Samba server

Q: How to access windows shared folder under linux

Samba server can be used between Windows and Linux, within a local area network.

One, daemons used by Samba

nmbd

Used to manage resolution of workgroups, NetBIOS names, etc. Mainly use the UDP protocol to open port 137, 138 to be responsible for the task of name resolution;

smbd

The main function is to manage directories, files and printers shared by SAMBA hosts. It mainly uses the reliable TCP protocol to transmit data, and the open ports are 139 and 445 (not necessarily exist).

Second, install Samba (yum install the following three packages)

samba

This software mainly provides various service programs (smbd and nmbd), file files, and other logrotate configuration files and boot default options files related to SAMBA required by the SMB server;

samba-client

samba-client: This software provides tool instructions required when Linux is used as SAMBA client, such as mount.cifs for mounting SAMBA file format, smbtree for obtaining tree diagram, etc.;

samba-common

This software provides the data used by both the server and the client, including SAMBA's main configuration file (smb.conf), syntax verification instructions (testparm), etc.;

Third, analyze the configuration file

/etc/samba/smb.conf The main configuration file for Samba

The smb.conf configuration file can actually be divided into two parts.

One is the host information part, which is based on [global] (all fields) in smb.conf;

The other is shared information, based on individual directory names.

【global】

workgroup = the name of the workgroup: note that the host group must be the same;

server string = Simple description of the host, you can write it casually.

netbiosname = the NetBIOS name of the host, each host is different, the shared host name;

log file = the file where the log file is placed, the file name may be handled as a variable;

max log size = The maximum number of Kbytes the log file can reach. If it is larger than this number, it will be rotated.

hosts allow: whitelist

security = share, user, domain: choose one of the three, these three setting values represent

share: The shared data does not require a password and can be used by everyone (no security, discarded)

user: use the password database of the SAMBA server itself, and the password database is related to the passdbbackend below;

domain: Use the password of the external server, that is, SAMBA means the client. If you set this item, you have to provide the setting value of "password server = IP" (abandoned after 3.5);

Relevant parameter settings for shared resources [shared name]

[Share name]: This share name is very important, it's just a "code name"

comment: just a description of this directory

path: The Linux filesystem (directory) that this share name will actually go into. That is to say, what you see is the name of [share], and the actual operating file system is set in the path.

browseable= yes //yes/no no display the shared directory in the browsing resource, if so, you must specify the shared path to access

guest ok: whether to allow guest users to access, that is, whether those who are not in the owner group can access

writable: whether it can be written

Available variable functions within smb.conf

%m: represents the NetBIOS host name of the client!

%M: represents the Internet host name of the client side! It is HOSTNAME.

%L: represents the NetBIOS hostname of the SAMBA host.

%H: Represents the user's home directory.

%U: represents the username of the currently logged in user

%g: represents the group name of the logged in user.

%h: represents the HOSTNAME of the current SAMBA host! Note that the hostname is not the NetBIOS name!

%I: represents the IP of the Client.

%T: represents the current date and time

%S: replace the current setting item value,

[homes] à Shared name, the name that the shared resource can see

valid users = %S, when that user comes in, replace it with that user

Fourth, the related settings

Use testparm to check the correctness of the syntax settings of smb.conf

Before starting samba, we must know whether the syntax in smb.conf is correct. The way to check it is to use the command testparm.

Turn off the SELinux function and firewall (or add rules):

setenforce0

Start the Samba service:

service smb restart (directory share management)

service nmb restart (name resolution service)

Add samba account

The common method of using smbpasswd to add shared users: smbpasswd-a add user (the added user must be a system user) smbpasswd-d freeze the user (this user cannot be used)

smbpasswd-e restore user (unfreeze frozen user)

smbpasswd-n set user password to empty

smbpasswd-x delete user

Assume that self is the client's test (default uses the lo interface)

[root@www~]# smbclient-L [//host or IP] [-U user account]

Options and parameters:

-L : Only consult the shared directory resources provided by the following host;

-U : The following account will try to obtain the available resources of the host

Use FTP-like method to log in to the remote host

[root@clientlinux~]# smbclient //[IP|hostname]/resource name [-U username]

# Means to use an account to directly log in to a shared resource of a host

An example is as follows:

[root@clientlinux~]# smbclient //192.168.100.254/smb1 -U smb1

Enter smb1's password:

Domain=[VBIRDHOUSE] OS=[Unix] Server=[Samba 3.5.4-68.el6_0.2]

smb: \> dir

# Under smb: \> is actually under the directory //192.168.100.254/dmtsai, we can use dir, get, put and other common ftp commands to transfer data.

mount.cifs: mount directly as a network drive

Using smbclient is inconvenient at all, because it uses the functional syntax of ftp, which is a bit weird ~ can it be like Windows.

[root@clientlinux~]# mount -t cifs //IP/shared resources/mount point [-o options]

Options and parameters:

The parameters (options) following -o are commonly used as follows:

username=your login account: for example username=smb1

password=your login password: it needs to correspond to the above username

# Example 1: Mount its home directory to /mnt/samba as smb1

[root@clientlinux~]# mkdir/mnt/samba

[root@clientlinux~]# mount -t cifs //192.168.100.254/smb1 /mnt/samba -o

username=smb1,password=4321

[root@clientlinux~]# df

filesystem 1k-segment used free used % mount point

//192.168.100.254/smb1/

7104632 143368 6606784 3% / mnt / samba

smbtree: Network Neighborhood display mode

[root@clientlinux~]# smbtree [-bDS]

Options and parameters:

-b : replace the primary browser query with a broadcast

-D : List only workgroups, not shared resources

-S : List the workgroup and the computer name (NetBIOS) under the workgroup, excluding the resource directories

smbstatus: Observe the status of SAMBA

Server-side instructions, the main purpose is to check how many people are currently connected to SAMBA, and which resource sharing has been used, etc.

[root@www~]# smbstatus[-pS] [-u username]

Options and parameters:

-p : list the program PIDs that have used SAMBA online;

-S : List the resource sharing status that has been used;

-u : List only shared data related to a user

No parameters are added to list all the information

Shares that require an account and password to log in (security = user)

The Samba user account must exist on the Linux system (/etc/passwd), but the Samba password is not the same as the Unix password file.

Five, detailed configuration

1. Use useradd to create three users, and set three accounts for sambas, named smb1, smb2, smb3, and join users as secondary groups. The Linux password of these three users is 1234, and the Samba password is 4321;

2. Similarly, set up a student account. Used to view the differences between users in different groups. Whether the shared files can be accessed normally.

You can view the user you set with pdbedit -L