oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

Inside Samba: Windows Sharing for the Mac

by Jason Deraleau

Beginning with 10.1, Apple started shipping support for the SMB protocol in Mac OS X. SMB is the protocol used by Windows machines to provide file and print sharing in a local area network. Mac OS X 10.1 had limited client capabilities, but 10.2 brought enhanced client and server facilities to the OS. The server facilities are provided by a Unix daemon known as Samba. Samba is one of the most successful open source projects around and has been ported to Linux, various BSDs, and Darwin/Mac OS X. Started by Andrew Tridgell, the Samba team works to provide as many features of the Windows server products as possible. Currently Samba can provide disk shares, print shares, act as a WINS server, and perform NT4 primary domain controller duties.

Enabling Basic Windows Sharing

Enabling Windows file sharing in Mac OS X 10.2 is pretty easy. By default, your computer will be a part of the SMB workgroup "WORKGROUP" and have an SMB hostname that is the same as your computer name. If you want the machine to appear in the Windows Network Neighborhood, you may need to adjust these settings. Consult your Windows documentation to find out what workgroup your Windows machine is using.

Setting the Workgroup

Fig. 1 - Configuring the Workgroup
Configuring the Workgroup

To change the workgroup your Mac will use, open the Directory Access utility. This tool is located in /Applications/Utilities. Once you have it open, authenticate by clicking the padlock in the lower left corner. You should be prompted to enter your user password. Once you've authenticated, select SMB from the Services list and click the 'Configure...' button. This will present you with a dialog box that allows you to specify your workgroup. Once you have set it to match your Windows machine, click the 'OK' button. This is all we'll need to set in Directory Access, so go ahead and close it.

Setting the Hostname

Fig. 2 - Setting the Hostname
Setting the Hostname

To change the SMB hostname, open the Sharing pane of System Preferences by selecting System Preferences from the Apple menu and clicking on the Sharing icon. Here you can specify your computer's name and Rendezvous name. The name should be unique on your network. I also recommend using only one word for the hostname (no spaces!) and having both the Computer Name and Rendezvous Name match. While in the Sharing pane, you should also see a listing of Services available. Start Windows File Sharing by enabling its checkbox. Samba will start up using the workgroup and hostname you've chosen.

Configuring Individual User Access

Fig. 3 - Configuring User Access
Configuring User Access

Now that Samba is running, you can enable a user's access to your Mac from Windows on a per-user basis. To do this, switch to the Accounts pane of System Preferences. Once there, select the user you wish to permit access to and click the 'Edit User...' button. If necessary, enter the user's password to enable editing of the user's information. Toward the bottom you'll see a checkbox labeled 'Allow user to log in from Windows'. Since users' home directories are shared by default, enabling this checkbox will allow that user to access his home directory from a Windows machine. The address to do this is \\HOSTNAME\USERNAME, which you would enter in the Windows Explorer. The user should also see his home directory in the Network Neighborhood.

Adding More Shares

The Mac OS X install of Samba is only configured for home directory shares by default. This is done using the special [homes] share of the smb.conf configuration file. This is fine if you only want to share files that are in your home directory, but what if you have some MP3s or AppleWorks documents in another folder? Perhaps you want to allow others to access your /Users/Shared folder from Windows. These are possible as well, but require some changes in the smb.conf file.

Samba's configuration information is stored in a file called smb.conf in the /etc directory. This file contains a [global] section, which has general directives for Samba to use. You will also see the [homes] section, which lists directives for sharing your users' home directories. In order to demonstrate how to create more disk shares, I'll show you how to share your /Users/Shared folder with Windows users. The first thing to do is to create a backup of your original file. To do this, we're going to go into the command line interface of Mac OS X and use some basic Unix commands.

Backing Up Your Samba Configuration

Open the Terminal application, located in /Applications/Utilities. Once it's open, enter cd /etc to change to the /etc directory. If you now enter the command ls, you'll see all the files and folders that are in the /etc directory. One of these files is smb.conf. To backup the file, type the command sudo cp smb.conf smb.conf.back. Because these files are all owned by root, you must have root permissions to make the backup. The sudo command temporarily gives you root permissions. You will be prompted for your user password. Enter it and the backup file will be created. To double check, enter the ls command again and look for a file named smb.conf.back. If it's there, you've successfully created the backup.

Adding a New Share

Now that you have a backup of your smb.conf file, we're going to open the original smb.conf file for editing using the pico editor. Since we need root permissions to save changes, we'll again use the sudo command to gain the necessary credentials: sudo pico /etc/smb.conf. If you're prompted for your user password, enter it. You should now see the contents of your smb.conf file, complete with the [global] and [homes] sections described above, as well as some sample sections for [public] and [printers]. The pico editor is very simple. To move around the file, use the arrow keys on your keyboard. Making changes to the file is very similar to the TextEdit application. The first step to add a new share is to give it a section title. The section title is the same as the actual share's name. In this case, we're just going to call it "shared". Give yourself some space after the [homes] section by moving the cursor below it and pressing the enter key a few times. Now type in exactly what appears below:

  comment = Shared Directory
  path = /Users/Shared 
  read only = no
  browseable = yes
  create mode = 755

The [shared] line tells Samba that a new disk share is being defined. It is named "shared". The comment line will display the text "Shared Directory" in Windows Explorer. The next line declares the path to the share. In this case, it is the /Users/Shared folder. Since we want to be able to save changes to this share's files, we declare it with a read only value of no. The browseable attribute determines whether a share is displayed in the Windows Explorer. Even if you set this to no, it can still be accessed, the user would just have to know the full path to the share (in this case, \\HOSTNAME\SHARED ). The last line, create mode, defines the permissions that files being created on the share will have. These are presented in Unix numeric permissions. In this case, the permissions are read/write/execute for owner and read/execute for group and other.

Once you've entered these changes, press Ctrl+O and then enter to save the file, then press Ctrl+X to quit pico. To verify that your changes were saved successfully, use the command cat /etc/smb.conf and read through to be sure everything is there. Now the changes don't immediately take effect. To make Samba aware of the changes, use the command sudo killall -HUP smbd. This will tell the Samba daemon to reload its configuration information.

One important thing to remember is that a user must still have a valid account on your machine to access these shares. She must also have the 'Allow user to log in from Windows' option enabled on her account. On a Windows machine, you should now be able to see your "shared" share and a share named with your user's username in the Network Neighborhood. This user titled share contains the user's home directory. It is shared using the [homes] section.

Pages: 1, 2, 3

Next Pagearrow