搭建samba服务器
我自己的文档
rpm -ivh samba-3.0.33-3.39.el5_8.i386.rpm --nodeps
rpm -ivh samba-client-3.0.33-3.39.el5_8.i386.rpm --nodeps
rpm -ivh samba-common-3.0.33-3.39.el5_8.i386.rpm --nodeps
rpm -qa | grep samba
samba-3.0.33-3.39.el5_8
samba-client-3.0.33-3.39.el5_8
samba-common-3.0.33-3.39.el5_8
cd /etc/samba/
mv smb.conf smb.confbak
touch sbm.conf
vi smb.conf
workgroup = LinuxSir
netbios name = LinuxSir05
server string = Linux Samba Server TestServer
security = share
[linuxsir]
path = /opt/linuxsir
writeable = yes
browseable = yes
guest ok = yes
mkdir -p /opt/linuxsir
id nobody
chown -R nobody:nobody /opt/linuxsir
[root@localhost samba]# smbd
[root@localhost samba]# nmbd
done
5.2 在服务器上创建相应的目录;
[root@localhost ~]# mkdir -p /opt/linuxsir
[root@localhost ~]# cd /opt/linuxsir
[root@localhost linuxsir]# mkdir sir01 sir02 sir03 sir04 sirshare sir0104rw sirallrw
[root@localhost linuxsir]# ls
sir01 sir0104rw sir02 sir03 sir04 sirallrw sirshare
5.3.1 添加用户组;
[root@localhost ~]# /usr/sbin/groupadd linuxsir
[root@localhost ~]# /usr/sbin/groupadd sir01
[root@localhost ~]# /usr/sbin/groupadd sir02
[root@localhost ~]# /usr/sbin/groupadd sir03
[root@localhost ~]# /usr/sbin/groupadd sir04
[root@localhost ~]# /usr/sbin/groupadd sir0104
5.3.2 添加用户;
[root@cuc03 ~]# adser -g sir01 -G sir0104 -d /opt/linuxsir/sir01 -s /sbin/nologin sir01
[root@cuc03 ~]# adser -g sir02 -G sir0104 -d /opt/linuxsir/sir02 -s /sbin/nologin sir02
[root@cuc03 ~]# adser -g sir03 -G sir0104 -d /opt/linuxsir/sir03 -s /sbin/nologin sir03
[root@cuc03 ~]# adser -g sir04 -G sir0104 -d /opt/linuxsir/sir04 -s /sbin/nologin sir04
[root@cuc03 ~]# adser -g linuxsir -d /opt/linuxsir -G
linuxsir,sir01,sir02,sir03,sir04,sir0104 -d /opt/linuxsir -s
/sbin/nologin linuxsir
[root@localhost ~]# id linuxsir
[root@localhost ~]# finger linuxsir
[root@localhost sir01]# smbpasswd -a linuxsir
New SMB password: 注:在这里添加Samba用户linuxsir的密码;
Retype new SMB password: 注:再输入一次;
用同样的方法来添加 sir01、sir02、sir03、sir04的密码;
[root@cuc03 ~]# chmod 755 /opt/linux
[root@cuc03 ~]# chown linuxsir:linuxsir /opt/linuxsir
[root@cuc03 ~]# cd /opt/linuxsir
[root@cuc03 ~]# chmod 2770 sir0*
[root@cuc03 ~]# chown sir01.linuxsir sir01
[root@cuc03 ~]# chown sir02.linuxsir sir02
[root@cuc03 ~]# chown sir03.linuxsir sir03
[root@cuc03 ~]# chown sir04.linuxsir sir04
[root@cuc03 ~]# chown linuxsir.sir0104 sir0104rw
[root@cuc03 ~]# chown linuxsir.linuxsir sirshare
[root@cuc03 ~]# chmod 755 sirshare
[root@cuc03 ~]# chown linuxsir:linuxsir sirallrw
[root@cuc03 ~]# chmod 3777 sirallrw
5.4 修改Samba配置文件 smb.conf;
配置文件如下,修改/etc/samba/smb.conf后,不要忘记重启smbd和nmbd服务器;
[global]
workgroup = LINUXSIR
netbios name = LinuxSir
server string = Linux Samba TestServer
security = share
[linuxsir]
comment = linuxsiradmin
path = /opt/linuxsir/
create mask = 775
#create mask是用户创建文件时的权限掩码;
directory mask = 0775
#directory mask 是用来设置用户创建目录时的权限掩码,意思是对于用户和用户组可读可写,对其它用户可读可执行;
writeable = yes
valid users = linuxsir
browseable = yes
[sirshare]
path = /opt/linuxsir/sirshare
writeable = yes
browseable = yes
guest ok = yes
[sirallrw]
path = /opt/linuxsir/sirallrw
writeable = yes
browseable = yes
guest ok = yes
[sir0104rw]
comment = sir0104rw
path = /opt/linuxsir/sir0104rw
create mask = 775
directory mask = 0775
writeable = yes
valid users = linuxsir,@sir0104
#@sir0104是用户组;
browseable = yes
[sir01]
comment = sir01
path = /opt/linuxsir/sir01
create mask = 775
directory mask = 0775
writeable = yes
valid users = sir01,@linuxsir
browseable = yes
[sir02]
comment = sir02
path = /opt/linuxsir/sir02
create mask = 775
directory mask = 0775
writeable = yes
valid users = sir02,@linuxsir
browseable = yes
[sir03]
comment = sir03
path = /opt/linuxsir/sir03
create mask = 775
directory mask = 0775
writeable = yes
valid users = sir03,@linuxsir
browseable = yes
[sir04]
comment = sir04
path = /opt/linuxsir/sir04
create mask = 775
directory mask = 0775
writeable = yes
valid users = sir04,@linuxsir
browseable = yes
2. 新手学习linux搭建samba服务器,无法访问
1、首先相互能PING通
2、关掉防火墙
3、配置samba
第一步:修改配置文件,把下面段写入smb.conf的最后
[global]
workgroup
=
LinuxSir
netbios
name
=
LinuxSir05
server
string
=
Linux
Samba
Server
TestServer
security
=
share
[linuxsir]
path
=
/opt/linuxsir
writeable
=
yes
browseable
=
yes
guest
ok
=
yes
第二步:建立相应目录并授权;
[root@localhost
~]#
mkdir
-p
/opt/linuxsir
[root@localhost
~]#
id
nobody
uid=99(nobody)
gid=99(nobody)
groups=99(nobody)
[root@localhost
~]#
chown
-R
nobody:nobody
/opt/linuxsir
注释:
关于授权nobody,我们先用id命令查看了nobody用户的信息,发现他的用户组也是nobody,我们要以这个为准。有些系统nobody用户组并非是nobody
;
第三步:启动smbd和nmbd服务器;
[root@localhost
~]#
smbd
[root@localhost
~]#
nmbd
3. Linux如何搭建samba服务
主配置文件:
/etc/samba/smb.conf
#=================== Global Settings===============
[global]部分设置,主要就是下列几项,其余可以保持不变,当然你要比较复杂高级的功能服务的话,那就另当别论了;
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MSHOME #主机所属工作组名称
# server string is the equivalent of the NT Description field
server string = Samba Server #SAMBA服务器主机的注释,可选,但是建议还是留着,而且尽量写的详细准确,有助于识别;
# Security mode. Most people will want user level security. See security_level.txt for details.
security = share #安全模式,由于是共享目录,所以用share;
#==================== Share Definitions ==========
共享部分设置其它保存不动,直接在最后面添加你要共享的目录即可,同时要注意其访问权限;
[nfs]
path = /var/nfs
public = yes
writable = yes
/var/nfs目录对所有用户都可读可写;
四、启动服务
通过以上简单的设置,重启服务后,即可在Windows下在网上邻居中进行访问;
在FC5下,服务名为smb及nmb,启动smb时自动将nmb也启动;
五、注意事项
1、防火墙问题
2、确保共享目录的访问权限
3、通过网上邻居访问相应共享目录前,必须确保目录在服务器上存在。
范本:vi /etc/samba/smb.conf
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = WORKGROUP
netbios name = rayman_linux
# server string is the equivalent of the NT Description field
server string =Linux Samba Server TestServer
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# if you want to automatically load your printer list rather
# than setting them up indivially then you'll need this
printcap name = /etc/printcap
load printers = yes
# It should not be necessary to spell out the print system type unless
# yours is non-standard. Currently supported print systems include:
# bsd, sysv, plp, lprng, aix, hpux, qnx, cups
printing = cups
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
guest account = detack
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 0
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = share
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server = <NT-Server-Name>
# Password Level allows matching of _n_ characters of the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# The following is needed to keep smbclient from spouting spurious errors
# when Samba is built with support for SSL.
; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
# The following are needed to allow password changing from Windows to
# update the Linux system password also.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
# You can use PAM's password change control flag for Samba. If
# enabled, then PAM will be used for password changes when requested
# by an SMB client instead of the program listed in passwd program.
# It should be possible to enable this without changing your passwd
# chat parameter for most setups.
pam password change = yes
# Unix users can map to different SMB User names
; username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /etc/samba/smb.conf.%m
# This parameter will control whether or not Samba should obey PAM's
# account and session management directives. The default behavior is
# to use PAM for clear text authentication only and to ignore any
# account or session management. Note that Samba always ignores PAM
# for authentication in the case of encrypt passwords = yes
obey pam restrictions = yes
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Configure remote browse list synchronisation here
# request announcement to, or browse list sync from:
# a specific host or from / to a whole subnet (see below)
; remote browse sync = 192.168.3.25 192.168.5.255
# Cause this host to announce itself to local subnets here
; remote announce = 192.168.1.255 192.168.2.44
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
dns proxy = no
# Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
; preserve case = no
; short preserve case = no
# Default case is normally upper case for all DOS files
; default case = lower
# Be very careful with case sensitivity - it can break things!
; case sensitive = no
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
; map to guest = bad user
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each indivial printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff
# Other examples.
#
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /home/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/local/pc/%m
; public = no
; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
[public]
path = /home/detack/app/tomcat
public = yes
browseable = yes
writable = yes
printable = no
guest ok = yes
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
4. 搭建samba服务器应该注意什么
一般你装系统的时候会默认安装samba,如果没有安装,只需要运行这个命令安装(CentOS):
“yum install -y samba samba-client”
Samba的配置文件为/etc/samba/smb.conf,通过修改这个配置文件来完成我们的各种需求。打开这个配置文件,你会发现很多内容都用”#”或者”;”注视掉了。先看一下未被注释掉的部分:
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
主要有以上三个部分:[global], [homes], [printers]。
[global]定义全局的配置,”workgroup”用来定义工作组,相信如果你安装过windows的系统,你会对这个workgroup不陌生。一般情况下,需要我们把这里的”MYGROUP”改成”WORKGROUP”(windows默认的工作组名字)。
security = user #这里指定samba的安全等级。关于安全等级有四种:
share:用户不需要账户及密码即可登录samba服务器
user:由提供服务的samba服务器负责检查账户及密码(默认)
server:检查账户及密码的工作由另一台windows或samba服务器负责
domain:指定windows域控制服务器来验证用户的账户及密码。
passdb backend = tdbsam # passdb backend (用户后台),samba有三种用户后台:smbpasswd, tdbsam和ldapsam.
smbpasswd:该方式是使用smb工具smbpasswd给系统用户(真实用户或者虚拟用户)设置一个Samba 密码,客户端就用此密码访问Samba资源。smbpasswd在/etc/samba中,有时需要手工创建该文件。
tdbsam:使用数据库文件创建用户数据库。数据库文件叫passdb.tdb,在/etc/samba中。passdb.tdb用户数据库可使用smbpasswd –a创建Samba用户,要创建的Samba用户必须先是系统用户。也可使用pdbedit创建Samba账户。pdbedit参数很多,列出几个主要的:
pdbedit –a username:新建Samba账户。
pdbedit –x username:删除Samba账户。
pdbedit –L:列出Samba用户列表,读取passdb.tdb数据库文件。
pdbedit –Lv:列出Samba用户列表详细信息。
pdbedit –c “[D]”–u username:暂停该Samba用户账号。
pdbedit –c “[]”–u username:恢复该Samba用户账号。
ldapsam:基于LDAP账户管理方式验证用户。首先要建立LDAP服务,设置“passdb backend = ldapsam:ldap://LDAP Server”
load printers 和 cups options 两个参数用来设置打印机相关。
除了这些参数外,还有几个参数需要你了解:
netbios name = MYSERVER # 设置出现在“网上邻居”中的主机名
hosts allow = 127. 192.168.12. 192.168.13. # 用来设置允许的主机,如果在前面加”;”则表示允许所有主机
log file = /var/log/samba/%m.log #定义samba的日志,这里的%m是上面的netbios name
max log size = 50 # 指定日志的最大容量,单位是K
[homes]该部分内容共享用户自己的家目录,也就是说,当用户登录到samba服务器上时实际上是进入到了该用户的家目录,用户登陆后,共享名不是homes而是用户自己的标识符,对于单纯的文件共享的环境来说,这部分可以注视掉。
[printers]该部分内容设置打印机共享。
5. 怎样在Linux系统搭建Samba共享服务器
17.2. 配置 Samba 服务器 默认的配置文件(/etc/samba/smb.conf)允许用户作为 Samba 共享来查看他们的 Red Hat Linux 主目录。它还把为 Red Hat Linux 配置的打印机作为 Samba 共享打印机来共享。换一句话说,你可以在你的 Red Hat Linux 系统上连接打印机,然后从网络上的 Windows 机器来打印。 17.2.1. 图形化配置 要使用图形化界面来配置 Samba,使用 Samba 服务器配置工具。要使用命令行来配置,请跳到第 17.2.2 节。 Samba 服务器配置工具是用来管理 Samba 共享、用户、以及基本服务器设置的图形化界面。它修改 /etc/samba/ 目录中的配置文件。没有使用该程序进行的改变都会被保留。 要使用该程序,你必须在运行 X 窗口系统,具备根特权,并且安装了 redhat-config-samba RPM 软件包。要从桌面启动 Samba 服务器配置工具,点击面板上的“主菜单” => “系统设置” => “服务器设置” => “Samba 服务器”,或在 shell 提示(如 XTerm 或 GNOME 终端)下键入 redhat-config-samba 命令。 图 17-1. Samba 服务器配置工具 注记 Samba 服务器配置工具不显示允许用户在 Samba 服务器上查看他们自己的主目录的共享打印机或默认文件段。 17.2.1.1. 配置服务器设置 配置 Samba 服务器的第一步是配置服务器的基本设置和几个安全选项。启动了应用程序后,选择 “首选项” => “服务器设置”。“基本”活页标签如 图 17-2所示。 图 17-2. 配置基本服务器设置 在“基本”标签上,指定计算机应在的工作组以及对计算机的简短描述。它们与 smb.conf 中的 workgroup 和 server string 选项相对应。 图 17-3. 配置安全服务器设置 “安全”标签包含以下选项: “验证模式” — 它和 security 选项相对应。选择以下验证模式中的一种。 “域” — Samba 服务器依赖于 Windows NT 主要或备份域控制器来校验用户。服务器把用户名和口令传递给控制器,然后等待它们被返回。在“验证服务器”字段中指定主要或备份域控制器的 NetBIOS 名称。 “加密口令”选项如果被选,它必须被设置为“是”。
6. 怎么在linux上搭建samba服务器
SMB(Server MessagesBlock)协议:实现局域网内文件或打印机等资源共享服务的协议。
11.2 Samba服务
11.2.1 安装服务程序
通过安装Samba服务程序后细致的分析其配置文件参数,更能够帮助读者们理解Samba服务的安全验证方式。
安装Samba服务软件包:
[root@linuxprobeDesktop]#yuminstallsamba
Loadedplugins:langpacks,proct-id,subscription-manager
………………省略部分安装过程………………
Installing:
sambax86_644.1.1-31.el7rhel7527k
………………省略部分安装过程………………
Complete!
浏览Samba配置文件:
[root@linuxprobe~]#cat/etc/samba/smb.conf
配置文件竟然有320行!有没有被吓到?其实Samba服务配置文件中大部分是注释信息,我们可以来筛选过滤下:
备份原始的配置文件:
[root@linuxprobe~]#mv/etc/samba/smb.conf/etc/samba/smb.conf.bak
过滤掉无用的内容:
先使用cat命令读入Smb配置文件后通过grep命令-v参数(反向选择)去掉所有注释信息,然后分别删选掉包含#号的行("#"),包含;号的行(";")以及所有的空白行("^$"),最后最后将过滤后的信息覆盖写入到/etc/samba/smb.conf文件中。
cat/etc/samba/smb.conf.bak|grep-v"#"|grep-v";"|grep-v"^$">/etc/samba/smb.conf
让我们来看看过滤后的配置文件吧:
[global]#全局参数。
workgroup=MYGROUP#工作组名称。
serverstring=SambaServerVersion%v#服务器介绍信息,参数%v为显示SMB版本号。
logfile=/var/log/samba/log.%m#定义日志文件存放位置与名称,参数%m为来访的主机名。
maxlogsize=50#定义日志文件最大容量为50Kb。
security=user#安全验证的方式,总共有4种。
#share:来访主机无需验证口令,更加方便,但安全性很差。
#user:需由SMB服务验证来访主机提供的口令后才可建立访问,更加的安全。
#server:使用独立的远程主机验证来访主机提供的口令(集中管理帐号)。
#domain:使用PDC来完成验证
passdbbackend=tdbsam#定义用户后台的类型,共有3种。
#smbpasswd:使用SMB服务的smbpasswd命令给系统用户设置SMB密码。
#tdbsam:创建数据库文件并使用pdbedit建立SMB独立的用户。
#ldapsam:基于LDAP服务进行帐户验证。
loadprinters=yes#设置是否当Samba服务启动时共享打印机设备。
cupsoptions=raw#打印机的选项
[homes]#共享参数
comment=HomeDirectories#描述信息
browseable=no#指定共享是否在“网上邻居”中可见。
writable=yes#定义是否可写入操作,与"readonly"相反。
[printers]#打印机共享参数
comment=AllPrinters
path=/var/spool/samba#共享文件的实际路径(重要)。
browseable=no
guestok=no#是否所有人可见,等同于"public"参数。
writable=no
printable=yes
标准的Samba共享参数是这样的:
参数作用
[linuxprobe]共享名称为linuxprobe
comment=警告用户不要随意修改数据库
path=/home/database共享文件夹在/home/database
public=no关闭所有人可见
writable=yes允许写入操作
后面的详细配置可以参考《linux就该这么学》的第十一章,上面有详细的介绍安装和配置步骤,常用的安全级别有share、user,这种服务在企业和公司中用的还是比较多的。
7. Linux下如何搭建SAMBA服务器
1、相关的文件
samba-common samba服务器的主文件
samba 服务器端的软件
samba-client 客户端的软件
redhat-config-samba 图形界面的配置文件
samba-swat web配置工具
2、步骤
1)安装SAMBA服务器
(1)检测是否安装samba
#rpm -qa | grep samba
(2)安装:将第一张光盘放入光驱
#mount /mnt/cdrom
#cd /mnt/cdrom/RedHat/RPMS
#ls samba*.*
#rpm -ivh samba-common-2.2.7a-7.9.0.i386.rpm
#rpm -ivh samba-2.2.7a-7.9.0.i386.rpm
#rpm -ivh samba-client-2.2.7a-7.9.0.i386.rpm
#cd /
#umount /mnt/cdrom
#eject
2)设置samba的密码文件
(1)成批用户密码文件的生成
#cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd
(2)删除一些无用的shell帐户
#vi /etc/samba/smbpasswd
从1到9。
(3)设置目录和文件的权限
#chown root.root /etc/samba/smbpasswd
#chmod 500 /etc/samba
#chmod 600 /etc/samba/smbpasswd
#ll -d /etc/samba
(4)单个用户设置samba密码
#useradd wujianan
#passwd wujianan
#smbpasswd -a wujianan
3)启动samba服务器
#service smb start
#pstree | grep mbd
#smbclient -L localhost或者IP地址
4)配置samba的共享
#vi /etc/samba/smb.conf
[global]
workgroup = workgroup
server string = samba server
;hosts allow = 192.168.1. 192.168.2. 127.
printcap = /etc/printcap
load prints = yes
printing = cups
;guest account = pcguest
log file = /var/log/samba/%m.log
max log size = 0
安全选项
security = user(share)
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
;interfaces = 192.168.12.2/24 192.168.13.2/24
dns proxy = no
设置每个用户主目录共享
[homes]
comment = Home Directries
browseable = no 不允许浏览共享文件夹
writeable = yes 允许写入
valid users = %s
create mode = 0664
directry mode = 0775
[printers]
comment = All prints
path = /var/spool/samba
browseable = no
printable = yes
[doc]
comment = doc
path = /home/doc
browseable = no
writeable = no或 read only = yes
guest ok = yes
示例:
要求:创建一个共享目录,所有用户都可访问,权限为只读。
#vi /etc/samba/smb.conf
workgroup = workgroup
server string = samba server
netbios name = RH9
dos charset = cp936
unix charset = cp936
secrity = share
[read]
comment = read
path = /home/read
public = yes
guest ok = yes
read only = yes
保存退出
#mkdir /home/read
#service iptables stop
#service smb start
#testparm
\\ip地址
创建一个可写的目录,允许所有用户可写入。
[write]
comment = write
path = /home/write
public = yes
guest ok = yes
writeable = yes
保存退出
#mkdir /home/write
#chmod 777 /home/write
#service iptables stop
#service smb restart
为指定的用户和组访问samba服务器
#useradd mehost
#passwd wujianan
#smbpasswd -a wujianan
#mkdir /var/samba/wujianan
#chown stu1.stu1 /var/samba/wujianan
#vi /etc/samba/smb.conf
security = user
[wujianan]
comment = wujianan
path = /var/samba/wujianan
valid users = wujianan
public = yes
writeable = yes
保存退出
#service smb restart
最简单的电影服务器的配置
#vi /etc/samba/smb.conf
workgroup = workgroup
server string = movies server
guest account = nobody
security = share
client code page = cp936
wins support = yes
[movies]
comment = movies
browseable = yes
writeable = no
path = /movies
guest ok = yes
read only = yes
保存退出
#mkdir /movies
#useradd admin -d movies
#passwd admin
#vi /etc/passwd
admin:x:0:500::/movies:/bin/bash
保存退出
#ntsysv
选择smb和vsftp项
#service smb start
#service vsftpd start
#service iptables stop
8. 笔记本怎么搭建samba服务器
1、首先需要登入安装了Linux系统的计算机,安装Samba。Fedora发行版一般使用yum工具安装Samba服务器,可以使用“rpm -q samba”查询Samba服务器是否已经安装,当然,也可以直接使用“yum install samba”安装Samba服务器。如果Samba已经安装,yum会给出提示,否则按照步骤,输入“y”就可以直接下载安装Samba服务器了。
2、安装完成之后,需要查看一下Samba是否已经加入到自启动服务。使用“/sbin/chkconfig | grep smb”和“/sbin/chkconfig | grep nmb”命令可以查看smb和nmb是否加入到系统服务。(SMB是Samba共享服务,nmb是NetBIOS服务,为配合Windows使用,他们两个服务都要加入到系统服务中)。然后再使用“/sbin/service smb status”和“/sbin/service nmb status”查看服务是否已经启用。
3、接下来就要配置samba服务器了。编辑修改“/etc/samba/smb.conf”,设置共享和认证参数。如图就是我在用的Samba用户共享典型配置文件。编辑修改完成之后,可以使用“testparm /etc/samba/smb.conf”验证配置文件的有效性,以免因配置文件错误而导致Samba服务无法启动。
4、验证OK的话,接下来就是添加Samba共享用户了,使用“/usr/bin/smbpasswd -a <用户名称>”的方式添加Samba共享用户,并为每个用户设置Samba共享认证的密码。
5、到这里基本上Samba服务器配置就完成了,如果上述步骤中smb和nmb服务没有自动添加到系统服务中,可以使用“/sbin/chkconfig --level 2345 smb on”和“/sbin/chkconfig --level 2345 nmb on”将其加入到系统服务中,其中2345是Linux的运行级别,一般都不会超出这几个运行级别。然后我们就可以使用“/sbin/service smb restart”和“/sbin/service nmb restart”重启服务了。
6、重启完成之后,Windows就可以访问用户共享了。在Windows资源管理器输入“\\共享IP地址\共享用户”,就可以访问用户自己目录下的全部文件了。
7、为了测试共享权限,我们进入用户共享目录,尝试在Windows资源管理器中创建一个“test”目录。
8、回到Linux的用户目录,我们就可以看到,Windows和Linux查看到的用户共享目录是一致的。(你可能觉得看到的文件和目录说不一致,这是因为我的Windows设置了显示隐藏文件和文件夹的缘故。)
9. 如何搭建samba服务器
samba安装和启动
samba的源码安装采用最新版本samba-4.1.14,官网下载。安装过程如下:
$ sudo mkdir /usr/local/samba-4.1.14
$ ./configure --prefix=/usr/local/samba-4.1.14
...
Checking for program xsltproc : not found
Checking for program python : /usr/bin/python
Checking for program python : /usr/bin/python
Checking for program python : /usr/bin/python
Checking for Python version >= 2.5.0 : ok 2.7.6
Checking for library python2.7 : not found
Checking for library python2.7 : yes
Checking for program python2.7-config : not found
Checking for program python-config-2.7 : not found
Checking
for custom code
: Could not find the python development headers
/home/anonymalias/Downloads/samba-4.1.14/wscript:100:
error: the configuration failed (see
'/home/anonymalias/Downloads/samba-4.1.14/bin/config.log')
上面错误的原因是samba必须依赖python,执行
$ sudo apt-get install python-dev
后面就是make && sudo make install,安装ok后,安装目录结构如下:
/usr/local/samba-4.1.14$ ls
bin etc include lib private sbin share va
将源码文件下默认的conf文件拷贝到安装目录下的etc目录中
/usr/local/samba-4.1.14$ cp /home/anonymalias/Downloads/samba-4.1.14/examples/smb.conf.default etc/smb.conf
修改smb.conf中配置
global段添加如下字段
[global]
...
netbios name = ubuntu
共享资源字段采用默认配置
[homes]
comment = Home Directories
browseable = no
writable = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each indivial printer
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
添加用户名为Ubuntu的账户,
/usr/local/samba-4.1.14$ sudo bin/smbpasswd -a ubuntu
New SMB password:
Retype new SMB password:
samba服务器的用户是依赖于linux的用户,只能添加linux中已存在的用户,否则会出现如下错误:
/usr/local/samba-4.1.14$ sudo bin/smbpasswd -a user1
New SMB password:
Retype new SMB password:
Failed to add entry for user user1.
启动samba 服务
/usr/local/samba-4.1.14$ sudo sbin/nmbd
/usr/local/samba-4.1.14$ sudo sbin/smbd
在Windwos文件管理器或直接win+R,输入server ip,可以看到如下界面:
10. 如何部署Samba服务
你好,这里有一篇文章关于
Linux中samba服务器的搭建
希望可以帮助到你!