Installation and configuration of the "Linux" Samba server

1. Install Samba (RPM package installation)

First, check to see if there are any RPM packages in the system that have Samba installed. rpm -qa|grep sambathe input is not displayed, which means that Samba is not installed.
Enter yum install samba-3.5.10-125.el6.i686.rpm Install Samba

Samba Installation Complete!

2.samba Related configuration files

(This part of the content is from the bird's private cuisine)
The configuration files associated with the Samba server are:

1. /etc/samba/smb.conf
   This is the main configuration file for Samba, basically only this file, and the description of the configuration file itself is very detailed. The main settings include server global settings, such as workgroup, NetBIOS name and password level, and related settings for shared directories, such as the actual directory, shared resource names, and permissions.
2. /etc/samba/lmhosts
   The earlier NetBIOS name is required for additional settings, so the IP file corresponding to the NetBIOS name of this LMHOSTS is required. In fact it's kind of like a/etc/hosts function! Just the hostname of this LMHOSTS is NetBIOS name Oh! Don't get confused with/etc/hosts! Currently Samba presets will use your native name (hostname) as your NetBIOS name, so it doesn't matter if the file is not set.
3. /etc/sysconfig/samba
   Provide the relevant service parameters that you want to join when starting SMBD, NMBD.
4. /etc/samba/smbusers
   Because Windows and Linux do not match the Administrator and Guest account name, for example: Administrator (Windows) and root (Linux), in order to correspond to the account relationship between the two, you can use this file to set
5. /VAR/LIB/SAMBA/PRIVATE/{PASSDB.TDB,SECRETS.TDB}
   The database files that will be used when managing Samba user account/password;
6. /usr/share/doc/samba-< version >
   This catalogue contains all the relevant technical manuals for SAMBA! That is, when you install Samba, your system already contains a fairly rich and complete samba user manual! It's worth the pleasure! ^_^, so hurry up and see for yourself!

As for the common script file case, if divided into server and client functions, there are mainly the following data:

• /USR/SBIN/{SMBD,NMBD}: Server function, is the most important rights management (SMBD) and NetBIOS name Query (NMBD) two important service programs;

• /usr/bin/{tdbdump,tdbtool}: Server function, in Samba 3.0
  In the future version, the user's account and password parameters have been converted to use the database! Samba uses the name TDB (Trivial database).
  Since the database is used, of course, the database control instructions are used to handle it. Tdbdump can view the contents of the database, Tdbtool can enter the database operation interface to manually modify the account parameters. However, you will have to install tdb-tools this software only line;

• /usr/bin/smbstatus: Server function, can list the current Samba online status, including each samba online PID, shared resources, the use of user sources and so on, so that you easily manage samba;

• /usr/bin/{smbpasswd,pdbedit}: Server function, when managing a Samba user account password, the early use of the SMBPASSWD directive, but because of the subsequent use of the TDB database, it is recommended to use the new Pdbedit Instructions to manage user data;

• /usr/bin/testparm: Server function, this instruction is mainly in verifying the configuration file smb.conf syntax correct or not, when you have edited smb.conf
  , be sure to use this command to check once, to avoid the trouble caused by typing errors Ah!

• /sbin/mount.cifs: Client function, on Windows we can set "network Drive" to connect to their own host. On Linux, we are using mount (mount.cifs) to attach files and directories shared by remote hosts to their Linux hosts!

• /usr/bin/smbclient: Client function, when your Linux host wants to use the "Followmission on the network" function to view the directory and device shared by other computers, it can be viewed with smbclient! This command can also be used on your own SAMBA host to see if the setting is successful!

• /usr/bin/nmblookup: Client function, a bit like nslookup! The focus is on identifying NetBIOS name.

• /usr/bin/smbtree: Client function, this thing is a bit like Windows
  The results of the followmission display on the network of the system can display data like "near My Computer" and can find a tree-like map of workgroup and computer names!

3. Start the Samba server

Samba has two main processes SMBD and NMBD. The SMBD process provides file and print services, while NMBD provides NetBIOS name service and browse support to help SMB clients locate servers and handle all UDP-based protocols.
Samba's two services SMBD and NMBD are stand alone services, directly input
service smb start
service nmb start
Can start the service, set boot boot is also very simple, enter
chkconfig smb on
chkconfig nmb on
You can set the boot up.
Let's check to see if the boot and boot boot is set successfully.
Input chkconfig --list |grep mb

Visible turn on auto-start has been set successfully.
Input service nmb status; service smb status

The visible service is already started.

4. Example 1: a share that does not require a password 1. Configuring the smb.conf file

As mentioned earlier, the most important configuration file of Samba server is actually only one, is /etc/samba/samba.conf, this configuration file can be divided into two parts, one part is the global parameter, part is the shared resource related parameter.

#1. Global partial parameter settings:[Global]#与主机名相关的设置Workgroup = zkhouse <== workgroup name NetBIOSname= Zkserver <== host name, with hostname not a concept, in the same group, NetBIOSnameMust be unique serverstring = this isA test Samba server <== descriptive text, content does not matter#与登录文件有关的设置        Log file=/var/Log/samba/LogThe file name of the.%m <== log file,%m represents the client-side Internet host name, which is hostname maxLogSize = -The maximum size of the <== log file is -Kb#与密码相关的设置Security = Share <== indicates that no password is required and can be set to share, user, and server passdb backend = Tdbsam#打印机加载方式Load printer = No <== does not load printer-----------------------------------------------------------#2. Shared resource settings: Remove the old comment and add the new#先取消 [Homes], [printers] items, add the [temp] project as follows[Temp] <== shared resource Name comment = Temporaryfile Space<== simple explanation, the content does not matter path =/tmp <== The actual shared directory writable = yes <== set to writable browseable = yes &L t;== can be browsed by all users to the resource name, guest OK = yes <== can let the user log on freely

This file has some default values and does not need to be modified.

2. Check the correctness of the smb.conf configuration file syntax settings with Testparm

Enter testparm check smb.conf for errors

Row five shows that the loaded service file OK. There is no problem with the configuration file.
After the check is complete, enter and restart the service smb restart service nmb restart Samba service.

3. Native Test

Let's say we use this machine as a client to test, we can work on this machine through smbclient, first we enter at the command line:
smbclient
If the system installs the Smbclient package, then the use of the Smbclient command is listed, if it is not installed, it will be an error, unable to find the command, then you need to install the Smbclient software package, and then try again.
Build a local Yum source and enter the yum install samba-client-3.5.10-125.el6.i686.rpm install Smbclient package.
　　
Once the installation is complete, enter the smbclient test again
　

[[email protected] ~]# smbclient -L [//主机或IP] [-U 使用者账号]选项与参数：-L ：仅查阅后面接的主机所提供分享的目录资源；-U ：以后面接的这个账号来尝试取得该主机的可使用资源

Input smbclient -L //127.0.0.1

Then, we attach the shared directory to a directory, enter it mount -t cifs //127.0.0.1 /home/test , and then jump to this directory to view the file.

Note : We enter test, the identity will be compressed into nobody, but not the root user.
I can also create a file at this mount point

Skip to our shared directory to see if the created file exists
cd /tmp;ls

This file does exist, and anyone can read and write to this shared directory.
Finally, we unload the ' umount/home/test ' on this mount.

testing under Windows

Testing under Windows is very simple, open the Explorer, and in the Address bar enter \192.168.191.3 (that is, the server IP address), you can see the shared directory.

Open the directory, you can read and write the content inside

4. Example 2: a share that requires a password to log in

Suppose there are 3 students who need to share a homework directory, and we can do that.
1. First establish 3 student user Stu1,stu2,stu3, belong to Stu user Group, set user password.


2. Create the homework directory under the root directory
　

3. Add the three users you just created to a Samba user (smbpasswd-a user name)

4. Review the existing Samba users (PDBEDIT-L)

As you can see, there are now 3 samba accounts.
5. Modify the Samba configuration file (vim/etc/samba/smb.conf)

#1. Global partial parameter settings:[Global]#与主机名相关的设置Workgroup = Zkhouse NetBIOSname= Zkserver Serverstring = this isA Test Samba server#与登录文件有关的设置        Log file=/var/Log/samba/Log.%m MaxLogSize = -             #与密码相关的设置Security = User <== indicates a password is required and can be set to share, user, and server passdb backend = Tdbsam#打印机加载方式Load printer = No <== does not load printer-----------------------------------------------------------#2. Shared resource settings: Remove the old comment and add the new#先取消 [Homes], [printers] and other items, add the [homework] project as follows[Homework] Comment = Students ' homework Path =/homework Browseable = yes writable = yesWrite List= @stu

6. Restart Samba Services
service smb restart;service nmb restart

7.windows Client Testing
Press Win+r, enter \192.168.191.3 (server IP address)

Pop-up login screen, enter user and password, we log in as STU1.

You can see the shared folder

At this time, I can browse, open the folder inside the file, you can also copy the file, but can not modify the file, can not add files.

This is a hint that pops up when you create a new file.
The reason is simply that the permissions are not sufficient because we are using the root user when creating the homework directory, so the owner of the homework directory and all the groups that are ROOT,STU user groups do not have write permissions and therefore cannot be modified, Create a new file inside the homework.

We will change homework all groups to Stu and give write permission.

Now the shared directory should be able to modify and create new files.

9. Let's add a different user's home directory
Modify the configuration file smb.conf, remove the comments from the [home] Project

[homes]        comment = Home Directories        no        writable = yes;       %S;       valid users = MYDOMAIN\%S;       0664;       0775

Restart the Samba service, then press WIN+R, enter \192.168.191.3, and you will see a stu1 for the shared folder. In this folder you can modify and create new files.

5. Turn off SELinux (important)

By default, SELinux is turned on, and we can view the status of SELinux through Getenforce.

SELINUX几种状态表示：enforcing：强制模式，代表 SELinux 运行中，且已经正确的开始限制 domain/type 了；permissive：宽容模式：代表 SELinux 运行中，不过仅会有警告信息并不会实际限制 domain/type 的存取。这种模式可以运来作为 SELinux 的 debug 之用；disabled：关闭，SELinux 并没有实际运行。

At this point, you can see the shared folder on the Samba server, but the folder is inaccessible, such as

You can use the Setenforce directive to change SELinux to tolerant mode

Restart the Samba service and the shared directory will be available for normal access.

Installation and configuration of the "Linux" Samba server