SAMBA (Domain Controller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 5

Adding Users To Our SAMBA Domain

Now we will add a user, e.g. tom, to our Samba domain. You will have to add a user like this for each user account you want to connect to this SAMBA domain server.

1) Add a linux user tom:

useradd tom -m -G users

2) Add the linux user tom to the SAMBA password database:

smbpasswd -a tom

Adding Shares

Now I will add a share that is accessible by all users.

mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/

At the end of the file /etc/samba/smb.conf add the following lines:

[allusers]
comment = All Users
path = /home/shares/allusers
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
writable = yes

Now we restart Samba:

/etc/init.d/samba restart

Installing CUPS

If you want your SAMBA server to act as a print server also, you have to install and configure CUPS:

apt-get install cupsys cupsys-client cupsys-driver-gimpprint cupsys-driver-gimpprint-data defoma fontconfig foomatic-db foomatic-filters libcupsimage2 libexpat1 libfontconfig1 libfreetype6 libgimpprint1 libjpeg62 libpaper1 libpng12-0 libpoppler0c2 libslp1 libtiff4 patch perl perl-modules ttf-bitstream-vera ucf (1 line!)

To get access to the web interface from my workstation, I will change cups to listen on the Server IP.
Edit /etc/cups/cupsd.conf in the section Network Options:

Listen 127.0.0.1:631
Listen 192.168.0.100:631

Set AuthGroupName to shadow in the section Security Options:

AuthGroupName shadow

To allow access only from my admin workstation (IP: 192.168.0.70), I add Allow From 192.168.0.70 the security options and set AuthClass to Group:

<Location /admin>
#
# You definitely will want to limit access to the administration functions.
# The default configuration requires a local connection from a user who
# is a member of the system group to do any admin tasks. You can change
# the group name using the SystemGroup directive.
#

AuthType Basic
AuthClass Group

## Restrict access to local domain
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.0.70

#Encryption Required
</Location>

Add the cupsys user to the shadow group:

adduser cupsys shadow

and restart the cups daemon:

/etc/init.d/cupsys restart

The cups webinterface is now accessible with any webbrowser from my workstation:

http://192.168.0.100:631/

Now I can login to the cups interface with username root and my root password.

Hint: If there is no linux driver available for your printer and you want to use this printer only from your windows workstations trough SAMBA, you can use the printer manufacturer RAW and install the correct driver on your windows workstation.

If you created a new printer in cups, you will have to add it to samba with the command:

cupsaddsmb -a

Have fun!

Links

All trademarks belong to their respective owner.

Share this page:

23 Comment(s)