[nzlug] samba: puzzled user...

Cliff Pratt enkidu at cliffp.com
Mon Mar 10 09:32:35 NZDT 2008 

Simon Bridge wrote:
> On Sun, 2008-03-09 at 21:06 +1300, Cliff Pratt wrote:
>> Simon Bridge wrote:
>>  I ended up with 5 shares called "Public". OK -
>>> they ended up in a subdirectory of the computer hostname.
>>>
>> Yes, I wondered about that. Were you expecting a single folder called 
>> "Public" will all machines sharing it? 
> Nope.
> 
>> Or replicating data between them? 
> Nope.
> 
> I have actually used samba back in my RH9/FC2,4 days ... but then it was
> between two or three hosts on a wired network. The boxes weren't going
> anywhere. I needed samba for the one windows box, but ended up finding
> ftp and nfs the easier option.
> 
> Mostly it was the windows-side setup that was the painful one. But on
> the linux side I think I was using smbmount... I don't recall having a
> gui access like this.
> 
> The way the ubuntu boxes just magically handled the shares made it look
> good for file-sharing between clients that don't stay put. But that
> means I need to understand it *conceptually* where the online howto
> focus on the functional... with cut-and-paste "solutions".
> 
>> It doesn't work like that. A machine shares out one of its folders which 
>> all other machines can connect to. If you want a folder shared between 
>> many machines *one* machine has the folder, shares it out and all other 
>> machines connect to the shared (out) folder.
>>
>> But I may be reading too much into what you said....
 >
> You are ... I was thinking in terms of some kind of access control - you
> have to be a member of the workgroup to view shares exported to that
> group. eg. only people who work on the "project23" project get access to
> the "p23" workgroup... logical but untrue. At least - not at the server
> level. I mean, p23 may be intended only for project23 operatives, and
> not the MJ12 people, but the workgroup itself has nothing to do with
> that.
>
No, workgroups are not used for access control. However *domains* are.
> 
>>  >
>>>>> Once set up, the share seems to show up in XP's network
>>>>> neighborhood and in Places > Network... but not all for all
>>>>> connected linux machines.
>>>> Because windows networking is a bit rubbish, and sometimes machines
>>>> just refuse to show up. Usually you can access them directly by
>>>> typing the name.
>>> Sayy what? Where?
> ??? Where would one "type the name" to "access it directly"? Does this
> mean I can enter "smb://workgroupname" in a terminal?
> 
>>>> You'll see a lot of stories, with just plain windows networks,
>>>> where machine A can see B and C, B can only see A, and C can only
>>>> see B, and similar stupid things.
>>> OK - so here I was thinking in terms of consistent behaviour and the 
>>> thing is renowned for not working consistently. Gotcha. No wonder I
>>> was driving myself up the wall.
>>>
>> There is usually a reason. One reason is Windows needs a Master Browser 
>> and this function 'claimed' by any new server that could be a Master 
>> Browser. Then an election takes place. This can result in more than one 
>> server thinking it is the Master Browser and chaos ensues. Usually 
>> specifically setting machines *NOT* to try to be Master Browser fixes 
>> 95% of the problems.
>>  >
> Hmmm... I remember reading about this when I wanted to learn about how
> this works on windows computers. I discovered that some of the roles
> (i.e. Primary Domain Controller) are not available under some licenses -
> which turned out to be the users problem - and quit.
>
PDC => Domain, which is a whole new bucket of fish. Domains are used for 
authentication.
 >
>>> Right - so a new machine joins a network, it's samba client announces
>>> "I am here" and goes into a huddle with the servers... the servers 
>>> basically say "Hi, I'm Bazz, I'm in workgroup fubar, have I got a
>>> folder for you: extra folds..." sort of thing?
>>>
>> No, it's an on demand thing. If Bazz is on the network all shares are 
>> potentially accessible to it. There is no central repository of shares 
>> (unless there is a Master Browser), and Bazz will ask machine X what its 
>> shares are if it wants to ask.
> 
> So... when my mobile machine joins a network, and some moments later I
> see all the other computers in that network show up in smb:/// ... how
> did that happen?
>
Your machine has broadcast.... (I'm not sure of this).
 >
>>>>> If I alter one of the machines so that system > shared folders >
>>>>> general has a different workgroup, reboot, then that machine no
>>>>> longer appears in the others' smb:///
>>>> Sometimes it can take a while for the new workgroup information to
>>>> propagate. Sometimes it doesn't show up at all because windows
>>>> networking is a bit rubbish.
>>> OK - but how long before I decide that it's not going to happen... 
>>> 10mins? So why didn't the mount work? Why do all these people insist 
>>> that the workgroups have to match - or is that only in the windows 
>>> world?
>>>
>> All what people? Workgroups only apply to browsing, ie looking for 
>> shared out shares.
> http://www.tweakhound.com/linux/samba/page_2.htm
> "Fill in your Workgroup or Domain Name (the exact same name as your
> Windows workgroup)."
>
The Domain Name should be stated if it is in a Domain. It doesn't have 
to be, but if it is, you can use Domain credentials to authenticate. If 
you are logged into the Domain it will happen automatically. But let's 
not get into Domains!! Workgroup names don't really matter because you 
have to authenticate to the machine that is sharing.
 >
> https://help.ubuntu.com/community/SettingUpSamba
> ... while they don't actually say that it won't work if you don't, they
> make a big deal about getting the workgroup and domain right for the
> network.
> 
> Mind you, it does add "Open the Computer Menu, then click on "Network".
> You'll see a "Windows network" icon, open it. The next window shows all
> the domains/workgroups found in your network. Inside each
> domain/workgroup you get all the computers in it" ... which would seem
> to make things clearer if (a) I hadn't read other things first and (b)
> it actually worked like that when I tried it.
> 
> Older hardcopy references talk about the workgroup having to match with
> an external name... like Jon Hall in "Redhat 9 for Dummies". I also have
> a copy of "Fedora Core 4 for Dummies" by Naba Barkakati which gives this
> instruction on p704 while p705 states that the XP machine will list the
> share only if it has the same workgroup. ... these are from my early
> experiences with linux. I had some others (with more inspiring titles)
> but they are buried right now.
> 
> Now you see where I may have been getting confused? I am now faced with
> undoing a false paradigm. Probably the authors are trying to keep things
> simple for the newbie.
> 
> Windows users is where I got the expression "join a workgroup".
> 

Cheers,

Cliff

More information about the NZLUG mailing list