Samba - access from windows to unix  && to access window from Unix

command located in "/usr/sbin/nmbd -D" "/usr/sbin/smbd -D"
The diagnosis.txt located in samba doc(for redhat /usr/local/share/samba**) 
always your best friend while setting along with samba.
In case stuck with "invalid passwd" error while doing "net view \\hostname",
an easy way to get rid of it is to change the "security = share"..but this is
only appropriate for home lan user.

####################### some basic idea underneath

when samba starts, at least one nmbd and smbd are running. then for each client 
connect to samba , additional smbd is running. when clients access samba,  they
use both TCP and UDP. clients use TCP when they want to access file and print
shares and log on to the entwork. To do this, they establish a TCP connection to
smbd on port 139. 
Clients use UDP when they want to register or translate NetNIOS names ( ppossibly
be the workgroup name HOME etc),as well as when they are browsing the network. 
The UDP datagrams they send are sent to ports 137 and 138, depending on the
function being used.

smbd is a daemon that allows file and printer sharing on an SMB network and provides 
authentication and authorization for SMB clients.

nmbd is a daemon that looks after the Windows Internet Name Service (WINS), and
assists with browsing.

a summary in accessing a share on a server with samba protocol:
1. client requests access to \\server\share
2. the client translates the name "server" into an IP address.
3. The client establishes a TCP connection to the server on port 139.
4. when connected, the client establishes a NetBIOS session using "server" as thecalled name.
5. when NetBIOS session is established, the client negotiates a protocol.
6. net , the client authenticates to the server.
7. then the client accesses, or connects to , the share that is is interested in.

########################

we can use "killall -HUP smbd" "killall -HUP nmbd" to make samba reread the samba.conf file.

ethereal & can be used to analysie network and capture packet, decode utility.

to access windows , just type " smbmount //hostname/** /mnt/windows " . but make sure
    smaba file system is support by compiling the kernel.

It's a good way to type "smbclient -L yourhostname" to know what share variable
available on the other side. and test it with "nmblookup yourHostName". sometimes
problem caused by improperly start-up of smb. so a restart will help sometimes.

/etc/samba/smb.conf  /etc/init.d/smb restart . 
1. since Microsoft intented to not support samba in encrypted passwords.
   we need to remove the comment for
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd
   
2. setup users for samba who are already linux system user.  command " smbpasswd -a user " .

3. mapping users. due to the inconvenience of the windows login system, we need to
  map username to different UNIX user. first uncomment  " username map = /etc/samba/smbusers "
  in /etc/samba/smb.conf . 
  Second, edit /etc/samba/smbusers add something like " root = paddy " which
  grant the user named paddy coming from windows as the user root. 

4. edit  smb.conf at line " workgroup = MYGROUP " change MYGROUP to the workgourp
  name which is used as the whole system's name . such as HOME.

5. edit file "LMHOSTS.SAM " in Microsoft windows located at "\windows" to add line 
     24.100.100.100 remostehostName #PRE . the ip part should be the other end of the IP.
     remostehostName is the name of the other linux machine 's hostname. type "host" to get it.

6. testing to run " smbclient -L yourhostname " to Try listing the shares
   available on your server. then run  "smbclient  //yourhostname/userName "
   Try connecting with the unix client last try run
   " C:\WINDOWS\> net use d: \\servername\userName " which mounts the user'
   s directory to your D: then you would be able to view the linux file on D:

you may also need to edit the " host allow = 24.100.100. " to give the access to
certain IP. it's in smb.conf

########### system error 5. windows client access error

When using 'net view samba_name', got error :
   error 5 has occurred. Access denied.

that is because you are not authenticated on the samba box.  unlike windows,
which likes to tell anyone anything, samba requires you to authenticate to
it before it will tell you anything.

hence, what you should do is add a normal unix user to the samba box, use
smbpasswd -a to add the user, then on the windows side do a "net use
\\mandrake82\ipc$ /user:xx" and then you can use your net view command.

########### bad passwd

when using 'smbclient //samba_server/share', got bad passwd error.
It's often occured because the setup of smbpasswd -a procedure incorrect.
try resetup the user and it may solve the problem.

########### setting ###########

To disable a share temporarily to perform some administration on it, set
"available = false " while you work on it. Remove the line to allow users
to acccess the share again.

for samba 2.0.0 and above, it operates in "security = user" mode by default,
and "guest ok" has no effect. to make it available. add line "map to guest = bad user"
which means with bad user name samba will log on as guest
to allow guest account : add "guest ok =yes" or "public = yes"

to mount a share drive use "root preexec = mount ***" and umount it "root
postexec = umount **" . when user left the shared drive, it gets umount
automatically.