Samba Server installation and configuration, samba Server Configuration

Source: Internet
Author: User
Tags server installation and configuration domain server

Samba Server installation and configuration, samba Server Configuration

As a background developer, during code development, the development process is generally local development-> synchronize to server compilation-> svn submission. How to efficiently process these steps in team development is a basic problem. Generally, most of our local environments are Windows, and we remotely connect to the server through the ssh client. Generally, due to the huge background code, we all have our own compiling environment, there are many methods to compile and update the code to the version library in a timely manner during the development process. for example, sshclient and securecrt support ftp for file transfer, and rsync for windows. However, this method requires manual updating, full updating, and sometimes forgetting to change those files and updating all uncertain files.

In order to share files between Windows and unix, samba was born to support direct modification of files instead of copying files for updates. We all know that files can be shared by NFS servers between unix and Windows through CIFS, that is, network neighbors. samba was born to enable Windows to access Unix resources, including files and printers.

1. Install and start samba

The latest samba-4.1.14 version is used to install the samba source code. The installation process is as follows:

$ sudo mkdir /usr/local/samba-4.1.14 $ ./configure --prefix=/usr/local/samba-4.1.14 ...Checking for program xsltproc                                                     : not found Checking for program python                                                       : /usr/bin/python Checking for program python                                                       : /usr/bin/python Checking for program python                                                       : /usr/bin/python Checking for Python version >= 2.5.0                                              : ok 2.7.6 Checking for library python2.7                                                    : not found Checking for library python2.7                                                    : yes Checking for program python2.7-config                                             : not found Checking for program python-config-2.7                                            : not found Checking for custom code                                                          : Could not find the python development headers /home/anonymalias/Downloads/samba-4.1.14/wscript:100: error: the configuration failed (see '/home/anonymalias/Downloads/samba-4.1.14/bin/config.log')

The cause of the above error is that samba must depend on python and execute

$ sudo apt-get install python-dev

Make & sudo make install. After OK is installed, the installation directory structure is as follows:

/usr/local/samba-4.1.14$ lsbin  etc  include  lib  private  sbin  share  va

 
  • Copy the default conf file under the source code file to the etc directory under the installation directory

/usr/local/samba-4.1.14$ cp /home/anonymalias/Downloads/samba-4.1.14/examples/smb.conf.default  etc/smb.conf

  • Modify configurations in smb. conf

Add the following fields to the global section:

[global]   ...   netbios name = ubuntu

Use the default configuration for shared resource fields

[homes]   comment = Home Directories   browseable = no   writable = yes# NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer[printers]   comment = All Printers   path = /usr/spool/samba   browseable = no# Set public = yes to allow user 'guest account' to print   guest ok = no   writable = no   printable = yes

  • Add an account whose username is ubuntu,

/usr/local/samba-4.1.14$ sudo bin/smbpasswd -a ubuntuNew SMB password:Retype new SMB password:

Users of the samba server depend on linux. They can only add existing users in linux. Otherwise, the following error occurs:

/usr/local/samba-4.1.14$ sudo bin/smbpasswd -a user1New SMB password:Retype new SMB password:Failed to add entry for user user1.

  • Start the samba Service

/usr/local/samba-4.1.14$ sudo sbin/nmbd/usr/local/samba-4.1.14$ sudo sbin/smbd

In the windwos File Manager or directly win + R, enter the server ip address and you can see the following interface:


2. smb. conf configuration parameters

The following describes the meanings of important parameters in conf. Smb. conf configuration includes two parts: global configuration and shared resource configuration. Global configuration includes the Working Group, NetBIOS Name of the host, display of character encoding, logon file setting, password usage, and password verification mechanism. The shared resource configuration mainly limits the permissions of each shared resource.

Special characters that can be used in parameter configuration

% M: indicates the NetBIOS host name of the Client !, That is, the host name of Windows

% M: indicates the Internet host name of the Client! It is the HOSTNAME.

% L: indicates the NetBIOS Host Name of the SAMBA host.

% H: The Home Directory of the user.

% U: name of the user currently logged on

% G: The group name of the login user.

% H: represents the current HOSTNAME of this SAMBA host! Note that hostname is not NetBIOS name!

% I: the IP address of the Client.

% T: indicates the current date and time

 

#====================================== Global Settings ==================== ======================================

[Global]

// The working group to which the samba server is to join

Workgroup = mygroup

// Samba server description

Server string = Samba Server

// Netbios host name. For windows, the hostname cannot be the same.

Netbios name = ubuntu

// The server can act as the master domain controller, independent Domain Server, and Domain Member Server.

Server role = standalone server/member server


// All users that cannot be correctly identified by samba system hosts are mapped to guest users.

Map to guest = bad user


// Use different configuration files for each login user to overwrite the default configuration files. If the file does not exist, this option is invalid. This parameter is useful and makes samba configuration more flexible. A samba server can simulate multiple servers with different configurations.

Config file =/usr/local/samba/etc/smb. conf. % m

// Log File Path

Log file =/usr/local/samba/var/log. % m

Interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24

Note: set which NICs the Samba Server listens to. You can write the NIC name or the IP address of the NIC.

 

Hosts allow = 127. 192.168.1. 192.168.10.1

Description: allows you to connect to the Samba Server Client. Multiple parameters are separated by spaces. It can be expressed by an IP address or a CIDR block. Hosts deny is the opposite of hosts allow.

# Password database format. The user information of the samba server was previously stored as data files. to speed up, the password file has been converted to the database!

# The default database format is tdbsam, which is stored in private/passwd. tdb. In the early days, the smbpasswd command was used to manage user passwords,

# Use the TDB database later. Therefore, we recommend that you use the new pdbedit command to manage user data. smbpasswd can still be used.

Passdb backend = tdbsam

# Use the configuration file named after the Client's NetBIOS host name,

; Include =/usr/local/samba/lib/smb. conf. % m

#================= Share Definitions ==================================== ==========

The configuration of shared resources is as follows:

[Name of the shared resource]

Parameter = content

The most common parameters include:

// Directory description, which only serves as a comment

Comment = any string


// Path of the shared directory

Path = linux path


// Whether to allow this directory to be viewed by everyone. The default value is yes.

Browseable = yes/no


// Whether data can be written

Writable = yes/no

 

// Read-only. If the value is set to yes at the same time as writable, The overwrite principle is followed.

Read only = yes/no

 

/// Users that allow/prohibit logon. Users are separated by commas (,). Add @ before the group name @

Valid users = user1, user2, @ group1

Invalid users = user1, user2, @ group1

// Users allowed to write data to the shared object

Write list = user1, user2, @ group1

 

// Whether guest access is allowed,The public, guest OK, and valid users parameters are mutually exclusive. valid users can overwrite the yes option of public and guest OK.

Public = yes/no

Guest OK = yes/no

 

The following are examples provided in the default smb. conf file:

 

# This is a special shared directory configuration. In the latest samba, the configuration of this shared directory indicates that every user will log on to his/her home directory without configuring valid users = % S.

[Homes]

Comment = Home Directories

Browseable = no

Writable = yes

# Directory used for all users to share resources

[Tmp]

Comment = Temporary file space

Path =/tmp

Read only = no

Public = yes

# This is a directory for users to share resources with other users. Only users in staff can modify this directory.

[Public]

Comment = Public Stuff

Path =/home/samba

Public = yes

Writable = no

Printable = no

Write list = @ staff

# Fred's private user

[Fredsdir]

Comment = Fred's Service

Path =/usr/somewhere/private

Valid users = fred

Public = no

Writable = yes

Printable = no

 

After configuring the parameters, you can use testparm in the bin directory to test the configuration of smb. conf,Testparm-v allows you to view the default values of parameters not configured in the global domain.:

ubuntu@VM-178-53-ubuntu:/usr/local/samba-4.1.14$ bin/testparm -vLoad smb config files from /usr/local/samba-4.1.14/etc/smb.confrlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)Processing section "[public]"Loaded services file OK.Server role: ROLE_STANDALONEPress enter to see a dump of your service definitions[global]        dos charset = CP850        unix charset = UTF-8        workgroup = MYGROUP        realm =         netbios name = UBUNTU        netbios aliases =         netbios scope =         server string = Samba Server        interfaces =         bind interfaces only = No        server role = standalone server        security = USER        auth methods =         encrypt passwords = Yes        client schannel = Auto        server schannel = Auto        allow trusted domains = Yes        map to guest = Bad User        null passwords = No        obey pam restrictions = No        password server = *        smb passwd file = /usr/local/samba-4.1.14/private/smbpasswd        ...

The global domain has a very powerful parameter. Map to guest = bad user, This configuration means All users that cannot be correctly identified by samba system hosts are mapped to guest users.In this way, you do not need to enter the user name and password to log on to the samba server from other hosts. All the shared resource directories with browseable = yes are displayed. The configuration is as follows:

[global]...map to guest = bad user...[tmp]   comment = Temporary file space   path = /tmp   read only = no   public = yes[public]   comment = Public Stuff   path = /home/samba   valid users = ubuntu   public = yes   writable = no   printable = no
Through the above configuration, restart the smbd process. For example, if you do not need to enter a password, you can view the tmp and public resources you can browse. If you need to view public resources, you will be prompted to enter the password:


3. Other samba servers
The SAMBA service is mainly managed through two daemon services:
Nmbd: used to manage resolutions of working groups, NetBIOS names, and so on. It mainly uses UDP to enable port 137,138 for name resolution tasks;
Smbd: used to manage directories, files, and printers shared by SAMBA hosts. It mainly uses reliable TCP protocol for data transmission. The open ports are 139 and 445 (not necessarily exist)


References:

  • Http://www.howtoforge.com/samba-server-ubuntu-14.04-lts
  • Http://www.linuxfromscratch.org/blfs/view/svn/basicnet/samba.html


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.