Samba Basic Hands-On Practice 2

                                                                                


Scenario:

The Tropics travel agency has grown. There are several temp employees
that don't have their own system but use the companies computers. 
Anyone should be able to use any PC. Only three Windows applications 
are used: a custom funds tracking and management package that stores 
all files on the central server, Microsoft Word, and the software that 
looks up travel reference information.

The company still needs simplicity. Any user should be to log onto any
PC with any username and password. Samba can accommodate an office
like this by using the force user  parameter in share and printer
definitions.  The use of the force user  ensures that all files are
owned by same user identifier (UID) and this ensures that there will
never be a problem with file access due to file access permissions.
Additionally, you elect to use the "nt acl support = No" option to
ensure that no attempts can be made to write access control lists
(Posix type) to any file or directory. This prevents an inadvertent
ACL from overriding actual file permissions.


Steps
1. Create the Linux group for office file storage.

groupadd office

2. Create the user account for office file storage.

useradd -m agent -G office
passwd agent

3. Create a new directory in the filesystem for the share and set the
   permissions so that owner and can read, write and execute, while
   all other users only have permission to read and execute.

mkdir /data
chmod 755 /data

   (and if you haven't done this already)
mkdir /island
chmod 755 /island
cp /etc/passwd /etc/group /island

4. Under the directory /data create the directory structure for the
   office and set the ownership and permissions respectively. The
   mkdir command shown here is a compound command. The find command
   shows the directory hierarchy that was created.

mkdir -p /data/{ftmfiles,officefiles/{letters,invitations,misc}}
chown -R abmas.office /data
chmod -R ug+rwxs,o-w,o+rx /data
find /data

5. Install the configuration for the company. Download the 
   configuration and move it into place.

cd /etc/samba
rm smb.conf
wget joelandrebecca.martintribe.org/linuxconf/samba/smb.conf.example2
cp smb.conf.example2 smb.conf

6. Edit your smb.conf to make sure to set your netbios name to
   a unique name so that you won't collide with other students.



Verification

7. Validate the syntax of the configuration file

testparm

8. Restart Samba services (smbd and nmbd).

/etc/init.d/smb restart

9. Verify that the shares are visible from the server side

smbclient -L localhost -N
smbclient -L NETBIOS_NAME -N

10. Ensure that all Windows clients are in the same network (same
   netmask i.e. 255.255.255.0), and set workgroup names of all Windows
   clients to the same as specified in the smb.conf configuration
   file. 

11. Reboot, login and wait. SMB / NetBIOS information takes a while to
   propogate.

12. Browse in Network Neighborhood to your computer and share. Verify
   that the "island" share is accessible but cannot be written to and
   that files cannot be modified.

13. Verify that the ftmfiles and office shares exist and that files
   can be created and modified within these shares by different users.