Samba file sharing-heterogeneous Communication

Samba is a software component for interactive operations between Linux, Unix, and Windows. Samba is a free open source software based on the GPL protocol. Samba has been providing secure, stable, and fast file and print services for Windows, OS/2, Linux, and many other operating systems that support the Protocol through the SMB/CIFS protocol since 1992, samba is also an important component when you use winbind to seamlessly integrate Linux/Unix into an Active Directory environment.
Required Software: samba
Samba consists of two daemon: smbd and nmbd. the startup scripts of the two daemon are independent. The following describes the functions of each daemon.
The smbd service process provides file sharing and Printer services for clients. In addition, this process is also responsible for user permission verification and lock functions. By default, smbd listens to ports 139 and 445 of the TCP protocol, and Samba starts the smbd process through the smb service, use netstat-nutlp to view the process port information.
The nmbd process provides the NetBIOS Name Service to meet the shared access environment based on the Common Internet File System (CIFS) protocol. Samba starts the nmbd process through the nmb service. By default, this process uses UDP port 137.
Because the default policies of iptables and SELinux will organize remote users to access Samba, we disable these services now. If you set the firewall and SELinux policies, we will introduce them in detail in subsequent articles.
Configure the Samba server quickly:
1. Disable firewall and SELinux

 
 

  
  
[Root @ centos6 ~] # Setenforce 0 # temporarily disable SELinux
  
  
[Root @ centos6 ~] # Sed-I "/SELINUX =/c SELINUX = disable "\
  
  
>/Etc/sysconfig/selinux # permanently disable SELinux
  
  
[Root @ centos6 ~] # Service iptables stop # temporarily disable Firewall
  
  
[Root @ centos6 ~] # Chkconfig iptables off # permanently disable the Firewall
 
 

2. Install Samba Software

 
 

  
  
[root@centos6 ~]# yum -y install samba 
 
 

3. Create a shared directory

 
 

  
  
[Root @ centos6 ~] # Mkdir/common
  
  
[Root @ centos6 ~] # Chmod 755/common
  
  
[Root @ centos6 ~] # Echo "hello the world">/common/smb.txt # create a test file
 
 

4. modify the configuration file
The default Samba configuration file is/etc/samba/smb. conf. By default, Samba has been configured to allow users to access their home directories through remote sharing. Next, you can append the sharing settings of the common directory at the end of the configuration file to achieve quick custom sharing.

 
 

  
  
[Root @ centos6 ~] # Vim/etc/samba/smb. conf
  
  
[Common] # Share Name is common
  
  
Comment = Common share # share Comments
  
  
Path =/common # Important: Specify the shared path
  
  
Browseable = yes # visible to all
  
  
Guest OK = no # reject Anonymous Access
  
  
Writable = yes # Data Writing is supported
 
 

5. Create an access account
To access the Samba server, you also need to use smbpasswd to add the system account to Samba and set the password, by default, the automatic Samba software in CentOS 6.3 stores the account and password files in the/var/lib/samba/private directory.

 
 

  
  
[Root @ centos6 ~] # Useradd-s/sbin/nologin smbuser
  
  
[Root @ centos6 ~] # Smbpasswd-a smbuser
  
  
New SMB password: # enter the account password
  
  
Retype new SMB password: # confirm the password once
  
  
Added user smbuser. # The account and password are successfully Added.
 
 

Smbpasswd command
Description: used to modify the samba password of an account.
Usage: smbpasswd [Option] account name
Option:-a. Add an account and set a password.
-X delete an SMB account
-D. Disable an SMB account.
-E. Enable the SMB account
6. Start the service

 
 

  
  
[root@centos6 ~]# service smb start 
  
  
[root@centos6 ~]# chkconfig smb on 
 
 

Access Samba sharing:
1. Windows Client Access
In Windows, choose start-run or enter the Win + R shortcut to enable the operation. In the open box, enter \ IP, and the IP address is the IP address of the Samba server, click OK to access Samba sharing. If it is based on the user name and password, the system will prompt you to enter the account and password, 4-2. After logging on, we can see that Samba shares two directories: the common directory and the smbuser account's home directory.
 

650) this. width = 650; "border =" 0 "alt =" samba "src =" http://img1.51cto.com/attachment/201303/224227268.png "/>

-2

2. Linux Client Access
The Linux client can use the smbclient command to view the shared resources on the server. If the image is installed, you can connect to the server through the Linux graphic interface. The following describes the specific method.

 
 

  
  
[Root @ centos6 ~] # Smbclient-L // 192.168.0.101 # view host sharing information of 192.168.0.101
  
  
Enter root's password: # Check that no password is required. Press Enter.
  
  
Anonymous login successful
  
  
Domain = [MYGROUP] OS = [Unix] Server = [Samba 3.5.10-125. el6] # basic Server Information
  
  
 
  
  
Sharename Type Comment
  
  
--------------------
  
  
Common Disk Common share # share and comment
  
  
IPC $ IPC Service (Samba Server Version 3.5.10-125. el6)
  
  
[Root @ centos6 ~] # Smbclient-U smbuser // 192.168.0.101/common # access the samba shared directory
  
  
Enter smbuser's password: # Enter the account password
  
  
Domain = [MYGROUP] OS = [Unix] Server = [Samba 3.5.10-125. el6]
  
  
Smb: \> ls # view the shared directory through ls
  
  
. D 0 Mon Mar 11 00:27:57 2013
  
  
.. DR 0 Mon Mar 11 20:29:20 2013
  
  
Smb.txt 16 Mon Mar 11 23:09:29 2013
  
  
41355 blocks of size 524288. 27640 blocks available
  
  
Smb: \> help # view available commands of smblient
  
  
Smb: \> quit # exit
 
 

Sometimes it is meaningful to mount the Samba shared directory to achieve the same user experience as the local file system. Run the mount command as the root administrator to mount such a file system.

 
 

  
  
[root@centos6 ~]# mkdir /com 
  
  
[root@centos6 ~]# mount -t cifs //192.168.0.101/common /com \ 
  
  
> -o username=smbuser,password=<password> 
 
 

In addition, after accessing Samba through graphics, it will mount the icon on the desktop. You can double-click the icon to open the shared directory at any time.

 
 

  
  
[Root @ centos6 ~] # Nautilus-connect-server # graphical access sharing
 
 

650) this. width = 650; "border =" 0 "alt =" samba "src =" http://img1.51cto.com/attachment/201303/224706136.png "/>

-3

Configuration file details
The Samba configuration file is very brief. All the settings are in/etc/samba/smb. conf configuration file. By modifying this configuration file, we can configure Samba as an anonymous file server, account-based file server, or print server, by default, Samba will enable the local account home directory sharing and printer sharing. The behavior comment lines starting with # Or; in the configuration file are divided into several sections, except the global configuration segments) all other segments are used to describe shared resources. The configuration in the global segment indicates global validity and is the global default setting. However, if the configuration items in the global configuration section conflict with those in the shared section, the configuration items in the shared configuration section are set to the actual valid values. The following describes the meaning of each configuration option.
[Global] # define a global policy
Workgroup = MYGROUP # define a workgroup.
Server string = Samba Server Version % v
# The server prompts the string. the samba version is displayed by default. We recommend that you modify the default value to prevent network attacks against the version.
; Interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
# If your server has multiple network interfaces, you can use the interfaces option to specify which network # interfaces Samba listens.
; Hosts allow = 127. 192.168.12. 192.168.13. hosts t 192.168.13.13
# Specify which hosts are allowed to access the Samba server resource whitelist only). This parameter can be placed globally.
# Segments can also be placed in shared segments. In contrast, hosts deny is used to set the blacklist list.
# Specify the allowed host name, IP address, or CIDR block. When specifying a CIDR block, you can use 192.168.12 or
#192.168.12.0/255.255.255.0 format. You can use the IP address that you want to exclude by using the IP address T.
Log file =/var/log/samba/log. % m
# Define the log file. Because Samba variable % m is used, each access Shared host will generate an independent
# Log file. % m is replaced with the client host name.
Max log size = 50
# Defines the maximum size of a single log file as 50 kb.
Security = user
# Setting the security option will affect the client's access to samba. It is one of the most important setting options. Security
# It can be set to uesr, share, server, or domain. user indicates the access through the user name and password. # The user's identity is verified. # The account must be a system account on the server. share indicates anonymous access; server Indicates access based on the authentication identity, # But the account information is stored on another SMB server. domain is also based on authentication # access, and account information is saved # in the Active Directory.
Passdb backend = tdbsam
# Account and password storage method. smbpasswd indicates that the account and password are stored in the old plaintext format.
# The table is stored in TDB-based ciphertext format. ldapsam indicates that LDAP is used to store account information.
Deadtime = 10
# If the client does not open any Samba resources within 10 minutes, the service is automatically stopped. In a large number of concurrent access environments
# This setting can provide server performance.
Display charset = UTF8 # Set the character set used for display to UTF8
Max connections = 0
# Set the maximum number of connections. 0 indicates no limit. The connection request server rejects the connection if the limit is exceeded.
Guest account = nobody # Set the anonymous account to nobody
Load printers = yes # whether to share the printer
Cups options = raw # print attributes
[Homes] # Share Name
Comment = Home Directories # comment, share description information
Browseable = no # can be browsed?
Writable = yes # Whether write operations are allowed
[Printers] # printer sharing
Comment = All Printers
Path =/var/spool/samba # printer sharing pool
Browseable = no
Guest OK = no
Writable = no
Printable = yes
[Common] # Share Name is common
Comment = Common share # comment and share the description
Path =/common # Important: Specify the shared path
Valid users = tom jerry # list of valid accounts
Create mask = 0750 # default permission for uploading files on the client, 0744 by default
Directory mask = 0775 # default permission for creating a directory on the client, 0755 by default
Browseable = yes # whether to allow everyone to see yes or no)
Writable = no
Write list = tom # read/write permission account list, which is writable by tom
Admin users = tom # The shared administrator has full permissions.
Invalid users = root bin # prohibit root and bin from accessing common sharing
Guest OK = no # whether anonymous access is allowed. It is valid only when security = share is set globally ).
This article from <ding Adventure> blog, please be sure to keep this source http://manual.blog.51cto.com/3300438/1157571

This article from the "ding Adventure" blog, please be sure to keep this source http://manual.blog.51cto.com/3300438/1157571