Purpose
1. Understand the functions of samba server
2. Master the configuration management of samba server
3. Master the use of samba client program
4. Master the method of mutual access to shared files between Windows host and Linux host
Preparation
1. Physical machine (windows client): samba_windows_client
(1) Enable VMnat8 network card
(2) Set the IP to 192.168.37.20 according to the topology map
2. Linux client: samba_linux_client
(1) Clone a virtual machine and name it cos7
(2) Set the host name of the server to samba_linux_client
#hostnamectl set-hostname samba_linux_client
(3) Set up the network
①Shut down init 0
②Delete the original network card first, and then add a new network card
③Start up
④ According to the topology diagram, set the network card mode to NAT mode, and set the IP to 192.168.37.10
(4) Test, you can ping the physical machine
3. Server: samba
(1) Set the host name of the server to samba
(2) According to the topology diagram, set the network card mode to NAT mode, and set the IP to 192.168.37.60
(3) The physical machine can be pinged
Task 1 Install the samba service
Use the command #yum install -y samba to install the samba service
Task 2 configure samba service
Samba configuration file path: /etc/samba/smb.conf
1. Back up the configuration file first
#cd /etc/samba/
#cp smb.conf smb.conf.bak
2. Open the configuration file
#vi smb.conf
Add shared information [share] at the end of the configuration file
[share]
path = /share #path to the shared file
browseable = yes # Whether the network neighbors are visible
writable =yes #Whether the shared file can be written
3. Create a shared directory and grant permissions
4. Start the samba service
5. Check the port startup status
Use the command # netstat -ntpl to check whether the smbd service port has been opened
6. Create samba user
#smbpasswd -a root //注意,这个用户必须是系统存在的用户
任务3 使用samba服务
1、在客户端连接samba服务器前,需确保samba服务器的SELinux和防火墙服务均处于关闭状态
(1)关闭SELinux
①临时禁用
使用命令#setenforce Permissive
②永久禁用
编辑配置文件#vi /etc/sysconfig/selinux
然后将配置SELinux=enforcing改为SELinux=disabled
重启计算机就生效了
③查看SElinux的状态
# sestatus
(2)关闭防火墙
①添加samba服务
#firewall-cmd --add-service=samba --permanent
(--permanent永久生效,没有此参数重启后失效)
②重新加载防火墙
#firewall-cmd --reload
③查看samba是否已被防火墙放行
# firewall-cmd --list-all
(3)重新加载samba服务
#systemctl restart smb
如果你启动smb服务有问题,如下:
请打开配置文件/etc/samba/smb.conf,注释掉security = share,然后再重启smb服务就会成功了
2、在客户端访问samba服务器上的共享文件
(1)在物理机上,右键桌面左下角的开始图标,单击【运行】,输入samba服务器的IP地址
(2)输入samba用户名和密码,点击【确定】登录,就可以看到共享文件夹
复制一些yum源文件到共享文件夹下,试试看是否可以下载到本地。
清理samba缓存 net use * /del /y
任务4 设置访问权限
1、设置访问用户
valid users = 用户名
valid users = @组名
2、设置过滤主机
hosts allow = 192.168.37. server.abc.com
hosts allow = 192.168.40.
3、设置只读
read only = yes
4、设置可读可写
writable = yes
5、指定可写用户
write list = @组名,用户名
案例:
服务器:Centos 7.4 192.168.37.60
客户端:Win10 192.168.37.20
公司架构:
samba服务器管理员:ada
总经理:mike
产品部:lucy lily
技术部:lilei hanmeimei
共享设置
共享名 |
共享目录 |
用户和权限 |
zongjingli |
/dianxin/zongjingli |
mike(rw) ada(rw) |
chanpinbu |
/dianxin/chanpinbu |
@chanpinbu(rw) mike(r) ada(rw) |
jishubu |
/dianxin/jishubu |
@jishubu(rw) mike(r) ada(rw) |
步骤分析
1、准备工作
(1)创建组
(2)创建用户
(3)把用户加入对应的组
(4)创建共享目录
(5)赋予全部权限
2、安装samba软件
3、修改samba配置文件
4、启动服务
5、关闭selinux、关闭防火墙
7、添加授权用户
8、测试
(1)用总经理账户mike登录,新建1个文件为mike.txt,分别将它上传到zongjingli,chanpinbu和jishubu这3个共享文件夹
结果:可以上传到zongjingli
不可以上传到chanpinbu和jishubu
(2)用同样对的方法测试lucy和lilei
注意,在每次测试前都要先清除登录信息
清除方法:在客户端(物理机)打开cmd窗口,输入 net use * /del /y
任务5 通过linux客户端使用samba服务
1、安装linux客户端软件
#yum install -y samba-client
#yum install -y cifs-utils
2、访问共享目录
在客户端上输入以下命令
(1)列出服务器上的共享资源
#smbclient -L 服务器的IP
(2)使用 mike账户访问/zongjingli文件夹
#smbclient //192.168.37.60/zongjingli -U mike
