I will give an example of setting up detailed logs of Samba, the logs can save the client’s IP address, its action, the hostname, as well as many other debugging information.Continue reading “Detailed logs in Samba”
Installing on Linux Ubuntu / Debian:Continue reading “Installing and configuring Samba”
Once I noticed a message in /var/log/samba/log on one of the servers with samba:Continue reading “Samba warning solution “rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)””
Once I noticed on one of the computers that nothing was displayed in the network environment, and after selecting “Enable network discovery” in “Control Panel \ Network and Internet \ Network and Sharing Center \ Advanced Sharing Options”, the choice was still on “Disable network discovery”.
Continue reading “What to do if “Network Discovery” does not turn on in Windows”
I will give an example of some commands for setting up sharing of resources.
View shared resources:
Deleting a shared resource:
net share <sharename> /delete
Sharing a folder:
net share sharename=C:\dir
Example of disconnecting users from the share:
net session \\pc1 /delete
To close an open network file, use the command:
net file file_id /close
An example of granting user rights to a file (N – not set, W – write, C – change, F – full access):
cacls file.txt /G User:w
To cancel user access to a share:
cacls /R User
We allow up to 5 users to simultaneously connect to a shared resource:
net share sharename /users:5
Example of caching settings from a share (manual/BranchCache/documents/programs/none):
net share myshare /cache:manual
I want to note that when opening a share to a resource in the firewall, the following ports should be opened: TCP 139, TCP 445, UDP 137, UDP 138.
I once needed to connect a network drive to make a backup copy of the system, but an error occurred when I executed the connection command:
C:\Users\Administrator>net use K:\\192.168.0.5\dir /persistent:no /user:name password System error 1231 has occurred. The network location cannot be reached. For information about network troublesho oting, see Windows Help.
Later I determined that in the connection properties on the local network (also called Ethernet and Local Area Connection), the checkboxes for “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” were removed.
After I ticked these components and applied, the disk successfully connected:
C:\Users\Administrator>net use K:\\192.168.0.5\dir /persistent:no /user:name password The command completed successfully.
Error 1231 can also be displayed if, for example, the Netbios ports are blocked on the firewall or on the provider’s equipment so that users do not see the shared disks.
See also my article – Installing and Configuring Samba on Linux
I noticed once a warning in the /var/log/samba/log. file:
[2018/04/13 20:51:05.280655, 1] ../lib/param/loadparm.c:1629(lpcfg_do_global_parameter) WARNING: The "syslog" option is deprecated
As reported, the “syslog” option is obsolete, and to prevent the warning from appearing, it must be removed from the configuration.
I opened the configuration file in a text editor:
sudo nano /etc/samba/smb.conf
Found this option:
syslog = 0
And commented on it:
#syslog = 0
After the changes you need to restart samba, you can do this:
sudo service samba restart sudo restart smbd sudo restart nmbd
After that, the warning no longer appeared.
To open access to Samba in IPTables, you must add four rules at once:
sudo iptables -A INPUT -p udp -m udp --dport 137 -j ACCEPT sudo iptables -A INPUT -p udp -m udp --dport 138 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT
To only allow access to a particular network, for example 192.168.1.0/24:
sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
To remove a rule, we’ll specify the same command, replacing -A with -D, for example:
sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
To view the list of rules, use the command:
sudo iptables -nvL
I will use the Mikrotik RB951G-2HnD router as an example.
Connect the media to the USB router.
Let’s look at the status:
store disk print
store disk format-drive 1
Reboot the router:
store add name=share disk=usb1 type=user-manager activate=yes comment="test"
ip smb share add name=test max-sessions=15 directory=/test disabled=no comment="test share"
Example of disabling share:
ip smb share disable
I will give examples of some commands:
ip smb print (view parameters)
ip smb set allow-guests yes/no (allows connection to guest users without entering a password, standard yes)
ip smb set comment TEXT (comment, standard MikrotikSMB)
ip smb set domain NAME (setting the name of the workgroup, standard MSHOME)
ip smb set enabled yes/no (SMB on/off, standard no)
ip smb set interfaces all/wlan1/bridge-local/… (installation of interfaces on which SMB will be started, standard all)
ip smb users add read-only=no name=LOGIN password=PASSWORD disabled=no (user creation)
ip smb users disable (disabling the user)
ip smb users enable (user activation)
ip smb users print (view the list of users)
ip smb users remove (deletion of the user)
ip smb users set read-only=no name=LOGIN password=PASSWORD (user change)
ip smb share enable
ip smb share print (view share list)
ip smb share remove
ip smb share set (changing the parameters of the share)
To get help, use the “?” character on the command line.
To go to the level above – “..”.
Example of configuring the firewall for smb:
add action=accept chain=input disabled=no dst-port=137-138 protocol=udp src-address-list=smb-allow add action=accept chain=input disabled=no dst-port=137,139 protocol=tcp src-address-list=smb-allow ip firewall address-list add address=188.8.131.52 disabled=no list=smb-allow
You can also connect a hard drive to the router via the USB-SATA adapter.
I installed and configured Samba once on the next Ubuntu Server 14.04.5 LTS as described in this article Installing and Configuring Samba in Linux.
And after restarting the system, not everything was started, smbd and nmbd were started, if they can be restarted like this:
sudo restart smbd sudo restart nmbd
But you can not connect to the disk and you still had to execute the command:
sudo service samba start
For samba to automatically start at system startup, execute the following command:
sudo update-rc.d samba defaults