The difference between win client and Linux client

Samba is a set of applications that use the SMB (Server message Block) protocol, and by supporting this Protocol, Samba allows communication between Linux servers and Windows systems, making Cross-platform exchange possible. Samba is a freeware software that implements the SMB (Server Message Block) protocol on Linux and UNIX, consisting of servers and client programs.

Samba uses C/s mode, which works by allowing NetBIOS (Windows Network Neighborhood Communication Protocol) and SMB two protocols to run on the TCP/IP communication protocol, and using the NetBEUI protocol to allow Windows to browse Linux servers in My Network Places.

The building of Samba services

The difference in the customer's usage system also results in a different test result.

Linux system client:

Security = user or Share

Smbclient-l//192.168.7.113/westos can see the shared directory,

The difference is that when security = user

[Root@redhat samba]# smbclient//192.168.7.113/westos

Enter Root ' s password:

Anonymous Login Successful//system prompts to log on to the Samba service successfully, but failed to access the Westos share directory, and the anonymous user is also the user.

Domain=[mydomain] Os=[unix] Server=[samba 3.5.10-125.el6]

Tree Connect failed:nt_status_access_denied

Security = Share

[Root@redhat samba]# smbclient//192.168.7.113/westos

Enter Root ' s password:

Domain=[mydomain] Os=[unix] Server=[samba 3.5.10-125.el6]

Server not using User level security and no password supplied. is not a valid user of the service, although security = share, but to support password login. The equivalent of a samba service visit was unsuccessful.

Tree Connect Failed:nt_status_wrong_password

Win's Test:

Security = Share Time

When we visit the Samba service, we log in successfully, but when we access the directory, we are prompted for a password.

Security = user, when the Samba service is accessed, the password is started and no password is not accessed.

There is no such feeling, the test of Linux and win, seems to be the opposite, just reversed.

Linux system

When public =yes:

Security = user or Share

Anonymous user login will be successful.

[Root@redhat samba]# smbclient//192.168.7.113/westos

Enter Root ' s password:

Anonymous Login Successful

Domain=[mydomain] Os=[unix] Server=[samba 3.5.10-125.el6]

SMB: > ^c

[Root@redhat samba]# vim/etc/samba/smb.conf

[Root@redhat samba]#/etc/init.d/smb Restart

Shutting down SMB services: [OK]

Starting SMB services: [OK]

[Root@redhat samba]# smbclient//192.168.7.113/westos

Enter Root ' s password:

Domain=[mydomain] Os=[unix] Server=[samba 3.5.10-125.el6]

Server not using User level security and no password supplied.

SMB: > ^c

Win Client:

When public =yes:

Security = Share

Anonymous users do not need password username, the direct login successful, access to the shared directory does not require password user name.

When public =yes:

Security = User

When you visit Samba, the user name, password, and login are unsuccessful, especially if you see a shared directory.

Comparison:

That is to say, when public =yes: Linux clients can access the shared directory, regardless of security = user ro share. It doesn't matter. When the win client only has security =share, anonymous users have the right to access the shared directory.

Several main configuration files for Samba (/etc/samba)

Smb.conf: The most important configuration file, divided into [global] and [Share definitions] two parts.

LMHOSTS: corresponding to the NetBIOS name and IP of this host, typically samba captures the IP of the associated computer NetBIOS name on the LAN at startup, so this profile is not typically set.

SMBPASSWD: This file does not exist by default, it is the user password corresponding table of Samba preset.

Several main commands of Samba

SMBPASSWD: Used to set the user's account and password for samba.

Smbclient: Used to view the sharing of other Linux hosts. You can also use it on your own samba host to see if the settings are successful.

Smbmount: Used to mount the documents and directories shared by the Samba server on its own Linux host.

Testparm: Check to see if smb.conf have errors.

Several common variables of smb.conf

① Client Variables

-----------------------------------------------------------------------------

%a | The client's architecture (for example, Samba,nt,win98, or unknown)

%I | IP address of the client (for example: 192.168.220.100)

%m | NetBIOS name for Client

%m | DNS name of the client

------------------------------------------------------------------------------

② User Variables

------------------------------------------------------------------------------

%g | Base Group for%u

%G | Base Group for%u

%H | %u's home directory

%u | Current UNIX user name

%u | The requested client user name (not always used by samba)

------------------------------------------------------------------------------

③ Shared variables

------------------------------------------------------------------------------

%p | If unlike%p, the Automounter path corresponds to the shared root directory

%P | Current Shared root directory

%s | But the previously shared name

-------------------------------------------------------------------------------

④ Server Variables

-------------------------------------------------------------------------------

%d | ID of the current server process

%h | DNS host name of the samba server

%l | NetBIOS name for Samba server

%N | Home directory server, mapping from AutoMount

%v | Samba version

-------------------------------------------------------------------------------

⑤ Other variables

-------------------------------------------------------------------------------

%R | Negotiated SMB protocol

%T | Current date and time

Four levels of security

①security=share: User access to the Samba server does not require a username and password and is less secure.

②security=user:samba Server default security level, each shared directory can only be accessed by a certain user, and the Samba server is responsible for checking the correctness of the account and password.

③security=server: Server security level, relying on other Windows nt/2000 or Samba servers to authenticate users ' accounts and passwords, is a proxy authentication. In this safe mode, the system administrator can centralize all Windows users and passwords on an NT system, use Windows NT for Samba authentication, and the remote server can automatically authenticate all users and passwords, and if the authentication fails, Samba will use user-level security mode as an alternative.

④security=domain: Domain security level, using the primary domain controller (PDC) to complete authentication.