Simulate the NT Domain using the Linux Samba service

Source: Internet
Author: User
Article title: simulate the NT Domain using the Linux Samba service. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Nowadays, many organizations are building their own local networks to share resources. file sharing is an important aspect.
At present, there are many network operating systems available for us to choose, relatively speaking, choosing Linux as a network operating system has a ratio
Better performance and price ratio. Linux provides basic Web services, mail services, database services, and file sharing services.
Can meet the application requirements of most organizations. This article describes how to use the Linux Samba service to simulate an NT Domain
Share file resources in the current LAN.
Samba is
NT has software packages with the same protocol. We can use the Samba service to simulate the Windows NT domain so that users can
Files and printers on a Linux server are directly used on the computer. After you install the Samba package correctly,
The next step is to correctly configure Samba. The Samba service configuration is completed in/etc/smb. conf.
A suitable domain name for Samba
In the [Global] section of the Smb. conf file, the Workgroup item is actually equivalent to the Windows NT Domain name.
The default setting is Mygroup. we can give it a name based on the unit name and personal interests, such as Sambaserver.
Set to allow Windows workstation logon
Similarly, in the [Global] section of the Smb. conf file, set Domain logons to Yes, indicating the Samba service.
Allow Windows users to log on.
User identification settings
After the preceding two steps, in Windows 95 or Lan manager for DOS
Log on to the Samba server. However, in Windows 98, you will find that
A prompt similar to incorrect password. why? The default password recognition setting for Samba is normal text.
Windows 98, Windows NT 4.0, and Windows 2000 with SP3 and above all use encrypted passwords. For example
How can this problem be solved? The following three methods are available.
Table 1
Possible values of the item name
Comment share name comment
Public: public permission for the shared resource yes no
Writeable can write yes no
User permitted by valid users. when multiple users exist, mary; joke; hxw
Separated by semicolons
The client allowed by allow hosts. if there are multiple clients, hxw; moli; liping or
Use semicolons to separate them. ip addresses can be 11,103, 41. *;
Address representation
Forced mask created for the create mask file directory
1. force the client to log on with a plaintext password
In this method, you can change the password of the Windows Registry to disable the password. during encrypted login, the password is transmitted in plaintext. In the registry
In HKEY_LOCAL_MACHINESystemCurrent-ControlSetServicesVxDVNETSETUP, add
EnablePlainTextPassword; value: 1 (DWORD ). Then, restart the Windows system.
2. enable Samba to use an encrypted password
The first solution is feasible but not practical. if there are too many workstations in the unit, it is obviously troublesome for the system administrator?
Events. In fact, all popular Linux Samba versions can recognize encryption passwords, but Samba's default
Password recognition is a common text. To enable Samba to recognize the encrypted password, you need to do the following. Change [Global
] In this section, the Encrypt password entry is Yes, and the Smb passwd file entry points to a Samba password you have created.
Text. the default text is/etc/smbpasswd. Next, use Cat/etc/passwd | mksmbpasswd. sh>/etc/
Table 2
Hong Hanyi
% U provide shared resources based on the user name to be shared
% G share resources in the user group as required
% M provides shared resources based on the name of the machine to be shared
The smbpasswd method creates an initial Samba password text. Then, create a Samba
To create a password for an Abc user, type Smbpasswd abc.
In this way, you can use file resources on Linux just like logging on to Windows NT, and the client no longer needs
Do additional work.
3. seek third-party user authentication
If there is an NT server in the LAN, Samba can provide file services to clients through the NT Domain Authentication license.
That is to say, as long as it is a valid user of the NT Domain, you can access the authorized and shared resources on Samba. The specific configuration method is
Set the Security item in [Global] to Server (Samba defaults to User) and Password Server.
To the NT Server Name. we recommend that you use an IP address. For example, Password Server = Is this method simple?
But more security settings are required for Samba shared resource settings. What is the public license for the Samba service?
As long as it is a valid user of the NT Domain, whether it is a Linux user or not, you can access this resource.
Configure Samba shared resources
In the Samba service, the configuration of shared resources is much more flexible than that of Windows NT.
In addition to row user and workstation license settings, Samba also provides a macro function that allows machines and users to be shared based on requests?
Dynamically allocate different shared resources, that is, use the same sharing name, different user groups, users?
Different clients obtain different shared resources. The specific setting method is: add a section in Smb. conf ,?
The section name is a shared name. in this section, the Path entry is required to indicate that the shared name is mapped to the Linux server.
Directory. For example:
Path =/home/samba
Myshare is the sharing name shared by the client, and/home/samba is the Directory of the shared resource on the server.
In the sharing section, you can add some common control items in Table 1.
In the Path item, you can take full advantage of the macro function provided by Samba. for commonly used macros, see table 2.
The following Usershare shared resources map different users to their corresponding user directories:
Comment = share resources with different users
Path =/home/% u
Public = yes
Writeable = yes
Printable = no
When setting shared resources, you must note that if you have a Lan manager for DOS workstation
Do not use the $ symbol in the name (this is commonly used in the NT Domain Sharing name), because it must be reflected in the Lan manager for DOS workstation?
A dos extension error occurs when Samba has a shared name with the $ symbol. Similarly, to use Smbmount in Linux?
An error occurs when Smclient references a shared name with the $ symbol in an NT Domain. What's more, what is Samba?
A service established on Linux. The Linux file system has higher permissions than Samba. For example, if Samba allows?
Directory write operations, but Linux does not allow, so the client still cannot write operations. Therefore, a writable
But cannot write, you should first consider whether the Linux file system is a write license.
Restart the Samba service.
You must restart the Samba service every time you modify, delete, or add an Smb. conf file.
Effective. The method is/etc/rc. d/init. d/smb restart.
Through the above five steps, you can build an "NT Domain" on Linux ". After long-term use, I feel that it is stable.
Security is quite good. When you want to create a file server, you may wish to include Samba in your selection.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.