Updated 2017-02, Ubuntu 16.04 LTS. Samba 4.3.11

REMARKS: A while back I had to change the intuitive "force user" and "force group" lines with the batshiat crazy "map to guest = bad user". Did the government take over Samba? The "improvements" are making it harder to use and understand! I can't explain why it is working...

Summary of Samba Fileserver Network Objectives

You are tired of having several copies of the same file on different computers, or figuring out which computer you have a certain file on. You have a trusted LAN, either at your home or a SOHO (Small Office Home Office) type of setup and you would like to have one central place for every person (every computer) to work off of.

It is truly a trusted LAN and you are not concerned about security. In other words, you don't want to have to enter a username and password. You want all files to be owned by the same user on the central fileserver and be equally accessed by anybody on the network. You want it to appear that the user is working on files on the local machine.

If you have a situation similar to the above, I recommend you do like the big enterprise corporations and use linux where it is well suited and completely ready for use, as a central fileserver. This setup has saved me lots of time, some money, and prevented a lot of aggravation.

Requirements:A dedicated computer that you can leave on all the time, or at least will be on when any other computer in the network is being used. An extra hard drive. A linux distribution containing the Samba package. I have described a setup using Ubuntu linux (it's free). This most likely means the method would work for Debian GNU/linux as well.

Samba Background

Samba is a an open-source software package that runs on non-MS Windows machines that lets you communicate with Windows and Apple computer clients. It can work on linux-linux machines as well, but I'm of the opinion that the NFS Setup (Network File System is better for that task. There is a lot of documentation on the Samba website and included in the Samba package. Go to those places if you really want to learn the details.

***Do not use this method if you are concerned about protecting sensitive data***.

The Samba package for linux/UNIX is capable of enterprise-wide file sharing and handling different types of security authentication. The default setup is, in fact, very secure and it took me a while to figure out the settings for a "wide open" sharing setup. I have included a summary of the settings you need to make Samba INSECURE.

Description for "How-To" Samba Fileserver based on Ubuntu Linux

Using the Synaptic front-end to the apt-get package management tool, it is very easy to get Samba Server up and running. The problem is that Synaptic Package Manger is no longer instaled by default. If you are doing any web development at all on your computer, I suggest you install Synaptic.

Initial setup of Linux Samba file-server and Windows Samba cha-cha-cha client.

  • Linux Server: You need to have the Samba (server) package installed.

    me@myhost$ sudo apt-get install samba

  • Turn service on/off:

    me@myhost$ sudo smbd [start | stop | restart] me@myhost$ sudo nmbd [start | stop | restart]

  • In a user's home directory, create any directories (folders) that you want to share that are not created by Ubuntu by default. The file below should work with Ubuntu's default user folders "as is" after you fill in your USER_NAME.
  • Windows: In the control panel Networking section somewhere... "WORKGROUP" used to be the default workgroup name. Change it in the file below if yours is different.
  • See below for remaining options.

If you are sure the computers can talk to each other (ping), and you have installed the Samba server as described above, the only other thing you need to do is replace the file /etc/samba/smb.conf with the one below. Make sure you make a backup of this file by calling it smb.conf_ORIG or something and only work on the new one. For example, if you had the file in the grey box below in your home directory and it was named "smb.conf", then you could use these 3 commands.

me@myhost$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf_ORIG me@myhost$ sudo mv smb.conf /etc/samba/smb.conf me@myhost$ sudo smbd restart me@myhost$ sudo nmbd restart

Looks pretty simple, right? There is a huge amount of information for all of the modifications and security measures you can make to samba in the original smb.conf file. I tried working with it for a while and gave up. In some debian tutorial on samba, they gave a tiny sample file to test with and I worked from that. The file comment said, "Please for testing only", so this is your last reminder that this will make your files totally INSECURE.

# /etc/samba/smb.conf file for COMPLETELY INSECURE SHARING
# You need to replace each "USER_NAME" instance with your username
# You can use gedit Text Editor and menu choices Search... Replace

[global]
guest account = USER_NAME
map to guest = bad user
workgroup = WORKGROUP
server string = SambaServer
security = user
name resolve order = hosts lmhosts

[Documents]
path = /home/USER_NAME/Documents
guest ok = yes
read only = no

[Downloads]
path = /home/USER_NAME/Downloads
guest ok = yes
read only = no

[Music]
path = /home/USER_NAME/Music
guest ok = yes
read only = no

[Pictures]
path = /home/USER_NAME/Pictures
guest ok = yes
read only = no

[Public]
path = /home/USER_NAME/Public
guest ok = yes
read only = no

[Templates]
path = /home/USER_NAME/Templates
guest ok = yes
read only = no

[Videos]
path = /home/USER_NAME/Videos
guest ok = yes
read only = no

# This is not a Ubuntu default.
# You need to create a directory "Voice" to use.
# I use for lectures, foreign languages, etc.
# Delete the "#" symbols BELOW this line to activate sharing.
# [Voice]
# path = /home/USER_NAME/Voice
# guest ok = yes
# read only = no

# You don't need the lines below unless you develop websites
# [Websites]
# path = /home/USER_NAME/public_html
# guest ok = yes
# read only = no

Windows Clients: You should automatically be able to see the shares through the "Network" link. To make the files easier to access, I suggest you pin the folders you use to the "Quick Access" part of the file browser.

To arrange nightly backups:

  1. Add the linux 2nd Hard Drive to the file server.
  2. Choose a nice and easy "mount point" (location) for it like "/backup".
  3. Make it owned by your user:

    me@myhost$  sudo chown -R "USER_NAME" /backup me@myhost$  sudo chgrp -R "USER_NAME" /backup

  4. Create a text file (shell script) to execute the rsync program for each directory. A short example is below, or follow the details at the link for 2nd hard drive.

Contents of shell script "backup.sh". This is an example of a computer with 2 active users. Each user's entire home director is backed up. You need the trailing slash for the first location. Details at the link above.

rsync -av /home/USER_NAME1/   /backup/USER_NAME1 rsync -av /home/USER_NAME2/   /backup/USER_NAME2

Check the backup directory once in a while to clean up deleted files you are SURE you don't need. The -av options do NOT delete files. They update existing files to newer versions and add files not yet in the backup folder.

It is hard to describe how much easier computer networking / maintenance has been since I installed this setup. It has proven to be a big help.