Samba service configuration in detail
Samba is a free software implementation of the SMB protocol on UNIX and Linux systems, consists of server and client programs. SMB (Server Messages Block, service information block) is a communication protocol to share files and printers on the LAN, which provides a shared service resource files and printers among different computers within the LAN is. The SMB protocol is a client / server type protocol, clients can access the shared file systems on servers, printers and other resources through the protocol. By setting "NetBIOS over TCP / IP" not only allows Samba to share resources with local area network host, but also to share resources with the computer world.
Samba anonymous access to shared services
[root@localhost ~]# yum install samba -y
[root@localhost ~]# cd /etc/samba/
[root@localhost samba]# ls
lmhosts smb.conf smb.conf.example
[root@localhost samba]# mv smb.conf smb.conf.bak
[root@localhost samba]# grep -v "#" smb.conf.bak > smb.conf
[root@localhost samba]# vim smb.conf
[global] ##全局
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
map to guest = Bad User ##添加此项,开启匿名用户访问
[myshare] ##添加的share文件
path=/opt/chen ##路径
public=yes ##公共访问
browseable=yes ##能够访问
writable=yes ##允许有写的权限
create mask=0644 ##设置权限
directory mask=0755
[root@localhost samba]# mkdir /opt/chen
[root@localhost samba]# chmod 777 /opt/chen/
[root@localhost samba]# systemctl stop firewalld.service
[root@localhost samba]# setenforce 0
[root@localhost samba]# systemctl start smb.service
Test anonymous access to win10
Linux server back to see our shared file access is anonymous
[root@localhost samba]# cd /opt/chen/
[root@localhost chen]# ls
CHEN.txt
[root@localhost chen]# ls -l
总用量 0
-rw-r--r--. 1 nobody nobody 0 11月 14 09:55 CHEN.txt
Authentication Samba share services
[root@localhost samba]# vim smb.conf
[global] ##全局
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
map to guest = Bad User ##把原来的匿名访问删掉
[test]
path=/opt/test ##共享文件目录路径
browseable=yes ##能够访问,将public项去除
create mask=0644
directory mask=0755
valid users=zhangsan, lisi ##允许访问的用户
write list=zhangsan ##允许写入的用户
[root@localhost samba]# useradd zhangsan ##创建用户
[root@localhost samba]# useradd lisi
[root@localhost samba]# smbpasswd -a zhangsan ##给用户设置密码
New SMB password:
Retype new SMB password:
Added user zhangsan.
[root@localhost samba]# smbpasswd -a lisi
New SMB password:
Retype new SMB password:
Added user lisi.
[root@localhost samba]# pdbedit -L ##列出smb用户列表
zhangsan:1001:
lisi:1002:
[root@localhost samba]# cd /opt/
[root@localhost opt]# mkdir test
[root@localhost opt]# ls
chen rh test
[root@localhost opt]# chmod 777 test/
[root@localhost opt]# systemctl restart smb.service
Win10 to test the authentication access
Samba sharing service account name mapping, alias account login
[root@localhost ~]# cd /etc/samba/
[root@localhost samba]# vim smbusers ##创建账户映射配置文件
zhangsan = t01 t02 ##别名t01 t02 密码还是zhangsan用户的密码
[root@localhost samba]# vim smb.conf ##配置Samba配置文件
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
username map = /etc/samba/smbusers ##添加别名的配置文件路径
[root@localhost samba]# systemctl restart smb.service ##重启
Access to win10 test alias
Samba sharing service access control list
[root@localhost ~]# cd /etc/samba/ ##切换到Samba配置文件目录
[root@localhost samba]# vim smb.conf ##修改配置文件
[test]
path=/opt/test
browseable=yes
create mask=0644
directory mask=0755
valid users=zhangsan, lisi
write list=zhangsan
hosts deny=192.168.13.0 ##添加拒绝192.168.13段访问test
[root@localhost samba]# systemctl restart smb.service ##重启Samba服务
Win10 control access to the test
Directly through the Windows shared folders used to mount Linux
利用Linux访问Windows共享的文件
[root@localhost ~]# smbclient -L //192.168.100.99/share ##访问共享
Enter SAMBA\root's password: ##密码
将共享的文件挂载到Linux中,直接访问文件
[root@localhost ~]# mkdir -p /opt/share01 ##创建挂载点
[root@localhost ~]# mount.cifs //192.168.100.99/share /opt/share01 ##将共享文件夹挂载到挂载点
Password for root@//192.168.100.99/share:
[root@localhost ~]# cd /opt/share01 ##切换到挂载点
[root@localhost share01]# ls
test.txt
[root@localhost share01]# cat test.txt ##查看共享文件夹的文件内容
this is a test!!