SAMBA:

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------

SAMBA CLIENT ALL:


install SAMBA:

bos.cifs_fs.5.3.0.0.I
bos.cifs_fs.rte.5.3.0.62.U
bos.cifs_fs.smit.5.3.0.60.bff
------------

smitty cifs_fs

lscifsmnt
rmcifsmnt -f /smb_mnt
mkcifsmnt -f /mnt -d share1 -h server1 -c user1

--------------------------------------------------------------------------------
smitty cifs_fs:
first it will do in read-only, later have to come back again and set it again
If Share name is like this: \\server name\share name, it is enough to write "share name" (\\server.. not needed)

                                                        [Entry Fields]
* Pathname of mount point                             /homes/ftp/Test
  SERVER name                                        [10.10.40.10]
  User Name                                          [SSH01]
  Password                                           []
  Share name                                         [Test]        <--what has been shared on the other system
  Mount as a READ-ONLY system                        [no]          <--first it will be read-only, come back again                                                                                                        +
  uid                                                [6027083]
  gid                                                [6000116]
  Mode                                               [777]
  Domain to Authenticate against                     []            <--once on windows I had to set here: ads
  Remount now, add change to /etc/filesystems,       [Both]
                          or both
  /etc/filesystems entry will mount on start         [no]
  Mount Type name                                    []


After these the credential file has to be set as well:
smitty cifs_fs -> Credential configuration

/etc/cifs_fs/cifscred file      allows future mounting of CIFS shares with stored credentials
lscifscred                lists the server or user entries stored in the /etc/cifs_fs/cifscred file (mkcifscred, rmcifscred, chcifscred)

--------------------------------------------------------------------------------

other methods:
/usr/sbin/mkcifsmnt -t rw -f /homes/ftp/29/test -d test -h 10.10.15.24 -c SSG01 -p xyz -u 32292 -g 6000116 -x 777
mount -v cifs -n 10.10.15.24/SSG01/xyz -o uid=32292,gid=200,fmode=775 test /homes/ftp/29/test

--------------------------------------------------------------------------------
Once on Win side had to change something in order to work:
"I have changed something on the server - from "Send NTLMv2 response only. Refuse LM  NTLM" to " Send LM & NTLM - use NTLMv2 session security if negotiated" So I hope, this fixes the problem"


--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------


SAMBA SERVER ALL:


Needed ports:

netbios-ns        137/tcp           # NETBIOS Name Service
netbios-ns        137/udp           # NETBIOS Name Service
netbios-dgm       138/tcp           # NETBIOS Datagram Service
netbios-dgm       138/udp           # NETBIOS Datagram Service
netbios-ssn       139/tcp           # NETBIOS Session Service
netbios-ssn       139/udp           # NETBIOS Session Service

microsoft-ds      445/tcp           # Microsoft-DS
microsoft-ds      445/udp           # Microsoft-DS

netbios is Windows file & printer sharing

Microsoft-DS (Microsoft Directory Services) is a port used for file sharing. It was introduced with Windows 2000 and gives you the possibility to use SMB protocol (stands for Server Message Block, but is also known as Samba) directly over TCP-IP on port 445.


In www.samba.org, written this:
UDP/137    - used by nmbd
UDP/138    - used by nmbd
TCP/139    - used by smbd
TCP/445    - used by smbd

INSTALL:

/mnt/MISC/SAMBA
-rwxrwxrwx   1 root     sys        67379200 Jun 28 2005  samba-3.0.4.0.bff

smitty install:
root@aix31: /mnt/MISC/SAMBA # lslpp -l | grep -i samba
  freeware.samba.rte         3.0.4.0  COMMITTED  Samba Version 3.0.4


-------
SWAT (SAMBA Web Administartion Tool) configuration: (not necessary, only if you want it)
It is a GUI for SAMBA, a web browser is needed for SWAT, and X11 as well.

/etc/services:
swat    901/tcp

/etc/inetd.conf:
swat    stream  tcp     nowait  root    /usr/local/samba/sbin/swat      swat

in browser:
http://localhost:901
-------

SAMBA tools:

install dir: /usr/local/samba

/usr/local/samba/sbin/nmbd                <--provides netbios nameserver supports to clients (nameserver for samba)
/usr/local/samba/sbin/smbd                <--smb daemon
/usr/local/samba/sbin/smbd -b             <--shows configuration infos. i.e.: path for the config file: smbd -b|grep smb.conf
/usr/local/samba/bin/smbstatus            <--shows actual sharings and connections
/usr/local/samba/bin/testparm             <--test the smb.conf file for any typo
/usr/local/samba/bin/pdbedit -a user123   <--creates users (on AIX I created before)
/usr/local/samba/bin/smbpasswd            <--changes pw (-a: add a user who can access the shares from a client)
/usr/local/samba/bin/smbclient            <--it is an SMB client program for UNIX machines, it provides an ftp like interface,
                                          to transfer files between a windows 'server' and a unix 'client'
---------

PROCESS OF SAMBA CONFIGURATION:


0. check ports: a 137,138,139,445 (if needed firewall opening)
rpcinfo, telnet

1. check where is smb.conf:
/usr/local/samba/sbin/smbd -b               <--shows version of SAMBA etc.,and the path to smb.conf

2. edit smb.conf:

/usr/local/samba/lib/smb.conf (it is a link to /etc/samba/smb.conf)

Create a similar entry:

[samba_share]                               <--use this name for connection
        comment = share test                <--anything can be written here
        path = /home/samba_share            <--path of the dir what we want to share
        read only = no
        guest ok = yes
        read list = user123                 <--users who will be able to read it (space separated)
        write list = user123                <--users who will be able to write to it (space separated)

Important:
-check owner,rights of the given directory (in the path)
-after chacnging the conf file, daemons have to be restarted in order changes be refreshed

-----------
this is good for read only:
[samba_share]
   comment = share test
   path = /home/samba_share
   read only = no
   guest ok = yes
-----------


3.SAMBA user creation:
/usr/local/samba/bin/smbpasswd -a user123                  <-- -a: add user as well

Same user has to be created, to what we gave in the conf file

For root we can create one:
/usr/local/samba/bin/smbpasswd -a root
(root passw is needed)

4. testing smb.conf:
/usr/local/samba/bin/testparm                              <--test the smb.conf file for any typo (default conf file)

testing not the default conf file:
/usr/local/samba/bin/testparm /etc/samba/smb.conf

5. starting daemons:
/usr/local/samba/sbin/smbd -D                              <-- -D: handling it as daemon (this is the default)
/usr/local/samba/sbin/nmbd -D

6. connecting to SAMBA:

LOCALLY (AIX):
/usr/local/samba/bin/smbclient //localhost/samba_share     <--samba_share: which has been created in conf file

password is what has been created with smbpasswd for the user
if not root user, than check permissions of the conf file (if needed give read permission)

another way: /usr/local/samba/bin/smbclient -U% -L localhost

REMOTELY (WINDOWS):
(tools->map network drive->choose a drive)
the command: \\10.10.101.78\samba_share                    <--it will map that directory

"Connect using a different username": If on Windows and AIX users are identical this is not needed.
If user/pw created in SAMBA is different of the actual windows user/pw, then here we can give the SAMBA user/pw.

7. Checks, tests:
/usr/local/samba/bin/smbstatus                             <--shows connections (if we could connect)

/usr/local/samba/bin/smbclient -L 10.10.101.78             <--shows which shares are available on a given host


!!!2 different SAMBA version (rpm and a fileset one) should no be installed at the same time (daemons did not started for me)!!!!

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------


I had this error:
(Samba was installed from rpm and it was started from inetd.)

# smbclient -L localhost -U <user>
added interface ip=10.10.10.8 bcast=10.10.35.31 nmask=255.255.255.224
session request to LOCALHOST failed (Call returned zero bytes (EOF)
)
session request to *SMBSERVER failed (Call returned zero bytes (EOF)
)



1. check samba logs (I turned this on)
  vi /etc/inetd.conf: netbios-ssn stream tcp nowait root /usr/sbin/smbd -l /var/log/samba.log smbd
  refresh -s inetd
(probably in syslog you can find where it is logging)

2. cat samba.log
  ...
  [2012/10/11 09:20:11, 0] tdb/tdbutil.c:tdb_log(531)
  tdb(/etc/secrets.tdb): rec_free_read bad magic 0x2f73616d at offset=812    <--shows problems with /etc/secrets.tdb
  [2012/10/11 09:20:11, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
  pdb_generate_sam_sid: Failed to store generated machine SID.
  [2012/10/11 09:20:11, 0] smbd/server.c:main(793)
  ERROR: Samba cannot create a SAM SID.

3. stop samba
  vi /etc/inetd.conf -> comment lines smbd, nmbd
  refresh -s inetd

4. remove /etc/secrets.tdb
  mv /etc/secrets.tdb /etc/secrets.tdb.old

5. start samba
  vi /etc/inetd.conf -> uncomment smbd, nmbd lines
  refresh -s inetd

6. test login
  # smbclient -L localhost -U <user>
  added interface ip=10.10.10.8 bcast=10.10.35.31 nmask=255.255.255.224
  Password:


--------------------------------------------------------------------------------

I had this "error":

# smbstatus

Samba version 2.2.7
Service      uid      gid      pid     machine
----------------------------------------------

Failed to open byte range locking database
ERROR: Failed to initialise locking database
Can't initialise locking module - exiting



This is not an error after first successful login it will be OK.
I did: smbclient -L localhost -U <user>
After that: smbstatus

Samba version 2.2.7
Service      uid      gid      pid     machine
----------------------------------------------

No locked files

--------------------------------------------------------------------------------


12 comments:

  1. there is two share drive on the smb.conf file one share is working another one is not working, we are getting error like below

    Samba:/ #/usr/local/samba/bin/smbclient //Samba/Sharedrive -U
    WARNING: no network interfaces found
    Password:
    Domain=[MYER] OS=[Unix] Server=[Samba 3.0.30]
    tree connect failed: NT_STATUS_ACCESS_DENIED

    ReplyDelete
  2. Hi,

    I am facing errors while mountig a windows share on AIX host (6100-04-03)

    lslpp -L| grep -i smb
    bos.cifs_fs.rte 6.1.4.2 C F Runtime for SMBFS
    bos.cifs_fs.smit 6.1.4.1 C F SMIT Interface for SMBFS


    I tried usig both smit cifs_fs and mkcifsmnt. But getting the same error. Please help

    There was an error connecting the share or the server. Make sure the lsdev command shows that device nsmb0 is in the Available state. Also make sure that the share name, user name and password are accurate.

    nsmb0 is available ad the username,password and share name are correct. I am able to access the windows share through run prompt.

    ReplyDelete
    Replies
    1. Hi, you did not write anything about the error...

      Delete
  3. The error is

    There was an error connecting the share or the server. Make sure the lsdev command shows that device nsmb0 is in the Available state. Also make sure that the share name, user name and password are accurate.

    ReplyDelete
    Replies
    1. Did you check if firewall does not block necessary ports for Samba? (port 137-139 and 445). Also share name (or domain name) should be given at AIX side, please check that one as well-

      Delete
  4. Hi,
    I am getting nobody where I authenticate my smb with AD...
    Samba version 2.2.7
    Service uid gid pid machine
    ----------------------------------------------
    IPC$ nobody nobody 991234 lp-e4115b3cd0a5 (10.6.60.51) Fri Jul 5 13:03:24 2013

    No locked files

    ReplyDelete
    Replies
    1. No idea, IBM could help in this case.

      Delete
  5. Hi,

    can anybody tell how to patch the Samba Version 3.3.12 on AIX with steps. I am not able to patch the Samba Server on AIX.

    ReplyDelete
  6. i have aix OS with given below filesets installed in aix 7.1.
    --------------------------------------------------------------
    samba.base 3.3.12.0 C F Samba for AIX
    samba.license 3.3.12.0 C F Samba for AIX
    samba.man.en_US 3.3.12.0 C F Samba for AIX

    How can i update these filesets to 3.6 version

    ReplyDelete
    Replies
    1. I found this link: http://www.perzl.org/aix/index.php?n=Main.Samba

      Delete
  7. Hi,

    I had a directory exported via samba.. But when I try to create files under this, its getting created with nobody ownership. Any fix to this issue?

    ReplyDelete
  8. Hi,
    The files in the samba share is not view able in the windows machine. I've checked for all files and directory permissions in the AIX server, everything seems to be fine. Could you please help?

    ReplyDelete