From 58b37572718ed65d1b143f44de16aa5efb512f11 Mon Sep 17 00:00:00 2001 From: vorlon Date: Wed, 21 Nov 2007 17:29:21 +0000 Subject: Load samba-3.0.27a into branches/upstream. git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/upstream@1583 fc4039ab-9d04-0410-8cac-899223bdd6b0 --- docs/htmldocs/using_samba/ch03.html | 2086 +++++++++++++++++++++++++++++++++++ 1 file changed, 2086 insertions(+) create mode 100644 docs/htmldocs/using_samba/ch03.html (limited to 'docs/htmldocs/using_samba/ch03.html') diff --git a/docs/htmldocs/using_samba/ch03.html b/docs/htmldocs/using_samba/ch03.html new file mode 100644 index 0000000000..16e86f4f6d --- /dev/null +++ b/docs/htmldocs/using_samba/ch03.html @@ -0,0 +1,2086 @@ + + + + + +

Chapter 3. Configuring Windows Clients

+ + +

Configuring Windows to use +your new Samba server is really quite simple. SMB is +Microsoft's native language for resource sharing on +a local area network, so much of the installation and setup on the +Windows client side have been taken care of already.

+ + +
+ +

Windows Networking Concepts

+ +

Windows is different from Unix in +many ways, including how it supports networking. Before we get into +the hands-on task of clicking our way through the dialog boxes to +configure each version of Windows, we need to provide you with a +common foundation of networking technologies and concepts that apply +to the entire family of Windows operating systems.

+ +

For each Windows version, these are the main issues we will be +dealing with:

+ +
  • +

    Making sure required networking components are installed and bound to +the network adapter

    +
  • +

    Configuring networking with a valid IP address, netmask and gateway, +and WINS and DNS name servers

    +
  • +

    Assigning workgroup and computer names

    +
  • +

    Setting the username(s) and password(s)

    +
+

In addition, some minor issues involving communication and +coordination between Windows and Unix are different among Windows +versions.

+ +

One can go crazy thinking about the ways in which Unix is different +from Windows, or the ways in which members of the Windows family are +different from each other in underlying technology, behavior, or +appearance. For now let's just focus on their +similarities and see if we can find some common ground.

+ + +
+ +

Components

+ +

Unix +systems historically have been monolithic in nature, requiring +recompilation or relinking to create a kernel with a customized +feature set. However, modern versions have the ability to load or +unload device drivers or various other operating-system features as +modules while the system is running, without even needing to reboot.

+ +

Windows allows for configuration by installing or uninstalling +components. As far as networking goes, +components can be one of three things:[1]

+ +
  • +

    Protocols

    +
  • +

    Clients

    +
  • +

    Services

    +
+

Since Samba works using the TCP/IP protocol, of course +we'll want to have that installed. In some cases, we +also will want to find protocols to uninstall. +For example, if Netware protocol (IPX/SPX) is not required on the +network, it might as well be removed.

+ +

NetBEUI protocol should be removed if +possible. Having NetBEUI running at the same time as NetBIOS over +TCP/IP causes the system to look for services under two different +protocols, only one of which is likely to be in use. When Windows is +configured with one or more unused protocols, 30-second delays will +result when Windows tries to communicate with the unused protocol. +Eventually, it times out and tries another one, until it finds one +that works. This fruitless searching results in terrible performance.

+ +

The other two items in the list, client and service components, are +pretty much what you'd expect. Client components +perform tasks related to connecting with network servers, and service +components are for making the local system into a server of resources +on the network. In Chapter 1 we told you that SMB +systems can act as both clients and servers, offering resources on +the network at the same time they request resources. In accordance +with that, it is possible to install a component for SMB client +services and, separately, a service component that allows file and +printer shares on the local system to be accessible from other +systems on the network.

+ + +
+ +

Bindings

+ +

Once +a networking component is installed, it must be +bound to a hardware interface, or +adapter, to be used on the network. At first +this might seem like an odd complication; however, it is a conceptual +model that allows the associations between hardware and software to +be clearly displayed and easily modified through a graphical +interface.

+ +

We will want to make sure that your Windows client has both TCP/IP +and the client component for SMB networking installed and also that +it is bound to the network adapter that connects to our Samba +network, which in most cases will be an Ethernet adapter.

+ + +
+ + +
+ + +
+ +

IP Address

+ +

Just like any Unix system (or any other system that is using TCP/IP), +your Windows systems will need an IP address. If you are using +DHCP +on your network, you can configure Windows to obtain its IP address +automatically by using a DHCP server. Otherwise, you will need to +assign a static IP address manually along with a netmask.[2]

+ +

If you are on a private network where you have the authority to +assign your own IP addresses, you can select from addresses in one of +three ranges:[3]

+ +
  • +

    10.0.0.1 through 10.255.255.254

    +
  • +

    172.16.0.1 through 172.31.255.254

    +
  • +

    192.168.0.1 through 192.168.255.254

    +
+

These address ranges are reserved for private networks not directly +connected to the Internet. For more information on using these +private network addresses, see RFC 1918.

+ +

If you're not maintaining your own separate network, +see your system administrator for some available addresses on your +network, as well as for the proper netmask to use.

+ +

You should also be prepared to enter the IP address of the default +gateway for the network. In some networks, the default gateway is the +system or router that connects the LAN to the Internet. In other +cases, the default gateway connects a subnet into a larger +departmental or enterprise network.

+ + +
+ + +
+ +

Name Resolution

+ +

Name resolution is the function of +translating human-friendly hostnames, such as +hopi, or fully qualified domain names (FQDNs), +such as mixtec.metran.cx, into IP addresses, such +as 172.16.1.11 or 172.16.1.7.

+ +

Unix systems can perform name resolution using an +/etc/hosts file at the minimum, and more commonly can +also incorporate services such as +DNS (Domain Name System) +and NIS (Network Information Service). +Thus, name resolution is not necessarily performed by one isolated +part of the operating system or one daemon, but is a system that can +have a number of dispersed parts (although the +name +service switch, with its +/etc/nsswitch.conf configuration file, helps to tie them +together).

+ +

Although the specific implementation is different, name resolution in +Windows is also performed by querying a number of resources, some of +which are similar (or even identical) to their Unix counterparts.

+ + +
+ +

Broadcast name resolution

+ +

On the other hand, there is one way in which Windows is not at all +similar to Unix. If a Windows workstation is set up with no WINS name +server, it will use the broadcast method of +name resolution, as described in Chapter 1,[4] probably resulting in a +very busy network. And even if you provide name servers for your +Windows system to use, it might still resort to broadcast name +resolution if it is unsuccessful at querying the name servers. For +this reason, we recommend that you provide multiple reliable name +servers for your Windows computers on the network.

+ +

If that weren't enough to get you interested in +setting up WINS and DNS servers, broadcast name resolution is usually +limited to working on the local subnet because routers are usually +configured not to forward broadcast packets to other networks.

+ + +
+ + + +
+ +

WINS

+ +

We've already told you about WINS in Chapter 1, and we don't have much more +to say about it here. WINS can translate simple NetBIOS computer +names such as huastec or +navajo into IP addresses, as required on an SMB +network. Of course, the interesting thing here is that Samba can act +as a WINS server if you include the line:

+ +
wins support = yes
+ +

in your Samba server's +smb.conf file. +This can be a good thing, to be sure, and we highly recommend it. Not +only will you have a reliable WINS server to reduce the number of +broadcast packets, but you won't need to run Windows +NT/2000/XP to get it.

+

WARNING

+

One caveat about using Samba as a WINS server is that Samba (up to Version +2.2, at least) cannot synchronize with other WINS servers. So if you +specify a Samba server as your Windows system's WINS +server, you must be careful not to specify any additional (i.e., +secondary) WINS servers. If you do, you are likely to run into +problems because the servers will not be able to synchronize their +databases with each other. In Samba's defense, if +you are using a Samba WINS server (running on a typically reliable +Unix host), you will probably have little need for a secondary WINS +server anyway.

+
+ + +
+ + + +
+ +

LMHOSTS

+ +

All Windows versions support a backup method of name resolution, in +the form of a file called +LMHOSTS [5] +that contains a lookup table of computer names and IP addresses. This +exists for "historical purposes," +and is a rather awkward method of name resolution because it requires +the administrator (i.e., you!) to keep copies of +LMHOSTS up to date on every single Windows +system on the network. To be fully effective, +LMHOSTS would have to be updated every time a +new system were added to (or removed from) the network. Of course, +there might be ways to automate that process, but a better option +would be simply to run a WINS name server that is intentionally +designed to solve that specific problem.

+ +

There are perhaps a couple of reasons why you might want to bother +with LMHOSTS files. In rare situations, there +might be no WINS server on the network. Or maybe a WINS server +exists, but it's unreliable. In both cases, if the +Windows system has a valid LMHOSTS file, it can +help to avoid your network bogging down from those dreaded broadcast +name queries.

+ +

The format of the LMHOSTS file is simple and +similar to the /etc/hosts file with which you +might be familiar from running Unix systems. Here are the contents of +a sample LMHOSTS file:

+ +
172.16.1.1      toltec
+172.16.1.2      aztec
+172.16.1.3      mixtec
+172.16.1.4      zapotec
+172.16.1.5      huastec
+172.16.1.6      maya
+172.16.1.7      olmec
+172.16.1.8      chichimec
+172.16.1.11     hopi
+172.16.1.12     zuni
+172.16.1.13     dine
+172.16.1.14     pima
+172.16.1.15     apache
+172.16.1.21     inca
+172.16.1.22     qero
+ +

As you can see, the format is like that of +/etc/hosts, except that instead of an FQDN +(e.g., toltec.metran.cx), only a NetBIOS computer +name (toltec) is given. One way to create an +LMHOSTS file for your Windows systems is to copy +a /etc/hosts file and edit out the parts you +don't need. This will work great if your network +doesn't have a DNS (or NIS) name server and the Unix +system is dependent on /etc/hosts for its own +name service. But if your Unix system is querying a DNS server (which +is the most frequent case on anything larger than the very smallest +networks), you would be better advised to look in the DNS +server's configuration files for your source of +computer names and IP addresses.

+ +

If you do not have administrative access to your +network's DNS server, you might be able to use tools +such as nslookup, +nmap, and +dig to query the server and obtain the +information you need.

+ + +
+ + + +
+ +

DNS

+ +

The DNS +is responsible for translating human-readable, Internet-style +hostnames such as pima.metran.cx or +sales.oreilly.com into IP addresses.

+ +

On your first reading of this section, you might be wondering what a +section on DNS is doing in a book about NetBIOS and SMB networking. +Remember, we told you that Windows can use more than WINS (NetBIOS +Name Service) in its strategy for performing name resolution. Because +DNS is also able to supply IP addresses for simple hostnames (which +are usually the same as NetBIOS computer names), it can be helpful to +configure Windows to know about a DNS server on your network. This is +slightly more important for newer Windows versions than older ones, +and more so for Windows NT/2000/XP than for Windows 95/98/Me, because +nowadays Microsoft is focusing more on TCP/IP as the standard +protocol and DNS as the primary name service.

+ +

To find the address of your DNS server, look at the file +/etc/resolv.conf on your Samba server or any other Unix +system on the local network that is using DNS. It looks like the +following:

+ +
#resolv.conf 
+domain metran.cx
+nameserver 127.0.0.1 
+nameserver 172.16.1.53
+ +

In this example, the first name server in the list is 127.0.0.1, +which indicates that the Samba server is also a DNS server for this +LAN.[6] In that case, you would use its network IP +address (not 127.0.0.1, its localhost address) +for your DNS server when configuring Windows. Otherwise, use the +other addresses you find in the lines beginning with +nameserver. Try to select ones on your own +network. Any name servers listed in +/etc/resolv.conf should work, but +you'll get better performance by using a server +nearby.

+ +

All versions of Windows can be configured to know of multiple domain +name servers, and you might wish to take advantage of this for +increased reliability. If the first domain name server does not +respond, Windows can try others in its list.

+ + +
+ + + +
+ +

HOSTS

+ +

Similar to how the LMHOSTS file can be added to +supplement WINS, the +HOSTS file on a Windows system can be optionally +added to supplement DNS name resolution. Most of our comments +regarding LMHOSTS also apply here.

+ +

This time the format of the file is not just similar to that of +/etc/hosts found on Unix—the format is +exactly the same. You can simply copy +/etc/hosts from your Samba server or other Unix +system to the proper directory on your Windows system.

+ +

On Windows 95/98/Me, the HOSTS file goes in the +Windows installation directory, which is usually +C:\Windows. Note that a file called +hosts.sam is already there, which is a sample +HOSTS file provided by Microsoft.

+ +

On Windows NT/2000/XP, the HOSTS file goes in +the \system32\drivers\etc directory under the +Windows installation directory, which is usually +C:\WINNT.

+ + +
+ + +
+ + +
+ +

Passwords

+ +

Unix systems use +username and password pairs to authenticate users either on a local +system or in an NIS domain. Windows NT/2000/XP are very similar; a +user supplies his username and password to log on to the local system +or to a Windows domain.

+ +

When the SMB network is set up as a workgroup, things are different. +There is no domain to log on to, although shares on the network can +be password-protected. In this case, one password is associated with +each password-protected share, rather than with individual users.

+ +

Samba's default user-level +authentication in a workgroup is +different from that of Windows. To access shares on the Samba host, +users are required to supply a valid username and password for an +account on the Samba host. This will be discussed in more detail in +Chapter 9.

+ +

An unfortunate +complication arises with passwords. In the first release of Windows +95 and in Windows NT 4.0 with Service Pack 2 (SP2) or less, as well +as in all previous versions of Windows, passwords are allowed to be +sent over the network in plain text. But in Windows 95 with the +network redirector update,[7]

+ +

Windows NT 4.0 SP3 or later, and all subsequent releases of Windows, +a registry setting must be modified to enable plain-text +passwords. These more modern versions of Windows prefer to send +encrypted passwords, and if you are working with one of them (and +don't want to have to modify the registry), you must +have the line:

+ +
encrypt passwords = yes
+ +

in the [global] section of your +smb.conf file. In addition, you must run the +command:

+ +
# smbpasswd -a username
+ +

for each user on the Samba host to add their passwords to +Samba's collection of encrypted passwords. We showed +you how to do this in Chapter 2.

+ +

If your first attempt to access a Samba share results in a dialog box +asking for a password for +IPC$, as shown in Figure 3-1, it is probably because you neglected either +or both of these two steps, and the Samba server did not recognize +the encrypted password that the Windows system sent to it. Another +possible dialog box that might come up is the one shown in Figure 3-2, which was presented by a Windows 2000 client.

+ +

Figure 3-1. Windows 98 asking for IPC$ password

+ +

Figure 3-2. Windows 2000 logon error dialog

+ +

The rest of this chapter is divided into four sections. The first +section covers setting up Windows 95/98/Me computers, and the rest of +the sections cover Windows NT 4.0, Windows 2000, and Windows XP +individually. Each section roughly parallels the order in which +we've introduced networking concepts in this +section. You need to read only the section that applies to the +Windows version with which you are working, and once you have +finished reading it, you can continue at the beginning of the next +chapter where we will start covering more advanced Samba features and +networking issues.

+ +

TIP

+

Keep in mind that we are continuing our example from Chapter 2, in which we are setting up a very simple +prototype network using a workgroup that has very lax security. After +you have the basics working, we recommend you continue with later +chapters to learn how to implement both better security and a Samba +domain.

+
+ + +
+ + +
+ + + +
+ +

Setting Up Windows 95/98/Me Computers

+ +

The Windows 95/98/Me operating systems are very +similar to each other, and as far as this chapter is concerned, it is +possible to treat them with a common set of directions.

+ + +
+ +

Setting Up the Network

+ +

Samba uses TCP/IP to communicate with clients on the network, so you +will need to make sure there is support for TCP/IP on each Windows +client. Unlike Unix operating systems, Windows does not necessarily +have support for TCP/IP installed. However, when Windows is installed +on a computer with a network card or a network card is added to a +system already running Windows, TCP/IP support is installed by +default, along with the Client for Microsoft Networks, which supports +SMB file and printer sharing.

+ +

To make sure both services are installed on your Windows system, +double-click the Network icon in the Control Panel to open the +Network dialog box, as shown in Figure 3-3.

+ +

Figure 3-3. The Windows 95/98/Me Network dialog

+ +

You should see at least the Client for Microsoft Networks component +installed on the system, and hopefully a networking device +(preferably an Ethernet card) bound to the TCP/IP protocol. If there +is only one networking hardware device, you'll see +the TCP/IP protocol listed below the device to which it is bound, as +shown in Figure 3-1.

+ +

You might also see "File and printer sharing for +Microsoft Networks," which is used to make the +system into a server. In addition, you might see NetBEUI or Novell +Networking. Definitely remove NetBEUI unless you are sure you need +it, and if you don't have any Novell servers on your +network, you can remove Novell (IPX/SPX) as well. To remove a +service, simply click its name and then click the Remove button.

+ + +
+ +

Adding TCP/IP

+ +

If +you don't see TCP/IP listed, you'll +need to install the protocol.

+ +

You can add the protocol by inserting the Windows distribution CD-ROM +in your CD-ROM drive and clicking the Add button below the component +window. Indicate that you wish to add a protocol by selecting +Protocol and clicking "Add..." on +the following dialog box, which should look similar to Figure 3-4.

+ +

Figure 3-4. Selecting a component type

+ +

After that, select manufacturer Microsoft, then protocol TCP/IP, as +shown in Figure 3-3, then click OK. After doing so, +you will be returned to the network dialog. Click OK to close the +dialog box, and Windows will install the necessary components from +the CD-ROM and request that the system be rebooted. Go ahead and +reboot the system, and you're set.

+ +

If Client for Microsoft Networks is not in the list, you can add it +similarly. The only significant difference is that you are adding a +client instead of a protocol, so make sure to select +"Client" rather than +"Protocol" when asked.

+ + +
+ + + +
+ +

Configuring TCP/IP

+ +

If you have more than one networking +device (for example, both an Ethernet card and a modem for dial-up +networking), the protocol to hardware bindings will be indicated by +arrows, as shown in Figure 3-5.

+ +

Figure 3-5. Selecting a protocol to install

+ +

Select the TCP/IP protocol linked to the networking device that will +be accessing the Samba network. If you have only one networking +device, simply click the TCP/IP item. Now click the Properties button +to open the TCP/IP Properties dialog. You should see something +similar to Figure 3-6.

+ +

Figure 3-6. Selecting the correct TCP/IP protocol

+ + +
+ + + +
+ +

IP Address tab

+ +

The +IP Address tab is shown in Figure 3-7.

+ +

Figure 3-7. The IP Address tab

+ +

If you use DHCP on your network to provide IP addresses automatically +to Windows systems, select the "Obtain an IP address +automatically" radio button. Otherwise, click the +"Specify an IP address" radio +button and enter the client's address and subnet +mask in the space provided. You or your network manager should have +selected an address for the client on the same subnet (LAN) as the +Samba server.

+ + +
+ + + +
+ +

WINS Configuration tab

+ +

If you've +enabled WINS on Samba or are choosing to make use of another WINS +server on your network, you must tell Windows the +server's address. After selecting the WINS +Configuration tab, you will see the dialog box shown in Figure 3-8.

+ +

Figure 3-8. The WINS Configuration tab

+ +

This is for Windows 98/Me; Windows 95 is just a little different, +having separate spaces for the primary and backup WINS server IP +addresses.

+ +

Select the "Enable WINS Resolution" +radio button, and enter the WINS server's address in +the space provided, then click the Add button. Do not enter anything +in the Scope ID field.

+

WARNING

+

A bug in Windows 95/98 sometimes causes the IP address of the WINS +server to disappear after the OK button is clicked. This happens only +when only a primary WINS server has been specified. The workaround is +to fill in the fields for both primary and secondary WINS servers, +using the same IP address for each.

+
+ + +
+ + + +
+ +

DNS Configuration tab

+ +

Unless you are using DHCP, you +will need to provide the IP address of one or more DNS servers. Click +the DNS tab, then click the "Enable +DNS" radio button, and type the IP address of one or +more DNS servers into the appropriate field, shown in Figure 3-9, to add the server's address +to the top DNS Server Search Order field.

+ +

Figure 3-9. The DNS Configuration tab

+ +

Also, provide the hostname (which is the same as the NetBIOS computer +name) of the Windows 95/98/Me computer and your Internet domain. (You +will need to enter the computer name again later, along with the +workgroup. Make sure to enter the same name each time.) You can +safely ignore the Domain Suffix Search Order field for anything +related to Samba.

+ + +
+ + + +
+ +

LMHOSTS file

+ +

If +you want to install an LMHOSTS file, it must be +placed in your Windows installation directory (usually +C:\Windows). In the same directory, Microsoft +has provided a sample LMHOSTS file named +lmhosts.sam, which you might want to look at for +further information on the file's format.

+ + +
+ + + +
+ +

NetBIOS tab

+ +

This tab +appears in Windows 98/Me, but not in Windows 95. All you need to do +here is make sure the checkbox is checked, enabling NetBIOS over +TCP/IP. If TCP/IP is your only protocol installed (as we recommended +earlier), the selection will be grayed out, with the box checked so +that you couldn't uncheck it even if you wanted to.

+ + +
+ + + +
+ +

Bindings tab

+ +

The +final tab to look at is Bindings, as shown in Figure 3-10.

+ +

Figure 3-10. The Bindings tab

+ +

You should have a check beside Client for Microsoft Networks, +indicating that it's using TCP/IP. If you have +"File and printer sharing for Microsoft +Networks" in the dialog, it should also be checked, +as shown in Figure 3-10.

+ + +
+ + +
+ + +
+ +

Setting the Computer Name and Workgroup

+ +

Finally, click the OK button in the +TCP/IP configuration dialog, and you'll be taken +back to the Network Configuration dialog. Then select the +Identification tab, which will take you to the dialog box shown in +Figure 3-11.

+ +

Figure 3-11. The Identification tab

+ +

This is where you set your system's NetBIOS name +(which Microsoft likes to call "computer +name"). Usually, it is best to make this the same as +your DNS hostname, if you are going to have one for this system. For +example, if the system's DNS name is +huastec.metran.cx, give the computer a NetBIOS +name of huastec on this tab.

+ +

You also set your workgroup name here. In our case, +it's METRAN, but if you used a different one in +Chapter 2, when creating the Samba configuration +file, use that instead. Just don't call it WORKGROUP +(the default workgroup name) or you'll be in the +same workgroup as every misconfigured Windows computer on the planet!

+ +

You can also enter a comment string for this computer. See if you can +come up with some way of describing it that will remind you of what +and where it is when you see the comment in a list displayed on +another computer. Everyone on the network will be able to see your +comment, so be careful not to include any information that might be +useful to crackers.

+ +

Finally, click the OK button and follow whatever instructions Windows +provides. (You might have to insert your Windows distribution CD-ROM +and/or reboot.)

+ + +
+ + +
+ +

Username and Password

+ +

You have probably already given +Windows a username and password by now. However, to authenticate with +the Samba server, your Windows username and password must match with +a valid account on the Samba server.

+ +

It is simple to add a new user and password to a Windows 95/98/Me +system. Just reboot or log out, and when you are prompted for a +username and password, enter your Unix username and password. (If you +are using encrypted passwords, you must run +smbpasswd on the Unix host to enter them into +Samba's password database, if you have not already +done so.) You can use this method to add as many users as you want, +so as to allow more than one user to use the Windows system to gain +access to the Samba shares.

+ +

If you mistakenly entered the wrong password or your Unix password +changes, you can change your password on the Windows system by going +to the Control Panel and double-clicking the Passwords icon. This +will bring up the Passwords Properties dialog. Click the Change +Passwords tab, and you will see the dialog shown in Figure 3-12. Now click the "Change +Windows Password..." button, which will bring up the +Change Windows Password dialog box, shown in Figure 3-13. As indicated by the text entry fields in the +dialog, enter your old password, and then the new password, and again +to confirm it. Click the OK button and then the Close button on the +Password Properties dialog box. Reboot or log out, and use your new +password when you log in again.

+ +

Figure 3-12. The Password Properties dialog

+ +

Figure 3-13. The Change Windows Password dialog

+ + +
+ +

Logging in for the first time

+ +

If you don't have a Change Passwords tab in the +Passwords Properties window, it is because networking is not fully +set up yet. Assuming you've followed all the +directions given so far, you just need to reboot; when the system +comes up, it will ask you to log in with a username and a password.

+ +

Now for the big moment. Your Samba server is running, and you have +set up your Windows 95/98/Me client to communicate with it.

+ + +
+ + + +
+ +

Accessing the Samba Server from Windows 95/98

+ +

Double-click the Network Neighborhood +icon on the desktop. You should see your Samba server listed as a +member of the workgroup, as shown in Figure 3-14.

+ +

Figure 3-14. Windows 95/98 Network Neighborhood

+ +

Double-clicking the server name will show the resources that the +server is offering to the network, as shown in Figure 3-15 (in this case, the test +directory).

+ +

Figure 3-15. The test shared folder on the Toltec server

+ + +
+ + + +
+ +

Accessing the Samba Server from Windows Me

+ +

Double-click the My Network Places icon on the desktop. You should +see the test shared directory as shown in Figure 3-16.

+ +

Figure 3-16. My Network Places on Windows Me

+ +

Double-click the Entire Network icon, and you should see an icon for +your workgroup, as shown in Figure 3-17.

+ +

Figure 3-17. Entire Network window, showing the Metran workgroup

+ +

Double-clicking the workgroup icon will bring up a window showing +every computer in the workgroup, which should include your Samba +server, as shown in Figure 3-18.

+ +

Figure 3-18. Computers in Metran workgroup

+ +

Double-click the Samba server's icon, and you will +get a window showing its shared resources (in this case, the test +directory) as shown in Figure 3-19.

+ +

Figure 3-19. View of shares on the Toltec server

+ +

If you don't see the server listed, it might be that +browsing is not working correctly or maybe the server is just taking +a few minutes to show up in the browse list. In either case, you can +click the Start button, then select +"Run...". This will give you a +dialog box into which you can type the name of your server and the +share name test in the Windows UNC format +\\server\test, +as we did in Chapter 1. This should open a window +on the desktop showing the contents of the folder. If this does not +work, there is likely a problem with name resolution, and you can try +using the server's IP address instead of its +computer name, like this:

+ +
\\172.16.1.1\test
+ +

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong +with the network.

+ +

If it works, congratulations! Try copying files to and from the +server using the Windows drag-and-drop functionality. You might be +pleasantly surprised how seamlessly everything works.

+ + +
+ + +
+ + +
+ + + +
+ +

Setting Up Windows NT 4.0 Computers

+ +

Configuring Windows NT +is a little different than configuring Windows 95/98/Me. To use Samba +with Windows NT, you will need both the Workstation service and the +TCP/IP protocol. Both come standard with NT, but +we'll work through installing and configuring them +to make sure they are configured correctly.

+ + +
+ +

Basic Configuration

+ +

This section presents the steps +to follow for TCP/IP-related configuration on Windows NT to get it to +cooperate with Samba. If you need more details on Windows NT network +administration, refer to Craig Hunt and Robert Bruce +Thompson's +Windows NT TCP/IP Network Administration +(O'Reilly), an excellent guide.

+ +

You should perform the following steps as the +Administrator or another user in the +Administrators group.

+ + +
+ +

Installing the TCP/IP protocol

+ +

From +the Control Panel, double-click the Network icon, click the Protocols +tab in the Network dialog box, and look to see if you have the TCP/IP +protocol installed, as shown in Figure 3-20.

+ +

Figure 3-20. The Protocols tab

+ +

If the protocol is not installed, you need to add it. Click the Add +button, which will display the Select Network Protocol dialog box +shown in Figure 3-21. You should immediately see the +TCP/IP protocol as one of the last protocols listed.

+ +

Figure 3-21. Select Network Protocol dialog box

+ +

Select TCP/IP as the protocol and confirm it. If +possible, install only the TCP/IP protocol. If you see anything other +than TCP/IP listed in the Protocols tab and it is not a protocol that +you need, you can remove it. If you try to remove a protocol and get +an error message saying that the protocol is being used by another +service, you need to click the Services tab and remove that service +before you can remove the protocol. For example, to remove the NWLink +IPX/SPX Compatible Transport protocol, you would need to remove the +Client Service for Netware first.

+ + +
+ + + +
+ +

Installing the Workstation service

+ +

After installing TCP/IP, click the +Services tab in the Network dialog, and check that you have a +Workstation service, as shown at the end of the list in Figure 3-22.[8]

+ +

Figure 3-22. Network Services tab

+ +

This service is actually the Microsoft Networking Client, which +allows the computer to access SMB services. The Workstation service +is mandatory. The service is installed by default on both Windows NT +Workstation 4.0 and NT Server 4.0. If it's not +there, you can install it much like TCP/IP. In this case you need to +click the Add button and then select Workstation Service, as shown in +Figure 3-23.

+ +

Figure 3-23. Select Network Service dialog box

+ + +
+ + + +
+ +

Configuring TCP/IP

+ +

After you've installed +the Workstation service, return to the Protocols tab and select the +TCP/IP Protocol entry in the window. Then click the Properties button +below the window. The Microsoft TCP/IP Protocol dialog will be +displayed. There are five tabs in the dialog, and you will need to +work with four of them:

+ +
  • +

    IP Address

    +
  • +

    WINS Address

    +
  • +

    DNS

    +
  • +

    Bindings

    +
+ +
+ +

IP Address tab

+ +

The IP +Address tab is shown in Figure 3-24.

+ +

Figure 3-24. Microsoft TCP/IP Properties dialog for Windows NT

+ +

Select the "Specify an IP address" +radio button, and enter the computer's IP address +and netmask in the space provided for the proper adapter (Ethernet +card). You or your network manager should have selected an address +for the client on the same subnet (LAN) as the Samba server. For +example, if the server's address is 172.16.1.1 and +its network mask is 255.255.255.0, you might use the address +172.16.1.13 (if it is available) for the NT workstation, along with +the same netmask. If you use DHCP on your network, select the +"Obtain an IP Address from a DHCP +server" button instead.

+ +

The gateway field refers to a system typically known as a +router. If you have routers connecting multiple +networks, you should enter the IP address of the one on your subnet. +In our example, the gateway happens to be the same system as the +Samba server, but they do not by any means have to be the same.

+ + +
+ + + +
+ +

WINS Address tab

+ +

Click the +WINS Address tab, shown in Figure 3-25, and you can +begin to enter information about name servers. Enter the address of +your WINS server in the space labeled Primary WINS Server. If your +Samba server is providing WINS service (in other words, you have the +line wins support += yes in the +smb.conf file of your Samba server), provide the +Samba server's IP address here. Otherwise, provide +the address of another WINS server on your network.

+ +

Figure 3-25. The WINS Address tab

+ +

You probably noticed that there is a field here for the network +adapter. This field must specify the Ethernet adapter on which +you're running TCP/IP so that WINS will provide name +service on the correct network. For example, if you have both a LAN +and a dial-up adapter, make sure you have the LAN's +network card specified here.

+ +

The checkboxes in the lower half of the dialog are for enabling two +other methods of name resolution that Windows can incorporate into +its name service. Samba doesn't require either of +them, but you might want to enable them to increase the reliability +or functionality of name service for your client. See Chapter 7 for further information on name resolution +issues.

+ +

If you'd like to use a DNS server, select the Enable +DNS for Windows Resolution checkbox. In addition, you will need to do +some configuration to allow the Windows system to find the DNS +server, unless you're using DHCP.

+ + +
+ + + +
+ +

DNS tab

+ +

Click +the tab for DNS, as shown in Figure 3-26. Enter the +IP addresses for one or more DNS servers in the space provided. Also, +enter the hostname (which should be the same as the NetBIOS computer +name). You will enter this again later in another control panel, so +make sure they match. Finally, enter the DNS domain on which this +system resides. For example, if your workstation has a domain name +such as metran.cx, enter it here. You can safely +ignore the other options.

+ +

Figure 3-26. The DNS tab

+ + +
+ + + +
+ +

The LMHOSTS file

+ +

If you want to install an +LMHOSTS file, it +must be placed in the directory +\system32\drivers\etc under your Windows +installation directory (usually C:\WINNT). The +easy way to make sure it gets to the proper location is to use the +Import LMHOSTS button on the WINS Address tab. (But if you want to do +it over the network, you will have to do that after file sharing is +configured!) Remember to click the Enable LMHOSTS Lookup checkbox on +the WINS Address tab to enable this functionality.

+ +

When you are satisfied with your settings for IP Address, WINS +Address, and DNS, click OK to return to the Network dialog box.

+ + +
+ + + +
+ +

Bindings

+ +

Now click the +Bindings tab, and check the bindings of network hardware, services, +and protocols. Set the "Show Bindings +for" field to "all +services," and click all the + buttons in the tree. +You should see a display similar to Figure 3-27, +which shows that the NetBIOS, Server, and Workstation interface +services are connected to the WINS client running TCP/IP protocol, +and that the WINS client is bound to the Ethernet adapter of the +local area network.

+ +

Figure 3-27. The Bindings tab

+ +

You can safely leave the default values for the remainder of the tabs +in the Network dialog box. Click the OK button to complete the +configuration. Once the proper files are loaded (if any), you might +need to reboot for your changes to take effect.

+ + +
+ + +
+ + +
+ + +
+ +

Computer Name and Workgroup

+ +

The next +thing you need to do is to give the system a NetBIOS computer name. +From the Control Panel, double-click the Network icon to open the +Network dialog box. The first tab in this dialog box should be the +Identification tab, as illustrated in Figure 3-28.

+ +

Figure 3-28. The Identification tab

+ +

Here, you need to identify your computer with a name and change the +default workgroup to the one you specified in the +smb.conf file of your Samba server. Click the +Change button below the two text fields. This will open an +Identification Changes dialog box, where you can set the workgroup +and the computer name, as shown in Figure 3-29.

+ +

Figure 3-29. The Identification Changes dialog

+

WARNING

+

You entered the computer name earlier as a DNS hostname while +configuring TCP/IP, so be sure that the two names match. The name you +set here is the NetBIOS name. You're allowed to make +it different from the TCP/IP hostname, but doing so is usually not a +good idea. Don't worry that Windows NT forces the +computer name and the workgroup to be all capital letters; +it's smart enough to figure out what you mean when +it connects to the network.

+
+ + +
+ + +
+ +

Adding a User

+ +

In all +the previous steps, you were logged into your Windows NT system as +Administrator or another user in the +Administrators group. To access resources on the +Samba server, you will need to have a username and password that the +Samba server recognizes as valid. Generally, the best way to do this +is to add a user to your NT system, with the same username and +password as a user on the Samba host system.

+ +

TIP

+

The directions in this section assume that your network is set up as +a workgroup. If you have already set up your network as a domain, as +we describe in Chapter 4, you do not need to +follow the instructions here for adding a local user on the Windows +NT client system. Simply log on to the domain from the client using a +username and password in Samba's +smbpasswd account database, and continue with +the next section, Section 3.3.4.

+
+ +

To add a new user, open the Start menu, navigate through the Programs +submenu to Administrative Tools (Common), and select User Manager for +Domains. Click the User menu and select the first item, Add User..., +shown in Figure 3-30.

+ +

Figure 3-30. User Manager for Domains window

+ +

This brings up the New User dialog box shown in Figure 3-31.

+ +

Figure 3-31. The New User dialog

+ +

Fill it out as shown, using the username and password that were added +in the previous chapter, and make sure that only the checkbox labeled +Password Never Expires is checked. (This is not the default!) Click +the Add button to add the user, and then click the Close button. You +should now see your new account added to the list in the User Manager +dialog box.

+ +

Now open the Start menu, select Shut Down, and select the +"Close all programs and log on as a different +user?" radio button. Click the Yes button, then log +in as the user you just added.

+ + +
+ + +
+ +

Connecting to the Samba Server

+ +

Now for the big moment. Your Samba +server is running, and you have set up your NT client to communicate +with it. Double-click the Network Neighborhood icon on the desktop, +and you should see your Samba server listed as a member of the +workgroup, as shown in Figure 3-32.

+ +

Figure 3-32. The Windows NT Network Neighborhood

+ +

Double-clicking the server name will show the resources that the +server is offering to the network, as shown in Figure 3-33. In this case, the test +directory and the default printer are offered to the Windows NT +workstation.

+ +

Figure 3-33. Shares offered by the Toltec server

+ +

If you don't see the server listed, +don't panic. Select Run... from the Start menu. A +dialog box appears that allows you to type the name of your server +and its share directory in Windows format. For example, you would +enter +\\toltec\test, +as shown in Figure 3-34, and use your +server's hostname instead of +"toltec".

+ +

Figure 3-34. Opening a shared directory, using the server's NetBIOS name in the UNC

+ +

This will work even if browsing services are not set up right, which +is a common problem. You can also work around a name-service problem +by entering the server's IP Address (such as +172.16.1.1 in our example) instead of the Samba +server's hostname, as shown in Figure 3-35. Go back and check your configuration, and if +things still aren't right, go to Section 12.2 to troubleshoot what is wrong with the +network.

+ +

Figure 3-35. Opening a shared directory, using the server's IP address in the UNC

+ +

If it works, congratulations! Try copying files to and from the +server by dragging their icons to and from the folder on the Samba +share. You might be pleasantly surprised how seamlessly everything +works.

+ + +
+ + +
+ + + +
+ +

Setting Up Windows 2000 Computers

+ +

Although +Windows 2000 is based on NT technology and is similar to Windows NT +in many respects, configuring it for use with Samba is quite +different.

+ +

You should perform the following steps as the +Administrator or another user in the +Administrators group.

+ + +
+ +

Networking Components

+ +

Go to the Control Panel and +double-click the Network and Dial-up Connections icon. You should see +at least one Local Area Connection icon. If there is more than one, +identify the one that corresponds to the network adapter that is +connected to your Samba network. Right-click the Local Area +Connection icon, and click the Properties button. (Or double-click +the Local Area Connection icon, and then click the Properties button +in the dialog box that comes up.) You should now be looking at the +Local Area Connection Properties dialog box, as shown in Figure 3-36.

+ +

Figure 3-36. Windows 2000 Local Area Connection Properties dialog

+ +

First of all, you might want to click the Configure button under the +field for the network adapter, to make sure you see the message +"This device is working properly" +in the Device status window. If there is a problem, make sure to +correct it before continuing. You should also see the message +"Use this device (enable)" in the +Device usage field of the dialog box. Make sure to set it this way if +it is not already. Click OK or Cancel to get back to the Local Area +Connection Properties dialog box.

+ +

You should see at least the following two components:

+ +
  • +

    Client for Microsoft Networks

    +
  • +

    Internet Protocol (TCP/IP)

    +
+

If you do not see either Client for Microsoft Networks or Internet +Protocol (TCP/IP) in your list, you will need to add them. For +either, the method is to click the Install... button, click the type +of component (Client or Protocol), and then click the Add... button. +Next, click the component you want to add, and click the OK button. +You should see the component added to the list with the others.

+ +

Some components should be removed if you see them in the list:

+ +
  • +

    NetBEUI Protocol

    +
  • +

    NWLink NetBIOS

    +
  • +

    NWLink IPX/SPX/NetBIOS Compatible Transport Protocol

    +
  • +

    Client Service for Netware

    +
+

If you see anything other than TCP/IP listed as a protocol, and it is +not a protocol that you need, you can remove it. Uninstall NetBEUI, +unless you are sure you need it, and the other three if you do not +need to support Netware. If you try to remove a protocol and get an +error message saying that the protocol is being used by another +service, you need to remove that service before you can remove the +protocol. For example, to remove the NWLink IPX/SPX Compatible +Transport Protocol, you would need to remove the Client Service for +Netware first.

+ +

To remove a component, click the component in the list, click the +Uninstall button, and then click Yes in the dialog box that pops up. +In some cases, Windows might need to reboot to put the change into +effect.

+ + +
+ + +
+ +

Bindings

+ +

Next to each +client, service, or protocol listed in the window in the Local Area +Connections Properties dialog box, you will see a checkbox. Make sure +the checkbox is checked for both Client for Microsoft Networks and +Internet Protocol (TCP/IP). The check marks indicate the networking +components are bound to the network adapter shown at the top of the +dialog box.

+ + +
+ + +
+ +

Configuring TCP/IP

+ +

Now click Internet Protocol (TCP/IP), +and then click Properties to open the Internet Protocol (TCP/IP) +Properties dialog box, shown in Figure 3-37.

+ +

Figure 3-37. Internet Protocol (TCP/IP) Properties dialog

+ + +
+ +

IP address

+ +

If +you are using DHCP on your network to assign IP addresses +dynamically, select the "Obtain IP address +automatically" radio button. Otherwise, select the +"Use the following address:" radio +button, and fill in the computer's IP address and +netmask in the spaces provided. You or your network manager should +have selected an address for the client on the same subnet (LAN) as +the Samba server. For example, if the server's +address is 172.16.1.1 and its network mask is 255.255.255.0, you +might use the address 172.16.1.14, if it is available, along with the +same netmask. You can also fill in the IP address of the default +gateway.

+ + +
+ + + +
+ +

DNS server

+ +

In +the lower part of the dialog box, click the "Use the +following DNS server addresses:" radio button, and +fill in the IP address of your DNS server.

+ +

Now click the Advanced... button to bring up the Advanced TCP/IP +Settings dialog box, and then click the WINS tab.

+ + +
+ + + +
+ +

WINS server

+ +

Enter the +address of your WINS server in the space labeled +"WINS addresses, in order of use:". +If your Samba server is providing WINS service (in other words, you +have the line wins service += yes in the +smb.conf file of your Samba server), provide the +Samba server's IP address here. Otherwise, provide +the address of another WINS server on your network.

+ +

Near the bottom of the dialog box, select the radio button labeled +"Enable NetBIOS over TCP/IP". Figure 3-38 shows what your Advanced TCP/IP Settings +dialog box should look like at this point.

+ +

Figure 3-38. Advanced TCP/IP Settings dialog, showing WINS tab

+ + +
+ + + +
+ +

The LMHOSTS file

+ +

If you want to install an +LMHOSTS file, +it must be placed in the \system32\drivers\etc +directory under your Windows installation directory (usually +C:\WINNT ). The easy way to make sure it gets to +the proper location is to use the Import LMHOSTS... button on the +WINS Address tab. (But if you want to do it over the network, you +will have to do that after file sharing is configured!) Remember to +click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to +enable this functionality.

+ +

When you are satisfied with your settings for IP Address, WINS +Address, and DNS, click the OK buttons in each open dialog box to +complete the configuration. Windows might need to load some files +from the Windows 2000 distribution CD-ROM, and you might need to +reboot for your changes to take effect.

+ + +
+ + +
+ + +
+ +

Computer and Workgroup Names

+ +

From +the Control Panel, double-click the System icon to open the System +Properties dialog box. Click the Network Identification tab, and your +System Properties dialog box will look similar to Figure 3-39.

+ +

Figure 3-39. System Properties dialog, showing Network Identification tab

+ +

To give your system computer a name and a workgroup, click the +Properties button, which will bring up the Identification Changes +dialog box, as in Figure 3-40.

+ +

Figure 3-40. Identification Changes dialog

+ +

You need to identify your computer with a name and change the +workgroup to the one you specified in the +smb.conf file of your Samba server. +Don't worry that Windows forces the computer name +and the workgroup to be all capital letters; it's +smart enough to figure out what you mean when it connects to the +network.

+ +

Click the More... button to bring up the DNS Suffix and NetBIOS +Computer Name dialog box, shown in Figure 3-41.

+ +

Figure 3-41. DNS Suffix and NetBIOS Computer Name dialog

+ +

Enter the DNS domain name of this computer in the text field labeled +Primary DNS Suffix for this computer:, and then click OK. You should +now see the FQDN of this system underneath the label +"Full computer name:". Click the OK +button and then reboot when requested to put your configuration +changes into effect. Once again, log in using your administrative +account.

+

WARNING

+

There have been reports of authentication problems with Samba when a +username on a Windows 2000 system is the same as its computer name.

+
+ + +
+ + +
+ +

Adding a Samba-Enabled User

+ +

So far, +you have been logged into your Windows 2000 system as a user in the +Administrators group. To access resources on the +Samba server, you will need a username and password that the Samba +server recognizes as valid. If your administrative account has such a +username and password, you can use it, but you might want to access +your system and the network from a nonadministrative user account +instead.

+

WARNING

+

The directions in this section assume that your network is set up as +a workgroup. If you have already set up your network as a domain, as +we describe in Chapter 4, you do not need to +follow the instructions here for adding a local user on the Windows +2000 client system. Simply log on to the domain from the client using +a username and password in Samba's +smbpasswd account database, and continue with +the next section, Section 3.4.6.

+
+ +

To add a new user, open the Control Panel, and double-click the Users +and Passwords icon to open the Users and Passwords dialog box, shown +in Figure 3-42.

+ +

Figure 3-42. Users and Passwords dialog

+ +

The first thing to do is make sure the checkbox labeled +"Users must enter a user name and password to use +this computer." is checked. Next, click the Add... +button to bring up the first dialog box of the User Wizard, shown in +Figure 3-43.

+ +

Figure 3-43. Adding a new user

+ +

Fill out the fields, using the username of a valid user account on +the Samba host, and then click the Next > button to enter and +confirm the user's password. This password must be +the same as the user's password on the Samba host. +If you are using encrypted passwords, make sure this username and +password are the same as what you used when you ran the +smbpasswd program. Click the Next > button, +which brings up the final dialog box, shown in Figure 3-44.

+ +

Figure 3-44. Specifying a group for the new user

+ +

Pick a group for the user (the default Standard User should do), and +click the Finish button. You should now see your new account added to +the list in the Users and Passwords dialog box. Click the OK button +to complete the process.

+ +

Now return to the Users and Passwords control panel window, click the +Advanced tab, then click on the Advanced button. Click the Users +folder in the left side of the Local Users and Groups window that +appears, and then double-click the account you just added in the +right side of the window. In the Properties window that opens, click +the checkbox labeled Password never expires. You are done! Click the +OK buttons in all the dialog boxes, and close all open windows.

+ +

Open the Start menu, select Shut Down, and select Log off +username from the drop-down menu. Click the OK +button, then log on with the username and password you just added.

+ + +
+ + +
+ +

Connecting to the Samba Server

+ +

Now for the big moment. Your Samba server is running, and you have +set up your Windows 2000 client to communicate with +it. Double-click the My Network Places icon on the desktop, and then +double-click the Computers Near Me icon to browse the workgroup. You +should see your Samba server listed as a member of the workgroup, as +shown in Figure 3-45.

+ +

Figure 3-45. The Computers Near Me window, showing computers in the workgroup

+ +

Double-clicking the server name will show the resources that the +server is offering to the network, as shown in Figure 3-46.

+ +

Figure 3-46. Shares offered by the Toltec server

+ +

In this case, the test directory and the default +printer are offered to the Windows 2000 workstation. If you +don't see the server listed, don't +panic. Select Run from the Start menu. A dialog box appears that +allows you to type the name of your server and its share directory in +Windows format. For example, you would enter +\\toltec\test, as shown in +Figure 3-47, and use your server's +hostname instead of "toltec".

+ +

Figure 3-47. Opening a shared directory, using the server's NetBIOS name in the UNC

+ +

This will work even if browsing services are not set up right, which +is a common problem. You can also work around a name-service problem +by entering the server's IP address (such as +172.16.1.1 in our example) instead of the Samba +server's hostname, as shown in Figure 3-48.

+ +

Figure 3-48. Opening a shared directory, using the server's IP address in the UNC

+ +

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong +with the network.

+ +

If it works, congratulations! Try copying files to and from the +server. You will be pleasantly surprised how seamlessly everything +works. Now that you've finished setting up the Samba +server and its clients, you can proceed to the next chapter. +

+ + +
+ + +
+ + + +
+ +

Setting Up Windows XP Computers

+ +

Although Windows XP +is very similar to Windows 2000, it has a very different user +interface, and there are a number of subtle differences. For example, +getting to the Control Panel is different than in any previous +version of Windows—one must click the Control Panel item from +the Start menu (there is no Settings item in the Start menu in XP). +By default, XP will display the Control Panel in Category View mode. +If you see this, click the Switch to Classic View item in the +upper-left corner of the window. All of our directions are for using +the Control Panel in Classic View mode.

+ +

You should perform the following steps as the +Administrator or another user in the +Administrators group.

+ + +
+ +

Networking Components

+ +

Go to the Control Panel and +double-click the Network and Dial-up Connections icon. You should see +at least one Local Area Connection icon. If there is more than one, +identify the one that corresponds to the network adapter that is +connected to your Samba network. Right-click the Local Area +Connection icon and click the Properties button. (Or double-click the +Local Area Connection icon and then click the Properties button in +the dialog box that comes up.) You should now be looking at the Local +Area Connection Properties dialog box, as shown in Figure 3-49.

+ +

Figure 3-49. The Local Area Connection Properties dialog

+ +

First of all, you might want to click the Configure button under the +field for the network adapter to make sure you see the message +"This device is working properly" +in the Device status window. If there is a problem, make sure to +correct it before continuing. You should also see the message +"Use this device (enable)" in the +Device usage field of the dialog box. Make sure to set it this way if +it is not already. Click OK or Cancel to close this dialog box, then +reopen the Local Area Connection Properties dialog box.

+ +

You should see at least the following two components:

+ +
  • +

    Client for Microsoft Networks

    +
  • +

    Internet Protocol (TCP/IP)

    +
+

If you do not see either Client for Microsoft Networks or Internet +Protocol (TCP/IP) in your list, you will need to add them. For +either, the method is to click the Install... button, click the type +of component (Client or Protocol), and then click the Add... button. +Next, click the component you want to add, and click the OK button. +You should see the component added to the list with the others.

+ +

If you see anything other than TCP/IP listed as a protocol, and it is +not a protocol that you need, you can remove it. If NetBEUI appears +in the list, uninstall it if you possibly can. Also uninstall any +Netware-related components if you do not need to support Netware. If +you try to remove a protocol and get an error message saying that the +protocol is being used by another service, you need to remove that +service before you can remove the protocol. For example, to remove +the NWLink IPX/SPX Compatible Transport Protocol, you would need to +remove the Client Service for Netware first.

+ +

To remove a component, click the component in the list, click the +Uninstall button, and then click Yes in the dialog box that pops up. +In some cases, Windows might need to reboot to put the change into +effect.

+ + +
+ +

Bindings

+ +

Next to each client, service, or protocol +listed in the window in the Local Area Connections Properties dialog +box, you will see a checkbox. Make sure the checkbox is checked for +both Client for Microsoft Networks and Internet Protocol (TCP/IP). +The check marks indicate that the networking components are bound to +the network adapter shown at the top of the dialog box.

+ + +
+ + +
+ + +
+ +

Configuring TCP/IP

+ +

Now click Internet Protocol +(TCP/IP) and then click Properties to open the Internet Protocol +(TCP/IP) Properties dialog box, shown in Figure 3-50.

+ +

Figure 3-50. The Internet Protocol (TCP/IP) Properties dialog

+ + +
+ +

IP address

+ +

If +you are using DHCP on your network to assign IP addresses +dynamically, select the "Obtain IP address +automatically" radio button. Otherwise, select the +"Use the following address:" radio +button, and fill in the computer's IP address and +netmask in the spaces provided. You or your network manager should +have selected an address for the client on the same subnet (LAN) as +the Samba server. For example, if the server's +address is 172.16.1.1 and its network mask is 255.255.255.0, you +might use the address 172.16.1.12 (if it is available) along with the +same netmask. You can also fill in the IP address of the default +gateway.

+ + +
+ + + +
+ +

DNS server

+ +

In the lower part of the dialog box, click +the "Use the following DNS server +addresses:" radio button, and fill in the IP address +of your DNS server.

+ +

Now click the Advanced... button to bring up the Advanced TCP/IP +Settings dialog box, and then click the WINS tab.

+ + +
+ + + +
+ +

WINS server

+ +

Enter +the address of your WINS server in the space labeled +"WINS addresses, in order of use:". +If your Samba server is providing WINS service (in other words, you +have the line wins support += yes in the +smb.conf file of your Samba server), provide the +Samba server's IP address here. Otherwise, provide +the address of another WINS server on your network.

+ +

Near the bottom of the dialog box, select the radio button labeled +Enable NetBIOS over TCP/IP. Figure 3-51 shows what +your Advanced TCP/IP Settings dialog box should look like at this +point.

+ +

Figure 3-51. The Advanced TCP/IP Settings dialog, showing the WINS tab

+ + +
+ + + +
+ +

The LMHOSTS file

+ +

If you want to install an +LMHOSTS file, it +must be placed in the \system32\drivers\etc +directory under your Windows installation directory (usually +C:\WINNT ). The easy way to make sure it gets to +the proper location is to use the Import LMHOSTS... button on the +WINS Address tab. (But if you want to do it over the network, you +will have to do that after file sharing is configured!) Remember to +click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to +enable this functionality.

+ +

When you are satisfied with your settings for IP Address, WINS +Address, and DNS, click the OK buttons in each open dialog box (and +the Close button in the Local Area Connection Properties dialog box) +to complete the configuration. Windows might need to load some files +from the Windows XP distribution CD-ROM, and you might need to reboot +for your changes to take effect.

+ + +
+ + +
+ + +
+ +

Computer and Workgroup Names

+ +

From the +Control Panel, double-click the System icon to open the System +Properties dialog box. Click the Computer Name tab, and your System +Properties dialog box will look similar to Figure 3-52.

+ +

Figure 3-52. The System Properties dialog, showing the Computer Name tab

+ +

To give your system computer a name and a workgroup, click the +Change... button, which will bring up the Computer Name Changes +dialog box, as in Figure 3-53.

+ +

Figure 3-53. The Computer Name Changes dialog

+ +

You need to identify your computer with a name and change the +workgroup to the one you specified in the +smb.conf file of your Samba server. +Don't worry that Windows forces the workgroup to be +all capital letters; it's smart enough to figure out +what you mean when it connects to the network.

+ +

Click the More... button to bring up the DNS Suffix and NetBIOS +Computer Name dialog box, shown in Figure 3-54.

+ +

Figure 3-54. The DNS Suffix and NetBIOS Computer Name dialog

+ +

Enter the DNS domain name of this computer in the text field labeled +Primary DNS Suffix for this computer:, and then click OK. You should +now see the FQDN of this system underneath the label Full computer +name: in the Computer Name Changes dialog box. Click the OK button +and then reboot when requested to put your configuration changes into +effect. Once again, log in using your administrative account.

+

WARNING

+

There have been reports of authentication problems with Samba when a +username on a Windows XP system is the same as its computer name.

+
+ + +
+ + +
+ +

Adding a Samba-Enabled User

+ +

So far, +you have been logged into your Windows XP system as a user in the +Administrators group. To access resources on the Samba server, you +will need to have a username and password that the Samba server +recognizes as valid. If your administrative account has such a +username and password, you can use it, but you might want to access +your system and the network from a nonadministrative user account +instead.

+ +

TIP

+

The directions in this section assume that your network is set up as +a workgroup. If you have already set up your network as a domain, as +we describe in Chapter 4, you do not need to +follow the instructions here for adding a local user on the Windows +XP client system. Simply log on to the domain from the client using a +username and password in Samba's +smbpasswd account database, and continue with +the next section, Section 3.5.5.

+
+ +

To add a new user, open the Control Panel, and double-click the Users +Accounts icon to open the User Accounts window, shown in Figure 3-55.

+ +

Figure 3-55. The User Accounts window

+ +

Click the Create a new account task, which will bring up the window +shown in Figure 3-56. Enter the username, then click +the Next > button.

+ +

Figure 3-56. Entering the username

+ +

Click the radio button labeled +"Limited", as shown in Figure 3-57.

+ +

Click the Create Account button, and you will see the username you +added next to a picture at the bottom of the User Accounts window. We +still need to assign a password to the account. Click the account to +bring up the "What do you want to change about +username's +account?" window, and then click Create a password. +Enter the password, and enter it again to confirm it.

+ +

Figure 3-57. Setting the account type

+ +

This password must be the same as the user's +password on the Samba host. If you are using encrypted passwords, +make sure this username and password are the same as what you used +when you ran the smbpasswd program. Click the +Create Password button, and you're done adding the +account.

+ +

Now open the Start menu and click the Log Off button. In the Log Off +Windows dialog box that pops up, again click the Log Off button. When +Windows displays the login screen, click the user you just added, and +type in the password to log in.

+ + +
+ + +
+ +

Connecting to the Samba Server

+ +

Now for +the big moment. Your Samba server is running, and you have set up +your Windows XP client to communicate with it. In the Start menu, +select My Computer[9] to open the My Computer window. Click My +Network Places, in the Other Places box in the left part of the +window. You should see a folder icon for the +test directory, as shown in Figure 3-58.

+ +

Figure 3-58. The My Network Places window

+ +

Now click View workgroup computers in the Network Tasks box at the +left of the window. You should see your Samba server listed as a +member of the workgroup. Double-click its icon, and you will see a +window that looks like Figure 3-59.

+ +

Figure 3-59. Shares offered by the Toltec server

+ +

If you don't see the server listed in the workgroup, +don't panic. Select Run... from the Start menu. A +dialog box appears that allows you to type the name of your server +and its share directory in Windows format. For example, you would +enter \\toltec\test, as shown +in Figure 3-60, and use your +server's hostname instead of +"toltec".

+ +

Figure 3-60. Opening a shared directory, using the server's NetBIOS name in the UNC

+ +

This will work even if browsing services are not set up right, which +is a common problem. You can also work around a name-service problem +by entering the server's IP Address (such as +172.16.1.1 in our example) instead of the Samba +server's hostname, as shown in Figure 3-61.

+ +

Figure 3-61. Opening a shared directory, using the server's IP address in the UNC

+ +

If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong +with the network.

+ +

If it works, congratulations! Try copying files to and from the +server by dragging their icons to and from the Samba +server's test folder. You might +be pleasantly surprised how seamlessly everything works.

+ + +
+ + +
+ +

Footnotes

[1] We are +intentionally omitting device drivers because they are +hardware-specific, and we assume you are getting installation +directions from the manufacturer.

+

[2] Make sure to use the same netmask as all other systems on the +network. You can find the netmask in use by checking with Unix or +Windows systems that have already been configured.

[3] Keep in mind that IP addresses ending +in .0 are reserved for network addresses and that ones ending in .255 +are for broadcast addresses. These should never be assigned to any +system on the network.

[4] To be more explicit about +this, the system will identify itself to the network as a b-node +rather than an h-node.

[5] We put the +names of the LMHOSTS and +HOSTS files in uppercase for additional +clarity—to remind you that we are referring to the files on +Windows rather than on Unix, and because that's the +way we see them in other books on Windows. The case of the letters in +the two names actually does not matter.

[6] The address 127.0.0.1 is known as the +localhost address and always refers to itself. +For example, if you type ping +127.0.0.1 on a Unix server, you should always get +a response, because you're pinging the host +itself.

[7] This update is supplied in +various update packages issued by Microsoft.

[8] Notice how in Windows NT, +some clients are called "services"! +In these directions, we will conform to Microsoft's +terminology.

[9] If there is a My Network Places +item in the Start menu at this point, you can save yourself a little +time and just click that. If you don't see it, +don't worry; it will appear automatically +later.

+ +

TOC

+ -- cgit v1.2.3