A correct method of configuring Samba for browsing SMB shares in a homenetwork

October 17, 2016 Leave a comment

SMB

SMB (Server Message Block) is the underlying protocol that Microsoft windows computers use to connect to resources, such as file shares and printers, and to transfer information when the connections are established. Samba is the linux implementation of SMB that allows file and printer information to be transferred between Windows and Linux computers. An early variant of the SMB protocol is known as ‘CIFS’ (Common Internet File System). CIFS is actually obsolete, so the correct term to use these days is ‘SMB’ (see the blog post Why You Should Never Again Utter The Word, "CIFS" ), although ‘CIFS’ is still used sometimes when referring to SMB.

Terminology

You are likely to come across several terms when reading about Samba, such as NetBIOS , Active Directory (AD), Lightweight Directory Access Protocol (LDAP), Kerberos , Windows Internet Name Service (WINS) and Winbind , to name but a few. Most are used in larger corporate or enterprise networks but you can ignore most of them only NetBIOS name resolution or WINS are necessary to configure Samba in small home networks . For example, my home network uses NetBIOS name resolution and sometimes has up to 15 devices connected (Linux, Windows7/10, macOS, Android and iOS), all of which can browse file shares using SMB/Samba.

Note: You should not use NetBIOS name resolution and WINS at the same time .

To explain the terminology Active Directory is a central database of user accounts and passwords used primarily in Windows networks to authenticate users, and LDAP is the protocol that clients and servers use to access the Active Directory database. Kerberos is a separate encrypted authentication mechanism used for client-server applications, such as computers that access a specific file or web server, or SQL database. WINS is a mechanism for storing computer name to IP address mappings on a central server the WINS Server. Computers in a LAN interrogate the WINS server to obtain the IP addresses of other computers. It’s a bit like DNS except that the WINS Server stores Windows computer names rather than URLs or domain names. Winbind is a Unix/Linux mechanism that allows Windows NT accounts to look like a Unix service to Unix / Linux machines.

NetBIOS

How is NetBIOS relevant to Samba? Samba uses NetBIOS in three different ways:

NetBIOS over UDP Port 137 to advertise computer names for name to IP address resolution; NetBIOS over UDP Port 138 to advertise services that the computer offers and to elect a ‘Master Browser’ (explained below); SMB over NetBIOS over TCP/IP Port 139 to connect to file shares or printers. Once connected, the computers may negotiate using SMB direct over TCP/IP Port 445 to improve efficiency of the connection.

NetBIOS over UDP (Port 137)is a connectionless broadcast protocol that Windows machines use to advertise over the LAN their names and corresponding IP addresses. Other computers receive the broadcasts and cache the names and IP addresses in a name to IP address mapping table.

NetBIOS over UDP (Port 138)is a connectionless broadcast protocol that Windows machines use to advertise their eligibility to become the network’s Master Browser or Backup Browser. An automatic election process elects only one machine in the LAN to become the Master Browser and one or more Backup Browsers. The Master Browser and Backup Browser(s) collate a list of all the computers in the LAN and the services that they offer. It is more efficient for a single computer to assume the master role and to collate the information than it is for the information to remain distributed. When you click on ‘Network’ in the ‘File Explorer Network Neighbourhood’, your computer interrogates the Master Browser to obtain a list of the Windows Workgroup in the LAN, the members of the Workgroup(s) and the file and printer services that each member offers. If the Master Browser fails, a re-election takes place and a new Master Browser is elected from the list of Backup Browsers. You can configure the ‘priority’ of your Samba server so that it is more or less likely to be elected the Master Browser for the LAN.

SMB over NetBIOS over TCP/IP (Port 139)is a connection orientated protocol that Windows computers use to connect to file shares and printers, to retrieve directory listings and to transfer files. Having obtained a list of computers and file shares from the Master Browser, if you click on a particular file share to connect to it, your computer looks up the name of the target computer in the local name table, obtains the target computer’s IP address and initiates a SMB over NetBIOS over TCP/IP connection to it. The target computer then issues a username and password prompt for you to complete the connection. If authentication is successful, the SMB protocol is used to transfer a directory listing of the contents of the share. If you drag and drop a file from the share to your local machine, or vice-versa, SMB is used to transfer the file. Behind the scenes, during the initial connection set-up, your computer and the target carry out a negotiation. If both machines support SMB direct over TCP/IP, the directory listing and subsequent file transfer are transported using SMB over TCP/IP Port 445. This is much more efficient because it eliminates completely the NetBIOS overhead.

When you install and configure Samba on a Linux computer, the ‘ smbd ‘ and ‘ nmbd ‘ daemons enable all of the functionality above. In a small network you do not need to enable or use AD, LDAP, Kerberos, WINS, Winbind or anything else for that matter. Samba and its built-in NetBIOS mechanisms will allow you to participate in a Windows Workgroup environment to share and use folders, files and printers.

Workgroups

The majority of Windows computers running in home networks are configured, by default , in a single Workgroup. A Workgroup is a simple way for computers in small networks to advertise and share resources, such as folders and printers, with other members of the same group. You can configure multiple Workgroups in the same LAN but each computer can belong to only one Workgroup. The theory is that different computers can share different resources within their group.

Please Note: A Windows Workgroup is not the same thing as a Windows

本文系统(linux)相关术语:linux系统 鸟哥的linux私房菜 linux命令大全 linux操作系统

主题: WindowsLinuxSQLAndroidiOSCIFWord
分页:12
转载请注明
本文标题:A correct method of configuring Samba for browsing SMB shares in a home network
本站链接:http://www.codesec.net/view/483860.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(linux) | 评论(0) | 阅读(23)