by Wayne E Goodrich (Outlaw)
(Transferred from the wiki by Peter)


Microsoft makes their Services For UNIX freely available, which is nice, since it's now easier to have a Linux server share out files to both Linux and Windows without setting up Samba on the Linux client. You need only run NFS tools (in Windows) and have a simple NFS mount rule in your fstab (in Linux). This is primarily why I decided to go this route. I have a mix of Windows and Linux systems on my home LAN, and I'd rather keep all the stuff I want access to in one central place. Some examples of stuff one would want central access to would be MP3s, any web graphics you want to manipulate from each platform, screenshots etc. It's a great way to keep your Linux or Win home directory small and uncluttered. Go here to get SFU and read up on the system requirements.
Alright, lets get on with setting this all up.

Set up the Linux Server

If you use Redhat Linux, type
rpm -qa|grep nfs
You should see nfs-utils-some-version. For Debian, type
dpkg --list|grep nfs
You should see nfs-common and/or nfs-kernel-server or nfs-user-server. On your server, enable or install NFS server.
In redhat, most likely, it is already available. Type
chkconfig --list|grep nfs
nfs             0:off   1:off   2:off   3:off   4:off   5:off   6:off
nfslock         0:off   1:off   2:off   3:on    4:on    5:on    6:off
So in this case, we need to just fire up NFS server:
  chkconfig --level 345 nfs on; service nfs start
which enables nfs server in runlevels 3, 4, and 5 and starts nfs.
In Debian, if the nfs server is not installed, retrieve nfs-kernel-server.
apt-get install nfs-kernel-server
We also need to start portmap: On Redhat, start it if it is not already running
service portmap status
If it's not running,
service portmap start; chkconfig --level 2345 portmap on
On Debian, portmap is started from inetd and should be enabled by default.
Now let's check to see if everything we need is running:
rpcinfo -p
program vers proto   port
 100000    2   tcp    111  portmapper
 100000    2   udp    111  portmapper
 100024    1   udp   1024  status
 100024    1   tcp   1025  status
 100003    2   udp   2049  nfs
 100003    3   udp   2049  nfs
 100003    2   tcp   2049  nfs
 100003    3   tcp   2049  nfs
 100021    1   udp   1026  nlockmgr
 100021    3   udp   1026  nlockmgr
 100021    4   udp   1026  nlockmgr
 100021    1   tcp   1026  nlockmgr
 100021    3   tcp   1026  nlockmgr
 100021    4   tcp   1026  nlockmgr
 100005    1   udp   1027  mountd
 100005    1   tcp   1027  mountd
 100005    2   udp   1027  mountd
 100005    2   tcp   1027  mountd
 100005    3   udp   1027  mountd
 100005    3   tcp   1027  mountd
Now we can define the export, and secure portmap with tcpwrappers.
In my case, I have a 16G directory where I want my share to reside. This is /stuff/pub.
vim /etc/exports

/stuff/pub    ,sync)
Where the IP address is that of the client who will be mounting the export.
Now lets lock down the portmapper
  vim /etc/hosts/deny
Make sure that in these two following files, the last line is an empty line.
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!
portmap : ALL : deny
Now let's explicitly allow our client: - vim /etc/hosts.allow
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
portmap : : allow
Mount The Export in Linux and Windows

Now we can mount the export from our clients. On our Linux client:
mkdir /share
mount -t nfs NFSServer:/stuff/pub /share
If the attempt times out, or comes back immediately with "NFS server is down", double check your hosts.allow and hosts.deny files.
To make the mount automatic at boot, add the following line to /etc/fstab:
saturn:/stuff/pub  /home/radar/pub nfs  soft,intr,rsize=8192,wsize=8192 0 0
Verify system requirements

On our Windows 2000 or Windows XP Pro client, we need Windows Services for UNIX and the drive must be formatted with NTFS. See the SFU system requirements from above link.


Download and extract, then run the installer. We'll only need Client for NFS and Auth Tools for NFS, so select the custom installation. Under NFS, choose Client for NFS and under Auth Tools for NFS, choose User Name Mapping. Deselect everythng else, since we only need NFS client and tools.

Install SFU

During the install, let it default to the machine's own domain, select passwd and group files and select user name mapping as options.

Configure SFU

When the installation is through, copy over your /etc/passwd and /etc/group files to C:\ on the client box. Now launch the SFU administration program from the programs menu. Select User Name Mapping to associate the windows user to the unix user who has permissions on the export. Under the configuration bar, select passwd and group files and enter C:\passwd & C:\group in the proper fields.

Map users

Select maps bar. You should see \\MACHINE. Click Show User Maps, then click Show Windows users and Show Unix users. You should see all your accounts, so now, click a user from both to associate. Click Add and verify the mapping under Mapped Users.

Map a network drive

Now go to Start >> My Network Places >> select tools from toolbar >> map network drive
Select drive letter >> click browse >> select NFS network
Your NFS server should show up under default LAN, expand the file tree until you see the export. With the export open, click Ok and verify that there is a new mapped drive under My Computer. If your user needs write access to the share, the export needs to be permitted to the unix user on the NFS server with proper file modes.

More Information

NFS How-To
Redhat NFS Guide
Debian NFS help