(Transfer) Samba3.0 server actual debugging

zhaozj2021-02-16  101

Original address: http://www.5ilinux.com/samba.html

Reprint, please indicate the source, thank you!

Fedora pre-installed Samba is already Samba-3.0.0-15, which is very powerful. Today we debug the focus is not new features of Samba 3.0, we will first achieve his basic functions, file sharing services, as for the domain The controller function I will explain in the subsequent debugger.

The environment we have to achieve today is that if the company has financial, technology, leaders, we have established 3 user groups for 3 departments for Caiwu, NetWork, Lingdao;

There are 2 users in the three departments, and our construction users are caiwu01, caiwu02, network01, network02, lingdao01, lingdao02

Then we establish a corresponding directory and access rights on the company's specific situation. By the following examples, I hope that everyone can set your Samba file server in the usual work. SAMBA security permissions.

1. First, the server uses user authentication, each user can access its host directory, and only the user can access the host directory and have full permissions, and others can't see your host directory.

2. Create a CAIWU folder, I hope that the Caiwu group and the lingdao group can see that NetWork02 can also be accessed, but only the CAIWU01 has written permissions.

3. Building a Lindao directory, only the personnel of the leaders can access and read and write, and NetWork02 can also be accessed, but the outsiders can't see that directory.

4. It is recommended that a file exchange directory Exchange, everyone can read and write, including guest users, but everyone can't delete files.

5. It is recommended that a public read-only folder public, everyone reads only the contents of this folder.

Ok, let's first come to the early work.

#groupadd caiwu

#groupadd network

#groupadd lingdao

# useradd caiwu01 -g caiwu

# useradd caiwu02 -g caiwu

# uSERADD NETWORK01 -G NetWork

# useradd network02 -g networkWork

# useradd lingdao01 -g lingdao

# useradd lingdao02 -g lingdao

Then we use the smbpasswd -a caiwu01 command to add 6 accounts to the Samba user.

#mkdir / home / samba

#mkdir / home / samba / caiwu

#mkdir / home / samba / lingdao

#mkdir / home / Samba / Exchange

#mkdir / home / samba / public

In order to avoid trouble, we can set the permissions of all the folders above to 777, and we have set up 5 points above through Samba.

The following is my SMB.conf profile

[global]

Workgroup = BMIT

# My Network Working Group

Server string = frank's Samba File Server

# 我 服务 服务 名 Description

Security = user

# Use the user verification mechanism

Encrypt passwords = yes

SMB Passwd File = / etc / samba / smbpasswd

# Use the encrypted cryptographic mechanism, use it in Win95 and Winnt

Other can basically follow the default.

[homes]

Comment = Home Directories

Browseable = no

Writable = yesvalid users =% s

Create Mode = 0664

Directory mode = 0775

#HOMES to meet the first condition

[caiwu]

Comment = caiwu

Path = / home / samba / caiwu

Public = no

Valid users = @ caiwu, @ lingdao, network02

Write List = caiwu01

Printable = NO

#caiwu Meets to meet our second requirements

[lingdao]

Comment = lingdao

Path = / home / samba / lingdao

Public = no

Browseable = no

Valid users = @ lingdao, network02

Printable = NO

#LINGDAO can meet our third request

[eXchage]

Comment = Exchange File Directory

Path = / home / samba / exchange

Public = yes

Writable = yes

#exchange segment can basically meet our fourth request, but you can't meet this condition of each person who can't delete someone else, even if it sets Mask, it is useless. In fact, this condition will set a sticky bit.

CHMOD -R 1777 / HOME / Samba / Exchange

Note that the permissions are 1777, similar system directory / TMP also has the same permissions, this permission can implement each person's free to write files, but cannot delete this request for others.

[public]

Comment = Read Only public

Path = / home / samba / public

Public = yes

oud all = yes

# This public segment can meet our 5th requirements.

To this, our settings have been able to realize our shared file requirements, remember to restart the service.

# / etc / rc.d / init.d / smb restart

If you don't have WinodWs, you may wish to test it with Samba's Cilent end command.

The usage of orders, I only mention a few examples here, and the specific people go to the test.

SMBCLIENT -L server IP-N

The guest account queries your server's Samba sharing, you can check if the lingdao directory can be seen by the guest account, should not be seen, of course you can view a certain user

SMBCLIENT -L server ip -u caiwu01

The system will prompt the password, just enter the SMB password.

SMBClient // Server IP / CAIWU -U Caiwu01

# Log in to the CAIWU directory in the name of caiwu01 users

SMBMOUNT / / server IP / CAIWU / MNT / CAIWU -O uname = caiwu01

# Map the server's financial directory to the local / MNT / CAIWU directory

转载请注明原文地址:https://www.9cbs.com/read-10257.html

New Post(0)