There are many tutorials on samba service configuration on the Internet, but most of them don't understand very well. This tutorial is a zero-based start to truly master the configuration and management of the samba server.
Table of contents
4. Configure the smb.conf file
1. Smb.conf configuration general format
5. Samba service password file (username and password storage path /etc/samba/smbpasswd)
1. Server configuration
(1) Samba server installation
1. Service inquiry
By default, the Linux system has installed part of the Samba service package in the default installation. In order to have a complete understanding of the whole process, this part will be uninstalled first. Use the command rpm -qa | grep samba to query two existing packages by default:
samba-client-3.0.33-3.7.el5
samba-common-3.0.33-3.7.el52. Uninstall Samba
Use rpm -e to uninstall the two packages. For samba-common-3.0.33-3.7.el5, because there are dependencies with other rpm packages, parameters -f and --nodeps must be added, -f means mandatory, --nodeps means do not check dependencies , the specific complete command is:
rpm -e samba-common-3.0.33-3.7.el5 -f--nodeps
rpm-e samba-client-3.0.33-3.7.el5 -f --nodeps3. Install Samba
Install with the following command:
rpm-ivh samba-3.0.33-3.29.el5_6.2.i386.rpm -f --nodeps
rpm-ivh samba-client-3.0.33-3.29.el5_6.2.i386.rpm -f --nodeps
rpm-ivh samba-common-3.0.33-3.29.el5_6.2.i386.rpm -f –nodepsIf you are connected to the Internet, you can directly install yum installsamba online
After the installation is complete, use the command rpm -qa | grep samba to query and find that all the servers that the samba server depends on have been installed.
4. Configure the smb.conf file
Samba configuration files are generally placed in the /etc/samba directory. The main configuration file is named smb.conf, which records a large number of rules and shared information, so it is a very important core configuration file for the samba service. Complete the samba server setup Most of the main configuration of is done in this file.
(2) Service configuration
The working principle of the Samba server is: the client requests access ==> query the host configuration file smb.conf ==> record in the log file ==> if the client meets the conditions, allow access
Samba is generally placed in the /etc/samba directory, the main configuration file smb.conf
View the details of the configuration file ll /etc/samba/smb.conf
1. Smb.conf configuration general format
Set the workgroup or domain name workgroup=smilegroup
Server description: server string=samba server one
2.Samba security mode setting
security=share samba
There are five types of servers: share , user, server, domain, ads
3.Share definition sharing
(1) Set the share name: /share is defined as public
(2) Shared resource description: comment=remark information
(3) Shared path: path=absolute path
(4) Set anonymous access: public=yes #Allow anonymous access, and vice versa
(5) Set access user: valid users=username valid users=@group
(6) Set the directory to be read-only: readonly=yes #read-only readonly=no #write-only
(7) Set the directory to be writable: writeable=yes #Read and write writeable=no #Read only
Writelist=user name write list=@group name
4. Samaba service log file
In the /etc/samba/smb.conf file, log file is the field for setting Samba logs
log file=/var/log/samba/%m.log
Log files are stored in /var/log/samba/
Start the SMB service: /etc/rc.d/init.d/smb start or service smb start
View all files in the log: ls -a /var/log/samba/
nmbd.log records the analysis information of the nmbd process.
smbd.log records the problems of users accessing the Samba server and the error information of the server itself. Most of the Samba maintenance information can be obtained through this file.
5. Samba service password file (username and password storage path /etc/samba/smbpasswd)
Add access user: smbpasswd -a username
Users cannot add questions
Comment out the passdb backend = tdbsam line in the smb.conf file, and add another line: smb passwd file = /etc/samba/smbpasswd, then save and exit.
Run the cat /etc/samba/smbpasswd command to view the contents of the smbpasswd file.
6.Samba virtual account
Vim /etc/samaba/smbusers
samba account = virtual account (mapped account)
7. Client Access Control
(1) IP restrictions host allow IP #Allow this network segment IP access
host deny IP#Prohibit this network segment IP access
(2) Domain name restriction hosts deny = .sale.com .net client1
Indicates that clients in the .sale.com domain, .net domain and host name client1 are prohibited from accessing the public shared directory
The domain name and the domain name or between the domain name and the host name need to be separated by a "space" symbol.
(3) Use wildcards for access restrictions
hosts deny = ALL
hosts allow = root
Indicates that except root, others are not allowed to access
(4) Special circumstances
Sometimes when IP address conflicts in access control cannot be set, except can be used to restrict
hosts allow = IP1 except IP2 IP3 means that hosts in network segment 1 are allowed to access, but IP2&IP3 are prohibited from accessing
Note: If hosts allow and hosts deny are set in [global], it means that it will take effect globally on the samba server; if it is set in a directory, it will only take effect for that directory
8. Hide Sharing
Browseable = no means hide the directory
9. Print Sharing
Still modify the smb.conf file
(1) Load printers means printing function, change to yes
(2) Just set the printers configuration item
2. Linux client access
There are two methods
1. Samba-Client command
Make sure the client machine has samba-client installed
smbclient -L target IP address or hostname -U login username%password
smbclient -L Target IP address or host name #Anonymous access, just press Enter
2.mount mount view
mount -t cifs //target IP or hostname/shared directory name mount point –o username=username
Indicates to mount the shared directory ** on the host to the mount point directory, cifs is the file system used by samba
3. Windows client access
1. "Run" or UNC access
\\ server IP or server hostname \ shared directory
2. Mapped network drive access
This article is original by Suxin, please indicate the source for reprinting