Original address: http://www.5ilinux.com/samba.html reproduced please indicate the Samba server debugging Fedora pre-installed Samba is already Samba-3.0.0-15, the function is very powerful, today we debug key Not a new feature of Samba 3.0, we still have to implement his basic functions, file sharing services, as for the domain controller function, I will explain in the future debuggers. The environment we have to achieve today is that if the company has financial, technology, leadership 3 departments, we have established three users in 3 departments for Caiwu, Network, Lingdao; 2 users in three departments, we build The users are CAIWU01, CAIWU02, Network01, Network02, LingDaO01, LingDaO02 and then we respect the corresponding directory and access rights, respectively, by the following examples, I hope everyone can flexibly apply Samba security permissions in the usual work. To set your Samba file server. 1. First, the server uses user authentication, each user can access its host directory, and only the user can access the host directory and have full permissions, and others can't see your host directory. 2. Create a CAIWU folder, I hope that the Caiwu group and the lingdao group can see that NetWork02 can also be accessed, but only the CAIWU01 has written permissions. 3. Create a Lindao directory, only the personnel of the leader can access and read and write, and NetWork02 can also be accessed, but the outsider can't see that directory 4. It is recommended that a file exchange directory Exchange, everyone can read and write, including guest users, but everyone can't delete files. 5. It is recommended that a public read-only folder public, everyone reads only the contents of this folder. Well, let's preliminary work #groupadd caiwu #groupadd network #groupadd lingdao #useradd caiwu01 -g caiwu #useradd caiwu02 -g caiwu #useradd network01 -g network #useradd network02 -g network #useradd lingdao01 -g lingdao #useradd lingdao02 -g lingdao then uses smbpasswd -a caiwu01 commands to 6 accounts Add to Samba users #mkdir / home / Samba #mkdir / Home / Samba / Lingdao #mkdir / Home / Samba / Exchange #MKDIR / Home / Samba / Public We can set the permissions of all folders here to 777, we can set up 5 points above. The following is my SMB.conf configuration file [global] Workgroup = Bmit # My Network Working Group Server String = Frank's Samba File Server # My Server Name Description Security = User # User Valid Mechanism Encrypt Passwords = YES SMB Passwd File = / Etc / samba / smbpasswd # uses an encrypted cryptographic mechanism, which is used by WIN95 and WINNT, which is basically basic in accordance with the default.
[homes] comment = home directories browseable = no writable = yes valid users =% s #home paragraph meets Article 1 [caiwu] comment = caiwu path = / home / samba / caiwu public = no valid users = @ caiwu, @ lingdao , network02 list caiwu01 printable = no #caiwu = write period of the second meet our requirements [lingdao] comment = lingdao path = / home / samba / lingdao public = no browseable = no valid users = @ lingdao, network02 printable = no #lingdao Segment can meet our third requirements [Exchage] comment = Exchange file Directory path = / home / Samba / Exchange public = YES WRITABLE = YES #Exchange segment can basically meet our fourth requirements, but not meet everyone can't delete others This condition, even if Mask is set, it is useless. In fact, this condition is only as long as UNIX sets a sticky bit, CHMOD -R 1777 / Home / Samba / Exchange Note that the permissions are 1777, similar system directory / TMP also has the same Permissions, this permission can implement each person's free write file, but cannot delete the files of others [public] comment = read only public Path = / home / samba / public public = YES read only = yes # This public segment can meet Our 5th requirements. To this, our settings have been able to implement our shared file requirements, remember to restart the service. Usage I only give only a few examples here, the specific you go to the SMBClient -L server IP-N Guest account query your server's Samba sharing, you can check if the lingdao directory can be seen by the guest account, should It can't be seen, of course, you can also view the SMBClient -l server IP -U CAIWU01 system in the name of a user prompt password, just enter the SMB password. SMBCLIENT // Server IP / CAIWU -U CAIWU01 # Log in to CAIWU 01 User's Name User's Nominal SMBMount // Server IP / CAIWU / MNT / CAIWU -O UserName = CAIWU01 # Map the server's financial directory to the local / mnt / caiwu directory you have any questions please do not hesitate to mention suggestions :) author: Zhang microwave November 12, 2003 in Beijing [post reply] [View CU original forum posts] [Close] back in the summer of 2002: 2003-11-1222 : 55: 52good!
LZG8056 Reply to: 2003-11-12 22:59:09 俺 俺!
Bjchenxu Reply to: 2003-11-13 09:23:06 I am very happy to see Samba successfully, here I propose 3 questions to discuss: 1. About [HOME] name, generally called [Homes ], I don't know if this S is wrong? 2.% s in the [home], I remember that it should be a service name, how can I be used as a username? You remove this line to see if there is any problem? 3. You prefer to use 777 attribute settings, follow Linux's common methods, directory generally use 755, file 644, do you want to reconsider? ZHANGWeibo Reply to: 2003-11-13 10: 45: 411. It should be homes, is a pen error, Bjchenxu eye is really good, I will modify this 2. In fact, Valid Users =% s is extra, I didn't write, but I didn't write it. Write a safety! What you said is that the server is the definition of [global], which is different in sharing :) Redhat default HOMES definition is this. Follow the default to [homes] comment = home directories browseable = no writable = yes valid users =% s create mode = 0664 directory mode = 0775 3. In fact, this is for convenience, I think many beginners may be dizzy by UNIX security privileges and Samba's security privileges, but also directly use Samba's security privileges. Because some directories such as public, they cannot be set to 755,644. Otherwise, it is not written, especially if some directory requires a group to write more trouble, because UNIX's security permissions are greater than Samba's security. It is recommended to adjust UNIX security permissions after debugging Samba! Thank you bjchenxu's question!
SXSFXX Reply to: 2003-11-13 15:00:48 Good! Add some point: If you only share your own home directory, you will use only one command in the default .conf (in the installation of the document directory), if you want to hometown root's user directory, so security is better. SMBADDUSER ROOT: ROOT (Group Name: User) Enter the password again, in Windwos // Linux_IP / Root, you can use root to visit.
