Article Title: Practical Tips: How to Use Samba for PDC configuration in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
1. Create related directories:
Mkdir/home/samba
Mkdir/home/samba/public
Mkdir/home/samba/exchange
Mkdir/home/samba/profiles
Mkdir/home/samba/netlogon
Mkdir/home/samba/computer
2. Run the chmod command to modify the permissions of these directories:
Chmod 777/home/samba/public
Chmod 1777/home/samba/exchange
Chmod 1777/home/samba/profiles
Chmod 700/home/samba/netlogon
Chmod 777/home/samba/computer
3. Create some users and groups:
Groupadd computer
Groupadd machines
Useradd? G computer jxgzoyke
Passwd jxgzoyke
....
...
4. Next, let's take a look at the configuration file settings.
[Global]
Workgroup = WORKGROUP // set a Working Group
Server string = Samba Server % v // Samba server description
Netbios name = SMBServer // name displayed by the Samba server in Windows
Hosts allow = 192.168.1. 192.168.2. 127. // The host that allows access to the Samba server. you can comment out the host.
Log file =/var/log/samba/% m. log // The location "% m" of the log file represents the NetBIOS name of the client.
Max log size = 0 // log File size
Security = user // Share Level
Encrypt passwords = yes // whether to encrypt
Smb passwd file =/etc/samba/smbpasswd // Password file Location
Socket options = TCP_NODELAY SO_RCVBUF = 8192 SO_SNDBUF = 8192 // This can improve the server performance. I do not know why, ^ o ^
Local master = Yes // whether Samba is allowed to participate in the election of the local host browser on the subnet
OS level = 33
Domain master = yes // whether to allow Samba to become the main browser of the domain
Preferred master = yes // you can specify Samba as the preferred browser.
Domain logons = yes // whether to enable Samba as the domain login server
Logon home =\\ % L \ % U // % L represents the NetBIOS Name of the server, and % U represents the user name of the client sending the request
Logon drive = H: // map the user's main directory to a local H Disk
Logon path =\\ % L \ profiles \ % U // path for saving the Desktop configuration information of the client machine. profiles corresponds to the [profiles] shared section below
Logon script = netlogon. bat // login script
[Homes]
Comment = Home Directories
Browseable = no // cannot be viewed
Writable = yes // yes
Valid users = % S // % S name of the current service
Create mode = 0664 // file creation permission
Directory mode = 0775 // permission to create a directory
[Netlogon]
Comment = Network Logon Service
Path =/home/samba/netlogon
Write list = root
Share modes = no
Browseable = no
[Profiles]
Path =/home/samba/profiles
Browseable = no
Public = yes
Writeable = yes
Create mask = 0700
Directory mask = 0700
[Public]
Comment = public
Path =/home/samba/public
Public = yes
Browseable = yes
Write list = jxgzoyke
[Exchange]
Comment = exchange
Path =/home/samba/exchange // anyone can read and write the shared directory, but cannot delete other people's files.
The reason is that the command chmod 1777/home/samba/exchange
Public = yes // accessible to all users
Writeable = yes // writable
[Computer]
Comment = computer
Path =/home/samba/computer
Browseable = yes
Valid users = @ computer // only users in the computer group can access
Writeable = yes
After modifying the configuration file, remember to restart samba: service smb restart. You can also use Chkconfig? Level 35 smb on enables Automatic startup when samba is started at the 3 or 5 running level
5. Now you have added the user account:
Smbpasswd? A jxgzoyke // note that this account must have a password in/etc/passwd:
Verification password:
Smbpasswd? A root // be sure to add the root user to/etc/samba/smbpasswd.
6. the samba server cannot be accessed from a windows Server, and the system may prompt that the network path cannot be found.
Using iptables? The F Command temporarily clears the firewall rules (I do not know how to add rules to the firewall that allow access to the samba server, but do not forget to teach me what I know ), now you should be able to access the samba server by entering the account password added above on the windows machine.
7. Let's take a look at how to add a domain. For example, the name of one of my windows2000 machines is oyke.
Create a linux Account first:
Useradd? G machines? D/dev/null? S/bin/false oyke $
Set password:
Passwd oyke $
Add the above account to/etc/samba/smbpasswd.
Smbpasswd? A? M oyke
Right-click my computer, properties, network ID, and properties on the machine 2000. Select "Domain" under "Recording", enter the name of the workgroup set by workgroup in the configuration file, and enter the root account and password in the displayed dialog box, you will be prompted to join the XXX domain later. Restart the computer and log in with the jxgzoyke account. 2000 is successfully added to the samba domain.
The method for adding XP and 2003 to the domain is the same, but you must change the Registry first:
Create a DWord: requiresignorseal under [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Netlogon \ Parameters] and set it to 0. if it already exists, modify the value.
98, the ME system can directly log on with an account in samba.