CentOS6.3 configuration (11) installation and configuration of Samba as a file server

Source: Internet
Author: User

Preface:The services provided by the file server are used by most companies or enterprises, because different resource files are obtained from different positions in any company or enterprise, this requires configuring different permissions for different positions to ensure the security and confidentiality of related resource files.

I. Samba introduction:

Server Message Block is short for SMB, which is the Server Message Block. SMB is mainly used as Microsoft's network communication protocol. Samba applies the SMB communication protocol to the Linux system, making Samba a software that allows the Linux system to apply the Microsoft network communication protocol. The largest function of Samba can be used for file sharing and print sharing between Linux and windows systems. Samba can be used for file sharing between windows and Linux systems, it can also be used for resource sharing between Linux and Linux. Due to the emergence of NFS, Samba is more used for data sharing between Linux and windows.

SMB is a client/server-based protocol. Therefore, a Samba server can be a file sharing server or a Samba client. Samba uses the NetBIOS protocol in windows. If you want to use files shared in Linux, check whether the NetBIOS protocol is installed in your windows system.

There are two services for running Samba: SMB and NMB. SMB is the core startup service of Samba and is mainly responsible for establishing conversations between the Samba server and the Samba client, verify the identity of the user and provide access to the file and print system. Only when the SMB service is started can file sharing be realized, listening to port 139 TCP, And the NMB Service is responsible for parsing, similar to the functions implemented by DNS, NMB can correspond the name of the Working Group shared by the Linux system to its IP address. If the NMB service is not started, it can only access the shared file through the IP address, listen to UDP ports 137 and 138.
The Samba server can implement the following functions:

A. WINS and DNS services;

B. Web browsing service;

C. authentication and authorization between Linux and Windows domains;

D. UNICODE Character Set and domain name ing;

E. UNIX sharing that meets the CIFS protocol.

II. Environment preparation:

1. CentOS 6.3 (32-bit), host name: samba;

2. IP Address: 192.168.31.131;

3. Virtual Machine: VMware? Workstation 9.0.0 build-812388;

4. samba software: samba-3.6.9-167.el6_5.i686;

5. Working Group: Lmzsamba.

3. Install software:

A. Preparations before installation:

SELINUX = disabled

Disable firewall: service iptables stop

B. Run the following command to install samba:

[Root @ samba ~] # Yum install samba-client samba-swat

C. Check whether samba is successfully installed:

[Root @ samba ~] # Rpm-qa | grep samba

If the following information is displayed, the installation is correct:

Samba-client-3.6.9-167.el6_5.i686

Samba-3.6.9-167.el6_5.i686

Samba-common-3.6.9-167.el6_5.i686

Samba-winbind-3.6.9-167.el6_5.i686

Samba-swat-3.6.9-167.el6_5.i686

Samba-winbind-clients-3.6.9-167.el6_5.i686

D. Start the samba service and check the status:

[Root @ samba ~] #/Etc/init. d/smb start

Display result:

Starting SMB services: [OK]

Status check:

[Root @ samba ~] # Service smb status

Display result:

Smbd (pid 2462) is running...

E. Set auto-start upon startup and check whether the setting is successful:

[Root @ samba ~] # Chkconfig -- level 35 smb on

Check whether it is successful:

[Root @ samba ~] # Chkconfig -- list | grep smb

If the result is displayed in red (samba service is automatically run on level 3 and Level 5), the setting is successful:

Smb 0: off 1: off 2: off 3: on 4: off 5: on 6: off

4. Service Configuration:

Samba service configuration mainly refers to the configuration of the/etc/samba/smb. conf file. Generally, a company or an enterprise is divided into three types:

1. Configure public anonymous shared directories (that is, anonymous accounts access shared directories or files );

A. configuration file:

[Root @ samba ~] # Vi/etc/samba/smb. conf

Add or modify the relevant code in the file:

Workgroup = WORKGROUP // defines the Working Group concept in windows.

Server string = Lmz Samba Server Version % v // Brief description of Samba server Definition

Netbios name = LmzSamba // define the name of the computer displayed in windows

// Define the log file of Samba. % m indicates the client host name.

// The Samba server creates different log files for each login host in the specified directory.

Log file =/var/log/samba/log. % m

Security = share // shared level, which can be accessed without an account or password

[Public] // The setting is specific to the shared directory and only applies to the current shared resource.

Comment = Public Stuff // The description file for the shared directory. You can define the description file yourself.

Path =/share // It is required to specify the shared directory.

Public = yes // available to all users, equivalent to guest OK = yes

B. Create a shared directory:

[Root @ samba ~] # Cd ..

[Root @ samba/] # mkdir share

[Root @ samba/] # cd share

[Root @ samba share] # touch samba.txt

[Root @ samba share] # touch aa.txt

[Root @ samba share] # ls-ls

Display result:

Total 0

0-rw-r --. 1 root 0 Mar 13 :02 aa.txt

0-rw-r --. 1 root 0 Mar 13 :02 samba.txt

Grant the nobody permission to anonymous users for the/share directory:

[Root @ samba/] # chown-R nobody: nobody share/

[Root @ samba/] # ll/share/

Total 0

-Rw-r --. 1 nobody 0 Mar 13 11: 02 aa.txt

-Rw-r --. 1 nobody 0 Mar 13 11: 02 samba

C. Restart the smb service:

[Root @ samba/] #/etc/init. d/smb restart

Shutting down SMB services: [OK]

Starting SMB services: [OK]

[Root @ samba/] #/etc/init. d/nmb restart

Shutting down NMB services: [FAILED]

Starting NMB services: [OK]

D. test whether the smb. conf configuration is correct:

[Root @ samba/] # testparm

Display result:

Load smb config files from/etc/samba/smb. conf

Rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

Processing section "[homes]"

Processing section "[printers]"

Processing section "[public]"

WARNING: The security = share option is deprecated

Loaded services file OK.

Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

[Global]

Netbios name = LMZSAMBA

Server string = Lmz Samba Server Version % v

Security = SHARE

Log file =/var/log/samba/log. % m

Max log size = 50

Idmap config *: backend = tdb

Cups options = raw

[Homes]

Comment = Home Directories

Read only = No

Browseable = No

[Printers]

Comment = All Printers

Path =/var/spool/samba

Printable = Yes

Print OK = Yes

Browseable = No

[Public]

Comment = Public Stuff

Path =/share

Guest OK = Yes

E. Access the shared files on the Samba server:

E1: CentOS system test:

[Root @ samba/] # smbclient // 127.0.0.1/public

Display result:

WARNING: The security = share option is deprecated

Enter root's password:

Because it is an anonymous user and no password is set, you can press Enter here:

Domain = [WORKGROUP] OS = [Unix] Server = [Samba 3.6.9-167. el6_5]

Server not using user level security and no password supplied.

Smb: \>

Enter the ls command and press enter to obtain the following information:

Smb: \> ls

. D 0 Thu Mar 13 11:02:47 2014

.. DR 0 Thu Mar 13 11:13:53 2014

Aa.txt 0 Thu Mar 13 11:02:47 2014

Samba.txt 0 Thu Mar 13 11:02:37 2014

35755 blocks of size 524288. 29202 blocks available

Smb: \>

Enter the q command here to exit the access.

E2: Windows XP system test, result

We can see that the public directory is shared successfully.

2. Group directories by permission (that is, in addition to public shared directories, each group accesses files or directories of each group. Take TS as an example );

A. Add the TS group and user and assign the user password:

[Root @ samba ~] # Groupadd ts

[Root @ samba ~] # Useradd-g ts zhangsan

[Root @ samba ~] # Useradd-g ts lisi

Set the lisi password:

[Root @ samba ~] # Passwd lisi

Display result:

Changing password for user lisi.

New password:

Enter the password 123456 here, and press Enter:

Bad password: it is too short

Bad password: is too simple

Retype new password:

Enter the password 123456 again, and press Enter:

Passwd: all authentication tokens updatedSuccessfully.

Set the password of zhangsan:

[Root @ samba ~] # Passwd zhangsan

Display result:

Changing password for user zhangsan.

New password:

Enter the password 123456 here, and press Enter:

Bad password: it is too short

Bad password: is too simple

Retype new password:

Enter the password 123456 again, and press Enter:

Passwd: all authentication tokens updatedSuccessfully.

B. Create the/ts folder in the root directory:

[Root @ samba ~] # Cd/

[Root @ samba/] # mkdir ts

[Root @ samba/] # cd ts

[Root @ samba ts] # touch ts.txt

[Root @ samba ts] # ls-ls

Total 0

0-rw-r -- 1 root 0 Mar 13 ts.txt

C. Add two accounts (lisi and zhangsan) to the samba account:

[Root @ samba ~] # Smbpasswd-a zhangsan

New SMB password:

Retype new SMB password:

Added user zhangsan.

[Root @ samba ~] # Smbpasswd-a lisi

New SMB password:

Retype new SMB password:

Added user lisi.

D. Modify the main configuration file as follows:

[Root @ samba ~] # Vi/etc/samba/smb. conf

Modify security:

Security = user // shared level, which can be accessed without an account or password

Add information:

[Ts]

Comment = TS

Path =/ts

Valid users = @ ts

E. Reload the samba service:

[Root @ samba ~] # Service smb reload

Display result:

Reloading smb. conf file: [OK]

F. Test in window xp:

Open my computer and enter \ 192.168.31.131 in the address bar. The user logon box is displayed ,:

In the figure, enter the username: lisi and password: 123456. After successful login, you can see the corresponding directories, including lisi's own directories, anonymous public directories, and non-Anonymous directories shared by lisi and zhangsan. As shown in:

We can see that the expected results are achieved.

3. group different directories under the shared directory.

Requirement: 1. Separate a Company partition in the system partition, which has the following folders: HR, FM, and Share. There are the following folders under Share: HR, FM, and Tools.

2. The folders corresponding to each department are managed by each department, and the Tools folder is maintained by the Administrator.

3. HR Administrator Account: hradmin; Common User Account: hruser. FM Administrator Account: fmadmin; Common User Account: fmuser.

A. Create A user and set the SMB account password:

Add User:

[Root @ samba ~] # Useradd-s/sbin/nologin hradmin

[Root @ samba ~] # Useradd-g hradmin-s/sbin/nologin hruser

[Root @ samba ~] # Useradd-s/sbin/nologin fmadmin

[Root @ samba ~] # Useradd-g hradmin-s/sbin/nologin fmuser

[Root @ samba ~] # Useradd-s/sbin/nologin admin

Set password:

[Root @ samba ~] # Smbpasswd-a hradmin

New SMB password:

Retype new SMB password:

Added user hradmin.

[Root @ samba ~] # Smbpasswd-a hruser

New SMB password:

Retype new SMB password:

Added user hruser.

[Root @ samba ~] # Smbpasswd-a fmadmin

New SMB password:

Retype new SMB password:

Added user fmadmin.

[Root @ samba ~] # Smbpasswd-a fmuser

New SMB password:

Retype new SMB password:

Added user fmuser.

[Root @ samba ~] # Smbpasswd-a admin

New SMB password:

Retype new SMB password:

Added user admin.

For ease of memory, the configuration is set to 123456.

B. Create a directory:

[Root @ samba ~] # Cd/

[Root @ samba/] # mkdir company

[Root @ samba/] # cd company

[Root @ samba company] # mkdir hr fm Share

[Root @ samba company] # cd Share

[Root @ samba Share] # mkdir hr fm Tools

C. Change directory properties:

[Root @ samba company] # chown hradmin. hradmin HR

[Root @ samba company] # chown fmadmin. fmadmin FM

[Root @ samba company] # chown admin. admin Share

[Root @ samba company] # cd Share

[Root @ samba Share] # chown hradmin. hradmin HR

[Root @ samba Share] # chown fmadmin. fmadmin FM

[Root @ samba Share] # chown admin. admin Tools

[Root @ samba Share] # chmod 1775 HR FM

D,Modify the main configuration file as follows::

Security = user

Passdb backend = tdbsam


[HR]

Comment = This is a directory of HR.

Path =/company/HR/

Public = no

Admin users = hradmin

Valid users = @ hradmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[FM]

Comment = This is a directory of FM.

Path =/company/FM/

Public = no

Admin users = fmadmin

Valid users = @ fmadmin

Writable = yes

Create mask = 0750

Directory mask = 0750

[Share]

Comment = This is a share directory.

Path =/company/Share/

Public = no

Valid users = admin, @ hradmin, @ fmadmin

Writable = yes

Create mask = 0755

Directory mask = 0755

E. Restart the samba service:

[Root @ samba Share] #/etc/init. d/smb restart

Shutting down SMB services: [OK]

Starting SMB services: [OK]

[Root @ samba Share] #/etc/init. d/nmb restart

Shutting down NMB services: [OK]

Starting NMB services: [OK]

F. Test Windows XP:

Open my computer and enter \ 192.168.31.131 in the address bar. The user logon box is displayed ,:

In the figure, enter the username hradmin and password 123456 to view the corresponding shared directory, as shown in:

The test is complete.

4. Set the network ing drive and add a drive letter-like folder in the computing, which is convenient, as shown in:

5. If the network is disconnected, the following situations may occur, as shown in:

You can solve the problem in the form of an example:

Configuration is complete. Please click it!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.