Build a Samba File Sharing server in CentOS

Samba Introduction

Samba is a free software that connects to the SMB/CIFS (Server Message Block/Common Internet File System) network protocol of Microsoft Windows on Linux and UNIX systems, consists of servers and client programs.

The current version (v3) not only allows you to access and share SMB folders and printers, but also integrates Windows Server domains and act as Domain controllers) and joining Active Directory members. In short, the software builds a bridge between Windows and UNIX operating systems, so that the resources of the two systems can communicate with each other.

Samba functions and application scope

Samba should be mainly used in networks where Windows and Linux systems coexist. If a network environment is a Linux or Unix system, it is better to use NFS if Samba is not necessary; so what services does Samba provide for us? Shared Files and printers.

Build a samba Shared Server

1. First, check the system version and type of the server.

1. [root @ samba ~] # Uname-a // view the kernel version details, including the host name Linux samba 2.6.18-308. el5 #1 SMP Tue Feb 21 20:06:06 EST 2012 x86_64 x86_64 x86_64 GNU/Linux2. [root @ samba ~] # Lsb_release-a // view the release of the system and vendor LSB Version: core-4.0-amd64: core-4.0-ia32: core-4.0-noarch: graphics-4.0-amd64: graphics-4.0-ia32: graphics-4.0-noarch: printing-4.0-amd64: printing-4.0-ia32: printing-4.0-noarchDistributor: ID: CentOSDescription: centOS release 5.8 (Final) Release: 5.8 Codename: Final

2. install three samba-related data packets. If rpm cannot be installed and there is dependency, use yum to install the data packets directly.

1. Check whether the three samba-related data packets have been successfully installed.

[Root @ samba ~] # Yum install-y samba * [root @ samba ~] # Rpm-qa | grep sambasamba-common-3.0.33-3.39.el5_8samba-swat-3.0.33-3.39.el5_8samba-3.0.33-3.39.el5_8 // samba: this suite mainly contains SAMBA's main daemon file (smbd and nmbd), SAMBA File file (document) and other SAMBA-related logrotate configuration files and boot preset option files. Samba-client-3.0.33-3.39.el5_8 // This suite provides the required tool commands When Linux is used as the SAMBA Client, such as mounting the execute file smbmount In the SAMBA file format.

The samba server mainly provides the following two service programs.

Smbd: Provides the client with access to shared resources (directories and files) on the server.

Nmbd: Provides resolution based on the NetBIOSS host name to resolve the name of the host in the windows network.

2. The configuration file of smb. conf is stored in the/etc/samba directory by default.

[root@samba samba]# ll /etc/samba/total 32-rw-r--r-- 1 root root   20 May 18  2012 lmhosts-rw-r--r-- 1 root root 9733 May 118 2012 smb.conf-rw-r--r-- 1 root root   97 May 118 2012 smbusers

Lmhosts: This file mainly aims at the IP address corresponding to the NetBIOS name and host name. In fact, it is a bit like the/etc/hosts function.

Smbusers: virtual user that creates smb, which is stored in the smbusers file for login verification.

Smb. conf: the default directory of the samba configuration file, which can be customized if the source code package is installed.

3. Check the information in the configuration file and modify the smb. conf configuration file.

[root@samba samba]# grep -v "^[#;]" smb.conf | grep -v "^$"[global]workgroup = MYGROUPserver string = Samba Server Version %v# logs split per machine# max 50KB per log file, then rotatesecurity = userpassdb backend = tdbsam# the login script name depends on the machine name# the login script name depends on the unix user used# disables profiles support by specifing an empty pathload printers = yescups options = raw#obtain list of printers automatically on SystemV[homes]comment = Home Directoriesbrowseable = nowritable = yes[printers]comment = All Printerspath = /var/spool/sambabrowseable = noguest ok = nowritable = noprintable = yes

1. Redirect the configuration file to a file and back up the source file of smb. conf.

[root@samba samba]# grep -v "^[#;]" smb.conf | grep -v "^$" >>tt1.txt[root@samba samba]# mv smb.conf smb.conf.ori[root@samba samba]# mv tt1.txt smb.conf

2. The following describes important information in the smb. conf configuration file.

[Root @ samba ~] # Vim/etc/samba/smb. conf [global] workgroup = MYGROUP // Name of the Working group where the server is located, for example, "WORKGROUP" Server string = Samba server Version % v // description of the Server hosts allow = 127. 192.168.1. 192.168.13. // by default, it is annotated to allow access from all IP addresses. log file =/var/log/samba/% m. log // the log file of the Samba server, which is stored in the "/var/log/samba" directory by default. security = share // There are four security levels: share) user (the user and password must be verified on the local server), server (the user name and password must be verified on another server), domain (the user name and password are verified by the windows domain Controller) passdb backend = t Dbsam // tdbsam: Creates a user database using a database file. The database file is called passdb. tdb and is in/etc/samba. Passdb. tdb user database can use smbpasswd-a to create a Samba user. The Samba user to be created must first be a system user. Load printers = yes // when the Samba service is started, the printer configuration file cups options = raw // specifies how the printer is used. Printcapname =/etc/printcap // by default, printcapname = lpstatprinting = cups // specifies the printing system type. This parameter is specified only when the printing system is not a standard system. Set the printing system type, which is generally the default value. This parameter is specified only when the printing system is not a standard system. # Obtain list of printers automatically on SystemV [homes] // user directory sharing settings comment = Home Directories // description information browseable = no // sets whether other users can browse this shared file. Writable = yes // set whether this user can write [printers] // printer sharing settings comment = All Printers // description path =/var/spool/samba // default path of the Sharing Server browseable = no // check whether the directory browsing permission guest OK = no // whether the guest is allowed to access writable = no // whether the user can write printable = yes to the shared directory, yes (allowed) by default) [beyond] // custom shared directory file comment = Public share with beyond file // description path =/var/public/beyond/custom shared file directory path public = yes // The shared directory allows all users to access and upload files) readonly = yes // read-only permission

3. view the modified samba server's main configuration file smb. conf.

[root@samba samba]# cat smb.conf[global]workgroup = MYGROUPserver string = Samba Server Version %vlog file= /var/log/samba/%m.loghosts allow = 127. 192.168.1. 192.168.13.# logs split per machine# max 50KB per log file, then rotatesecurity = sharepassdb backend = tdbsam# the login script name depends on the machine name# the login script name depends on the unix user used# disables profiles support by specifing an empty pathload printers = yescups options = raw#obtain list of printers automatically on SystemV[homes]comment = Home Directoriesbrowseable = nowritable = yes[printers]comment = All Printerspath = /var/spool/sambabrowseable = noguest ok = nowritable = noprintable = yes[beyond]comment = Public share with beyond filepath = /var/public/beyondpublic = yesreadonly = yes

4. Create the User-Defined shared file above

[Root @ samba] # mkdir-p/var/public/beyond

[Root @ samba] # mkdir-p/var/public/beyonds/test

5. Finally, you must enable the smb service to take effect.

[Root @ samba] #/etc/init. d/smb start

4. perform a test on the windows server 2003 client to access the samba server on linux

1. Click OK to check whether the shared directory beyond can be accessed.

2. No password verification is required. You have accessed the beyond directory and printer.

Go to the beyond directory and check the test directory. OK. Sharing successful!

3. You can go in and see the original folders and files. You cannot create files. Why can't I create it? Because the share user sets read only = yes (read-only permission ).

4. Create a file sharing server with validation

1. Create three smb accounts and passwords

[root@samba ~]# useradd tt1[root@samba ~]# useradd tt2[root@samba ~]# smbpasswd -a tt1New SMB password:Retype new SMB password:Added user tt1.[root@samba ~]# smbpasswd -a tt2New SMB password:Retype new SMB password:Added user tt2.[root@samba ~]# smbpasswd -a rootNew SMB password:Retype new SMB password:Added user root.

2. view the modified smb. conf configuration file.

[root@samba samba]# head smb.conf[global]workgroup = WORKGROUPserver string = Samba Server Version %vlog file= /var/log/samba/%m.loghosts allow = 127. 192.168.1. 192.168.13.# logs split per machine# max 50KB per log file, then rotatesecurity = userpassdb backend = tdbsam# the login script name depends on the machine name[root@samba samba]# tail smb.confreadonly = yes[taokey]comment = Public share with taokey filespath = /var/public/taokeypublic = nowritable = yesvalid users= tt1,tt2 @rootwritelist = root,tt2directory mask = 0744create mask = 0600

3. Create shared directories and files

[root@samba samba]# mkdir -p /var/public/taokey[root@samba samba]# mkdir -p /var/public/taokey/test[root@samba samba]# touch /var/public/taokey/taoyake.txt

4. Restart the smb server to take effect.

[Root @ samba] #/etc/init. d/smb restart

5. Use the windows server 2003 client to access the samba server again. A password verification box is displayed.

6. Enter the created tt1 account and password to log in.

7. After Entering the account and password, the review is successful and enters the smb sharing server.

8. Access the taokey and view the Created directory and file.

[root@samba samba]# tail smb.confreadonly = yes[taokey]comment = Public share with taokey filespath = /var/public/taokeypublic = nowritable = yesvalid users= tt1,tt2 @rootwritelist = root,tt2directory mask = 0744create mask = 0600

Tt1 cannot be written because only tt2 and root accounts can be written.

The built-in File Permission of the server must have the write permission on the file to write the file.

[Root @ samba public] # chmod a + w/var/public/taokey

According to the above configuration, tt2 can be used to create and delete files. Let's try tt2 to see if we can create or delete files.

Note: When testing samba, by default, after logging on to samba for the first time, logging on again (\ samba Server IP address) will remember the user and password you logged on to earlier versions. Therefore, if you want to change the user to test the login effect, you can first execute the command "net use */del" and run the \ samba Server IP address again to prompt you to enter the user name and password.

9. Access the IP address of the samba server again, and enter the tt2 account and password.

As you can see, tt2 users can create new documents under the taokey directory.

10. Create another ssh directory and try again.

Delete hello.txt and try it.

It can be deleted.

So far, the experiment has ended.

This article from the "years in the passage, the glory is still in" blog, please be sure to keep this source http://taokey.blog.51cto.com/4633273/1203553