# Samba 4.8 as Standalone server



## bangmyhead (Jun 11, 2018)

Hello, I just installed Samba 4.8 on FreeBSD 11, I could start Samba but I am having problems with my shared folder. I can not see it from my LAN when I look at the IP for it from other computers, my guess is that I have something wrong or miss on the configuration so I left it here to see if someone can help me. As you will see it does not need any security rule. Thanks in advance.


```
[public]
   path = /mnt/data
   public = yes
   guest ok = yes
   writable = yes
   printable = yes
   usershare allow guests = yes
   create mask = 777
```


----------



## Deleted member 54719 (Jun 11, 2018)

Until mount_cifs gets fixed in freeBSD to support SMB2 and above, samba isn't doing me much good right now either.

But the "more to the point" question I have for you is what does your [global] section look like in smb4.conf?


----------



## bangmyhead (Jun 12, 2018)

tempest766 said:


> Until mount_cifs gets fixed in freeBSD to support SMB2 and above, samba isn't doing me much good right now either.
> 
> But the "more to the point" question I have for you is what does your [global] section look like in smb4.conf?





```
[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = KLM240

# server string is the equivalent of the NT Description field
   server string = BSD300

# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
   security = user
   map to guest = Bad User

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
   hosts allow = 14.

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
   load printers = yes

# you may wish to override the location of the printcap file
;   printcap name = /etc/printcap

# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
;   printcap name = lpstat

# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
;   printing = cups

# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
;  guest account = pcguest

# this tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Put a capping on the size of the log files (in Kb).
   max log size = 50

# Use password server option only with security = server
# The argument list may include:
#   password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
#   password server = *
;   password server = <NT-Server-Name>

# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
;   realm = MY_REALM

# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
;   passdb backend = tdbsam

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
#       this line.  The included file is read at that point.
;   include = /usr/local/etc/smb4.conf.%m

# Most people will find that this option gives better performance.
# See the chapter 'Samba performance issues' in the Samba HOWTO Collection
# and the manual pages for details.
# You may want to add the following on a Linux system:
;   socket options = SO_RCVBUF=8192 SO_SNDBUF=8192

# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
   interfaces = 14.1.1.111/32

# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
   local master = no

# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
;   os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
;   domain master = no

# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
;   preferred master = no

# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
;   domain logons = no

# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
;   logon script = %m.bat
# run a specific logon batch file per username
;   logon script = %U.bat

# Where to store roving profiles (only for Win95 and WinNT)
#        %L substitutes for this servers netbios name, %U is username
#        You must uncomment the [Profiles] share below
;   logon path = \\%L\Profiles\%U

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
;   wins support = yes

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
#       Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
;   wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one  WINS Server on the network. The default is NO.
;   wins proxy = yes

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
   dns proxy = no

# Charset settings
;   display charset = koi8-r
;   unix charset = koi8-r
;   dos charset = cp866

# Use extended attributes to store file modes
;    store dos attributes = yes
;    map hidden = no
;    map system = no
;    map archive = no

# Use inherited ACLs for directories
;    nt acl support = yes
;    inherit acls = yes
;    map acl inherit = yes

# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
;  add user script = /usr/sbin/useradd %u
;  add group script = /usr/sbin/groupadd %g
;  add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
;  delete user script = /usr/sbin/userdel %u
;  delete user from group script = /usr/sbin/deluser %u %g
;  delete group script = /usr/sbin/groupdel %g

# No Pass
    null passwords = yes

# Logs de samba
vfs objects = full_audit
full_audit:prefix = %u|%I|%m|%S
full_audit:success = mkdir rename unlink rmdir pwrite pread connect disconnect
full_audit:failure = none
full_audit:facility = LOCAL7
full_audit:priority = NOTICE

# Dead Time
    deadtime = 15
```


----------



## Deleted member 54719 (Jun 12, 2018)

You neglect to say whether your clients are NIX boxes, or Windows?

Can you at least ping the server?

What does `smbclient -L {ip} -N` show?


----------



## bangmyhead (Jun 12, 2018)

tempest766 said:


> You neglect to say whether your clients are NIX boxes, or Windows?
> 
> Can you at least ping the server?
> 
> What does `smbclient -L {ip} -N` show?



The clients are using Windows, I tried with a Debian but also can not see any shared. If I run that line on FreeBSD it drops:


```
# smbclient -L 14.1.1.111 -N
WARNING: The "null passwords" option is deprecated
Connection to 14.1.1.111 failed (Error NT_STATUS_CONNECTION_REFUSED)
```


----------



## ShelLuser (Jun 12, 2018)

Just wondering, ever tried to force a connection in Windows?  So, while in explorer, try to use \\bsd300, or also an option: \\14.1.1.111.

Also: why are you using an IP address in the 14 range? That's not the usual private address range which makes me wonder in what kind of environment you're using this. If you're using a private LAN environment then I would definitely recommend sticking with the private IP ranges.

(edit)

As tempest766 already suggested: can the Window clients actually ping the FreeBSD box at all? So.. open a command line (Win-r, then 'cmd.exe') and on the commandline try `ping 14.1.1.111`. You might also want to try `tracert 14.1.1.111` just to make sure your data doesn't get sent off onto the Internet.


----------



## bangmyhead (Jun 12, 2018)

ShelLuser said:


> Just wondering, ever tried to force a connection in Windows?  So, while in explorer, try to use \\bsd300, or also an option: \\14.1.1.111.
> 
> Also: why are you using an IP address in the 14 range? That's not the usual private address range which makes me wonder in what kind of environment you're using this. If you're using a private LAN environment then I would definitely recommend sticking with the private IP ranges.
> 
> ...


Yes I tried to force it from Windows using the name and the ip also as you mention. The rank is 14. because the LAN is using that range, just for the record the same configuration works with a Debian


----------



## bangmyhead (Jun 13, 2018)

This is solved, I did a fresh install of FreeBSD 11.1 and it worked now.


----------

