Shulou(Shulou.com)06/01 Report--

This article mainly introduces the "introduction of the installation and configuration of the Samba server under CentOS6.3". In the daily operation, I believe that many people have doubts about the installation and configuration of the Samba server under CentOS6.3. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "introduction to the installation and configuration of Samba server under CentOS6.3". Next, please follow the editor to study!

I. brief introduction

Samba is a software that enables the Linux system to apply the Microsoft network communication protocol, while SMB is the abbreviation of Server Message Block, that is, the server message block, and SMB is mainly used as the network communication protocol of Microsoft. Later, Samba applied the SMB communication protocol to the Linux system, forming the current Samba software. Later, Microsoft renamed SMB to CIFS (Common Internet File System), that is, the public Internet file system, and added many new features, which made Samba more powerful.

The biggest function of Samba is that it can be used for direct file sharing and print sharing between Linux and windows systems. Samba can be used not only for file sharing between windows and Linux, but also for resource sharing between Linux and Linux. Because NFS (network file system) can well complete data sharing between Linux and Linux, Samba is more used in data sharing between Linux and windows.

SMB is based on client / server protocol, so a Samba server can act as either a file sharing server or a Samba client. For example, if a Samba server has been set up under Linux, the windows client can share the resource files on the Samba server through the SMB protocol. At the same time, the Samba server can also access the files shared by other windows systems or Linux systems in the network.

Samba uses NetBIOS protocol under windows. If you want to use files shared under Linux, please make sure that NetBIOS protocol is installed on your windows system.

There are two services running in Samba, one is SMB, the other is NMB;SMB, which is the core startup service of Samba, which is mainly responsible for establishing dialogue between Linux Samba server and Samba client, verifying user identity and providing access to files and printing system. Only when SMB service is started, can file sharing be realized and 139TCP port monitored. While the NMB service is responsible for parsing, similar to the function implemented by DNS, NMB can correspond to the workgroup name shared by the Linux system with its IP. If the NMB service is not started, it can only access shared files through IP and listen to 137and 138UDP ports.

For example, if the IP address of a Samba server is 10.0.0.163 and the corresponding workgroup name is davidsamba, you can access the shared file by entering the following two instructions in Windows's IE browser. In fact, this is the way to view Linux Samba server shared files under Windows.

\ 10.0.0.163\ share directory name

\\ davidsamba\ shared directory name

The Samba server can achieve the following functions: WINS and DNS services; network browsing services; authentication and authorization between Linux and Windows domains; UNICODE character set and domain name mapping; UNIX sharing that meets the CIFS protocol.

II. System environment

System platform: CentOS release 6.3 (Final)

Samba version: samba-3.5.10-125.el6.x86_64

Samba Server IP:10.0.0.163

The firewall is turned off / iptables: Firewall is not running.

SELINUX=disabled

3. Install Samba service

1. Use yum tools to install on machines that can be connected to the Internet, and if not, mount the system CD for installation.

# yum install samba samba-client samba-swat

Dependent packages samba-common, samba-winbind-clients, and libsmbclient will be installed automatically.

2. Check the installation status

3. Installation package instructions

Samba-common-3.5.10-125.el6.x86_64 / / mainly provides the samba server settings file and settings file syntax checker testparm

Samba-client-3.5.10-125.el6.x86_64 / / client software, which mainly provides the set of tool instructions needed when the linux host is used as the client

Samba-swat-3.5.10-125.el6.x86_64 / / web configuration interface of samba server based on https protocol

Samba-3.5.10-125.el6.x86_64 / / server-side software, mainly provides samba server daemon, shared documents, log rotation, boot default option

When the Samba server is installed, the configuration file directory / etc/samba and other samba executable command tools are generated, / etc/samba/smb.conf is the core configuration file for samba, and / etc/init.d/smb is the startup / shutdown file for samba.

4. Start the Samba server

You can start, shut down, and restart the Samba service through / etc/init.d/smb start/stop/restart. Start the SMB service as follows:

5. Check the startup of samba service.

# service smb status

6. Set the boot self-startup

# chkconfig-- level 35 smb on / / automatically runs the samba service at levels 3 and 5

4. Configure Samba service

The main configuration file for Samba is / etc/samba/smb.conf

The main configuration file consists of two parts

Global Settings (55-245 lines)

This setting is related to the overall operating environment of the Samba service, and its setting project is for all shared resources.

Share Definitions (246-trailing)

This setting is for the individual settings of the shared directory and only works on the current shared resource.

Global parameters:

# = Global Settings =

[global]

Config file = / usr/local/samba/lib/smb.conf.%m

Note: config file allows you to overwrite the default configuration file with another configuration file. If the file does not exist, the item is invalid. This parameter is useful to make the samba configuration more flexible, allowing a samba server to simulate multiple servers with different configurations. For example, if you want PC1 (hostname) to use its own configuration file when accessing Samba Server, configure a file called smb.conf.pc1 for PC1 under / etc/samba/host/, and then add config file = / etc/samba/host/smb.conf.%m to smb.conf. In this way, when PC1 requests to connect to Samba Server, smb.conf.%m is replaced with smb.conf.pc1. In this way, for PC1, the Samba service it uses is defined by smb.conf.pc1, while other machines accessing Samba Server still apply smb.conf.

Workgroup = WORKGROUP

Description: set the workgroup or domain to which Samba Server will join.

Server string = Samba Server Version% v

Description: set the comments for Samba Server, which can be any string or unfilled. Macro% v indicates that the version number of the Samba is displayed.

Netbios name = smbserver

Description: sets the NetBIOS name of Samba Server. If left empty, the first part of the server's DNS name is used by default. Netbios name and workgroup names should not be set to the same.

Interfaces = lo eth0 192.168.12.2, 24 192.168.13.2, 24

Description: set which network card Samba Server monitors, you can write the name of the network card, you can also write the IP address of the network card.

Hosts allow = 127.00. 192.168.1. 192.168.10.1

Description: indicates the client that is allowed to connect to Samba Server, with multiple parameters separated by spaces. It can be represented by an IP or a network segment. Hosts deny is the opposite of hosts allow.

For example: hosts allow=172.17.2.EXCEPT172.17.2.50

Indicates that host connections from 172.17.2.* are allowed, but 172.17.2.50 is excluded

Hosts allow=172.17.2.0/255.255.0.0

Indicates that all host connections from the 172.17.2.0Universe 255.255.0.0 subnet are allowed

Hosts allow=M1,M2

Indicates that connections from M1 and M2 computers are allowed

Hosts allow=@pega

Indicates that all computer connections from the pega domain are allowed

Max connections = 0

Description: max connections is used to specify the maximum number of connections to the Samba Server. If the number of connections is exceeded, new connection requests are rejected. 0 means no limit.

Deadtime = 0

Description: deadtime is used to set the time to disconnect a connection that has not opened any files. The unit is minutes, and 0 means that Samba Server does not automatically disconnect any connections.

Time server = yes/no

Description: time server is used to set up a time server that makes nmdb a windows client.

Log file = / var/log/samba/log.%m

Description: sets the storage location of Samba Server log files and the name of log files. Add a macro% m (hostname) to the file name to indicate that a separate log file is recorded for each machine accessing Samba Server. If pc1 and pc2 have visited Samba Server, two log files, log.pc1 and log.pc2, will be left in the / var/log/samba directory.

Max log size = 50

Description: set the maximum capacity of Samba Server log files. Unit: kB,0 means no limit.

Security = user

Description: sets the authentication method for users to access Samba Server. There are four authentication methods.

1. Share: users do not need to provide a username and password to access Samba Server, so the security performance is low.

2. The user:Samba Server shared directory can only be accessed by authorized users, and Samba Server is responsible for checking the correctness of the account and password. The account number and password should be established in this Samba Server.

3. Server: rely on other Windows NT/2000 or Samba Server to verify users' accounts and passwords, which is a kind of proxy authentication. In this security mode, the system administrator can centralize all Windows users and passwords on one NT system, use Windows NT for Samba authentication, and the remote server can automatically authenticate all users and passwords. If authentication fails, Samba will use user-level security mode as an alternative.

4. Domain: domain security level, using the primary domain controller (PDC) to complete authentication.

Passdb backend = tdbsam

Description: passdb backend means the user backend. There are currently three types of backend: smbpasswd, tdbsam, and ldapsam. Sam should be an abbreviation for security account manager (secure account Management).

1.smbpasswd: this way is to use smb's own tool smbpasswd to set a Samba password to the system user (real user or virtual user), and the client uses this password to access Samba resources. The smbpasswd file is in the / etc/samba directory by default, but sometimes it is created manually.

2.tdbsam: this way is to use a database file to build the user database. The database file is called passdb.tdb and defaults to the / etc/samba directory. The passdb.tdb user database can use smbpasswd-a to establish Samba users, but the Samba users to be established must first be system users. We can also use the pdbedit command to set up a Samba account. The pdbedit command has a lot of parameters, and we list a few major ones.

Pdbedit-a username: create a new Samba account.

Pdbedit-x username: delete the Samba account.

Pdbedit-L: list Samba users and read passdb.tdb database files.

Pdbedit-Lv: lists the details of the list of Samba users.

Pdbedit-c "[D]"-u username: suspend the Samba user's account.

Pdbedit-c "[]"-u username: restore the account of this Samba user.

3.ldapsam: this method is based on LDAP account management to authenticate users. First set up the LDAP service, and then set "passdb backend = ldapsam:ldap://LDAP Server"

Encrypt passwords = yes/no

Description: whether to encrypt the authentication password. Because windows operating systems now use encrypted passwords, it is generally necessary to turn this on. However, the configuration file is turned on by default.

Smbpasswd file = / etc/samba/smbpasswd

Description: used to define the password file for samba users. If you don't have a smbpasswd file, you need to create it manually.

Username map = / etc/samba/smbusers

Description: used to define user name mapping, for example, you can replace root with administrator, admin, etc. However, it should be defined in advance in the smbusers file. For example: root = administrator admin, so you can use administrator or admin to log in to Samba Server instead of root, which is closer to the habits of windows users.

Guest account = nobody

Description: used to set the guest user name.

Socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

Description: used to set the Socket options for the session between the server and the client, you can optimize the transmission speed.

Domain master = yes/no

Description: set whether the Samba server should become the domain master browser, which can manage browsing services across subdomains.

Local master = yes/no

Description: local master is used to specify whether Samba Server attempts to become the master browser for the local domain. If set to no, it will never become the primary browser for the local domain. But even if it is set to yes, it does not mean that the Samba Server can become the main browser and still need to participate in the election.

Preferred master = yes/no

Note: setting Samba Server to force the election of the main browser as soon as it is powered on can improve the chance that Samba Server will become the main browser of the local domain. If this parameter is specified as yes, it is best to specify domain master as yes as well. Note when using this parameter: if other machines (whether windows NT or other Samba Server) in the subnet where this Samba Server is located are also designated as the primary master browser, these machines will broadcast heavily on the network due to competing for the main browser, affecting network performance.

If there are more than one Samba Server in the same area, set the above three parameters to one.

Os level = 200

Description: set the os level of the samba server. This parameter determines whether Samba Server has a chance to become the primary browser for the local domain. Os level from 0 to 255 the os level of WinNT is 32 and the os level of Win95rac98 is 1. The os level for Windows 2000 is 64. If set to 0, it means that Samba Server will lose its browsing selection. If you want Samba Server to be PDC, set its os level value higher.

Domain logons = yes/no

Description: set whether Samba Server should be used as the local domain controller. This is required for both the primary domain controller and the backup domain controller.

Logon script =% u.bat

Description: when the user logs in with the windows client, then Samba will provide a login file. If set to% u.bat, a login file is provided for each user. If there are more people, it will be more troublesome. It can be set to a specific file name, such as start.bat, so that users will execute start.bat after logging in, instead of setting a login file for each user. This file should be placed in the directory path set by path in [netlogon].

Wins support = yes/no

Description: sets whether the samba server provides wins services.

Wins server = wins server IP address

Description: sets whether Samba Server uses another wins server to provide wins services.

Wins proxy = yes/no

Description: sets whether Samba Server enables the wins proxy service.

Dns proxy = yes/no

Description: sets whether Samba Server enables the dns proxy service.

Load printers = yes/no

Description: sets whether to share the printer when starting Samba.

Printcap name = cups

Description: set up the configuration file for the shared printer.

Printing = cups

Description: sets the type of Samba shared printer. Now the supported printing systems are: bsd, sysv, plp, lprng, aix, hpux, qnx

Shared parameters:

# = Share Definitions =

[shared name]

Comment = any string

Description: comment is a description of the share and can be any string.

Path = shared directory path

Path is used to specify the path to the shared directory. Macros such as% u and% m can be used instead of the Netbios names of unix users and clients in the path, which are mainly used for the [homes] shared domain. For example, if we are not going to use the home segment as the customer's share, but instead create a directory under / home/share/ for each Linux user with his user name as his shared directory, so that the path can be written as: path = / home/share/%u;. When the user connects to the share, the specific path will be replaced by his user name. Note that the user name path must exist, otherwise, the client will not be able to find the network path when accessing. Similarly, if we divide directories not by users, but by clients, and create a path with its netbios name for each machine on the network that can access samba, as a shared resource for different machines, we can write: path = / home/share/%m.

Browseable = yes/no

Description: browseable is used to specify whether the share can be browsed.

Writable = yes/no

Description: writable is used to specify whether the share path is writable.

Available = yes/no

Description: available is used to specify whether the shared resource is available.

Admin users = the manager of the share

Description: admin users is used to specify the administrator of the share (has full control over the share). In samba 3.0, this is not valid if the user authentication method is set to "security=share".

For example: admin users = david,sandy (multiple users are separated by commas).

Valid users = users who are allowed to access the share

Description: valid users is used to specify the users who are allowed to access the shared resource.

For example: valid users = david,@dave,@tech (multiple users or groups are separated by commas, and "@ group name" is used if you want to join a group. )

Invalid users = users who are prohibited from accessing the share

Description: invalid users is used to specify users who are not allowed to access this shared resource.

For example: invalid users = root,@bob (multiple users or groups are separated by commas. )

Write list = users who are allowed to write to the share

Description: write list is used to specify who can write files under this share.

For example: write list = david,@dave

Public = yes/no

Description: public is used to specify whether the share allows guest account access.

Guest ok = yes/no

Explanation: the meaning is the same as "public".

Several special shares:

[homes]

Comment = Home Directories

Browseable = no

Writable = yes

Valid users =% S

; valid users = MYDOMAIN\% S

[printers]

Comment = All Printers

Path = / var/spool/samba

Browseable = no

Guest ok = no

Writable = no

Printable = yes

[netlogon]

Comment = Network Logon Service

Path = / var/lib/samba/netlogon

Guest ok = yes

Writable = no

Share modes = no

[Profiles]

Path = / var/lib/samba/profiles

Browseable = no

Guest ok = yes

After Samba is installed, use the testparm command to test whether the smb.conf is configured correctly. Use the testparm-v command to list the configuration parameters supported by smb.conf in detail.

The default smb.conf has many options and content, which is quite tedious. Here we will explain the configuration options according to the case. First, back up your own smb.conf file, and then create a new smb.conf.

# cp-p / etc/samba/smb.conf / etc/samba/smb.conf.orig

Case 1. The company has a workgroup workgroup, which needs to add a samba server as a file server and publish a shared directory / share, which is named public, which is accessible to all employees.

a. Modify the main configuration file of samba as follows:

XML/HTML Code copies content to the clipboard

# = = Global Settings =

[global] / / this setting is related to the overall operating environment of the Samba service, and its setting project is for all shared resources.

#-Network Related Options-

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

Workgroup = WORKGROUP / / define a working group, that is, the concept of a working group in windows

Server string = David Samba Server Version% v / / defines a brief description of the Samba server

Netbios name = DavidSamba / / defines the computer name displayed in windows

#-Logging Options--

#

# Log File let you specify where to put logs and how to split them up.

Log file = / var/log/samba/log.%m / / defines the log file for the Samba user, and% m represents the client hostname

/ / the Samba server will establish different log files for each login host in the specified directory

#-Standalone Server Options-

#

# Scurity can be set to user, share (deprecated) or server (deprecated)

Security = share / / sharing level, users can access without account and password

# = = Share Definitions = =

[public] / / the setting is specific to the shared directory and only works on the current shared resources.

Comment = Public Stuff / / A pair of description files for shared directories, which can be defined by yourself

Path = / share / / is used to specify the shared directory (required)

Public = yes / / everyone can view it, which is equivalent to guest ok = yes

b. Establish a shared directory

The shared directory is set to / share above, so you need to establish the / share directory below:

Since anonymous users can download or upload shared files, the / share directory should be granted nobody permission.

c. Restart the smb service

d. Test whether the smb.conf configuration is correct

e. Access shared files on the Samba server

Access the shared files of the Samba server under Linux

Access the shared files of the Samba server under windows

Case 2, the company has several departments. Due to the need of the work, the materials of the TS department are stored in the / ts directory of the samba server for centralized management, so that the TS staff can browse it, and the directory is only allowed to be accessed by the TS department staff.

a. Add TS department groups and users

How to join the corresponding group while establishing the user: useradd-g group name and user name

b. Create a / ts folder under the root directory

c. Add the two accounts you just established to your samba account

d. Modify the main configuration file as follows:

XML/HTML Code copies content to the clipboard

# = = Global Settings =

[global]

#-Network Related Options-

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

Workgroup = WORKGROUP

Server string = David Samba Server Version% v

Netbios name = DavidSamba

#-Logging Options--

#

# Log File let you specify where to put logs and how to split them up.

Log file = / var/log/samba/log.%m

#-Standalone Server Options-

#

# Scurity can be set to user, share (deprecated) or server (deprecated)

Security = user / / user level, and the Samba server providing the service is responsible for checking the account and password

# = = Share Definitions = =

[homes] / / set the user host directory

Comment = Home Directories

Browseable = no

Writable = yes

; valid users =% S

; valid users = MYDOMAIN\% S

[public]

Comment = Public Stuff

Path = / share

Public = yes

[ts] / / ts group directory, which can only be accessed by members of the ts group

Comment = TS

Path = / ts

Valid users = @ ts

e. Reload configuration

f. Go to the windows client to verify, visit\ 10.0.0.163, prompt for a user name and password, and enter sandy authentication here, as shown below:

g. After successful access, you can see the public public directory, the host directory of the user sandy, and the ts directory to which the user has permission to access

h. Go to the ts directory and have the newyork.city file you just created

Case 3, realize that different users have different permissions to access the same shared directory, which is easy to manage and maintain. It can basically meet the needs of some enterprise users. (sorted out from the Internet)

a. Demand

1. A company has five major departments, namely: personnel Administration Department (HR & Admin Dept), Finance Department (Financial Management Dept), Technical support Department (Technical Support Dept), Project Department (Project Dept), customer Service Department (Customer Service Dept).

two。 The folders of each department are only allowed to be accessed by the employees of the department; the files of the nature of communication between departments are placed in the public folder.

3. Each department has an administrator account that manages its own folder and an account with ordinary user permissions that can only create and view files.

4. Public folders are divided into folders where tools are stored and folders where files are shared by various departments.

5. For each department's own folder, each department administrator has full control rights, and ordinary users of each department can create new files and folders under the department folder, and have full control rights for their own new files and folders. For the administrator newly created and uploaded files and folders can only be accessed, can not be changed or deleted. Users who are not in this department cannot access their department folders.

6. For the shared folders of various departments in the public folder, the administrators of each department have full control rights, while ordinary users of each department can create new files and folders under the department folders, and have full control rights for their own new files and folders. For the administrator newly created and uploaded files and folders can only be accessed, can not be changed or deleted. Users of this department (including administrators and ordinary users) can only view but not modify and delete new folders when they access shared folders in other departments. For the folder where the tool is stored, only the administrator has permission, and other users can only access it.

b. Planning

According to the needs of the company, the following plans are made:

1. In a system partition, there is a separate Company zone under which there are the following folders: HR, FM, TS, PRO, CS, and Share. There are several more folders under Share: HR, FM, TS, PRO, CS and Tools.

two。 The corresponding folders of each department are managed by each department themselves, and the Tools folder is maintained by the administrator.

3. HR administrator account: hradmin; ordinary user account: hruser.

FM administrator account: fmadmin; regular user account: fmuser.

TS administrator account: tsadmin; regular user account: tsuser.

PRO administrator account: proadmin; regular user account: prouser.

CS administrator account: csadmin; regular user account: csuser.

Tools administrator account: admin.

The relationship between folders is shown in the following figure:

c. New user

Use the useradd command to create a new system account, and then use smbpasswd-a to establish a SMB account.

Bash/shell Code copies content to the clipboard

[root@TS-DEV] # useradd-s / sbin/nologin hradmin

[root@TS-DEV] # useradd-g hradmin-s / sbin/nologin hruser

[root@TS-DEV] # useradd-s / sbin/nologin fmadmin

[root@TS-DEV] # useradd-g fmadmin-s / sbin/nologin fmuser

[root@TS-DEV] # useradd-s / sbin/nologin tsadmin

[root@TS-DEV] # useradd-g tsadmin-s / sbin/nologin tsuser

[root@TS-DEV] # useradd-s / sbin/nologin proadmin

[root@TS-DEV] # useradd-g proadmin-s / sbin/nologin prouser

[root@TS-DEV] # useradd-s / sbin/nologin csadmin

[root@TS-DEV] # useradd-g csadmin-s / sbin/nologin csuser

[root@TS-DEV] # useradd-s / sbin/nologin admin

[root@TS-DEV ~] #

[root@TS-DEV] # smbpasswd-a hradmin

New SMB password:

Retype new SMB password:

Added user fmuser.

[root@TS-DEV] # smbpasswd-a hruser

[root@TS-DEV] # smbpasswd-a fmadmin

[root@TS-DEV] # smbpasswd-a fmuser

[root@TS-DEV] # smbpasswd-a tsadmin

[root@TS-DEV] # smbpasswd-a tsuser

[root@TS-DEV] # smbpasswd-a proadmin

[root@TS-DEV] # smbpasswd-a prouser

[root@TS-DEV] # smbpasswd-a csadmin

[root@TS-DEV] # smbpasswd-a csuser

[root@TS-DEV] # smbpasswd-an admin

[root@TS-DEV ~] #

d. Create a new directory

e. Change directory properties

Bash/shell Code copies content to the clipboard

[root@TS-DEV Company] # chown hradmin.hradmin HR

[root@TS-DEV Company] # chown fmadmin.fmadmin FM

[root@TS-DEV Company] # chown tsadmin.tsadmin TS

[root@TS-DEV Company] # chown proadmin.proadmin PRO

[root@TS-DEV Company] # chown csadmin.csadmin CS

[root@TS-DEV Company] # chown admin.admin Share

Bash/shell Code copies content to the clipboard

[root@TS-DEV Company] # cd Share/

[root@TS-DEV Share] # chown hradmin.hradmin HR & & chown fmadmin.fmadmin FM & & chown tsadmin.tsadmin TS & & chown proadmin.proadmin PRO & & chown csadmin.csadmin CS & & chown admin.admin Tools

[root@TS-DEV Share] # chmod 1775 HR FM TS PRO CS

f. Configure samba as follows:

XML/HTML Code copies content to the clipboard

# = = Global Settings =

[global]

#-Network Related Options-

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

Workgroup = WORKGROUP

Server string = David Samba Server Version% v

Netbios name = DavidSamba

#-Logging Options--

#

# Log File let you specify where to put logs and how to split them up.

Log file = / var/log/samba/log.%m

Max log size = 50

#-Standalone Server Options-

#

# Scurity can be set to user, share (deprecated) or server (deprecated)

Security = user

Passdb backend = tdbsam

# = = Share Definitions = =

[HR]

Comment = This is a directory of HR.

Path = / Company/HR/

Public = no

Admin users = hradmin

Valid users = @ hradmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[FM]

Comment = This is a directory of FM.

Path = / Company/FM/

Public = no

Admin users = fmadmin

Valid users = @ fmadmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[TS]

Comment = This is a directory of TS.

Path = / Company/TS/

Public = no

Admin users = tsadmin

Valid users = @ tsadmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[PRO]

Comment = This is a PRO directory.

Path = / Company/PRO/

Public = no

Admin users = proadmin

Valid users = @ proadmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[CS]

Comment = This is a directory of CS.

Path = / Company/CS/

Public = no

Admin users = csadmin

Valid users = @ csadmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[Share]

Comment = This is a share directory.

Path = / Company/Share/

Public = no

Valid users = admin,@hradmin,@fmadmin,@tsadmin,@proadmin,@csadmin

Writable = yes

Create mask = 0755

Directory mask = 0755

g. test

Log in to the system as hradmin

An attempt was made to access the ts department folder, requiring a user name and password

Attempt to create a new file under\ 10.0.0.163\ Share\ TS

Successfully create a new project under the folder of your department

Other tests are completed on their own.

Configuration complete.

Map the shared directory to the drive of Windows

Map the public directory of the Samba share to a drive letter of Windows:

a. Right-click "computer"-> "Map Network Drive"

b. Enter the sharing address and path in the folder bar, and click finish to enter the user name and password

c. After the mapping is complete, open the explorer to see the mapped shared directory

Tips:

When accessing other file resources through "\\ ip address" under windows, you usually need to enter a password for the first time, and then log in directly without entering a password, so what if we want to switch to other Samba users? The following instructions can be executed under windows:

First, start-- > run-- > cmd enter the "net use" command to view the existing connections, and then execute "net use\\ Samba server IP address or netbios name\ ipc$ / del" to delete the connections already established by the Samba server. Or execute "net use * / del" to delete all existing connections. Finally, when you execute the\\ ip address again, you can switch users.

VI. Linux client access operation

The above describes the operation of the windows client to access the Samba server, so what should you do when viewing files shared by other Linux Samba servers when Linux is a client?

Smbclient is used as a tool. The system comes with this command by default. The common usage of Smbclient is described as follows:

1. View the shared data of the Samba server

# smbclient-L / / ip address of the Samba server-U Samba user name

"- L" means list, and "- U" means user. If the Samba server is accessed without a password, the "- U Samba user name" can be omitted.

For example, when samba needs a password to log in, check the sharing method as follows:

# smbclient-L / / 10.0.0.163/public-U david

When Samba has no password access, execute the following command:

# smbclient-L / / 10.0.0.163/public

Password: you can enter directly.

2. Log in to Samba server

If you need to log in to the Linux server on the client side, the usage is as follows:

# ip address of smbclient / / Samba server-U Samba user name

Take a look at the following actions:

# smbclient / / 10.0.0.163/public-U david

Smb:\ >? / / enter here? You can view all the commands available on the smb command line.

The operation process is very similar to logging in to the FTP server. After logging in to the Samba server, you can upload and download files. If you have sufficient permissions, you can also modify files.

In addition, the files shared by the Samba server can also be mounted on the Linux client, which requires the mount command, as shown below:

# mount-t cifs-l / / 10.0.0.163/public / mnt/samba/

Samba Web management tool SWAT

SWAT (Samba WEB Administration Tool) is one of the tools to manage Samba through a browser. Through SWAT, you can use the browser to control the Samba of the server in the client within the scope of Samba. Online document reading, smb.conf confirmation and editing, password change, service restart and so on can all be done through SWAT. Its intuition softens Samba and is a powerful tool for those who do not like the text interface management server.

The swat tool is nested in the xinetd super daemon to enable swat by enabling the xinetd process. So install the xinetd toolkit first, and then install the swat toolkit. Samba-swat-3.5.10-125.el6.x86_64 has been installed above, so I won't repeat it here.

1. Configure swat

Because swat is a child of the xinetd super daemon, the swat tool configuration file is in the xinetd directory. We will set up the swat configuration file and start this child process so that swat is enabled when the xinetd process is enabled. The swat configuration file is in the / etc/xinetd.d directory.

Open and edit / etc/xinetd.d/swat

XML/HTML Code copies content to the clipboard

# default: off

# description: SWAT is the Samba Web Admin Tool. Use swat\

# to configure your Samba server. To use SWAT,\

# connect to port 901 with your favorite web browser.

Service swat

{

Port = 901 / / swat uses port 901 of tcp by default, which can be modified

Socket_type = stream / / configure samba through web. By default, you can enter using root account, which can be modified to other system users.

Wait = no

Only_from = 127.0.0.1

Only_from=10.0.0.0 / / add this line and change "only_from=127.0.0.1" to "only_from=10.0.0.0". Only private network scope is allowed to access SWAT.

User = root

The executor of server = / usr/sbin/swat / / swat is in the / usr/sbin directory by default.

Log_on_failure + = USERID

Disable=yes / / change "disable=yes" to "disable=no" so that the Swatt child process can be started with the xinetd super daemon

}

2. Start swat

Because swat is a child of xinetd, swat starts with xinetd as long as xinetd is enabled.

3. Open swat

After starting swat on the server, we can access the swat of the server through the private network IP:901 of the http:// server in the browser of the client within the scope of swat. Enter the user name and password of the root user to enter the home page of swat management, as shown below:

Home page of swat management center

There is no difference in essence between the way of managing Samba through swat and directly modifying smb.conf, but the way of browser access can make the management of Samba more gentle and more suitable for friends who are not good at using text interface and directly modify configuration files.

4. Configure samba through swat

On the swat page, we can see that there are eight options, each of which can be configured with different functions of samba.

Description of HOME:Samba related procedures and documents.

GLOBALS: sets the global parameters of Samba. This is the [global] of the smb.conf file.

SHARES: sets the shared parameters for Samba.

PRINTERS: sets the printing parameters for Samba.

WIZARD:Samba configuration wizard.

STATUS: view and set the service status of Samba.

VIEW: view the text configuration file of Samba, smb.conf.

PASSWORD: set the Samba user. You can change the password, create and delete the user.

For detailed settings, please consult the information by yourself. The following is for reference only: https://www.yisu.com/LINUXjishu/398109.html

At this point, the study of "introduction to the installation and configuration of Samba server under CentOS6.3" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.