What to do if “Network Discovery” does not turn on in Windows

Once I noticed on one of the computers that nothing was displayed in the network environment, and after selecting “Enable network discovery” in “Control Panel \ Network and Internet \ Network and Sharing Center \ Advanced Sharing Options”, the choice was still on “Disable network discovery”.
Continue reading “What to do if “Network Discovery” does not turn on in Windows”

View and configure sharing of files and folders Windows from the command line

I will give an example of some commands for setting up sharing of resources.

View shared resources:

net share

Deleting a shared resource:

net share <sharename> /delete

Sharing a folder:

net share sharename=C:\dir

Example of disconnecting users from the share:

net session \\pc1 /delete

To close an open network file, use the command:

net file file_id /close

An example of granting user rights to a file (N – not set, W – write, C – change, F – full access):

cacls file.txt /G User:w

To cancel user access to a share:

cacls /R User

We allow up to 5 users to simultaneously connect to a shared resource:

net share sharename /users:5

Example of caching settings from a share (manual/BranchCache/documents/programs/none):

net share myshare /cache:manual

I want to note that when opening a share to a resource in the firewall, the following ports should be opened: TCP 139, TCP 445, UDP 137, UDP 138.

See also my articles:
Installing and using the nbtscan network scanner
Some information about the virus encryptor Trojan.Encoder.12544 attacked 06/27/2017

The solution of the “System error 1231 has occurred” when connecting a network drive

I once needed to connect a network drive to make a backup copy of the system, but an error occurred when I executed the connection command:

C:\Users\Administrator>net use K:\\192.168.0.5\dir /persistent:no /user:name password
System error 1231 has occurred.
The network location cannot be reached. For information about network troublesho
oting, see Windows Help.

Later I determined that in the connection properties on the local network (also called Ethernet and Local Area Connection), the checkboxes for “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” were removed.

After I ticked these components and applied, the disk successfully connected:

C:\Users\Administrator>net use K:\\192.168.0.5\dir /persistent:no /user:name password
The command completed successfully.

Error 1231 can also be displayed if, for example, the Netbios ports are blocked on the firewall or on the provider’s equipment so that users do not see the shared disks.

See also my article – Installing and Configuring Samba on Linux

Solution WARNING: The “syslog” option is deprecated

I noticed once a warning in the /var/log/samba/log. file:

[2018/04/13 20:51:05.280655,  1] ../lib/param/loadparm.c:1629(lpcfg_do_global_parameter)
  WARNING: The "syslog" option is deprecated

As reported, the “syslog” option is obsolete, and to prevent the warning from appearing, it must be removed from the configuration.

I opened the configuration file in a text editor:

sudo nano /etc/samba/smb.conf

Found this option:

syslog = 0

And commented on it:

#syslog = 0

After the changes you need to restart samba, you can do this:

sudo service samba restart
sudo restart smbd
sudo restart nmbd

After that, the warning no longer appeared.

IPTables rules for Samba

To open access to Samba in IPTables, you must add four rules at once:

sudo iptables -A INPUT -p udp -m udp --dport 137 -j ACCEPT
sudo iptables -A INPUT -p udp -m udp --dport 138 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT

To only allow access to a particular network, for example 192.168.1.0/24:

sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT
sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT
sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT

To remove a rule, we’ll specify the same command, replacing -A with -D, for example:

sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT
sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT
sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT

To view the list of rules, use the command:

sudo iptables -nvL

See also my articles:
Configuring IPTables
Installing and Configuring Samba on Linux

Mikrotik SMB – file server configuration

I will use the Mikrotik RB951G-2HnD router as an example.

Connect the media to the USB router.
Let’s look at the status:

store disk print

Format it:

store disk format-drive 1

Reboot the router:

reboot

Add storage:

store add name=share disk=usb1 type=user-manager activate=yes comment="test"

Add share:

ip smb share add name=test max-sessions=15 directory=/test disabled=no comment="test share"

Example of disabling share:

ip smb share disable

Enabling smb:

enable smb

I will give examples of some commands:
ip smb print (view parameters)
ip smb set allow-guests yes/no (allows connection to guest users without entering a password, standard yes)
ip smb set comment TEXT (comment, standard MikrotikSMB)
ip smb set domain NAME (setting the name of the workgroup, standard MSHOME)
ip smb set enabled yes/no (SMB on/off, standard no)
ip smb set interfaces all/wlan1/bridge-local/… (installation of interfaces on which SMB will be started, standard all)

ip smb users add read-only=no name=LOGIN password=PASSWORD disabled=no (user creation)
ip smb users disable (disabling the user)
ip smb users enable (user activation)
ip smb users print (view the list of users)
ip smb users remove (deletion of the user)
ip smb users set read-only=no name=LOGIN password=PASSWORD (user change)

ip smb share enable
ip smb share print (view share list)
ip smb share remove
ip smb share set (changing the parameters of the share)

To get help, use the “?” character on the command line.
To go to the level above – “..”.

Example of configuring the firewall for smb:

add action=accept chain=input disabled=no dst-port=137-138 protocol=udp src-address-list=smb-allow
add action=accept chain=input disabled=no dst-port=137,139 protocol=tcp src-address-list=smb-allow
ip firewall address-list add address=1.1.1.1 disabled=no list=smb-allow

Official documentation:
wiki.mikrotik.com/wiki/Manual:IP/SMB
wiki.mikrotik.com/wiki/Manual:Store

You can also connect a hard drive to the router via the USB-SATA adapter.

How to troubleshoot Samba autorun in Linux?

I installed and configured Samba once on the next Ubuntu Server 14.04.5 LTS as described in this article Installing and Configuring Samba in Linux.

And after restarting the system, not everything was started, smbd and nmbd were started, if they can be restarted like this:

sudo restart smbd
sudo restart nmbd

But you can not connect to the disk and you still had to execute the command:

sudo service samba start

For samba to automatically start at system startup, execute the following command:

sudo update-rc.d samba defaults

Done.

Installing system-config-samba

system-config-samba – a simple application for configuring samba with a graphical interface.

Installing by the command:

sudo apt-get install system-config-samba

Running:

sudo system-config-samba

Allows you to add shared folders, samba users, assign permissions to folders, etc., all changes are saved to samba configuration files.

See also:
Installing and Configuring Samba on Linux

Monitoring Samba in Zabbix

I will give an example of monitoring the number of running Samba processes, as well as creating a triggering trigger when there are no running processes.
In a system with Samba, a Zabbix agent must be installed.
See my popular articles about Zabbix.

Create a template, for example, with a name “Template Service Samba” and add the following data item to it:

Name: Number of processes nmbd
Type: Zabbix agent
Key: proc.num[nmbd]

Similarly, we create for smbd.
You can also create data items that represent the amount of memory used by the process, in which case the key will look like this:

proc.mem[nmbd,,sum]

And also add graphics for them.

Now add a trigger for each process to see when the process is not running:

Name: Does not work nmbd on {HOST.NAME}
Expression: {Template Service Samba:proc.num[nmbd].max(1)}<1

Done.