Howto setup Samba Server (File Server) With tdbsam Backend

Sponsored Link
Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients." Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.

What is tdbsam ?

Samba can store user and machine account data in a “TDB” (trivial database). Using this backend does not require any additional configuration. This backend is recommended for new installations that do not require LDAP.

As a general guide, the Samba Team does not recommend using the tdbsam backend for sites that have 250 or more users. Additionally, tdbsam is not capable of scaling for use in sites that require PDB/BDC implementations that require replication of the account database. Clearly, for reason of scalability, the use of ldapsam should be encouraged.

The recommendation of a 250-user limit is purely based on the notion that this would generally involve a site that has routed networks, possibly spread across more than one physical location. The Samba Team has not at this time established the performance-based scalability limits of the tdbsam architecture.

There are sites that have thousands of users and yet require only one server. One site recently reported having 4,500 user accounts on one UNIX system and reported excellent performance with the tdbsam passdb backend. The limitation of where the tdbsam passdb backend can be used is not one pertaining to a limitation in the TDB storage system, it is based only on the need for a reliable distribution mechanism for the SambaSAMAccount backend.

The high growth rates projected are a good reason to use the tdbsam passdb backend. The use of smbpasswd for the backend may result in performance problems. The tdbsam passdb backend offers features that are not available with the older, flat ASCII-based smbpasswd database.

Install Samba Server in Ubuntu

Use the following command to install samba packages

sudo aptitude install libcupsys2 samba samba-common

This will complete the sama installation.

Configuring Samba in Ubuntu

First you need to Edit the smb.conf file using the following command

sudo vi /etc/samba/smb.conf

In the global section, remove the ";" at the front of the line security = user so it looks like this

security = user

to enable Linux system users to log in to the Samba server.

Close the file and restart Samba

sudo /etc/init.d/samba restart

Adding Samba Shares

Now you need to add a share that is accessible by all users.

Create the directory for sharing the files and change the owner to the users group.

sudo mkdir -p /home/shares/allusers

sudo chown -R root:users /home/shares/allusers/

sudo chmod -R ug+rwx,o+rx-w /home/shares/allusers/

Edit the /etc/samba/smb.conf file

sudo vi /etc/samba/smb.conf

add the following lines and save the file

comment = All Users
path = /home/shares/allusers
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
writable = yes

If all users shall be able to read and write to their home directories via Samba use these
Edit the /etc/samba/smb.conf file

sudo vi /etc/samba/smb.conf

add the following lines and save the file[homes]
comment = Home Directories
browseable = no
valid users = %S
writable = yes
create mask = 0700
directory mask = 0700

Now you need to restart the samba server using the following command

sudo /etc/init.d/samba restart

Adding and managing users

In this example, I will add a user called ruchi. You can add as many users as you need in the same way, just replace the username tom with the desired username in the commands.

useradd ruchi -m -G users

Set a password for ruchi in the ubuntu system user database. If the user ruchi shall not be able to login to the ubuntu system, skip this step.

passwd ruchi

-> Enter the password for the new user

Now add the user to the Samba user database.

smbpasswd -a ruchi

-> Enter the password for the new user

Now you should be able to log in from your Windows workstation with the file explorer using username ruchi and the chosen password and store files on the ubuntu server either in ruchi's home directory or in the public shared directory.

Sponsored Link

You may also like...

5 Responses

  1. Henry says:

    Great How To article !! I have Samba up and working but need a tweak for my environment ( a high school). Using your setup I am able to connect to an iMac client (and an XP) – BUT only if I have an identical user account / passwd on the server AND the clients. I’ve seen this behavior on Samba before.

    What I need it to be able to log into the iMac as Student (generic student login) but then log into the my account on the Linux/Samba server …. say the Tommy account with its unique passwd. How can I break or circumvent this account/passwd linkage ? If I try to login to a different account on the Linux/Samba server (mac or PC) I get an error.

    Thanks for your help !!!

  2. FriskyDingo says:

    Why don’t you actually cover the tdbsam part of the setup? I don’t believe it’s the default (smbpassdb is) and you don’t cover the passdb = tdbsam setting.

  3. s says:

    FriskyDingo, i believe that is strange too. But tdbsam is a default backend since version 3.4 of samba.

  4. da says:

    Thanks for the How To, I had been stuck on users not able to authenticate and all I could figure out from other sites was “pdbedit -w -L” told me that my tdb only had one user’s password in it. I was at a loss to figure out why my new users weren’t able to access the samba shares even though they were in the valid users = line. I’d setup a different Samba server over a year ago and the conf file was nearly identical other than for the path, and I was pulling my hair out. Problem was I went in assuming tdb was getting updated by useradd and/or adduser but it wasn’t.

    Ended up searching “ubuntu how to add user to tdbsam” and your site came up first, low and behold even though I was using tdbsam for the passdb I didn’t realize I still needed to run:

    smbpasswd -a username

    to set the password, did that for my new users and works for them now.

    Thanks a million!! 🙂

  5. Tom says:

    Still doesn’t work :/ Wonderful NT_STATUS_LOGON_FAILURE using the cmbclient -L 192,168.1.253 -U whateveruseriattempttoadd. The pdbedit shows I have passwords added. The backend enabled in smb.conf. Person responsible for user’s management in this piece of software shall burn in hell 😉 No idea how to resolve the problem. When I do not set the pass smbclient shows the correct information and is able toconnect.

Leave a Reply

Your email address will not be published.