Howto: Quickly & Easily Setup Samba filesharing with windows for Ubuntu

Before you install Samba you first need to make sure that the computer that you will be transferring files to has a static IP address, if possible. If you have a true router, it should let you modify the DHCP settings such that your machines are given fixed leases. If you're a cheapskate and you went with your ISP's router (like we did), chances are this option's not available to you. In this case, you'll still be able to use Samba, but because you're not guaranteed that your Linux box (or your Windows computer, for that matter) will have the same IP address every day (because most routers set DHCP to renew the lease every 24 hours) you may have to configure both machines to "see" each other every time you want to share files. If you don't have to use Samba that much this may not bother you, but it's definitely impractical in a business environment :)

With this out of the way we can install Samba:


sudo aptitude -V install samba smbfs
Now we have to configure Samba, like so:


cd /etc/samba/
sudo mv -f smb.conf smb.conf.old
sudo nano smb.conf # or gksu gedit smb.conf, or kdesu kate smb.conf

Copy and paste the following and place it into the file (you can remove comments if you want)


netbios name = ... ;; Hostname (open a command prompt; it's the part after the @).
;; Also called "Computer Name" in Windows.
server string = ... ;; Description of host.
workgroup = ... ;; Name of home network (make sure it's the same as whatever you set in Windows).

;;; Don't quite know what these do but I'm sure they're important:
announce version = 5.0

passdb backend = tdbsam ;; The format Samba password info is stored in (don't have to touch).
security = user ;; Type of security (don't have to touch either).
null passwords = true ;; You want this b/c many people leave their passwords blank.
username map = /etc/samba/smbusers ;; Can leave alone (we won't be editing this anyway).
name resolve order = hosts wins bcast ;; Don't know what this does.

wins support = no ;; Affects the address used to access the share folder on the Windows machine -- makes it
;; possible to enter "\\COMPUTER_NAME\public" instead of "\\\public"
;; (only works if you have a static IP).

syslog = 1
syslog only = yes

[SHARENAME] ; The name of the share folder as visible by Windows (see note below)
comment = ... ;; Name that will appear when you run "net view" in Windows.
path = ... ;; The share folder on this machine.
browseable = yes ;; Whether or not users on the other end can browse the share folder.
read only = no ;; Whether or not users on the other end can change its contents.
create mask = 0777 ;; Affects the permissions of the files that be given to files that come in from a Windows.
;; machine. The DOS-permissions are bitwise-AND'ed with the setting here to obtain the end permissions.
directory mask = 0777 ;; Same as above, except applies to directories.
force user = ... ;; Who will end up owning the files that come in. Probably best to just use your username, since you're the one who'll be accessing this stuff :)
force group = ... ;; You can make this the same as the last.
case sensitive = yes ;; Make sure that Windows knows that "FILE" and "file" are *not* the same :)
fstype = Samba ;; This will show up in the sidebar in Windows, it doesn't really affect anything.

(Note that you want to replace SHARENAME above with something else, such as public. The address that you'll have to enter in Windows to access the share folder will come from this value.)

(Also, you can learn more about smb.conf here.)

To make sure that you got the config file right, you can run:


Now, we need to create users just for Samba:


sudo smbpasswd -a USERNAME # Now Samba knows about this user.
sudo smbpasswd -e USERNAME # Now the user is enabled.

Make sure that USERNAME refers to an actual user on your Linux box. You can either create a dummy user to use just for Samba, or you can use your username.

Now. In Windows, pull up My Computer (or just Computer if you so happen to be using Vista) and Tools -> Map a Network Drive, entering something like this for the address: \\YOUR.IP.ADDRESS\SHARENAME, where YOUR.IP.ADDRESS is the IP address of your computer (which you can check by running ifconfig) and SHARENAME is whatever you entered in smb.conf (see above). Windows should ask you for a username and password. Enter the same ones that you just made when you ran smbpasswd. If you configured everything correctly, you should be presented with the share folder.

One last thing we need to do though: configure your firewall software. But I don't have any firewall software installed, you ask. Well, it seems you actually do: Ubuntu comes preinstalled with iptables, which is (as I understand it, at least) like a firewall in that it controls what comes in and what goes out. I'm not sure what sort of settings iptables has by default (I think they get autoconfigured when you first install Ubuntu), but it's likely that it's not going to allow you to connect out through Samba.

Let's just find out, though. Go ahead and run this command:


sudo aptitude -V install firestarter
This installs Firestarter, which is an interface to iptables. Then, go to System -> Administration -> Firestarter (or, if you're not using GNOME, bring up a terminal and run firestarter), and after entering your password, click on the Events tab. Then bring up your share folder in Nautilus (or Konqueror, or whatever you use).

Now switch to your Windows machine and try to copy some files into there. Windows will try to do it but it's probably gonna spit out an error after about 30 seconds. Now switch back to your Linux machine and check the Firestarter window. Do you see some messages in there -- something like this?


|Time | Port | Source | Protocol | Service |
|Aug 17 21:34:12 | 138 | | UDP | Samba (SMB) |
|Aug 17 21:37:05 | 137 | | UDP | Samba (SMB) |

(there may be other kinds of messages -- sorry, I didn't capture this right away)

These entries represent attempts by Windows to communicate with your Linux box, but Firestarter prevented that from happening. Let's show it who's boss. Switch to the Policy tab, pull-down the drop-down menu there, and choose Inbound traffic policy. Right-click within the first pane ("Allow connections from host") and choose Add Rule. In the text field, enter the IP address of the Windows machine (you can get this by pulling up Command Prompt and running ipconfig /all), and press OK. Then right-click within the second pane and choose Add Rule. Pull down the Name menu and choose Samba (SMB); the Port field should be updated automatically (to 137-139 445). For When the source is choose Anyone. Press OK. Now choose Outbound traffic policy from the dropdown menu, and follow the same steps as for inbound traffic.

Now you should be set! Try it out by switching back to your Windows machine and moving a file there. It should show up in your share folder on your Linux machine... magic, huh?


Clicky Web Analytics