Setup SMB/CIFS on OpenBSD


I actually have been using AFS to access by OpenBSD servers from MacOS. But the latest release of MacOS (Lion) does not support the Netatalk version supported in OpenBSD (OpenBSD community is currently working on an upgrade).

Meanwhile I will setup Samba to enable access from my Mac. Hopefully I will be able to play my music again and perform time machine backups.

Setup Samba

This setup is performed using OpenBSD 4.9 but with minor changes this should also work in other releases.

Install Samba. There are different flavors to choose from, but I want the basic samba flavor. During install there is a note that password database backend has changed, but this does not matter to me because I do a fresh install with no existing passwords in the database.

pkg_add samba-4.7.6

Take a look at the install documentation provided by OpenBSD.

less /usr/local/share/doc/pkg-readmes/samba-4.7.6

Edit ┬┤/etc/samba/smb.conf┬┤ to suit your needs. Test smb.conf with the following.

/usr/local/bin/testparm -s

Add UNIX users and corresponding SMB users. Samba keeps a shadow user database that is managed through smbpasswd utility.

adduser john
pdbedit -a -u john  OR   smbpasswd -a john

Start service. Check that services has started using ps.

rcctl start samba
ps -auwxx | egrep '[sn]mbd'

Access the service from a local machine. If you get NT_STATUS_LOGON_FAILURE something is wrong. Most likely access restrictions in smb.conf prohibit access or the user has not been setup correctly.

smbclient -U john \\\\localhost\\john
Enter WORKGROUP\peter's password: 
Try "help" to get a list of possible commands.
smb: \> dir
  .                                   D        0  Wed Sep 29 17:06:12 2010
  ..                                  D        0  Sun Oct 30 20:36:21 2011
  .ssh                               DH        0  Sun May 24 19:34:08 2009

Try to access the service from a remote machine

smbclient -U john \\\\library\\john

Try to access the service from a MacOS Finder. In finder window run Connect to Server from Windows menu. Enter the following server address and then connect.


Create user to run samba daemon.

# adduser _samba
Enter username []: _samba
Enter full name []: Samba daemon user
Enter shell csh ksh nologin sh [ksh]: nologin
Uid [1008]: 
Login group _samba [_samba]: 
Login group is ``_samba''. Invite _samba into other groups: guest no 
Login class authpf daemon default staff [default]: daemon                                                    
Enter password []: 
Set the password so that user cannot logon? (y/n) [n]: y
OK? (y/n) [y]: y
Add another user? (y/n) [y]: n

Setup samba to start at boot. Add the following lines to /etc/rc.conf.local.

samba_user="samba"        # currently ignored