Smb. conf configuer

Find the detailed explanation of smb. conf from the Internet, and it is still Chinese!
In Linux terminal mode, enter # vi/etc/samba/smb. conf to open smb. conf.

====================================== Global settings ====================== ======================================
[Global] // set the overall SAMBA service environment
Workgroup = hackase // set the workgroup name
Server String = Angel server // Server Name Description
; Hosts allow = 192.168.1. 192.168.2. 127. // restrict the IP address range that can access this service. By default, all IP addresses are allowed. If you want to set the settings, remove the preceding ";"
Printcap name =/etc/printcap // printer configuration file
Load printers = Yes // whether to share the printer
# BSD, sysv, PLP, LPRng, Aix, HPUX, QNX, cups
Printing = cups // printer type. The standard printer types include the above.
; Guest account = pcguest // pcguest is the user name. You can remove the ";" to allow the user
The pcguest identity is used for anonymous logon, but the/etc/passwd must contain this person.
Log File =/var/log/samba/% m. Log // create different log files for users logging on to the server.
Max log size = 0 // the size of the log file. "0" indicates no limit.
// Set the server security level in the smb. conf file
Security = share // There are four security levels: Share, user, server, and domain.
; Password Server = password verification server.
; Password level = 8 // password level
; Username level = 8
Encrypt passwords = Yes // user password encryption, of course, can also not be encrypted
SMB passwd file =/etc/samba/smbpasswd // set the password server to Samba server.
You need this stuff to specify the authentication file. This is the file path, if Samba server is the specified win
Server is not required
; SSL ca certfile =/usr/share/SSL/certs/ca-bundle.crt
Unix Password Sync = Yes
Passwd program =/usr/bin/passwd % u
Passwd chat = * New * password * % N \ n * retype * New * password * % N \ n
* Passwd: * All * authentication * tokens * Updated * successfully *
Pam password change = Yes
; Username map =/etc/samba/smbusers // if each Windows user is on the Samba server
There are accounts. This can be left empty.
; Include =/etc/samba/smb. conf. % m
Obey Pam restrictions = Yes
; Interfaces = 192.168.12.2/24 192.168.13.2/24 if multiple network segments need to be listed here
; Remote announce = 192.168.1.255 192.168.2.44
; Local Master = No
; OS level = 33
; Domain Master = Yes
; Preferred master = Yes
; Domain logons = Yes
; Logon script = % m. bat
; Logon script = % u. bat
; Logon path =\\ % L \ profiles \ % u
; Wins support = Yes // WINS server support
; WINS Server = W. x. y. Z
; Wins proxy = Yes // wins proxy settings
DNS proxy = No // DNS proxy settings
; Preserve case = No
; Short preserve case = No
; Default case = lower
; Case Sensitive = No
#============================ Share definitions ========== ==============================
[Homes] // set the user's own directory
Comment = home directories // description (same as below)
Browseable = No // set the directory to be browsed by others
Writeable = Yes // write permission of the user
Valid users = % s
Create mode = 0664
Directory mode = 0775
; [Netlogon] // set the logon directory for this domain
; Comment = network logon service
; Path =/usr/local/samba/lib/netlogon
; Guest OK = Yes
; Writable = No
; Share modes = No
; [Profiles]
; Path =/usr/local/samba/profiles
; Browseable = No
; Guest OK = Yes
[Printers] // printer settings
Comment = all printers
Path =/var/spool/samba
Browseable = No
Printable = Yes
; [TMP] // user shared resource settings
; Comment = temporary file space
; Path =/tmp // you can customize the Directory and remove the ";" from the front.
; Read only = No // whether it is read-only or writable
; Public = Yes
; [Public] // user sharing resource settings
; Comment = Public stuff
; Path =/home/samba
; Public = Yes
; Writable = Yes
; Printable = No
; Write list = @ staff
; [Fredsprn]
; Comment = Fred's printer
; Valid users = Fred
; Path =/home/Fred
; Printer = freds_printer
; Public = No
; Writable = No
; Printable = Yes
; [Fredsdir]
; Comment = Fred's service
; Path =/usr/somewhere/private
; Valid users = Fred
; Public = No
; Writable = Yes
; Printable = No
; [Pchome]
; Comment = pc Directories
; Path =/usr/local/PC/% m
; Public = No
; Writable = Yes
; [Public]
; Path =/usr/somewhere/else/Public
; Public = Yes
; Only guest = Yes
; Writable = Yes
; Printable = No
; [Myshare]
; Comment = Mary's and Fred's stuff
; Path =/usr/somewhere/shared
; Valid users = Mary Fred
; Public = No
; Writable = Yes
; Printable = No
; Create mask = 0765
[My Work] // shared resources added by myself
Comment = is me work
Path =/root/my work
Valid users angel
Public = Yes
Writeable = Yes
It is easy to understand the smb. conf file. Let's begin to explain the four security levels of the Samba server separately.
1. share-level Configuration
This is the lowest among the four levels, and the method is also the simplest. We only need to modify the smb. conf file.
Workgroup = hackase
Server String = Angel Server
Hosts allow = 192.168.1. // the IP address CIDR block that limits 192.168.1 can be prevented.
Printcap name =/etc/printcap
Load printers = Yes // share the printer
Printing = cups // Linux Standard for printers
Guest account = angel
Log File =/var/log/samba/% m. Log
Max log size = 20
Security = Share
========================================================== ======================================
You can set other settings by default. You can also delete all comments. [TMP] the field.
The path can be changed. Restart the service/etc/samba/smb restart //
Service SMB restart is also supported
Use testparm to test whether the file we configured is correct:
========================================================== ======================================
[Root @ localhost root] # testparm // [printers] Comment out during the test, so there is no such comment here.
Load SMB config files from/etc/samba/smb. conf
Processing Section "[homes]"
Processing Section "[TMP]"
Processing Section "[my]"
Loaded services file OK. // if there is an error, the error will be listed here.
Press enter to see a dump of your service Definitions
========================================================== ======================================
Run the smbclient command to view network sharing information.
========================================================== ======================================
[Root @ localhost etc] # smbclient-l localhost // The local name is localhost
Password:
Domain = [hackbase] OS = [UNIX] Server = [Samba 2.2.7a]
Sharename type comment
--------------------
TMP disk temporary file space
My disk is me
IPC $ IPC Service (Angel server)
ADMIN $ disk IPC Service (Angel server)
Root printer Home Directories
Server comment
----------------
Workgroup master
----------------
========================================================== ====================================
2. user-level Configuration
The user level is a little higher than the share level security level. It is very simple. You can change it based on the share level.
Change the Security = share field to Security = user. Add the following field:
Guest account = Angel // the user name is available on the machine. If you do not have one, create one!
Encrypt passwords = Yes
SMB passwd file =/etc/samba/smbpasswd
(1) generate a password file.
# Cat/etc/passwd | mksmbpasswd. Sh>/etc/samba/smbpasswd
This command will generate the password file "/etc/samba/smbpasswd ".
The newly added "SMB passwd file =/etc/samba/smbpasswd"
(2) We know that the account is created in the ETC/passwd file. We need to use the smbpasswd command.
Set the Samba server password for the created account name. Format: smbpasswd angel
(3) restart the Samba Server Service
The user level is also OK, you can use testparm and smbclient to test. Windows users want
Enter Angel and passwd for access. No one can access your share.
Resource.
3. Server-level Configuration
The server level is a little higher than the user level. You only need to modify the user level configuration.
(1) Security = user field: Security = Server
(2) Add password Server = ***** // password server, which can be your windows main domain controller, it can also be another Samba server (the name is meaningless)
(3) Comment out SMB passwd file =/etc/samba/smbpasswd
(4) restart the Samba server service. You can test it using testparm and smbclient.
Well, there's another thing to do. If you log on to a Windows Server ***** (password Server =
*) When you log on to the Samba server, then you can enter your own account and password to open the Samba Server File, but make sure that the account and password of the *** and sambs server are the same.
4. Domain-level Configuration
Domain-level configuration is the highest level in the Samba server. It is mainly used to add Samba to the domain,
The password server that uses the Domain Server as the Samba server.
In fact, domain-level configuration is also very simple. You only need to modify it at the user level:
(1) Add the field: netblos = Main // start a netblos name and place it at the top of the smb. conf file.
Password Server = ** // use the primary domain controller ** as the password Server
(2) Security = user field: Security = domain
Workgroup = ***** // ***** is the domain name of the master domain controller.
(3) Comment out SMB passwd file =/etc/samba/smbpasswd
(4) restart the Samba server service. You can use testparm and smbclient to perform the test.
Finally, I am finished. Fortunately, I am very familiar with the "Bullet pointing" technology. At this time, we can communicate with the Windows system,
I'm also calling. Wait ~~~ The network can be shared, so our local Linux System and the local
How does one communicate with each other in windows! Haha. Of course there is a way. Now, the heroes can get up for the activity,
Let me see what errors I have written. Okay, open the terminal and enter:
[Root @ localhost root] # fdisk-l // check the partition where the Windows system is located.
Disk/dev/HDB: 61.4 GB, 61492838400 bytes
255 heads, 63 sectors/track, 7476 Cylinders
Units = cylinders of 16065*512 = 8225280 bytes
Device boot start end blocks ID system
/Dev/hdb1*1 738 5927953 + 7 HPFs/NTFS
/Dev/hdb2 739 7476 54122985 F Win95 ext 'd (LBA)
/Dev/hdb5 739 1480 5960083 + 7 HPFs/NTFS
/Dev/hdb6 1481 2383 7253316 B Win95 FAT32
/Dev/hdb7 3651 6200 20482843 + B Win95 FAT32
/Dev/hdb8 6201 7476 10249438 + B Win95 FAT32
/Dev/hdb9 2384 2396 104391 83 Linux
/Dev/hdb10 2397 3585 9550611 83 Linux
/Dev/hdb11 3586 3650 522081 82 Linux swap
[Root @ localhost root] # mkdir/mnt/My
// Create a directory named my under MNT (defined by yourself)
[Root @ localhost root] # Mount-T Auto/dev/hdb7/mnt/my // Needless to say!
In this way, you can prevent Windows partitions, but the system partitions cannot be in the NTFS format.
Tools are required for Windows to access Linux.

Http://download.enet.com.cn/html/030282000080601.htmldownload