Библиотека сайта rus-linux.net
Chapter 3. Configuring Windows Clients
Configuring Windows to use your new Samba server is really quite simple. SMB is Microsoft's native language for resource sharing on a local area network, so much of the installation and setup on the Windows client side have been taken care of already.
Windows Networking Concepts
Windows is different from Unix in many ways, including how it supports networking. Before we get into the hands-on task of clicking our way through the dialog boxes to configure each version of Windows, we need to provide you with a common foundation of networking technologies and concepts that apply to the entire family of Windows operating systems.
For each Windows version, these are the main issues we will be dealing with:
-
Making sure required networking components are installed and bound to the network adapter
-
Configuring networking with a valid IP address, netmask and gateway, and WINS and DNS name servers
Components
Unix systems historically have been monolithic in nature, requiring recompilation or relinking to create a kernel with a customized feature set. However, modern versions have the ability to load or unload device drivers or various other operating-system features as modules while the system is running, without even needing to reboot.
Windows allows for configuration by installing or uninstalling components. As far as networking goes, components can be one of three things:[1]
-
Protocols
-
Clients
-
Services
Since Samba works using the TCP/IP protocol, of course we'll want to have that installed. In some cases, we also will want to find protocols to uninstall. For example, if Netware protocol (IPX/SPX) is not required on the network, it might as well be removed.
NetBEUI protocol should be removed if possible. Having NetBEUI running at the same time as NetBIOS over TCP/IP causes the system to look for services under two different protocols, only one of which is likely to be in use. When Windows is configured with one or more unused protocols, 30-second delays will result when Windows tries to communicate with the unused protocol. Eventually, it times out and tries another one, until it finds one that works. This fruitless searching results in terrible performance.
The other two items in the list, client and service components, are pretty much what you'd expect. Client components perform tasks related to connecting with network servers, and service components are for making the local system into a server of resources on the network. In Chapter 1 we told you that SMB systems can act as both clients and servers, offering resources on the network at the same time they request resources. In accordance with that, it is possible to install a component for SMB client services and, separately, a service component that allows file and printer shares on the local system to be accessible from other systems on the network.
Bindings
Once a networking component is installed, it must be bound to a hardware interface, or adapter, to be used on the network. At first this might seem like an odd complication; however, it is a conceptual model that allows the associations between hardware and software to be clearly displayed and easily modified through a graphical interface.
IP Address
Just like any Unix system (or any other system that is using TCP/IP), your Windows systems will need an IP address. If you are using DHCP on your network, you can configure Windows to obtain its IP address automatically by using a DHCP server. Otherwise, you will need to assign a static IP address manually along with a netmask.[2]
If you are on a private network where you have the authority to assign your own IP addresses, you can select from addresses in one of three ranges:[3]
-
10.0.0.1 through 10.255.255.254
-
172.16.0.1 through 172.31.255.254
-
192.168.0.1 through 192.168.255.254
These address ranges are reserved for private networks not directly connected to the Internet. For more information on using these private network addresses, see RFC 1918.
If you're not maintaining your own separate network, see your system administrator for some available addresses on your network, as well as for the proper netmask to use.
You should also be prepared to enter the IP address of the default gateway for the network. In some networks, the default gateway is the system or router that connects the LAN to the Internet. In other cases, the default gateway connects a subnet into a larger departmental or enterprise network.
Name Resolution
Name resolution is the function of
translating human-friendly hostnames, such as
hopi, or fully qualified domain names (FQDNs),
such as mixtec.metran.cx, into IP addresses, such
as 172.16.1.11 or 172.16.1.7.
Unix systems can perform name resolution using an /etc/hosts file at the minimum, and more commonly can also incorporate services such as DNS (Domain Name System) and NIS (Network Information Service). Thus, name resolution is not necessarily performed by one isolated part of the operating system or one daemon, but is a system that can have a number of dispersed parts (although the name service switch, with its /etc/nsswitch.conf configuration file, helps to tie them together).
Broadcast name resolution
On the other hand, there is one way in which Windows is not at all similar to Unix. If a Windows workstation is set up with no WINS name server, it will use the broadcast method of name resolution, as described in Chapter 1,[4] probably resulting in a very busy network. And even if you provide name servers for your Windows system to use, it might still resort to broadcast name resolution if it is unsuccessful at querying the name servers. For this reason, we recommend that you provide multiple reliable name servers for your Windows computers on the network.
If that weren't enough to get you interested in setting up WINS and DNS servers, broadcast name resolution is usually limited to working on the local subnet because routers are usually configured not to forward broadcast packets to other networks.
WINS
We've already told you about WINS in Chapter 1, and we don't have much more to say about it here. WINS can translate simple NetBIOS computer names such as huastec or navajo into IP addresses, as required on an SMB network. Of course, the interesting thing here is that Samba can act as a WINS server if you include the line:
wins support = yes
in your Samba server's smb.conf file. This can be a good thing, to be sure, and we highly recommend it. Not only will you have a reliable WINS server to reduce the number of broadcast packets, but you won't need to run Windows NT/2000/XP to get it.
WARNING
One caveat about using Samba as a WINS server is that Samba (up to Version 2.2, at least) cannot synchronize with other WINS servers. So if you specify a Samba server as your Windows system's WINS server, you must be careful not to specify any additional (i.e., secondary) WINS servers. If you do, you are likely to run into problems because the servers will not be able to synchronize their databases with each other. In Samba's defense, if you are using a Samba WINS server (running on a typically reliable Unix host), you will probably have little need for a secondary WINS server anyway.
LMHOSTS
All Windows versions support a backup method of name resolution, in the form of a file called LMHOSTS [5] that contains a lookup table of computer names and IP addresses. This exists for "historical purposes," and is a rather awkward method of name resolution because it requires the administrator (i.e., you!) to keep copies of LMHOSTS up to date on every single Windows system on the network. To be fully effective, LMHOSTS would have to be updated every time a new system were added to (or removed from) the network. Of course, there might be ways to automate that process, but a better option would be simply to run a WINS name server that is intentionally designed to solve that specific problem.
There are perhaps a couple of reasons why you might want to bother with LMHOSTS files. In rare situations, there might be no WINS server on the network. Or maybe a WINS server exists, but it's unreliable. In both cases, if the Windows system has a valid LMHOSTS file, it can help to avoid your network bogging down from those dreaded broadcast name queries.
The format of the LMHOSTS file is simple and similar to the /etc/hosts file with which you might be familiar from running Unix systems. Here are the contents of a sample LMHOSTS file:
172.16.1.1 toltec 172.16.1.2 aztec 172.16.1.3 mixtec 172.16.1.4 zapotec 172.16.1.5 huastec 172.16.1.6 maya 172.16.1.7 olmec 172.16.1.8 chichimec 172.16.1.11 hopi 172.16.1.12 zuni 172.16.1.13 dine 172.16.1.14 pima 172.16.1.15 apache 172.16.1.21 inca 172.16.1.22 qero
As you can see, the format is like that of
/etc/hosts, except that instead of an FQDN
(e.g., toltec.metran.cx), only a NetBIOS computer
name (toltec) is given. One way to create an
LMHOSTS file for your Windows systems is to copy
a /etc/hosts file and edit out the parts you
don't need. This will work great if your network
doesn't have a DNS (or NIS) name server and the Unix
system is dependent on /etc/hosts for its own
name service. But if your Unix system is querying a DNS server (which
is the most frequent case on anything larger than the very smallest
networks), you would be better advised to look in the DNS
server's configuration files for your source of
computer names and IP addresses.
If you do not have administrative access to your network's DNS server, you might be able to use tools such as nslookup, nmap, and dig to query the server and obtain the information you need.
DNS
The DNS
is responsible for translating human-readable, Internet-style
hostnames such as pima.metran.cx or
sales.oreilly.com into IP addresses.
To find the address of your DNS server, look at the file /etc/resolv.conf on your Samba server or any other Unix system on the local network that is using DNS. It looks like the following:
#resolv.conf domain metran.cx nameserver 127.0.0.1 nameserver 172.16.1.53
In this example, the first name server in the list is 127.0.0.1,
which indicates that the Samba server is also a DNS server for this
LAN.[6] In that case, you would use its network IP
address (not 127.0.0.1, its localhost address)
for your DNS server when configuring Windows. Otherwise, use the
other addresses you find in the lines beginning with
nameserver. Try to select ones on your own
network. Any name servers listed in
/etc/resolv.conf should work, but
you'll get better performance by using a server
nearby.
HOSTS
Similar to how the LMHOSTS file can be added to supplement WINS, the HOSTS file on a Windows system can be optionally added to supplement DNS name resolution. Most of our comments regarding LMHOSTS also apply here.
On Windows 95/98/Me, the HOSTS file goes in the Windows installation directory, which is usually C:\Windows. Note that a file called hosts.sam is already there, which is a sample HOSTS file provided by Microsoft.
Passwords
Unix systems use username and password pairs to authenticate users either on a local system or in an NIS domain. Windows NT/2000/XP are very similar; a user supplies his username and password to log on to the local system or to a Windows domain.
Samba's default user-level authentication in a workgroup is different from that of Windows. To access shares on the Samba host, users are required to supply a valid username and password for an account on the Samba host. This will be discussed in more detail in Chapter 9.
An unfortunate complication arises with passwords. In the first release of Windows 95 and in Windows NT 4.0 with Service Pack 2 (SP2) or less, as well as in all previous versions of Windows, passwords are allowed to be sent over the network in plain text. But in Windows 95 with the network redirector update,[7]
Windows NT 4.0 SP3 or later, and all subsequent releases of Windows, a registry setting must be modified to enable plain-text passwords. These more modern versions of Windows prefer to send encrypted passwords, and if you are working with one of them (and don't want to have to modify the registry), you must have the line:
encrypt passwords = yes
in the [global] section of your
smb.conf file. In addition, you must run the
command:
#smbpasswd -a username
for each user on the Samba host to add their passwords to Samba's collection of encrypted passwords. We showed you how to do this in Chapter 2.
If your first attempt to access a Samba share results in a dialog box
asking for a password for
IPC$, as shown in Figure 3-1, it is probably because you neglected either
or both of these two steps, and the Samba server did not recognize
the encrypted password that the Windows system sent to it. Another
possible dialog box that might come up is the one shown in Figure 3-2, which was presented by a Windows 2000 client.
Figure 3-1. Windows 98 asking for IPC$ password
Figure 3-2. Windows 2000 logon error dialog
TIP
Keep in mind that we are continuing our example from Chapter 2, in which we are setting up a very simple prototype network using a workgroup that has very lax security. After you have the basics working, we recommend you continue with later chapters to learn how to implement both better security and a Samba domain.
Setting Up Windows 95/98/Me Computers
The Windows 95/98/Me operating systems are very similar to each other, and as far as this chapter is concerned, it is possible to treat them with a common set of directions.
Setting Up the Network
To make sure both services are installed on your Windows system, double-click the Network icon in the Control Panel to open the Network dialog box, as shown in Figure 3-3.
Figure 3-3. The Windows 95/98/Me Network dialog
You should see at least the Client for Microsoft Networks component installed on the system, and hopefully a networking device (preferably an Ethernet card) bound to the TCP/IP protocol. If there is only one networking hardware device, you'll see the TCP/IP protocol listed below the device to which it is bound, as shown in Figure 3-1.
You might also see "File and printer sharing for Microsoft Networks," which is used to make the system into a server. In addition, you might see NetBEUI or Novell Networking. Definitely remove NetBEUI unless you are sure you need it, and if you don't have any Novell servers on your network, you can remove Novell (IPX/SPX) as well. To remove a service, simply click its name and then click the Remove button.
Adding TCP/IP
If you don't see TCP/IP listed, you'll need to install the protocol.
You can add the protocol by inserting the Windows distribution CD-ROM in your CD-ROM drive and clicking the Add button below the component window. Indicate that you wish to add a protocol by selecting Protocol and clicking "Add..." on the following dialog box, which should look similar to Figure 3-4.
Figure 3-4. Selecting a component type
After that, select manufacturer Microsoft, then protocol TCP/IP, as shown in Figure 3-3, then click OK. After doing so, you will be returned to the network dialog. Click OK to close the dialog box, and Windows will install the necessary components from the CD-ROM and request that the system be rebooted. Go ahead and reboot the system, and you're set.
If Client for Microsoft Networks is not in the list, you can add it similarly. The only significant difference is that you are adding a client instead of a protocol, so make sure to select "Client" rather than "Protocol" when asked.
Configuring TCP/IP
If you have more than one networking device (for example, both an Ethernet card and a modem for dial-up networking), the protocol to hardware bindings will be indicated by arrows, as shown in Figure 3-5.
Figure 3-5. Selecting a protocol to install
Select the TCP/IP protocol linked to the networking device that will be accessing the Samba network. If you have only one networking device, simply click the TCP/IP item. Now click the Properties button to open the TCP/IP Properties dialog. You should see something similar to Figure 3-6.
Figure 3-6. Selecting the correct TCP/IP protocol
WINS Configuration tab
If you've enabled WINS on Samba or are choosing to make use of another WINS server on your network, you must tell Windows the server's address. After selecting the WINS Configuration tab, you will see the dialog box shown in Figure 3-8.
Figure 3-8. The WINS Configuration tab
WARNING
DNS Configuration tab
Unless you are using DHCP, you will need to provide the IP address of one or more DNS servers. Click the DNS tab, then click the "Enable DNS" radio button, and type the IP address of one or more DNS servers into the appropriate field, shown in Figure 3-9, to add the server's address to the top DNS Server Search Order field.
Figure 3-9. The DNS Configuration tab
LMHOSTS file
If you want to install an LMHOSTS file, it must be placed in your Windows installation directory (usually C:\Windows). In the same directory, Microsoft has provided a sample LMHOSTS file named lmhosts.sam, which you might want to look at for further information on the file's format.
NetBIOS tab
This tab appears in Windows 98/Me, but not in Windows 95. All you need to do here is make sure the checkbox is checked, enabling NetBIOS over TCP/IP. If TCP/IP is your only protocol installed (as we recommended earlier), the selection will be grayed out, with the box checked so that you couldn't uncheck it even if you wanted to.
Bindings tab
The final tab to look at is Bindings, as shown in Figure 3-10.
Figure 3-10. The Bindings tab
You should have a check beside Client for Microsoft Networks, indicating that it's using TCP/IP. If you have "File and printer sharing for Microsoft Networks" in the dialog, it should also be checked, as shown in Figure 3-10.
Setting the Computer Name and Workgroup
Finally, click the OK button in the TCP/IP configuration dialog, and you'll be taken back to the Network Configuration dialog. Then select the Identification tab, which will take you to the dialog box shown in Figure 3-11.
Figure 3-11. The Identification tab
You also set your workgroup name here. In our case, it's METRAN, but if you used a different one in Chapter 2, when creating the Samba configuration file, use that instead. Just don't call it WORKGROUP (the default workgroup name) or you'll be in the same workgroup as every misconfigured Windows computer on the planet!
You can also enter a comment string for this computer. See if you can come up with some way of describing it that will remind you of what and where it is when you see the comment in a list displayed on another computer. Everyone on the network will be able to see your comment, so be careful not to include any information that might be useful to crackers.
Finally, click the OK button and follow whatever instructions Windows provides. (You might have to insert your Windows distribution CD-ROM and/or reboot.)
Username and Password
You have probably already given Windows a username and password by now. However, to authenticate with the Samba server, your Windows username and password must match with a valid account on the Samba server.
If you mistakenly entered the wrong password or your Unix password changes, you can change your password on the Windows system by going to the Control Panel and double-clicking the Passwords icon. This will bring up the Passwords Properties dialog. Click the Change Passwords tab, and you will see the dialog shown in Figure 3-12. Now click the "Change Windows Password..." button, which will bring up the Change Windows Password dialog box, shown in Figure 3-13. As indicated by the text entry fields in the dialog, enter your old password, and then the new password, and again to confirm it. Click the OK button and then the Close button on the Password Properties dialog box. Reboot or log out, and use your new password when you log in again.
Figure 3-12. The Password Properties dialog
Figure 3-13. The Change Windows Password dialog
Accessing the Samba Server from Windows 95/98
Double-click the Network Neighborhood icon on the desktop. You should see your Samba server listed as a member of the workgroup, as shown in Figure 3-14.
Figure 3-14. Windows 95/98 Network Neighborhood
Double-clicking the server name will show the resources that the server is offering to the network, as shown in Figure 3-15 (in this case, the test directory).
Figure 3-15. The test shared folder on the Toltec server
Accessing the Samba Server from Windows Me
Double-click the My Network Places icon on the desktop. You should see the test shared directory as shown in Figure 3-16.
Figure 3-16. My Network Places on Windows Me
Double-click the Entire Network icon, and you should see an icon for your workgroup, as shown in Figure 3-17.
Figure 3-17. Entire Network window, showing the Metran workgroup
Double-clicking the workgroup icon will bring up a window showing every computer in the workgroup, which should include your Samba server, as shown in Figure 3-18.
Figure 3-18. Computers in Metran workgroup
Double-click the Samba server's icon, and you will get a window showing its shared resources (in this case, the test directory) as shown in Figure 3-19.
Figure 3-19. View of shares on the Toltec server
If you don't see the server listed, it might be that browsing is not working correctly or maybe the server is just taking a few minutes to show up in the browse list. In either case, you can click the Start button, then select "Run...". This will give you a dialog box into which you can type the name of your server and the share name test in the Windows UNC format \\server\test, as we did in Chapter 1. This should open a window on the desktop showing the contents of the folder. If this does not work, there is likely a problem with name resolution, and you can try using the server's IP address instead of its computer name, like this:
\\172.16.1.1\test
If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong with the network.
If it works, congratulations! Try copying files to and from the server using the Windows drag-and-drop functionality. You might be pleasantly surprised how seamlessly everything works.
Setting Up Windows NT 4.0 Computers
Configuring Windows NT is a little different than configuring Windows 95/98/Me. To use Samba with Windows NT, you will need both the Workstation service and the TCP/IP protocol. Both come standard with NT, but we'll work through installing and configuring them to make sure they are configured correctly.
Basic Configuration
This section presents the steps to follow for TCP/IP-related configuration on Windows NT to get it to cooperate with Samba. If you need more details on Windows NT network administration, refer to Craig Hunt and Robert Bruce Thompson's Windows NT TCP/IP Network Administration (O'Reilly), an excellent guide.
Installing the TCP/IP protocol
From the Control Panel, double-click the Network icon, click the Protocols tab in the Network dialog box, and look to see if you have the TCP/IP protocol installed, as shown in Figure 3-20.
Figure 3-20. The Protocols tab
If the protocol is not installed, you need to add it. Click the Add button, which will display the Select Network Protocol dialog box shown in Figure 3-21. You should immediately see the TCP/IP protocol as one of the last protocols listed.
Figure 3-21. Select Network Protocol dialog box
Installing the Workstation service
After installing TCP/IP, click the Services tab in the Network dialog, and check that you have a Workstation service, as shown at the end of the list in Figure 3-22.[8]
Figure 3-22. Network Services tab
This service is actually the Microsoft Networking Client, which allows the computer to access SMB services. The Workstation service is mandatory. The service is installed by default on both Windows NT Workstation 4.0 and NT Server 4.0. If it's not there, you can install it much like TCP/IP. In this case you need to click the Add button and then select Workstation Service, as shown in Figure 3-23.
Figure 3-23. Select Network Service dialog box
Configuring TCP/IP
After you've installed the Workstation service, return to the Protocols tab and select the TCP/IP Protocol entry in the window. Then click the Properties button below the window. The Microsoft TCP/IP Protocol dialog will be displayed. There are five tabs in the dialog, and you will need to work with four of them:
IP Address tab
The IP Address tab is shown in Figure 3-24.
Figure 3-24. Microsoft TCP/IP Properties dialog for Windows NT
WINS Address tab
Click the
WINS Address tab, shown in Figure 3-25, and you can
begin to enter information about name servers. Enter the address of
your WINS server in the space labeled Primary WINS Server. If your
Samba server is providing WINS service (in other words, you have the
line wins support
= yes in the
smb.conf file of your Samba server), provide the
Samba server's IP address here. Otherwise, provide
the address of another WINS server on your network.
Figure 3-25. The WINS Address tab
The checkboxes in the lower half of the dialog are for enabling two other methods of name resolution that Windows can incorporate into its name service. Samba doesn't require either of them, but you might want to enable them to increase the reliability or functionality of name service for your client. See Chapter 7 for further information on name resolution issues.
If you'd like to use a DNS server, select the Enable DNS for Windows Resolution checkbox. In addition, you will need to do some configuration to allow the Windows system to find the DNS server, unless you're using DHCP.
DNS tab
Click the tab for DNS, as shown in Figure 3-26. Enter the IP addresses for one or more DNS servers in the space provided. Also, enter the hostname (which should be the same as the NetBIOS computer name). You will enter this again later in another control panel, so make sure they match. Finally, enter the DNS domain on which this system resides. For example, if your workstation has a domain name such as metran.cx, enter it here. You can safely ignore the other options.
Figure 3-26. The DNS tab
The LMHOSTS file
If you want to install an LMHOSTS file, it must be placed in the directory \system32\drivers\etc under your Windows installation directory (usually C:\WINNT). The easy way to make sure it gets to the proper location is to use the Import LMHOSTS button on the WINS Address tab. (But if you want to do it over the network, you will have to do that after file sharing is configured!) Remember to click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to enable this functionality.
Bindings
Now click the Bindings tab, and check the bindings of network hardware, services, and protocols. Set the "Show Bindings for" field to "all services," and click all the + buttons in the tree. You should see a display similar to Figure 3-27, which shows that the NetBIOS, Server, and Workstation interface services are connected to the WINS client running TCP/IP protocol, and that the WINS client is bound to the Ethernet adapter of the local area network.
Figure 3-27. The Bindings tab
Computer Name and Workgroup
The next thing you need to do is to give the system a NetBIOS computer name. From the Control Panel, double-click the Network icon to open the Network dialog box. The first tab in this dialog box should be the Identification tab, as illustrated in Figure 3-28.
Figure 3-28. The Identification tab
Here, you need to identify your computer with a name and change the default workgroup to the one you specified in the smb.conf file of your Samba server. Click the Change button below the two text fields. This will open an Identification Changes dialog box, where you can set the workgroup and the computer name, as shown in Figure 3-29.
Figure 3-29. The Identification Changes dialog
WARNING
Adding a User
In all
the previous steps, you were logged into your Windows NT system as
Administrator or another user in the
Administrators group. To access resources on the
Samba server, you will need to have a username and password that the
Samba server recognizes as valid. Generally, the best way to do this
is to add a user to your NT system, with the same username and
password as a user on the Samba host system.
TIP
The directions in this section assume that your network is set up as a workgroup. If you have already set up your network as a domain, as we describe in Chapter 4, you do not need to follow the instructions here for adding a local user on the Windows NT client system. Simply log on to the domain from the client using a username and password in Samba's smbpasswd account database, and continue with the next section, Section 3.3.4.
To add a new user, open the Start menu, navigate through the Programs submenu to Administrative Tools (Common), and select User Manager for Domains. Click the User menu and select the first item, Add User..., shown in Figure 3-30.
Figure 3-30. User Manager for Domains window
This brings up the New User dialog box shown in Figure 3-31.
Figure 3-31. The New User dialog
Connecting to the Samba Server
Now for the big moment. Your Samba server is running, and you have set up your NT client to communicate with it. Double-click the Network Neighborhood icon on the desktop, and you should see your Samba server listed as a member of the workgroup, as shown in Figure 3-32.
Figure 3-32. The Windows NT Network Neighborhood
Double-clicking the server name will show the resources that the server is offering to the network, as shown in Figure 3-33. In this case, the test directory and the default printer are offered to the Windows NT workstation.
Figure 3-33. Shares offered by the Toltec server
If you don't see the server listed,
don't panic. Select Run... from the Start menu. A
dialog box appears that allows you to type the name of your server
and its share directory in Windows format. For example, you would
enter
\\toltec\test,
as shown in Figure 3-34, and use your
server's hostname instead of
"toltec".
Figure 3-34. Opening a shared directory, using the server's NetBIOS name in the UNC
This will work even if browsing services are not set up right, which is a common problem. You can also work around a name-service problem by entering the server's IP Address (such as 172.16.1.1 in our example) instead of the Samba server's hostname, as shown in Figure 3-35. Go back and check your configuration, and if things still aren't right, go to Section 12.2 to troubleshoot what is wrong with the network.
Figure 3-35. Opening a shared directory, using the server's IP address in the UNC
If it works, congratulations! Try copying files to and from the server by dragging their icons to and from the folder on the Samba share. You might be pleasantly surprised how seamlessly everything works.
Setting Up Windows 2000 Computers
Networking Components
Go to the Control Panel and double-click the Network and Dial-up Connections icon. You should see at least one Local Area Connection icon. If there is more than one, identify the one that corresponds to the network adapter that is connected to your Samba network. Right-click the Local Area Connection icon, and click the Properties button. (Or double-click the Local Area Connection icon, and then click the Properties button in the dialog box that comes up.) You should now be looking at the Local Area Connection Properties dialog box, as shown in Figure 3-36.
Figure 3-36. Windows 2000 Local Area Connection Properties dialog
You should see at least the following two components:
Some components should be removed if you see them in the list:
Bindings
Next to each client, service, or protocol listed in the window in the Local Area Connections Properties dialog box, you will see a checkbox. Make sure the checkbox is checked for both Client for Microsoft Networks and Internet Protocol (TCP/IP). The check marks indicate the networking components are bound to the network adapter shown at the top of the dialog box.
Configuring TCP/IP
Now click Internet Protocol (TCP/IP), and then click Properties to open the Internet Protocol (TCP/IP) Properties dialog box, shown in Figure 3-37.
Figure 3-37. Internet Protocol (TCP/IP) Properties dialog
IP address
If you are using DHCP on your network to assign IP addresses dynamically, select the "Obtain IP address automatically" radio button. Otherwise, select the "Use the following address:" radio button, and fill in the computer's IP address and netmask in the spaces provided. You or your network manager should have selected an address for the client on the same subnet (LAN) as the Samba server. For example, if the server's address is 172.16.1.1 and its network mask is 255.255.255.0, you might use the address 172.16.1.14, if it is available, along with the same netmask. You can also fill in the IP address of the default gateway.
DNS server
In the lower part of the dialog box, click the "Use the following DNS server addresses:" radio button, and fill in the IP address of your DNS server.
WINS server
Enter the
address of your WINS server in the space labeled
"WINS addresses, in order of use:".
If your Samba server is providing WINS service (in other words, you
have the line wins service
= yes in the
smb.conf file of your Samba server), provide the
Samba server's IP address here. Otherwise, provide
the address of another WINS server on your network.
Near the bottom of the dialog box, select the radio button labeled "Enable NetBIOS over TCP/IP". Figure 3-38 shows what your Advanced TCP/IP Settings dialog box should look like at this point.
Figure 3-38. Advanced TCP/IP Settings dialog, showing WINS tab
The LMHOSTS file
If you want to install an LMHOSTS file, it must be placed in the \system32\drivers\etc directory under your Windows installation directory (usually C:\WINNT ). The easy way to make sure it gets to the proper location is to use the Import LMHOSTS... button on the WINS Address tab. (But if you want to do it over the network, you will have to do that after file sharing is configured!) Remember to click the Enable LMHOSTS Lookup checkbox on the WINS Address tab to enable this functionality.
Computer and Workgroup Names
From the Control Panel, double-click the System icon to open the System Properties dialog box. Click the Network Identification tab, and your System Properties dialog box will look similar to Figure 3-39.
Figure 3-39. System Properties dialog, showing Network Identification tab
To give your system computer a name and a workgroup, click the Properties button, which will bring up the Identification Changes dialog box, as in Figure 3-40.
Figure 3-40. Identification Changes dialog
Click the More... button to bring up the DNS Suffix and NetBIOS Computer Name dialog box, shown in Figure 3-41.
Figure 3-41. DNS Suffix and NetBIOS Computer Name dialog
WARNING
Adding a Samba-Enabled User
So far,
you have been logged into your Windows 2000 system as a user in the
Administrators group. To access resources on the
Samba server, you will need a username and password that the Samba
server recognizes as valid. If your administrative account has such a
username and password, you can use it, but you might want to access
your system and the network from a nonadministrative user account
instead.
WARNING
The directions in this section assume that your network is set up as a workgroup. If you have already set up your network as a domain, as we describe in Chapter 4, you do not need to follow the instructions here for adding a local user on the Windows 2000 client system. Simply log on to the domain from the client using a username and password in Samba's smbpasswd account database, and continue with the next section, Section 3.4.6.
To add a new user, open the Control Panel, and double-click the Users and Passwords icon to open the Users and Passwords dialog box, shown in Figure 3-42.
Figure 3-42. Users and Passwords dialog
The first thing to do is make sure the checkbox labeled "Users must enter a user name and password to use this computer." is checked. Next, click the Add... button to bring up the first dialog box of the User Wizard, shown in Figure 3-43.
Figure 3-43. Adding a new user
Fill out the fields, using the username of a valid user account on the Samba host, and then click the Next > button to enter and confirm the user's password. This password must be the same as the user's password on the Samba host. If you are using encrypted passwords, make sure this username and password are the same as what you used when you ran the smbpasswd program. Click the Next > button, which brings up the final dialog box, shown in Figure 3-44.
Figure 3-44. Specifying a group for the new user
Connecting to the Samba Server
Now for the big moment. Your Samba server is running, and you have set up your Windows 2000 client to communicate with it. Double-click the My Network Places icon on the desktop, and then double-click the Computers Near Me icon to browse the workgroup. You should see your Samba server listed as a member of the workgroup, as shown in Figure 3-45.
Figure 3-45. The Computers Near Me window, showing computers in the workgroup
Double-clicking the server name will show the resources that the server is offering to the network, as shown in Figure 3-46.
Figure 3-46. Shares offered by the Toltec server
In this case, the test directory and the default
printer are offered to the Windows 2000 workstation. If you
don't see the server listed, don't
panic. Select Run from the Start menu. A dialog box appears that
allows you to type the name of your server and its share directory in
Windows format. For example, you would enter
\\toltec\test, as shown in
Figure 3-47, and use your server's
hostname instead of "toltec".
Figure 3-47. Opening a shared directory, using the server's NetBIOS name in the UNC
This will work even if browsing services are not set up right, which is a common problem. You can also work around a name-service problem by entering the server's IP address (such as 172.16.1.1 in our example) instead of the Samba server's hostname, as shown in Figure 3-48.
Figure 3-48. Opening a shared directory, using the server's IP address in the UNC
If things still aren't right, go directly to Section 12.2 to troubleshoot what is wrong with the network.
If it works, congratulations! Try copying files to and from the server. You will be pleasantly surprised how seamlessly everything works. Now that you've finished setting up the Samba server and its clients, you can proceed to the next chapter.
Setting Up Windows XP Computers
Although Windows XP is very similar to Windows 2000, it has a very different user interface, and there are a number of subtle differences. For example, getting to the Control Panel is different than in any previous version of Windows—one must click the Control Panel item from the Start menu (there is no Settings item in the Start menu in XP). By default, XP will display the Control Panel in Category View mode. If you see this, click the Switch to Classic View item in the upper-left corner of the window. All of our directions are for using the Control Panel in Classic View mode.
Networking Components
Go to the Control Panel and double-click the Network and Dial-up Connections icon. You should see at least one Local Area Connection icon. If there is more than one, identify the one that corresponds to the network adapter that is connected to your Samba network. Right-click the Local Area Connection icon and click the Properties button. (Or double-click the Local Area Connection icon and then click the Properties button in the dialog box that comes up.) You should now be looking at the Local Area Connection Properties dialog box, as shown in Figure 3-49.
Figure 3-49. The Local Area Connection Properties dialog
You should see at least the following two components:
Bindings
Next to each client, service, or protocol listed in the window in the Local Area Connections Properties dialog box, you will see a checkbox. Make sure the checkbox is checked for both Client for Microsoft Networks and Internet Protocol (TCP/IP). The check marks indicate that the networking components are bound to the network adapter shown at the top of the dialog box.