Sunday Jun 17, 2007

Configuring the SAMBA Web Administration Tool (SWAT) for Solaris 10

SWAT is a web based tool for managing a SAMBA server environment. It provides a GUI to manage the SAMBA configuration files (Global Settings, Shares, Printers etc), gives you simple interface to view SAMBA documentation and allows you to stop and restart the SAMBA processes.

SWAT ships with Solaris 10 in /usr/sfw/sbin and, like the version of SAMBA we ship, is supported by Sun.

The below is correct for Solaris 9 and Solaris 10 up to Solaris 10 Update 3 (11/06). If you are running  Solaris 10 Update 4 (8/07) or later you need to look at this blog entry.

Here is how you enable SWAT:

  1. Add the following line to /etc/services:

    swat 901/tcp

  2. Add the following line to /etc/inetd.conf:

    swat stream tcp nowait root /usr/sfw/sbin/swat swat

  3. Run the command inetconv to compile the new information in inetd.conf into Solaris. You should see messages about XML files being created, something like the below:

    root# inetconv
    swat -> /var/svc/manifest/network/swat-tcp.xml
    Importing swat-tcp.xml ...Done

You should now be able to connect to SWAT using a browser, just point your browser at http://servername:901.

If you want to know how to enable SAMBA in Solaris 10 in the first place, check out this blog entry.

Enabling and configuring SAMBA as shipped with Solaris 10

Sun ships SAMBA with Solaris 9 & Solaris 10 and it is supported as part of the Operating System. I recently completed a project with Symantec Enterprise Vault and Sun StorageTek Storage Archive Manager (aka SAM-FS) which required me to do some work with SAMBA for the first time.

My requirement was to use SAMBA to give a server running Microsoft Windows Server 2003 and Symantec Enterprise Vault access to a SAM-FS file system on a Sun server running Solaris 10. The good news is that it does all work correctly and that it performed well. As a result, this configuration is now supported by Symantec.

Initially I struggled with SAMBA and looked at many web sites and docs before I worked out how to set it up. In the end it was simple and the object of this blog entry is to explain how to set up a basic SAMBA server installation on Solaris.

The below is correct for Solaris 9 and Solaris 10 up to Solaris 10 Update 3 (11/06). If you are running Solaris 10 Update 4 (8/07) then the version of SAMBA is 3.0.25a, the patches are not applicable and the way that you stop and start SAMBA has changed: look at this blog entry for notes on that.

  1. Make sure that /usr/sfw/bin and /usr/sfw/sbin are on the root user's path.

  2. Check you have the latest version of SAMBA installed:

    root# /usr/sfw/sbin/smbd -V
    Version 3.0.21b

    This is the most recent version supported by Sun at this time. If you find you have an older version than the above then you should patch the system. The latest patch for SAMBA on Solaris 10 SPARC is 119757-04 and Solaris 10 x86 is 119758-04. If you have access to Sunsolve then Sun InfoDoc 80581 talks about this some more.

  3. By default, all files create by the windows server in the Solaris directories shared by SAMBA will be owned by user nobody. If you want to change this then you can force the ownership to another user. I created a user evault in group other for this purpose. Make sure that the user you choose has permission to write to the directories in the file systems that you are sharing with SAMBA. You can use the user root if you wish.

  4. Create an entry in the SAMBA user database for the user with the below command:

    root# smbpasswd -a evault

  5. Create the file /etc/sfw/smb.conf. Below is the /etc/sfw/smb.conf that I used. The SAM-FS file system was mounted as /ev_test and vaultstores was the subdirectory I wanted to share.

    [global]
      workgroup = EV-SAMFS
      server string = Samba Server
      log file = /var/adm/samba_log.%m
      security = SHARE
    [vaultstores]
      comment = vaultstores
      path = /ev_test/vaultstores
      force user = evault
      force group = other
      read only = No
      guest ok = Yes

    It is not obvious, but the share is defined in the square brackets and is "vaultstores" in this case.

    Note that once the file /etc/sfw/smb.conf exists SAMBA will start automatically when the system boots.

  6. You should check the syntax of /etc/sfw/smb.conf using the command testparm. Assuming that all is well you can start SAMBA.

    root# /etc/init.d/samba start

    This returns silently. If you are paranoid, like me, check to see that smbd is running. If you are running Solaris 10 Update 4 (8/07) or later this step has changed: look at this blog entry for notes on that.

From the server running Microsoft Windows I was then able to map the share \\\\servername\\vaultstores to a drive and create and delete files and directories. I then looked on the SAMBA server and confirmed that the file were created with the correct ownership, which they were.

So far as SAMBA performance tuning goes, I tried various configuration options, but in the end I used the default socket option settings, hence no custom settings for this in my smb.conf file. I found that these gave the best performance. I was fortunate in being able to get advice on this topic from Jeremy Allison who has been involved with SAMBA for years.

Note that the version of SAMBA that Sun provides at the time of writing this does not support Active Directory Services (ADS), a frequently asked for feature. Sun will ship a later version of SAMBA with support for ADS as part of a future release of Solaris 10. In the meantime, you can build your own version of SAMBA with this feature using the packages and sources at Sunfreeware.com but unfortunately the custom SAMBA build would not be supported by Sun.

For information and documentation on SAMBA go to samba.org.

If you would like to know how to configure SWAT, the SAMBA Web Administration Tool, I have written a blog entry on that here.

Saturday May 26, 2007

How To Quickly Install and Configure VNC On Solaris 10

[Update July 6 2008: If you are running Solaris 10 5/08 (Solaris 10 Update 5) or later then go here.]

I am based in the UK and the computers I use are all in Colorado or California, so remote desktops are vital to me. For Windows I used the Windows Remote Desktop software and for Solaris I use VNC.

I just found a great resource posted by Salix Training on BigAdmin. They have bundled up all the packages from the Solaris companion CD that you need for VNC to work on Solaris 10 SPARC & x86 and have provided an installation script which installs the packages and does all the configuration required...this is great, I have been doing this manually for ages and it is very fiddly.

Go here to read more. You can download the packages you need from the links at the bottom of this web page.

My personal experience was this:

I downloaded the Solaris 10 x86 zip file from their website, unzipped it, and ran the script installsol10vnc.ksh. It did the whole installation and configuration for me at one go, you don't actually need to follow the step-by-step instructions on the web page. They also provide a script vncmod.ksh to modify/manage your virtual displays!

One thing I noticed that was different from when I have installed and used VNC in the past was that there are no entries added to /etc/services or /etc/inetd.conf as the integration is now done at the Xserver level. The details of the displays are in the file /etc/dt/config/Xservers. I am used to looking in /etc/services or /etc/inetd.conf to find the addresses for the various VNC displays. Using these new packages, the VNC display addresses are hostname:1 through hostname:9 and you use vncmod.ksh to modify/manage the resolutions the displays run at. All the displays are shared.

You can get VNC viewers for most operating systems from www.realvnc.com.

There is an update on this topic in this blog entry.

About

Tim Thomas

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today