--陈功磊
说明:系统是用[红帽企业.Linux.5].rhel-5.2-server-i386-dvd.iso
一、SAMBA服务器配置
1、安装samba软件包
[root@linuxCLI ~]# rpm -qa | grep ^samba # 查询当前系统中有关samba的包
samba-common-3.0.28-0.el5.8
[root@linuxCLI ~]# mkdir /media/cdrom # 建立目录
[root@linuxCLI ~]# mount -t iso9660 /dev/cdrom /media/cdrom # 挂载光驱
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@linuxCLI ~]# cd /media/cdrom/Server # 进入光驱软件包目录
[root@linuxCLI Server]# ls | grep ^samba # 查询软件包中有关samba的包
samba-3.0.28-0.el5.8.i386.rpm # samba服务主程序
samba-client-3.0.28-0.el5.8.i386.rpm # samba客户端
samba-common-3.0.28-0.el5.8.i386.rpm # samba服务器和客户端公用文件
samba-swat-3.0.28-0.el5.8.i386.rpm # 图形化管理samba
[root@linuxCLI Server]# rpm -ivh samba-3.0.28-0.el5.8.i386.rpm # 安装主程序包
warning: samba-3.0.28-0.el5.8.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:samba ########################################### [100%]
[root@linuxCLI Server]# rpm -ivh samba-swat-3.0.28-0.el5.8.i386.rpm # 安装图形化管理软件包
warning: samba-swat-3.0.28-0.el5.8.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:samba-swat ########################################### [100%]
[root@linuxCLI Server]#
2、查看默认配置文件
[root@linuxCLI Server]#cd /etc/samba
[root@linuxCLI samba]# tail smb.conf # 查看配置文件末10行
# A publicly accessible directory, but read only, except for people in
# the "staff" group
; [public] # 以;开头的都是范例
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = +staff
[root@linuxCLI samba]#
[root@linuxCLI samba]# grep -v "^#" smb.conf | grep -v "^;" # 查看去除注释和范例的默认配置文件
[global] # 全局配置
workgroup = MYGROUP # samba服务器所在工作组的名称
server string = Samba Server Version %v # samba服务器主机描述
# logs split per machine
# max 50KB per log file, then rotate
security = user # user为默认级别,表示要经过用户认证后才能访问服务器中的资源,share表示不需
# 要帐号和密码;server表示指定到另一台服务器认证;domain表示指定windows域
# 控服务器来验证
passdb backend = tdbsam # 要是用这个的话,用smbpasswd –a 是不能产生smbpasswd文件
# the login script name depends on the machine name
# the login script name depends on the unix user used
# disables profiles support by specifing an empty path
load printers = yes
cups options = raw
#obtain list of printers automatically on SystemV
[homes] # 用户共享目录的属性
comment = Home Directories # 共享目录说明信息
browseable = no # no表示用户登录只能看到自己的宿主目录
writable = yes # yes表示用户可读共享目录写入。
[printers] # samba服务器的打印机共享资源的属性
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
(注:我做了,不过没有用默认配置,而是自己新建的smb.conf,之前用默认的没有做成功)
[root@linuxCLI samba]#
3、新建修改配置(做了n遍了,只有这个配置才算成功)
[root@linuxCLI ~]# cd /etc/samba
[root@linuxCLI samba]# cat smb.conf
[global]
workgroup = MYGROUP
server string = CHGL samba
printcap name = /etc/printcap
load printers = yes
cups options = raw
log file = /var/log/samba/%m.log
max log size = 50
security = user
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
idmap uid = 16777216-33554431
idmap gid = 17777216-33554431
template shell = /bin/false
winbind use default domain = no
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[public]
path = /home/public
public = yes
only guest = yes
writable = yes
read only = no
[root@linuxCLI samba]#
3、创建SAMBA用户和口令
说明:samba的用户应该与具linux系统用户帐号同名来访问系统资源;samba用户密码独立于系统,同名的系统帐号可不设密码(不能登录系统,安全);
[root@linuxCLI ~]# cd /etc/samba
[root@linuxCLI samba]# ls –l # 原有文件
total 32
-rw-r--r-- 1 root root 20 Apr 3 2008 lmhosts
-rw-r--r-- 1 root root 9733 Apr 3 2008 smb.conf
-rw-r--r-- 1 root root 97 Apr 3 2008 smbusers
[root@linuxCLI samba]# cd
[root@linuxCLI ~]# smbpasswd –a st02 # 第一次创建sambao用户名和密码
New SMB password:
Retype new SMB password:
Added user st02
root@linuxCLI samba]# ls
lmhosts secrets.tdb smb.conf smbpasswd smbusers
[root@linuxCLI samba]#
[root@linuxCLI ~]# smbpasswd -a st01
New SMB password:
Retype new SMB password:
Added user st01.
[root@linuxCLI ~]#
说明: # smbpasswd [-adehx]
# -a添加指定的用户帐号
# -d禁用指定的用户帐号
# -e启用指定的用户帐号
# -h显示smbpasswd的命令格式帮助
# -x删除指定的用户帐号
5、对smb.conf文件配置的测试testparm
[root@linuxCLI samba]# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = MYGROUP
server string = CHGL samba
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 17777216-33554431
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[public]
path = /home/public
read only = No
guest only = Yes
guest ok = Yes
[root@linuxCLI samba]#
6、启动服务
[root@linuxCLI ~]# service smb start # 启动服务
Starting SMB services: [ OK ]
Starting NMB services: [ OK ]
[root@linuxCLI ~]# service smb status # 查看服务状态
smbd (pid 27700 27685) is running...
nmbd (pid 27696) is running...
[root@linuxCLI ~]#
7、创建公共目录/etc/pulic,并设置权限
[root@linuxCLI ~]# mkdir /home/public
[root@linuxCLI ~]# chown nobody.nobody /home/public
[root@linuxCLI ~]# ls -l /home
total 36
drwx------ 2 root root 16384 Jun 5 02:04 lost+found
drwxr-xr-x 2 nobody nobody 4096 Jun 5 04:18 public
drwx------ 4 st01 st01 4096 Jun 5 04:14 st01
drwx------ 4 st02 st02 4096 Jun 5 04:01 st02
[root@linuxCLI ~]#
8、重新启动 samba服务
[root@linuxCLI samba]# service smb restart
Shutting down SMB services: [ OK ]
Shutting down NMB services: [ OK ]
Starting SMB services: [ OK ]
Starting NMB services: [ OK ]
[root@linuxCLI samba]#
二、客户端验证
重要提示:
(1)关闭服务器和客户端的防火墙
[root@linuxCLI ~]# service iptables stop
(2)关闭服务器的seliunux(默认是安装在系统上的,要重启电脑)
[root@linuxCLI ~]# cat /etc/selinux # 如果没有selinux目录,此步骤就不要做了
cat: /etc/selinux: Is a directory
[root@linuxCLI ~]# cat /etc/selinux/conf
cat: /etc/selinux/conf: No such file or directory
[root@linuxCLI ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled # 改enforcing为disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
[root@linuxCLI ~]#reboot # 重启电脑
9、linxu客户端配置,及验证:
root@redhatCLI ~]# mount -t iso9660 /dev/cdrom /media/cdrom # 客户机挂载光驱
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@redhatCLI ~]# cd /media/cdrom/Server
[root@redhatCLI Server]# ls | grep samba
samba-3.0.28-0.el5.8.i386.rpm
samba-client-3.0.28-0.el5.8.i386.rpm
samba-common-3.0.28-0.el5.8.i386.rpm
samba-swat-3.0.28-0.el5.8.i386.rpm
sblim-cmpi-samba-0.5.2-31.el5.i386.rpm
sblim-cmpi-samba-devel-1-31.el5.i386.rpm
sblim-cmpi-samba-test-1-31.el5.i386.rpm
system-config-samba-1.2.39-1.el5.noarch.rpm
[root@redhatCLI Server]#
[root@redhatCLI Server]# rpm -ivh samba-common-3.0.28-0.el5.8.i386.rpm # 安装公共文件包
warning: samba-common-3.0.28-0.el5.8.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:samba-common ########################################### [100%]
[root@redhatCLI Server]# rpm -ivh samba-client-3.0.28-0.el5.8.i386.rpm # 安装客户端
warning: samba-client-3.0.28-0.el5.8.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:samba-client ########################################### [100%]
[root@redhatCLI Server]#
[root@linuxCLI ~]# smbclient //192.168.7.2/st02 -U st02 # 登录自己目录
Password:
Domain=[LINUXCLI] OS=[Unix] Server=[Samba 3.0.28-0.el5.8]
smb: \> pwd
Current directory is \\192.168.7.2\st02\
smb: \> dir
. D 0 Fri Jun 5 04:01:57 2009
.. D 0 Fri Jun 5 03:58:56 2009
.bashrc H 124 Fri Jun 5 03:36:29 2009
.bash_logout H 33 Fri Jun 5 03:36:29 2009
123 D 0 Fri Jun 5 04:13:30 2009
.bash_profile H 176 Fri Jun 5 03:36:29 2009
.mozilla DH 0 Fri Jun 5 03:36:29 2009
52761 blocks of size 32768. 48930 blocks available
smb: \> mkdir 888
smb: \> ls
. D 0 Fri Jun 5 04:34:44 2009
.. D 0 Fri Jun 5 03:58:56 2009
.bashrc H 124 Fri Jun 5 03:36:29 2009
.bash_logout H 33 Fri Jun 5 03:36:29 2009
123 D 0 Fri Jun 5 04:13:30 2009
.bash_profile H 176 Fri Jun 5 03:36:29 2009
.mozilla DH 0 Fri Jun 5 03:36:29 2009
888 D 0 Fri Jun 5 04:34:44 2009
52761 blocks of size 32768. 48930 blocks available
smb: \>quit
[root@linuxCLI ~]# smbclient //192.168.7.2/public -U st02 # 登录公共目录
Password:
Domain=[LINUXCLI] OS=[Unix] Server=[Samba 3.0.28-0.el5.8]
smb: \> pwd
Current directory is \\192.168.7.2\public\
smb: \> ls
. D 0 Fri Jun 5 04:18:51 2009
.. D 0 Fri Jun 5 03:58:56 2009
test.txt 0 Fri Jun 5 03:57:37 2009
52761 blocks of size 32768. 48930 blocks available
smb: \> mkdir st02_pub
smb: \> ls
. D 0 Fri Jun 5 04:35:28 2009
.. D 0 Fri Jun 5 03:58:56 2009
st02_pub D 0 Fri Jun 5 04:35:28 2009
test.txt 0 Fri Jun 5 03:57:37 2009
52761 blocks of size 32768. 48929 blocks available
smb: \> quit
[root@linuxCLI ~]#
10、windows客户端登录验证
在允许中输入samba服务器的ip地址
clip_image002
输入用户名和密码
clip_image004
获取的资源目录
clip_image006
在宿主目录中建立文件
clip_image008
在public公共文件夹中建立文件(注可以用删除public文件中的文件)
clip_image010
换成st01帐号登录也是同样的:
clip_image012