Parsing the configuration file of Linux Samba Server

Samba uses/etc/samba/smb. conf as its main configuration file. Direct modification does not take effect until you are using

# Service sma restart

Command to restart the Samba service. Below are several useful parameters for the smb. conf file:

Workgroup = WORKGROUP-NAME ############## set the name to join a workgroup

Server string = brief comment about server ############# this option is optional and is mainly used to COMMENT on the Samba Service Windows system.

Host allow = 192.168.1. 192.168.2. 127. ############# this item is important to security. it strictly limits the Samba accessible range. by default, access from all IP addresses is allowed ..

Printcap name =/etc/printcap ############ set the printer configuration file path

Load printers = yes ######## whether to share the printer

Printing = cups ################ printer type. If the printer type is linux Standard, do not change it.

Guest account = pcguest ################# if you want the user 'pcguest 'to log on as an anonymous user ..; remove the preceding comments. Make sure the user is in/etc/passwd. The pcguest can be changed to a local user set by the user as needed.

Loginfile =/var/log/samba/% m. log ################### log creates different log files for each logged-in user Samba user in this directory.

Passwd Server ################### password verification Server. When you use linux Through Samba in Windows. Automatically transmits the username and password used to log on to windows to Samba. Samba then verifies the two information items with windows server. If it is incorrect, a dialog box is displayed, asking the user to re-enter the user name and password. The password SERVER can be an NT Server, usually the primary domain controller) or another Samba SERVER. Therefore, if Security = share, delete the line about the password server.

Password Level-= 8 ######################### Password Level settings

Encrypt password = yes ############## the user password must be encrypted. Because 98/NT currently uses an encrypted password. Therefore, you must use an unencrypted password.

Smb Passwd file =/etc/samba/smbpasswd ############ when you set the password verification server to a Samba server, you need to use this line to specify the password file to be verified. The most important thing is the path set in the password file.

Uin passwd sync = yes

Passwd program =/usr/bin/passwd % u ############## the next two lines are used to update the linux system after the Windows Password is changed. password, make sure that the 'encrypt password' and 'smb passwd file' items are enabled.

Pam password change = yes ############# use PAM when the user requests to change the password. No local password Program/user/bin/passwd required

Username map =/etc/samba/smbusers ############## set the corresponding user name in this file, for example, root = administrator admin, if every windows user has an account on the samba server, you can leave it unspecified,

Include =/etc/samba/smb. conf % m ############## this line allows you to customize the basic configuration file for each computer, % M indicates the name of the computer NETBIOS is connected.

Obey pam restrictions = yew ############# when a user authenticates, the user must comply with PAM's management restrictions.

Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192 ############# set the Socket options for sessions between servers and customers, this setting will optimize the transmission speed.

Interfaces = 192.168.12.2/24 192.168.13.2/24 ############## the multi-network interface must be listed here.

Remote browse sync = 192.168.3.25 192.168.2.255 ############## set Remote Browsing for both the current row and the next row

Remote announce = 192.168.1.255 192.168.2.44

# Browser Control Options

Local master = no

Oslevel = 33

Domain master = yes

Preferred master = yes

Domain logons = yes

Logon script = % M. bat ############# set the logon script for the current row and next row

Logon script = % U. bat

Wins support = yes ############## wins server support

Wins server = w. x. y. z ############## wins client settings

Wins proxy = yes ############## set wins proxy

Dns proxy = no ############# dns proxy settings, which do not perform DNS queries on the client by default

[Homes] ############# settings for users to access their own directories

Browseable = no ############# user's private Directory, which does not need to be browsed by others

Writeable = yes ############# permission for users to write data to their own directories

[Netlogon]

Guest OK = yes

Share modes = no

[Profiles] ############## default profiles settings

[Printer] ############## printer settings

Path =/var/spool/samba ############## a printer pool (spool) user must create a directory

Browseable = no ############# this row stores temporary printer files.

Set public = yes to allow user 'guest prinr ############## if this parameter is set, the guest user can use the printer.

Printable = yes ############## whether the user can print

[Temp]

Read only = no ############## read-only or writable

Public = yes ############## share or not

Configure a share-level server

Workgroup = linux

Hosts allow = 192.168.1. ############## comment out if you do not want to restrict it

Printcap =/etc/printcap

Load printers = yes

Printers = lprng

Guest account = abc ############# specify a user account abc as an existing user account in samba.

Logfiles =/var/log/samba/% m. log

Maxlog size = 50

Security = share

Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192

# Note: Other settings may be set by smb. conf by default.

# Restart the service

Test samba command testparm

========================================================== ====================================

Configure a USER-level server

Modify the basic configuration at the share Level:

Security = user

Add:

Guest account = zjz

Encrypt passwords = yes

Smb passwd file =/etc/samba/smbpasswd ############# when the configuration file/etc/smb. the samba password file needs to be set after the user-level setting in conf. create an smbpasswd account and password. Make it the same as the/etc/passwd account and password.

The method is as follows:

1: create a local account, generate the password Folder/etc/passwd, and add all users in/etc/samba/smppassword to the/etc/smppassword file.

Note: In this process, first create an account and password locally, and then pass the password file to/etc/samba/smbpasswd. The sequence cannot be the opposite. Because the password of the local account is different from that of the account on the samba server.

# Adduser zjz

# Passwd zjz

# Cat/etc/passwd | mksmbpasswd. sh>/etc/samba/smbpasswd

Here the '/etc/samba/smbpasswd and smbpassspwd and smbpasswd file =/etc/samba/smbpasswd' r paths must be the same.

2: Use the smbpasswd command to set up the samba server password for the account you just created.

Note: When you use the smbpasswd command to modify the user password. The local system user account of the modified samba account must already exist.

# Smbpasswd zjz

Restart the samba service. USER-level server configuration is complete.

Note: if you cannot access windows and Samba resources. You can add the Host Name and IP address of the other party to the host, and then test the method as follows:

In linux, add win-IP Win hostname (192.168.0.11 mywinpc) to/etc/hosts)

Add: win-IP Win-hostname to windows c: \ windows \ hosts

Configure Server-level servers

Server-Level Security is higher than USER-level. Modify the configuration at the suer level:

Security = server

Add:

Password server = libtserver ############# password server. Here we use the win2k main domain controller libserver as the password server. Of course, you can also use another samba server as the password server.

Comment out smbpasswd file =/etc/samba/smbpasswd

After setting, use the testparm and smbclient commands for debugging. In this way, when a Windows NT/98 computer logs on to the libserver Domain Server, it also logs on to the Samba Server. However, the user account and password should be the same on libserver and Samba server. If it is a computer that has already joined the libserver primary domain controller, you can enter the user account and password to open the shared file of the Samba Server. Although other computers and samba server are in the same network segment, if they do not use the user accounts and passwords shared by libtserver and samba server, log on to the server. Samba cannot be accessed.

Related Articles]

• Set up Samba servers in Linux to achieve mutual network access

• SAMBA implements file sharing between Solaris and Windows

• Configure Samba-global settings