figure 3-46. Shares offered by the Toltec server

- -

In this case, the test directory and the default -printer are offered to the Windows 2000 workstation. If you -don't see the server listed, don't -panic. Select Run from the Start menu. A dialog box appears that -allows you to type the name of your server and its share directory in -Windows format. For example, you would enter -\\toltec\test, as shown in -Figure 3-47, and use your server's -hostname instead of "toltec".

- -

Figure 3-47. Opening a shared directory, using the server's NetBIOS name in the UNC

- -

This will work even if browsing services are not set up right, which -is a common problem. You can also work around a name-service problem -by entering the server's IP address (such as -172.16.1.1 in our example) instead of the Samba -server's hostname, as shown in Figure 3-48.

- -

Figure 3-48. Opening a shared directory, using the server's IP address in the UNC

- -

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong -with the network.

- -

If it works, congratulations! Try copying files to and from the -server. You will be pleasantly surprised how seamlessly everything -works. Now that you've finished setting up the Samba -server and its clients, you can proceed to the next chapter. -

- - -
- - -
- - - -
- -

Setting Up Windows XP Computers

- -

Although Windows XP -is very similar to Windows 2000, it has a very different user -interface, and there are a number of subtle differences. For example, -getting to the Control Panel is different than in any previous -version of Windows—one must click the Control Panel item from -the Start menu (there is no Settings item in the Start menu in XP). -By default, XP will display the Control Panel in Category View mode. -If you see this, click the Switch to Classic View item in the -upper-left corner of the window. All of our directions are for using -the Control Panel in Classic View mode.

- -

You should perform the following steps as the -Administrator or another user in the -Administrators group.

- - -
- -

Networking Components

- -

Go to the Control Panel and -double-click the Network and Dial-up Connections icon. You should see -at least one Local Area Connection icon. If there is more than one, -identify the one that corresponds to the network adapter that is -connected to your Samba network. Right-click the Local Area -Connection icon and click the Properties button. (Or double-click the -Local Area Connection icon and then click the Properties button in -the dialog box that comes up.) You should now be looking at the Local -Area Connection Properties dialog box, as shown in Figure 3-49.

- -

Figure 3-49. The Local Area Connection Properties dialog

- -

First of all, you might want to click the Configure button under the -field for the network adapter to make sure you see the message -"This device is working properly" -in the Device status window. If there is a problem, make sure to -correct it before continuing. You should also see the message -"Use this device (enable)" in the -Device usage field of the dialog box. Make sure to set it this way if -it is not already. Click OK or Cancel to close this dialog box, then -reopen the Local Area Connection Properties dialog box.

- -

You should see at least the following two components:

- -
  • -

    Client for Microsoft Networks

    -
  • -

    Internet Protocol (TCP/IP)

    -
-

If you do not see either Client for Microsoft Networks or Internet -Protocol (TCP/IP) in your list, you will need to add them. For -either, the method is to click the Install... button, click the type -of component (Client or Protocol), and then click the Add... button. -Next, click the component you want to add, and click the OK button. -You should see the component added to the list with the others.

- -

If you see anything other than TCP/IP listed as a protocol, and it is -not a protocol that you need, you can remove it. If NetBEUI appears -in the list, uninstall it if you possibly can. Also uninstall any -Netware-related components if you do not need to support Netware. If -you try to remove a protocol and get an error message saying that the -protocol is being used by another service, you need to remove that -service before you can remove the protocol. For example, to remove -the NWLink IPX/SPX Compatible Transport Protocol, you would need to -remove the Client Service for Netware first.

- -

To remove a component, click the component in the list, click the -Uninstall button, and then click Yes in the dialog box that pops up. -In some cases, Windows might need to reboot to put the change into -effect.

- - -
- -

Bindings

- -

Next to each client, service, or protocol -listed in the window in the Local Area Connections Properties dialog -box, you will see a checkbox. Make sure the checkbox is checked for -both Client for Microsoft Networks and Internet Protocol (TCP/IP). -The check marks indicate that the networking components are bound to -the network adapter shown at the top of the dialog box.

- - -
- - -
- - -
- -

Configuring TCP/IP

- -

Now click Internet Protocol -(TCP/IP) and then click Properties to open the Internet Protocol -(TCP/IP) Properties dialog box, shown in Figure 3-50.

- -

Figure 3-50. The Internet Protocol (TCP/IP) Properties dialog

- - -
- -

IP address

- -

If -you are using DHCP on your network to assign IP addresses -dynamically, select the "Obtain IP address -automatically" radio button. Otherwise, select the -"Use the following address:" radio -button, and fill in the computer's IP address and -netmask in the spaces provided. You or your network manager should -have selected an address for the client on the same subnet (LAN) as -the Samba server. For example, if the server's -address is 172.16.1.1 and its network mask is 255.255.255.0, you -might use the address 172.16.1.12 (if it is available) along with the -same netmask. You can also fill in the IP address of the default -gateway.

- - -
- - - -
- -

DNS server

- -

In the lower part of the dialog box, click -the "Use the following DNS server -addresses:" radio button, and fill in the IP address -of your DNS server.

- -

Now click the Advanced... button to bring up the Advanced TCP/IP -Settings dialog box, and then click the WINS tab.

- - -
- - - -
- -

WINS server

- -

Enter -the address of your WINS server in the space labeled -"WINS addresses, in order of use:". -If your Samba server is providing WINS service (in other words, you -have the line wins support -= yes in the -smb.conf file of your Samba server), provide the -Samba server's IP address here. Otherwise, provide -the address of another WINS server on your network.

- -

Near the bottom of the dialog box, select the radio button labeled -Enable NetBIOS over TCP/IP. Figure 3-51 shows what -your Advanced TCP/IP Settings dialog box should look like at this -point.

- -

Figure 3-51. The Advanced TCP/IP Settings dialog, showing the WINS tab

- - -
- - - -
- -

The LMHOSTS file

- -

If you want to install an -LMHOSTS file, it -must be placed in the \system32\drivers\etc -directory under your Windows installation directory (usually -C:\WINNT ). The easy way to make sure it gets to -the proper location is to use the Import LMHOSTS... button on the -WINS Address tab. (But if you want to do it over the network, you -will have to do that after file sharing is configured!) Remember to -click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to -enable this functionality.

- -

When you are satisfied with your settings for IP Address, WINS -Address, and DNS, click the OK buttons in each open dialog box (and -the Close button in the Local Area Connection Properties dialog box) -to complete the configuration. Windows might need to load some files -from the Windows XP distribution CD-ROM, and you might need to reboot -for your changes to take effect.

- - -
- - -
- - -
- -

Computer and Workgroup Names

- -

From the -Control Panel, double-click the System icon to open the System -Properties dialog box. Click the Computer Name tab, and your System -Properties dialog box will look similar to Figure 3-52.

- -

Figure 3-52. The System Properties dialog, showing the Computer Name tab

- -

To give your system computer a name and a workgroup, click the -Change... button, which will bring up the Computer Name Changes -dialog box, as in Figure 3-53.

- -

Figure 3-53. The Computer Name Changes dialog

- -

You need to identify your computer with a name and change the -workgroup to the one you specified in the -smb.conf file of your Samba server. -Don't worry that Windows forces the workgroup to be -all capital letters; it's smart enough to figure out -what you mean when it connects to the network.

- -

Click the More... button to bring up the DNS Suffix and NetBIOS -Computer Name dialog box, shown in Figure 3-54.

- -

Figure 3-54. The DNS Suffix and NetBIOS Computer Name dialog

- -

Enter the DNS domain name of this computer in the text field labeled -Primary DNS Suffix for this computer:, and then click OK. You should -now see the FQDN of this system underneath the label Full computer -name: in the Computer Name Changes dialog box. Click the OK button -and then reboot when requested to put your configuration changes into -effect. Once again, log in using your administrative account.

-

WARNING

-

There have been reports of authentication problems with Samba when a -username on a Windows XP system is the same as its computer name.

-
- - -
- - -
- -

Adding a Samba-Enabled User

- -

So far, -you have been logged into your Windows XP system as a user in the -Administrators group. To access resources on the Samba server, you -will need to have a username and password that the Samba server -recognizes as valid. If your administrative account has such a -username and password, you can use it, but you might want to access -your system and the network from a nonadministrative user account -instead.

- -

TIP

-

The directions in this section assume that your network is set up as -a workgroup. If you have already set up your network as a domain, as -we describe in Chapter 4, you do not need to -follow the instructions here for adding a local user on the Windows -XP client system. Simply log on to the domain from the client using a -username and password in Samba's -smbpasswd account database, and continue with -the next section, Section 3.5.5.

-
- -

To add a new user, open the Control Panel, and double-click the Users -Accounts icon to open the User Accounts window, shown in Figure 3-55.

- -

Figure 3-55. The User Accounts window

- -

Click the Create a new account task, which will bring up the window -shown in Figure 3-56. Enter the username, then click -the Next > button.

- -

Figure 3-56. Entering the username

- -

Click the radio button labeled -"Limited", as shown in Figure 3-57.

- -

Click the Create Account button, and you will see the username you -added next to a picture at the bottom of the User Accounts window. We -still need to assign a password to the account. Click the account to -bring up the "What do you want to change about -username's -account?" window, and then click Create a password. -Enter the password, and enter it again to confirm it.

- -

Figure 3-57. Setting the account type

- -

This password must be the same as the user's -password on the Samba host. If you are using encrypted passwords, -make sure this username and password are the same as what you used -when you ran the smbpasswd program. Click the -Create Password button, and you're done adding the -account.

- -

Now open the Start menu and click the Log Off button. In the Log Off -Windows dialog box that pops up, again click the Log Off button. When -Windows displays the login screen, click the user you just added, and -type in the password to log in.

- - -
- - -
- -

Connecting to the Samba Server

- -

Now for -the big moment. Your Samba server is running, and you have set up -your Windows XP client to communicate with it. In the Start menu, -select My Computer[9] to open the My Computer window. Click My -Network Places, in the Other Places box in the left part of the -window. You should see a folder icon for the -test directory, as shown in Figure 3-58.

- -

Figure 3-58. The My Network Places window

- -

Now click View workgroup computers in the Network Tasks box at the -left of the window. You should see your Samba server listed as a -member of the workgroup. Double-click its icon, and you will see a -window that looks like Figure 3-59.

- -

Figure 3-59. Shares offered by the Toltec server

- -

If you don't see the server listed in the workgroup, -don't panic. Select Run... from the Start menu. A -dialog box appears that allows you to type the name of your server -and its share directory in Windows format. For example, you would -enter \\toltec\test, as shown -in Figure 3-60, and use your -server's hostname instead of -"toltec".

- -

Figure 3-60. Opening a shared directory, using the server's NetBIOS name in the UNC

- -

This will work even if browsing services are not set up right, which -is a common problem. You can also work around a name-service problem -by entering the server's IP Address (such as -172.16.1.1 in our example) instead of the Samba -server's hostname, as shown in Figure 3-61.

- -

Figure 3-61. Opening a shared directory, using the server's IP address in the UNC

- -

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong -with the network.

- -

If it works, congratulations! Try copying files to and from the -server by dragging their icons to and from the Samba -server's test folder. You might -be pleasantly surprised how seamlessly everything works.

- - -
- - -
- -

Footnotes

[1] We are -intentionally omitting device drivers because they are -hardware-specific, and we assume you are getting installation -directions from the manufacturer.

-

[2] Make sure to use the same netmask as all other systems on the -network. You can find the netmask in use by checking with Unix or -Windows systems that have already been configured.

[3] Keep in mind that IP addresses ending -in .0 are reserved for network addresses and that ones ending in .255 -are for broadcast addresses. These should never be assigned to any -system on the network.

[4] To be more explicit about -this, the system will identify itself to the network as a b-node -rather than an h-node.

[5] We put the -names of the LMHOSTS and -HOSTS files in uppercase for additional -clarity—to remind you that we are referring to the files on -Windows rather than on Unix, and because that's the -way we see them in other books on Windows. The case of the letters in -the two names actually does not matter.

[6] The address 127.0.0.1 is known as the -localhost address and always refers to itself. -For example, if you type ping -127.0.0.1 on a Unix server, you should always get -a response, because you're pinging the host -itself.

[7] This update is supplied in -various update packages issued by Microsoft.

[8] Notice how in Windows NT, -some clients are called "services"! -In these directions, we will conform to Microsoft's -terminology.

[9] If there is a My Network Places -item in the Start menu at this point, you can save yourself a little -time and just click that. If you don't see it, -don't worry; it will appear automatically -later.

- -

TOC

- -- cgit v1.2.3