Initial installation and configuration of Samba Server

Initial installation and configuration of Samba Server

1. Install the Samba server (using yum)

After the failure to install Samba in the source code failed, I decided to give up, so I thought about using yum for installation, and I simply went through the difficult process and did not make any more statements.

A detailed explanation of the yum commands will be recorded in subsequent Linux studies. Here we simply use yum to install Samba.

1. Use yum for Samba server. Note that if you use yum to download software, the format is in rpm format (detailed instructions on rpm commands will also be recorded in subsequent Linux studies)

[root@localhost ~]# yum install samba samba-client samba-swat

After waiting for some time, we can see the following interface (when installing via yum, the dependent packages samba-common, samba-winbind-clients, and libsmbclient will be automatically installed .) :

Installation Package Description:

Samba-common-3.6.9-151.el6.x86_64 // mainly provides samba server setting file and setting File Syntax Inspection Program testparmsamba-client-3.6.9-151.el6.x86_64 // client software, mainly provides linux host as the client, the required tool instruction set samba-swat-3.6.9-151.el6.x86_64 // samba Server web configuration interface based on https samba-3.6.9-151.el6.x86_64 // server side software, mainly provides the samba server daemon, sharing documents, log rotation, default options

After some download and installation wait, if the following interface appears, it indicates that Samba, Samba-related packages, and Samba-related packages have been successfully installed.

2. view the installation result

You can run the following command to view the installation result of Samba:

[root@localhost ~]# rpm -qa | grep samba

The result is as follows:

3. Start the Samba server

Start the Samba server by starting/etc/init. d/smb start/stop/restart to start, shut down, and restart the Samba service. The following figure shows how to start the SMB service:

For example:

[Root @ localhost ~] #/Etc/init. d/smb start // start the smb service

[Root @ localhost ~] #/Etc/init. d/nmb start // start nmb Service

4. view the startup status of the Samba Service

We can use the service smb status Command to view the service startup status, for example:

5. Set smb and nmb service to start automatically

Through the chkconfig -- list | grep smb command, we can view the startup status of the smb service at various startup levels, the chkconfig -- level 35 smb on command can enable the smb service to automatically start at the startup level 3 and 5 as the system starts. For example:

6. Disable the Firewall

If the firewall is not disabled, the Samba server may be inaccessible.

------------------------------------ Split line ------------------------------------

How to share files with Samba in Ubuntu 14.04

The speed of accessing samba from Ubuntu dual Nic of VMWare Virtual Machine doubles

Add the Samba File Sharing Server to the Windows Server 2003 Domain

Samba installation Configuration

Samba service configuration in CentOS 6.2

Samba Server installation and configuration

How to Build the Win7 + VMware + Fedora18 Samba Server

------------------------------------ Split line ------------------------------------

2. Configure the Samba server

The main configuration file of Samba is/etc/samba/smb. conf.

The master configuration file consists of two parts:

Global Settings (55-245 rows)

This setting is related to the overall running environment of the Samba service. Its setting items are for all shared resources.

Share Definitions (246-tail row)

This setting is specific to the shared directory and only applies to the current shared resources.

Global parameters:

#========================== Global Settings ==============================
[Global]

Config file =/usr/local/samba/lib/smb. conf. % m
Note: config file allows you to use another configuration file to overwrite the default configuration file. If the file does not exist, this option is invalid. This parameter is useful and makes samba configuration more flexible. A samba server can simulate multiple servers with different configurations. For example, if you want PC1 (host name) to use its own configuration file when accessing the Samba Server, configure an smb name for PC1 under/etc/samba/host. conf. pc1 file, and then in smb. add: config file =/etc/samba/host/smb to conf. conf. % m. In this way, when PC1 requests to connect to the Samba Server, smb. conf. % m is replaced with smb. conf. pc1. In this way, for PC1, The Samba service it uses is defined by smb. conf. pc1, while other machines still use smb. conf to access the Samba Server.

Workgroup = WORKGROUP
Note: Set the workgroup or domain to which the Samba Server is to join.

Server string = Samba Server Version % v
Note: Set the Samba Server comment, which can be any string or not. Macro % v indicates that the Samba version is displayed.

Netbios name = smbserver
Note: Set the NetBIOS Name of the Samba Server. If this parameter is not specified, the first part of the DNS name of the server is used by default. Do not set netbios name and workgroup name to the same.

Interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
Note: set which NICs the Samba Server listens to. You can write the NIC name or the IP address of the NIC.

Hosts allow = 127. 192.168.1. 192.168.10.1
Description: allows you to connect to the Samba Server Client. Multiple parameters are separated by spaces. It can be expressed by an IP address or a CIDR block. Hosts deny is the opposite of hosts allow.
Example: hosts allow = 172.17.2.20.t172.17.2.50
Allow host connection from 172.17.2. *, but exclude 172.17.2.50
Hosts allow = 172.17.2.0/255.255.255.0.0
Allow all host connections from the 172.17.2.0/255.255.0.0 Subnet
Hosts allow = M1, M2
Allow connections from M1 and M2 computers
Hosts allow = @ pega
Allow all computer connections from the pega domain

Max connections = 0
Note: max connections is used to specify the maximum number of connections to the Samba Server. If the number of connections is exceeded, new connection requests are rejected. 0 indicates no restriction.

Deadtime = 0
Note: deadtime is used to set the time for disconnecting a connection that does not open any file. The Unit is minutes. 0 indicates that the Samba Server does not automatically disconnect any connection.

Time server = yes/no
Note: time server is used to set the time server for making nmdb a windows client.

Log file =/var/log/samba/log. % m
Note: Set the storage location and name of the Samba Server log file. Add a macro % m (host name) after the file name to record a log file for each machine accessing the Samba Server. If pc1 and pc2 have accessed the Samba Server, log. pc1 and log. pc2 are left in the/var/log/samba directory.

Max log size = 50
Note: set the maximum size of Samba Server log files, in kB. 0 indicates no limit.

Security = user
Description: sets the authentication method for users to access the Samba Server. There are four authentication methods.
1. share: users do not need to provide user names and passwords to access the Samba Server, and their security performance is low.
2. user: the Samba Server shared directory can only be accessed by authorized users. The Samba Server is responsible for checking the correctness of accounts and passwords. The account and password must be created in this Samba Server.
3. server: relies on other Windows NT/2000 or Samba Server to verify the user's account and password. It is a proxy authentication. In this mode, the system administrator can centralize all Windows users and passwords on an NT System and use Windows NT for Samba authentication. The remote server can automatically authenticate all users and passwords, if authentication fails, Samba uses the user-level security mode as an alternative.
4. domain: domain security level. The primary domain controller (PDC) is used for authentication.

Passdb backend = tdbsam
Note: passdb backend indicates the user's background. There are currently three backend types: smbpasswd, tdbsam, and ldapsam. Sam should be short for security account manager.
1. smbpasswd: This method uses the smb tool smbpasswd to set a Samba password for system users (real users or virtual users). The client uses this password to access Samba resources. The smbpasswd file is in the/etc/samba directory by default, but you sometimes need to create this file manually.
2. tdbsam: This method uses a database file to create a user database. The database file is called passdb. tdb, which is in the/etc/samba directory by default. Passdb. tdb user databases can use smbpasswd-a to create Samba users, but the Samba users to be created must first be system users. We can also use the pdbedit command to create a Samba account. The pdbedit command has many parameters. We will list several main parameters.

Pdbedit-a username: Create a Samba account.
Pdbedit-x username: Delete the Samba account.
Pdbedit-L: List Samba users and read the passdb. tdb database files.
Pdbedit-Lv: list detailed information about the Samba user list.
Pdbedit-c "[D]"-u username: suspend the account of this Samba user.
Pdbedit-c "[]"-u username: Restore the Samba user's account.

3. ldapsam: the LDAP-based account management method is used to authenticate users. First, create the LDAP service, and then set "passdb backend = ldapsam: ldap: // LDAP Server"

Encrypt passwords = yes/no
Indicates whether to encrypt the authentication password. This option is usually enabled because encrypted passwords are used in windows. However, the configuration file is enabled by default.

Smb passwd file =/etc/samba/smbpasswd
Description: defines the password file of samba users. If the smbpasswd file does not exist, you need to create it manually.

Username map =/etc/samba/smbusers
Description: used to define user name ing. For example, you can replace root with administrator and admin. However, it must be defined in the smbusers file in advance. For example, root = administrator admin. In this way, you can use administrator or admin to log on to Samba Server on behalf of root, which is closer to windows users.

Guest account = nobody
Description: used to set the guest user name.

Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192
Note: It is used to set the Socket option for the session between the server and the client to optimize the transmission speed.

Domain master = yes/no
Note: Set whether the Samba server is used as the main domain browser. The main domain browser can manage cross-subdomain browsing services.

Local master = yes/no
Note: The local master is used to specify whether the Samba Server attempts to become the main browser of the local domain. If it is set to no, it will never become the main browser of the local domain. However, even if it is set to yes, it does not mean that the Samba Server can become the main browser, but also needs to participate in the election.

Preferred master = yes/no
Note: Setting the Samba Server to force the election of the primary browser when it is started can improve the chance that the Samba Server will become the primary browser of the local domain. If this parameter is set to yes, it is best to set domain master to yes. When using this parameter, note that if the Samba Server's subnet contains other machines (whether windows NT or other Samba servers, these machines will broadcast on the network for the master browser, affecting network performance.
If multiple Samba servers exist in the same region, set the preceding three parameters to one.

OS level = 200
Note: Set the OS level of the samba server. This parameter determines whether the Samba Server has the opportunity to become the main browser of the local domain. The OS level ranges from 0 to 255. The OS level of winNT is 32, and the OS level of win95/98 is 1. The OS level of Windows 2000 is 64. If it is set to 0, the Samba Server will lose the browser selection. If you want to make the Samba Server a PDC, set its OS level value to a greater value.

Domain logons = yes/no
Note: Set whether the Samba Server is to be a local controller. This option must be enabled for both the master Domain Controller and backup domain controller.

Logon script = % u. bat
Note: When a user logs on to a windows client, Samba provides a logon file. If it is set to % u. bat, a login file is provided for each user. If there are many people, it is more troublesome. You can set a specific file name, such as start. bat. After logging on, the user will execute start. bat, instead of setting a login file for each user. This file should be placed in the directory path set in the path of [netlogon.

Wins support = yes/no
Note: Set whether the samba server provides the wins service.

Wins server = wins server IP Address
Note: Set whether the Samba Server uses another wins Server to provide the wins service.

Wins proxy = yes/no
Note: Set whether the wins proxy service is enabled for the Samba Server.

Dns proxy = yes/no
Note: Set whether the dns proxy service is enabled for the Samba Server.

Load printers = yes/no
Note: Set whether to share the printer when Samba is started.

Printcap name = cups
Description: sets the configuration file for the shared printer.

Printing = cups
Description: sets the Samba shared printer type. The supported printing systems include bsd, sysv, plp, lprng, aix, hpux, and qnx.

Sharing parameters:
#========================== Share Definitions ===============================
[Share Name]

Comment = any string
Note: comment is a description of the sharing, which can be any string.

Path = shared directory path
Description: path is used to specify the path of the shared directory. You can use macros such as % u and % m to replace the Netbios names of unix users and clients in the path. They are mainly used for [homes] shared domains. For example, if we do not want to use the home segment as the customer's share, but create a directory for each Linux User under/home/share, as his shared object, the path can be written as: path =/home/share/% u ;. When a user connects to the shared object, the specific path will be replaced by the user name. Note that the path of the user name must exist. Otherwise, the client cannot find the network path during access. Similarly, if we do not divide directories by users, but by clients, create a path for each machine on the network that can access samba with its netbios name as the shared resources of different machines. You can write it as follows: path =/home/share/% m.

Browseable = yes/no
Description: browseable is used to specify whether the share can be viewed.

Writable = yes/no
Description: writable is used to specify whether the shared path is writable.

Available = yes/no
Description: available is used to specify whether the shared resource is available.

Admin users = manager of the shared account
Note: admin users is used to specify the share Administrator (with full control permissions on the share ). In samba 3.0, this item is invalid if the user authentication method is set to "security = share.
For example, admin users = david and sandy (multiple users are separated by commas ).

Valid users = users Allowed To access the share
Description: valid users is used to specify the users Allowed To access the shared resource.
For example, valid users = david, @ dave, @ tech (multiple users or groups are separated by commas (,). If you want to join a group, use "@ group name .)

Invalid users = forbidden to access the shared user
Description: invalid users is used to specify users that are not allowed to access the shared resource.
For example, invalid users = root, @ bob (multiple users or groups are separated by commas .)

Write list = users allowed to write data to this share
Note: The write list is used to specify the users who can write files under the share.
Example: write list = david, @ dave

Public = yes/no
Description: public is used to specify whether the shared object can be accessed by a guest account.

Guest OK = yes/no
Meaning: it is the same as "public ".

Several special shares:
[Homes]
Comment = Home Directories
Browseable = no
Writable = yes
Valid users = % S
; Valid users = MYDOMAIN \ % S

[Printers]
Comment = All Printers
Path =/var/spool/samba
Browseable = no
Guest OK = no
Writable = no
Printable = yes

[Netlogon]
Comment = Network Logon Service
Path =/var/lib/samba/netlogon
Guest OK = yes
Writable = no
Share modes = no

[Profiles]
Path =/var/lib/samba/profiles
Browseable = no
Guest OK = yes

After Samba is installed, run the testparm command to test whether the smb. conf configuration is correct. Use the testparm-v command to list the configuration parameters supported by smb. conf.

For more details, please continue to read the highlights on the next page:

1 2 Next Page