- 论坛徽章:
- 0
|
[color="#0000ff"]linux&samba
[color="#0000ff"]
samba服务器作用:windows与linux搭建沟通的桥梁;
建立samba服务器步骤:
1.samba服务器所需软件包:
[root@aiyanet named]# rpm -qa |grep samba
samba-common-3.0.28-0.el5.8
samba-client-3.0.28-0.el5.8
system-config-samba-1.2.39-1.el5
samba-3.0.28-0.el5.8 (主程序包)
[color="#000000"]samba-swat-3.0.25b-0.el5.4. (IE或火狐浏览)
2.samba服务器主配置文件配置:
1.指定共享目录及打印机、日志文件等;
2.指定共享目录的存放路径及日志文件所在路径、设置文件共享的权限及描述;
3.基本OK、呵呵;
4.建立用户;
[color="#0000ff"]1.指定共享目录及打印机、先瞧瞧配置文件吧!
[color="#0000ff"]
[color="#ff0000"]:set nu 这个命令可以看到文件所在的行数;
246 #============================ Share Definitions =====================
247
248 [homes](共享名)
249 comment = Home Directories(描述备注信息)
250 browseable = no
251 writable = yes
252 ; valid users = %S
253 ; valid users = MYDOMAIN\%S
254
255 [printers](共享打印机)
256 comment = All Printers
257 path = /var/spool/samba(绝对共享路径)
258 browseable = no
259 guest ok = no
260 writable = no
261 printable = yes
[color="#dcdcdc"] [color="#483d8b"]public = yes (NO)是否允许匿名访问
[color="#483d8b"] valid users = 用户名
[color="#483d8b"] valid users = @组名
[color="#483d8b"] readonly = yes #只读
[color="#483d8b"] readonly = no #读写
[color="#483d8b"] 设置目录写入权限:
[color="#483d8b"] writable = yes #读写 NO(只读)
[color="#483d8b"] write list = 用户名、@组名
262
263 # Un-comment the following and create the netlogon directory for Domain Logons
264 ; [netlogon]
265 ; comment = Network Logon Service
266 ; path = /var/lib/samba/netlogon(绝对共享路径)
267 ; guest ok = yes
268 ; writable = no
88 # logs split per machine
89 ; log file = /var/log/samba/%m.log(设置samba服务器共享日志)
90 # max 50KB per log file, then rotate
91 ; max log size = 50
(默认samba服务器建立有两个日志文件nmbd.log、smbd.log)
[color="#0000ff"]2.设置服务器的权限及描述:
[color="#0000ff"]
[root@aiyanet named]# vi /etc/samba/smb.conf先瞧瞧配置文件吧!
[color="#ff0000"]:set nu 这个命令可以看到文件所在的行数;
74 workgroup = WORKGROUP (设置服务器所在组或域)
75 server string =Linux Samba Server (描述服务器)
76
77 ; netbios name = MYSERVER
101 security = user [color="#ff0000"](用户登录安全级别模式)、share(共享)、server、 domain(windows server 2003 服务器域的客户端)备注:user、share常用;
102 passdb backend = tdbsam
[color="#0000ff"]3. 重启OK:[root@aiyanet ~]# service smb restart
[color="#0000ff"]4. 建立samba用户
[root@aiyanet ~]# useradd msn
[root@aiyanet ~]# passwd msn
Changing password for user msn.
New UNIX password:
BAD PASSWORD: it is WAY too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@aiyanet ~]# smbpasswd -a msn
New SMB password:
Retype new SMB password:
Added user msn.
建立smbpasswd文件
[root@aiyanet ~]# vi /etc/samba/smb.conf
101 security = user
102 passdb backend = tdbsam(验证方式)前面家“;”注销掉
添加smb passed file = /etc/samba/sampassd
:wq!(保存推出);
[root@aiyanet samba]# ls
lmhosts passdb.tdb secrets.tdb smb.conf smbpasswd smbusers
备注(现在已经生成smbpasswd文件)
[color="#4169e1"]a、现在可以啦!讲解一个小例题:(大家都可以访问);
让大家更容易理解;
[root@aiyanet Desktop]# mkdir /xiaofu
[root@aiyanet Desktop]# vi /etc/samba/smb.conf
:$(命令)
[xiaofu]
comment = xiaofu
path = /xiaofu
public = yes
(任何人都能够访问)
[root@aiyanet Desktop]# service smb reload
重新加载:不要重启,在现实生活中一般不重启;
测试:在windows XP 的运行中
\\192.168.1.123\xiaofu
就可以找到这个目录:OK你已经成功啦!呵呵。
[color="#4169e1"]b、建一个要用户名才可以访问的吧!
[root@aiyanet Desktop]# groupadd xiaoshou (建立组)
[root@aiyanet Desktop]# useradd -g xiaoshou xiaoshou1
[root@aiyanet Desktop]# useradd -g xiaoshou xiaoshou2
[root@aiyanet Desktop]# passwd xiaoshou1
Changing password for user xiaoshou1.
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@aiyanet Desktop]# passwd xiaoshou2
Changing password for user xiaoshou2.
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@aiyanet Desktop]# smbpasswd -a xiaoshou1(添加samba用户)
New SMB password:
Retype new SMB password:
Added user xiaoshou1.
[root@aiyanet Desktop]# smbpasswd -a xiaoshou2
New SMB password:
Retype new SMB password:
Added user xiaoshou2.
[root@aiyanet Desktop]# vi /etc/samba/smb.conf
101 security = user[color="#0000ff"](注意)
102 ; passdb backend = tdbsam
103 smb passwd file = /etc/samba/smbpasswd
[root@aiyanet Desktop]# vi /etc/samba/smb.conf
:$[color="#0000ff"](注意)
[xiaoshou]
comment = xiaoshou file
path = /aiyanet/xiaoshou
security = user
valid users = @xiaoshou
[root@aiyanet samba]# /etc/init.d/smb reload (重新加载)
再试试:您又成功啦!hehe
[color="#0000ff"]解决samba server 的安全隐患:建立虚拟账号;
[color="#0000ff"][root@aiyanet Desktop]# vi /etc/samba/smb.conf
[color="#000000"][root@aiyanet Desktop]# vi /etc/samba/smb.conf
[color="#000000"] 74 workgroup = workgroup
75 server string = file Samba Server
76 username map = /etc/samba/smbusers
[root@aiyanet ~]# vi /etc/samba/smbusers
[color="#0000ff"]# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
xiaoshou1 = msn qq
xiaoshou2 = nba sina (这就是虚拟用户账号)
最后还有hosts deny = 禁止 [color="#0000ff"]hosts allow = 允许;(控制客户端)
[color="#0000ff"]hosts deny = .aiyanet 禁止这个域的客户端访问
[color="#0000ff"]hosts deny = .net xiaofu 禁止这个域的xiaofu这个用户访问
[color="#0000ff"]write list = xiaofu,@hehe 允许xiaofu这个帐号和hehe这个组的成员访问
[color="#0000ff"]browseable = no 表示隐藏
\\192.168.1.123\
共享名才能看到;
[color="#0000ff"]
[color="#0000ff"][root@aiyanet samba]# cp smb.conf smb.conf.xiaofu 为用户配置文件
55 #======================= Global Settings =======================
56
57 [global]
58 config file = /etc/samba/smb.conf.%u [color="#ff0000"](添加这样一条规则)
在编辑这个文件smb.conf.xiaofu
linux客户端访问samba server 方法是:
smbclient命令格式:[color="#0000ff"]smbclient -L aiyanet(192.168.1.123)
[color="#0000ff"]算啦!差不多啦,这是常用的几种;
[color="#0000ff"]
[color="#0000ff"]高级设置:打印机共享
[color="#0000ff"][root@aiyanet ~]# vi /etc/samba/smb.conf
221 load printers = yes
222 cups options = raw
223
224 ; printcap name = /etc/printcap
225 #obtain list of printers automatically . SystemV
226 ; printcap name = lpstat
227 ; printing = cups
不用改默认设置就可以啦!呵呵
255 [printers]
256 comment = All Printers
257 path = /var/spool/samba
258 browseable = no
259 guest ok = no
260 writable = no
261 printable = yes
默认就可以啦!默认samba server 就可以让客户端打印;
[color="#0000ff"]samba 企业一般实际配置:
samba服务器目录:
[color="#ff00ff"]建立公司目录:/aiyanet (一般以公司的名义命名)
[color="#ff00ff"]技术部门:/aiyanet/jishu
[color="#ff00ff"]销售部们:/aiyanet/xiaoshou
[color="#ff00ff"]公司共享:/aiyanet/share (全体员工都可以看到但不能改动)
[color="#0000ff"]公司人员管理
[color="#0000ff"]总经理:gm (General Manager)简称
[color="#0000ff"]销售部经理:sm 员工sm1、sm2、sm3
[color="#0000ff"]技术部门技术总监:td 员工td1、td2、td3
[color="#0000ff"][root@aiyanet ~]# vi /etc/samba/smb.conf
[color="#0000ff"]描述服务器
[color="#0000ff"] 74 workgroup = aiyanetdomain
75 server string = aiyanet Samba Server
[color="#0000ff"]建立smbpasswd文件
101 security = user
102 ; passdb backend = tdbsam(关闭tdbsam验证)
103 smb passwd file = /etc/samba/smbpasswd
[color="#0000ff"]建立组、以及建立用户我就不说啦!上面有过:[color="#0000ff"]
[color="#0000ff"]
[color="#0000ff"]分别建立配置文件:
[root@aiyanet aiyanet]# cp /etc/samba/smb.conf /etc/samba/xiaoshou.smb..conf
[root@aiyanet aiyanet]# cp /etc/samba/smb.conf /etc/samba/jishu.smb..conf
[root@aiyanet aiyanet]# cp /etc/samba/smb.conf /etc/samba/gm.smb..conf
[root@aiyanet ~]# vi /etc/samba/smb.conf
[color="#0000ff"] workgroup = aiyanetdomain
server string = aiyanet Samba Server
include = /etc/samba/%u.smb.conf
[color="#0000ff"] include = /etc/samba/%g.smb.conf
[color="#0000ff"]:$ (技巧光标跳到文件的尾部)
[color="#0000ff"]
分别添加:xiaoshou.smb.conf jishu.smb.conf
不想写啦!呵呵
[color="#0000ff"]
[color="#0000ff"]
[color="#0000ff"]
本文出自 “
hehe
” 博客,谢绝转载!
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u3/93926/showart_1872445.html |
|
免费注册
发表于 2009-03-23 10:49