Developers Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


Windows Networking File Services with ClearOS

Samba, the component of ClearOS which makes file sharing on the CIFS protocol (mapped network drives, login scripts) is fully compliant with Microsoft Windows File and Print Services LAN Manager protocol.

This means that you can use it either as a workgroup server or as a full Domain Controller.

The Two Ways

Workgroup mode

Some users of ClearOS use their Windows networking as a simple file server and manage user accounts on each individual workstation. By creating usernames and passwords that exist the same on the server and on the workstation they are able to authenticate without supplying passwords each time they connect.

Setup Windows Networking

To demonstrate this, set up your ClearOS server and enable the Windows Networking module. You can use either Domain mode or Simple File Sharing mode.

Create a group

Next create a group in ClearOS called 'company-group'.

Create a user

Create a user on both the local workstation and on the server. The username should be lowercase on the server but it can be uppercase or mixed case on the workstation for aesthetics (CIFS is case-less but Linux is not in all cases.)

For example, if my name was Tom Smith I could create the user 'tsmith' on ClearOS and the user 'TSmith' on the windows workstation.

Be sure that this user has access to the Windows Networking service in ClearOS. Also, make him a member of the 'company-group' group.

Make sure that you give the same password to both the workstation and the server accounts when you create them.

Create a flexshare

Lastly, create a flexshare called 'company' in the Flexshare module. Assign the group 'company-group' to the flexshare as the permissions owner. Enter the 'File' tab and enable this share for file sharing. Be sure to ALSO enable the flexshare.

Logging in

Lastly, log into the workstation as the user and then access the share. If your DNS and naming is set up correctly, you can access the share via the name of the server listed in the Windows Networking module. If that doesn't work you can use the IP address of the LAN adapter. Here are some examples:

\\servername

-or-

\\192.168.1.1

Domain Controller mode

Domain Controller mode gives the ability to manage all the users of the network from just ClearOS. This is the mode most companies that wish to have a managed infrastructure will use. We recommend it for networks of 10 or more people but it can be used for even just a handful.

With Domain Controller mode, only the local administrator account will need to exist on the individual workstations. These workstations will be told to trust the ClearOS server's users and to authenticate users based on what ClearOS says is OK. This means that when you want to disable a user's access, you only need to do so from the server.

Setup Windows Networking

To demonstrate this, set up your ClearOS server and enable the Windows Networking module. You will specify Domain mode.

Also, it is important that your naming work. If you are on a single layer 2 subnet, workstations and servers will be able to see each other using broadcast methods. However, we recommend using the naming services provided or other naming services so that your network can scale.

It is best practice for your server name to be resolvable via DNS. You can test this from a workstation by pinging the servername listed in the Windows Networking module. Another useful tool for determining whether the ClearOS server is listening and can be reached via naming is called nbtstat. Run the following and replace the IP address with that of your server.

nbtstat -A 192.168.1.1

This command should show you both the servername and the domain name specified in the ClearOS Windows Networking module.

Create a group

Next create a group in ClearOS called 'company-group'.

Create a user

Create a user on the server only. This should NOT be a user listed in the local workstation's user list. The username should be lowercase on the server (CIFS is case-less but Linux is not in all instances.)

For example, if my name was Tom Smith I could create the user 'tsmith' on ClearOS.

Be sure that this user has access to the Windows Networking service in ClearOS. Also, make him a member of the 'company-group' group.

Create a flexshare

Lastly, create a flexshare called 'company' in the Flexshare module. Assign the group 'company-group' to the flexshare as the permissions owner. Enter the 'File' tab and enable this share for file sharing. Be sure to ALSO enable the flexshare.

Logging in

The last step is joining the domain. The workstation will need to join the domain in order to trust the user list on ClearOS. This is typically done by right-clicking on the 'Computer' or 'My Computer' icon in windows and going into the name section.

You will specify the domain that you are joining which is listed in the Windows Networking module and you will specify the user 'winadmin'. The password for 'winadmin' will have been set when you enabled the Windows Networking module. You can change it at any time in that module.

References

content/en_us/kb_o_windows_networking_file_services_with_clearos.txt · Last modified: 2019/10/16 11:30 by nickh

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Akb_o_windows_networking_file_services_with_clearos&1710813885