LPIC-3 Mixed Environments 3.0 Introduction #01: 301 Samba Basics
This blog posting is the first in a series that will help you to prepare for the new version 3.0 of the LPIC-3 Mixed Environments exam. The new objectives are a complete rewrite of the former version. A lot of topics were added or extended, and some outdated topics were removed.
How to Study for the LPIC-3 Mixed Environments Exam
In this blog series we will go through the exam objectives and refer to resources on the internet that might be helpful for your studies. The selection of links is of course subjective. LPI does not recommend any specific way of studying. If you find other helpful resources, please leave a recommendation in the comments to this post.
Whenever you are studying for an LPI exam, make sure you have the most recent version of the exam objectives ready. These objectives tell you explicitly what you absolutely must know for the exam. Keep the objectives open all the time, and consider even printing them so you can tick off what you’ve already covered.
Also make sure you take notes right from the beginning of your studies. You will build up more and more knowledge as your studies continue. Ask yourself, what information would you like to review the day before the exam? Write such information down immediately whenever you encounter it.
This posting is all about getting you started and discussing exam topic 301, Samba Basics. You probably know what Samba is and which protocols are involved. If you’d like to refresh your memory, the Wikipedia pages on Samba and the SMB protocol are a good starting point.
While preparing for your exam, you will need a lab environment to experiment with various configurations. Such lab environments are commonly set up using virtual machines. Now would be a good time to install four virtual machines: three the current version of your favorite Linux distribution, and another one running a recent version of Microsoft Windows. Consider naming your VMs according to the purpose: The Linux VMs will serve as domain controllers and file servers and could be named dc1, dc2 and fs. The Windows machine will mostly consume the Linux VM’s services and could be named winclient. Now is also a good time to install the Remote Server Administration Tools on the Windows VM as well as the samba package from the distribution repositories in all Linux VMs.
The most important pieces of the original Samba documentation are manual pages and the Samba wiki. The manual page smb.conf(5) is special, because it explains all the configuration options for Samba. You will use this man page a lot. Now is a good time to start reading it. Get started at the top and work all the way down until the start of the section EXPLANATION OF EACH PARAMETER. You don’t have to fully understand every detail because we will come back to some advanced topics such as ID mapping later in the exam objectives. For now just make sure you get an understanding of how the configuration works.
With this information in mind, log into your file server and open the smb.conf file that came with the Samba package. Review the options and look them up in the man page. Make sure the [globals] section contains the statement security = user and comment out any active server role statement.
Now make sure that there is a homes share in your configuration file. If the share isn’t present, add it as follows:
[homes] read only = no
Confirm the validity of the file with the testparm command. If everything is fine, start the smbd and nmbd services or, if they already run, use smbcontrol all reload-config to make the configuration effective. Finally, add a new user to the file server (don’t forget to create a home directory, for example with useradd -m) and set a Samba password for that user using smbpasswd -a.
The First Connection
Now you’re all set for the first connection to your new server. In your Windows machine, open the explorer and enter the IP address of your file server in the addresses field, preceded by two backslashes and followed by another backslash, as in \\10.64.0.3\. When you are asked for a username and password, specify the credentials of the user you just created. You should now be able to access the user’s home directory on the file server from the Windows client. Try to add a file from the Windows client and see that it appears in the server’s file system.
Now that you are connected to your server, it’s time to experiment with some of the additional tools included in Samba. Review the man pages for the smbstatus and smbcontrol commands. Get an overview of what they can do and use them, for example, to identify and terminate the client’s connection to the server.
Finally, we should try to move this configuration from the smb.conf file to the server's registry-based configuration. First, import your current smb.conf into the server’s registry:
net conf import /etc/samba/smb.conf
Next, rename your current smb.conf to smb.conf.org and replace it with this file:
[global] config backend = registry
Now restart the Samba services and check that your server still runs fine. Run samba-regedit on the server to get an idea how the registry is organized.
Before concluding this post, let's take a final look at the exam objectives. We have already seen a lot of the content contained in topic 301. However, a few pieces are still missing. Take some time to go through the objectives for topic 301 line by line. You should look up each and every configuration parameter as well as all commands listed in the objectives. Get your hands dirty and try these commands on your file server. Remember it is still a rather empty virtual machine, so just start over if something breaks.
The various management commands will be extremely useful not just for the exam, but also for troubleshooting your real-world Samba setups. You might notice that some of the tools mentioned in the objectives handle LDAP directory contents. Even though we haven’t set up LDAP yet, now is a good time to brush up your LPIC-2 LDAP skills. You will need them next week, when we set up an Active Directory domain to manage the systems in our lab environment.