There seems to be a lot of difficulty configuring Windows 7 machines for
access from Samba. This is a proposed HowTo. Please feel free to post
corrections, refinements and/or suggestions.
I. Windows 7 configuration.
Setup name/workgroup.
a. Go to:
start → control panel → system–> Advanced System Settings →
Computer name → change. Set the machine name to your taste
and enter the workgroup name. ( See note 1 for domains)
b. Restart Windows 7
Configure Sharing.
Go to:
start → control panel → Network and sharing center–>Change
advanced sharing settings.
a. turn on network discovery
b. turn on file printer sharing
c. leave encryption at the default 128
d. configure passwords to your choice, more later.
3.Configure sharing for the folders & files
For each folder/file you wish to share:
a. Right click
b. Choose properties
c. Select the Sharing tab
d. Select “advanced sharing”
e. assign a share name
f. select Permissions
g. assign appropriate permissions to the EveryOne group
h. backout to the properties window
i. Select the security tab and assign appropriate rights to the
EveryOne group
j. backout and you’re done
II. Set up OpenSuse
From the browser of your choice enter:
smb://< computer name or IP>/ (See note 2)
a. If passwords are required, see I.2.d. Enter the
<username>:<password> of a VALID WINDOWS 7 user.
b. You should now have a list of shares you can access
c. Do not try to access the X$ shares (X=C,D,E etc) these are special.
Note 2: When not using passwords, there seemed to be a delay in showing the
Windows 7 shares. On the initial attempt you may need to enter:
smb://< computer name or IP>/<sharename>/
I found that subsequent access would display properly.
Note 3: This was checked on OpenSuse 11.2 with KDE4 using Dolphin, FF and
Konqueror.
–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
One point I would like to make. I would prefer to see a separate group/s set up and use those instead of blanket permissions added to the Windows shares for the Everyone group. This is terribly insecure. If you add these permissions, any annonymous user will have access to these shares. That includes anyone that might get past your router.
On Mon December 14 2009 07:26 pm, Wilson Phillips wrote:
>
> That’s good stuff. Thanks for sharing.
>
> One point I would like to make. I would prefer to see a separate
> group/s set up and use those instead of blanket permissions added to the
> Windows shares for the Everyone group. This is terribly insecure. If you
> add these permissions, any annonymous user will have access to these
> shares. That includes anyone that might get past your router.
>
>
Wilson;
Thank you for the input. I’ll add your suggestions to my draft. I agree that
setting permissions for everyone is weak.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
This was just a quick outline of the procedure used for sharing. At this
time, the concern was with both accuracy and completeness. The testing with
Windows 7 was limited to a single Netbook with Windows 7 Starter. I was
concerned that other flavors of Windows 7 would require additional
configuration. When, or if, it reaches final form it will need to be
refined. But your point is well taken. Thank you for taking the time to
post.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
I will revise my HowTo for Vista/Samba (which I haven’t looked at for a few years [shame]) to include a burst on win7 with appropriate acknowledgments if that’s OK with you?
>
> Thanks for this P.V.
>
> I will revise my HowTo for Vista/Samba (which I haven’t looked at for a
> few years [shame]) to include a burst on win7 with appropriate
> acknowledgments if that’s OK with you?
>
>
Swerdna;
That’s fine with me. I was hoping someone would pickup on it since I never
had time. Your HowTos are very well written and have helped hundreds of new
users. Good luck.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
I just browsed in win7 to my Suse Box where I have my /home/john shared as follows:
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
The icons for netbiosname → john popped up even though I’ve marked the share “browseable = no”, and I can drill down to my home directories and files without having to authenticate.
My username and password on win7 and Suse are the same.
Obviously win7 sends the credentials of the logged-on user to the Suse machine unbidden when the win7 user clicks the icon for home directories on the Suse Box.
So the two points that surprised me are (1) that the home directories are visible (even though “browseable” is “off”) and (2) that win7 auto-authenticates.
>
> I just browsed in win7 to my Suse Box where I have my /home/john shared
> as follows:
>
>
> Code:
> --------------------
> [homes]
> comment = Home Directories
> valid users = %S, %D%w%S
> browseable = No
> read only = No
> inherit acls = Yes
> --------------------
>
>
> The icons for netbiosname → john popped up even though I’ve marked
> the share “browseable = no”, and I can drill down to my home
> directories and files without having to authenticate.
>
> My username and password on win7 and Suse are the same.
>
> Obviously win7 sends the credentials of the logged-on user to the Suse
> machine unbidden when the win7 user clicks the icon for home directories
> on the Suse Box.
>
> So the two points that surprised me are (1) that the home directories
> are visible (even though “browseable” is “off”) and (2) that win7
> auto-authenticates.
>
>
Swerdna;
This is normal behavior for all Windows clients, at least since XP but I think
this went back to W98. By default they send the username/password of the
logged on user, which is why I’ve often recommended that users use the same
username/password for both Linux and Windows. As for the browseable part,
the user is a valid user and will see their home directory but no one else
should see the share. [homes] is special and handles browseable a bit
different from other shares.
From “man smb.conf”
An important point is that if guest access is specified in the [homes]
section, all home directories will be visible to all clients without a
password. In the very unlikely event that this is actually desirable, it is
wise to also specify read only access.
The browseable flag for auto home directories will be inherited from the
global browseable flag, not the [homes] browseable flag. This is useful as it
means setting browseable = no in the [homes] section will hide the [homes]
share but make any auto home directories visible.
>
> And just for interest, vista reveals the hidden files and directories
> (dot point names) whereas win7 keeps them hidden.
>
>
swerdna;
Is your Vista set to show hidden files? The parameter “hide dot files”
(default yes) determines if these are given to Windows as hidden files. I
think if you set your Vista to not show hidden files these will disappear.
Never played with that much, I always want to see hidden files and full file
names.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
@P.V. Thanks for the two replies re hidden files and home directories.
I find that if I set in win7 or vista in Control Panel → Folder Options → show hidden files, then I can see the dot files on openSUSE but if I set in Folder Options to notshow hidden files, then the dot files on openSUSE disappear from the windows network browser. I wonder who programmed for that, Samba Devs or windows Devs, interesting.
And the visibility of john’s home directories: if I go in as paul, I can’t see john’s icon in windows, as you suggested. But if I address like this in the windows browser:
\\suseserver\john
while in paul’s account, I am prompted for John’s credentials – so all is as it should be.
Finally, I’ve updated my quite old vista tutorial and made a separate tutorial for win7 with some screenshots and other frills, using your draft as a basis, thanks again.
>
> @P.V. Thanks for the two replies re hidden files and home directories.
>
> I find that if I set in win7 or vista in Control Panel → Folder
> Options → show hidden files, then I can see the dot files on openSUSE
> but if I set in Folder Options to notshow hidden files, then the dot
> files on openSUSE disappear from the windows network browser. I wonder
> who programmed for that, Samba Devs or windows Devs, interesting.
>
Swerdna;
A bit of both I guess. The default value of the smb.conf parameter “hide dot
files” is yes. This means Samba returns dotted files to Windows with
the “hidden” flag set. Windows browsers honor or do not honer the hidden
file flag depending on how you set “show hidden files”.
See the writeup for “hide dot files” in man smb.conf. Not sure where you find
a writeup for the hidden and read only flags of NTFS. I suppose it’s
somewhere in the “Resource Kit Documentation”, but I can’t lay my hands on it
just now.
–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
