Samba research experience in RedHatLinux9.0

1. install samba first verify that sambarpm-qa | grepsamba has been installed on your machine. If there is a samba-common-2.2.7a-7.9.0samba-client-2.2.7a-7.9.0samba-2.2.7a-7.9.0, congratulations, you have installed samba. If not, install, the installation method is very simple. The first RedHatlinux9.0 disc contains // cdrom.

1. Install samba
Verify that samba has been installed on your machine
Rpm-qa | grep samba. If
Samba-common-2.2.7a-7.9.0
Samba-client-2.2.7a-7.9.0
Samba-2.2.7a-7.9.0
Congratulations! You have installed samba. If you don't have any of the above, please install it. The installation method is simple, RedHat
The first disk in linux 9.0 contains // cdrom/RedHat/RPMS/
The following is my detailed installation process
Put the first disc into the optical drive, and it will be automatically mounted, saving you the need to mount it by yourself
# Cd/mnt/cdrom/RedHat/RPMS (case-sensitive letters; otherwise, errors may occur)
# Rpm-ivh samba-common-2.2.7a-7.9.0 (this must be installed first, the installation does not have to write all the following samba-common-2.2.7a-7.9.0, such as writing to samba-c, press a few times more Tab key, it's easy)
# Rpm-ivh samba-2.2.7a-7.9.0
# Rpm-ivh samba-client-2.2.7a-7.9.0 (client)
After installing the above things, basically it can be, but in order to facilitate the configuration and the use of REDHAT LINUX9.0 new features, I suggest installing the following two Dongdong redhat-config-samba-1.0.4-1, samba-swat-2.2.7a-7.9.0 in the disc, where the redhat-config-samba-1.0.4-1 In the first disc, samba-swat-2.2.7a-7.9.0 In the second disc, the installation method and the above the same.
Through the simple introduction above, I think you have installed it. experiment with it.
# Rpm-qa | grep samba)
Redhat-config-samba-1.0.4-1
Samba-common-2.2.7a-7.9.0
Samba-client-2.2.7a-7.9.0
Samba-swat-2.2.7a-7.9.0
Samba-2.2.7a-7.9.0
OK. The installation is successful! (It is recommended that you install the above items on your own. If there is one installed on the system, uninstall it first to deepen your impression. If there is a problem with the installation after the system is uninstalled, it may be because you have not completely uninstalled the instance. The solution is to continue searching for uninstallation or force installation)
2. Configuration
(1) method 1
Use our installed redhat-config-samba-1.0.4-1 for configuration as follows:
Start ---> system settings ---> server configuration ---> samba Server
(I wrote this article in LINUX, so I won't cut down the graphics, so I have to give it a simple explanation)
Preference --> server settings. Here you can make some basic settings for the samba server. It should be said that it is relatively simple. I don't know how to introduce it. After configuration, remember to restart the service.
There are two restart methods:
# Service smb start or restart
#/Etc/rc. d/init. d/smb start
(2) method 2
Using samba-swat-2.2.7a-7.9.0
First, you need to modify the swat configuration file, which is disabled by default.
Service swat
{
Port = 901 (the port used by swat is 901)
Socket_type = stream (something similar to the tcp protocol)
Wait = no
Only_from = 127.0.0.1 (only starting swat from this, key !)
User = root (name used to start swat)
Server =/usr/sbin/swat
Log_on_failure + = USERID
Disable = yes (yes must be changed to no)
}
After modification, start xinetd.
The startup method is the same as what I just mentioned.
Then press enter in the browser: http: // 127.0.0.1: 901! (Note: This IP address must be the same as the IP address in the SWAT configuration file. Remember !)
As for how to use swat, it should not be a problem to explore it. After the configuration is complete, remember to restart the service. by the way, to enable samba and swat to start at each boot, you can:
# Setup, and then find the system service. Run the * command before SMB and SWAT. You can also run the # ntsysv command to achieve the same effect.
(3) method 3
Using samba-2.2.7a-7.9.0, this is the most fundamental thing, no matter what tool, master its principle is the most important, like web page production, although a lot of tools, but must be familiar with HTML language, A good web page that can be edited! Haha)
After the samba-2.2.7a-7.9.0 is installed, the file will be formed under/etc/samba/
Smb. conf smbpasswd smbusers lmhosts. If none of them exist, you can create
Modify the smb. conf file
I just want to make a simple description: guest OK is the same as public, and read only and writable are the opposite, there is no difference
Workgroup = (working group name, fill in your current LAN working group)
Netbios =)
Client code page = 936 (the default value is 850,936, which is in simplified Chinese. Remember, do you not remember that the Chinese names under your windows system are all ???, This is because you didn't add-o iocharset = cp936 !)
Guest account = nobody (guest account, which is related to the shared file cheek defined by you, where nobody exists in smbusers)
Security = SHARE (there are four levels, not to mention)
Encrypt passwords = Yes (the encrypted password. The password sent by win98/2000 is encrypted, so yes is required here)
The above is the content of [global]. In fact, there are a lot of things, and the level is limited.
The following is what you want to share. It should be noted that the attributes of folder sharing depend on the permission settings of the file cheek in LINUX.
[Myxfc]
Comment = myxinfc
Path =/home/xinfc
Read only = No
Guest OK = Yes

[Tmp]
Path =/home
Valid users = hehl
Write list = @ staff
Read only = No
Guest OK = Yes
The sharing setting is actually very simple, mainly because of the path and permission issues. The two are clear and should be okay.

I have finished the introduction and restarted the service!
Maybe you will find that the client cannot be connected. *** it's so annoying, busy for so long, you still cannot access it, why?
1) the client should install TCP/IP netbios ipx (this stuff is not familiar)
2 lmhosts. The IP address corresponds to the netbios name.
3) iptables (this is the worst thing, because of him, I wasted two days! I come up with a small conclusion that iptables is disabled before various configurations !)
Because I don't know much about iptables, there are two solutions:
1: # setup, select firewall, and disable
2. Modify/etc/sysconfig/iptables
-A input-j RH-Lokkit-0-50-INPUT
-A forward-j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT-I lo-j ACCEPT
-A RH-Lokkit-0-50-INPUT-p tcp-m tcp -- dport -- syn-j ACCEPT
-A RH-Lokkit-0-50-INPUT-p tcp-m tcp -- dport 2049 -- syn-j REJECT
-A RH-Lokkit-0-50-INPUT-p udp-m udp -- dport-j ACCEPT
-A RH-Lokkit-0-50-INPUT-p udp-m udp -- dport 2049-j REJECT
-A RH-Lokkit-0-50-INPUT-p tcp-m tcp -- dport 6000: 6009 -- syn-j REJECT
-A RH-Lokkit-0-50-INPUT-p tcp-m tcp -- dport 7100 -- syn-j REJECT
COMMIT
Change the REJECT of the two rows at to ACCEPT.
Restart the firewall.
# Service iptables start

---------------------------------------------------

Samba smb. conf file configuration

Workgroup = MYGROUP

// This indicates the group to which the SAMBA server will be displayed in "Network Neighbor" in the Windows operating system. The default value is MYGROUP, Which is case insensitive.

Server string = Samba Server

// The description displayed after the Windows client starts the SAMBA server content window.

; Hosts allow = 192.168.1. 192.168.2. 127.

// This option is not used in the case of silence. It can be used to set the host, subnet, or Domain Allowed To access the SAMBA server in the LAN. If more than one name must be separated by commas.

Example:

Hosts allow = 172.17.2.20.t172.17.2.50

Allow host connection from 172.17.2. *. *, but exclude 172.17.2.50

Hosts allow = 172.17.2.0/255.255.255.0.0

Allow all hosts from the 172.17.2.0 subnet to connect

Hosts allow = M1, M2

Allow connections from M1 and M2 computers

Hosts allow = @ xq

Allow all computers from the XQ domain to connect

Printcap name =/etc/printcap

// Set the name and path of the printer configuration file automatically loaded at startup.

Load printers = yes

// Indicates whether to allow all printers in the printer. The browsing list is automatically loaded when the printer is started to support the browsing function of the client.

Printing = cups

// This option is used to specify the print system type.

; Guest account = pcguest

// This option is not used by default. It is used to set the Guest account name.

Log file =/var/log/samba/% m. log

// This option creates individual records for all computers connected to the SAMBA server

Max log size = 0

// You can set the maximum log size for each record. The unit is KB.

Security = user

// Specify the security level used by the SAMBA server

; Password server =

// This function is not used in the default configuration and takes effect only when the previous option is set to "security = server". It is used to specify the name of the password service, therefore, to use the NETBIOS name, you can also use "password server = *" to automatically find available domain controllers.

; Password level = 8

// This option is used to avoid errors generated when the password uppercase digits are allowed to be different between the SAMBA server and the client.

; Username level = 8

// This option is used to avoid errors caused by the difference in the upper-case digits of the account allowed between the SAMBA server and the client.

Encrypt passwords = yes

// Indicates whether to specify whether the user password is encrypted and sent to the SAMBA server

Smb passwd file =/etc/samba/smbpasswd

// Password file path used by the SAMBA server

; Ssl CA certFile =/usr/share/ssl/certs/ca-bundle.crt

// It is used to specify all files with trusted CA names

Unix password sync = Yes

// This option can be used to synchronize the encrypted content in the SAMBA password file.

Passwd program =/usr/bin/passwd % u

// This item is used to specify the program for setting the UNIX account password, where % uindicates the user name

Passwd chat = * New * password * % n \ n * Retype * new * password * % n \ n * passwd: * all * authentication * tokens * updated * successfully *

// This option is used to set the indicator string displayed on the screen when the user converts the Linux Password to the SAMBA server password and generates an interactive window with the user

Pam password change = yes

// This option indicates that you can use PAM to modify the password of the SMB client, instead of the program specified in the "passwd program" option.

; Username map =/etc/samba/smbusers

// This option specifies a configuration file that contains the user data on the client and server.

; Include =/etc/samba/smb. conf. % m

// This option allows the SAMBA server to use other configuration files

; Obey pam restrictions = yes

// This option determines whether to use the PAM account and session management commands

Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192

// This option is very important when writing TCP/IP programs, because you can adjust the efficiency of SAMBA Server Runtime.

; Interfaces = 192.168.12.2/24 192.168.13.2/24

// This option enables the SAMBA server to monitor multiple interfaces. This option should be configured if multiple NICs exist on the server.

You can write it as follows during Configuration:

Interfaces = eth0

Interfaces = 172.17.4.150

; Remote announce = 192.168.1.255 192.168.2.44

// This option allows NMBD to regularly publish the IP address and group name of the SAMBA server to a remote network or host.

#========= Share Definitions ==========================

[Homes] // contents of the home directory settings for the user's day

Comment = Home Directories // Home directory comment

Browseable = no // whether other users are allowed to browse their home directories

Writable = yes // whether to allow writing to a personal directory

Valid users = % S // user allowed to log on, % S indicates the user currently logged on

Create mode = 0664 // default permission for creating a file

Directory mode = 0775 // default permission for creating a directory

; Map to guest = bad user

// When you enter an incorrect account and password, you can use the "map to guest" option to set the processing method, however, the preceding "security" option must be set to "user", "server", and "domain"

Settings	Description
User	Access denied
Server	If the account is correct but the password is incorrect, Allow Logging in with Guest
Domain	If both the account and password are incorrect, you can still log on with Guest.

; [Netlogon] // "netlogon" directory setting when logging on to the domain

; Comment = Network Logon Service // home directory comment

; Path =/usr/local/samba/lib/netlogon // local path for actual resource access

; Guest OK = yes // Password required for connection

; Writable = no // whether to allow writing to this directory

; Share modes = no // whether to allow files in the directory to be shared among different users

; [Profiles] // user configuration file directory settings

; Path =/usr/local/samba/profiles // The local path to which the resource is actually accessed

; Browseable = no // whether to allow browsing this main directory

; Guest OK = yes // Password required for connection

[Printers] // set the printer environment content

Comment = All Printers // printer Annotation

Path =/var/spool/samba // print the queue path

Public = yes // whether to allow Guest Printing

Browseable = no // whether to allow browsing of the temporary disk content in the printer

Guest OK = no // do you need a password for connection?

Writable = no // whether to allow write to this directory