ComputerSecurityStudent (CSS) [Login] [Join Now]

|UNIX >> Fedora >> Current Page |Views: 20418

(Fedora: Lesson 11)

{ Basic Samba Configuration }

Section 0. Background Information
  • What is Samba? 
    • The name Samba comes from SMB (Server Message Block), the name of the standard protocol used by the Microsoft Windows network file system. SMB is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.


    • Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member.


    • It can also be part of an Active Directory domain.  


    • Samba runs on most Unix and Unix-like systems, such as GNU/Linux, Solaris, AIX and the BSD variants, including Apple's Mac OS X Server (which was added to the Mac OS X client in version 10.2).



Section 1. Play Virtual Machine
  1. Play virtual machine. (See Below)


Section 2. Login to your Fedora14 server.
  1. Login As student


  2. Start Up A Terminal.
    • Applications --> System Tools --> Terminal


  3. Switch User to root
    • Command: su - root


Section 3. Prerequisite Samba RPMs
  1. Prerequisite Samba RPMs
    • Required:
      1. samba
      2. samba-client
      3. samba-common
      4. samba-config-samba
    • Command: yum install "samba" "samba-client" "samba-common" "system-config-samba"


  2. Install samba rpm's
    • Command: Type "y", and hit enter


  3. Verify Installation Results
    • Note: Just take note of what is getting installed along with the completion notice.



Section 4. Create a Samba User Account
  1. Create a samba UNIX user account called student.
    • Note: If you already have a Unix Username account called student on your machine, then skip this step and proceed to section 5.
    • Command: useradd -m -d /home/student -c "Student" -s /bin/bash student


  2. Set the student unix password
    • Command: passwd student
    • Note: This password will not be the student password, but it will be the unix password.


Section 5. Using the system-config-samba utility
  1. Start up the system-config-samba utility
    • Command: System --> Administration --> Samba


  2. Samba Configuration Authentication.
    • Command: Supply the root password


  3. Configure Workgroup Name
    • Command: Preferences --> Server Settings


  4. Name the Workgroup
    • Command:
      1. Change the workgroup name to whatever you like.  In my case, I named it "area51".
      2. Click on the Secure Tab
    • Note: How to set these directives in the /etc/samba/smb.conf file.
      1. The samba configuration file is located at /etc/samba/smb.conf
      2. If you don't have access to this GUI, then you can set the workgroup directive to
        • workgroup = area51


  5. Security Workgroup Configuration
    • Command:
      1. Authentication Mode: User
      2. Encrypt Passwords: Yes
      3. Guest Account: No guest Account
      4. Click on OK.
    • Note: How to set these directives in the /etc/samba/smb.conf file.
      1. encrypt passwords = yes
      2. guest account = no


  6. Security Workgroup Configuration
    • Command: Preferences --> Samba Users


  7. Create a Samba User
    • Command: Click on the Add User Button


  8. Create a Samba User
    • Command:
      1. Select the Unix student Username you created earlier.
      2. Type in the Windows Username you want associated in with the Unix student Username.
      3. Create a samba password associated with the Unix student Username.
      4. Click OK


  9. Click OK


  10. Add a Samba Share
    • Command: File --> Add Share


  11. Create Samba Share
    • Command: Click on the Choose Button


  12. Selecting a Folder
    • Command:
      1. Click on File System
      2. Click on tmp
      3. Click on the OK button


  13. Selecting a Folder
    • Command:
      1. Folder: /tmp
      2. Share name: tmp
      3. Description: Samba tmp share
      4. Click on the Writable Check Box and on the Visible Check Box
      5. Click on the Assess Tab
    • Note: How to set these directives in the /etc/samba/smb.conf file.
      1. path = /tmp
      2. [tmp]
      3. comment = Samba tmp share
      4. Writable and Visible
        1. read only = no
        2. browseable = yes
      5. valid users = student


  14. Give Access to the student username
    • Command:
      1. Check the student check box
      2. Click OK


  15. Viewing your samba share
    • Instructions: After you completed the above step, you should see the below tmp share name.


Section 6. Configuring the Firewall for samba
  1. Configure the Firewall.
    • Command: System --> Administration --> Firewall


  2. Click Close


  3. Provide the root password
    • Command:
      1. Provide the root password
      2. Click on Authenticate


  4. Select Samba
    • Command:
      1. Check the Samba checkbox
      2. Click the Apply Green Checkmark


  5. Click Yes


Section 6. Configure Samba Startup Scripts
  1. Check Samba Start Up Scripts
    • Command: chkconfig --list smb
    • Note: Notice all start up scripts are off.


  2. Create a samba start up script for run level 3.
    • Command: chkconfig --level 3 smb on
      • This creates the start up script.
    • Command: chkconfig --list smb
      • Notice there is a "on" after the number 3.


  3. Verify Samba is Running.
    • Command: ps -eaf | grep -v grep | grep smb


Section 8. Determine IP Address of Samba Server
  1. Discover Samba Server's IP Address
    • Command: ifconfig -a


Section 9. Connect a Windows Machine to the Samba Share
  1. Start up WindowVulnerable01
    • Note: For those of you not in my class, this is a Windows XP VMware machine.  Just make sure your Windows machine is on the same network as your Samba Server.


  2. Make sure your Windows Machine has a network connection
    • Command: Start --> Command Prompt


  3. Make sure your Windows Machine has a network connection
    • Command: Start --> Command Prompt
    • Note: Verify you have an IP Address.  Note, your IP address will probably be different.


  4. Click on My Network Places
    • Command: Start --> My Network Places


  5. Access the Samba Server
    • Note: In the address bar, place the IP address of the Samba server you obtained in Section 8, Step 1.
    • Command: \\ (See Below)
    • Command: Press Enter
    • Command: Enter the Samba Username and Password you set up in Step 8, Section 5.


  6. Access the Samba Share
    • Command: Double Click on the tmp share.


  7. Viewing the tmp share
    • Note: You are now inside of the tmp share.


  8. Create a directory in the samba tmp share.
    • Command: File --> New --> Folder


  9. Create a student directory
    • Command: Name the new directory "student".




Section 10. Connect a Windows Machine to the Samba Share
  1. On the Samba Server
    • Command:
      1. cd /tmp/student
      2. echo "Hello Samba" >> hello_samba.txt
      3. ls -l hello_samba.txt
    • Proof of Lab
      • Paste a Print Screen into a word document and submit to Moodle.


  2. On the Windows Machine
    • Note: Notice the hello_samba.txt file that you created on the Samba Server shows up in this window as well.


Section: Proof of Lab
  1. Cut and Paste a screen shot of Section 10, Step 1 into a word document and upload to Moodle. 


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth