中華技術學院中華技術學院LinuxLinux 課程課程

Chap Five : SambaChap Five : Samba王俊城王俊城RHCE/RHCXRHCE/RHCX

AgendaAgenda Introduction to Samba (SMB)Introduction to Samba (SMB) Configuring the SMB serviceConfiguring the SMB service

Samba servicesSamba services Four main services are provided:Four main services are provided:

authentication and authorization of usersauthentication and authorization of usersfile and printer sharingfile and printer sharingname resolutionname resolutionbrowsing (service announcements)browsing (service announcements)

RelatedRelatedsmbclient command-line accesssmbclient command-line access

mount –t smbfs Linux can mount an SMB shmount –t smbfs Linux can mount an SMB shareare

Samba DaemonsSamba Daemons smbd : SMB/CIFS serversmbd : SMB/CIFS server

authentication and authorizationauthentication and authorizationFile and printer sharingFile and printer sharing

nmbd : NetBIOS name servernmbd : NetBIOS name serverresource browsingresource browsingWINS serverWINS server

Service Profile: SMBService Profile: SMB Type:Type: System V-manager serviceSystem V-manager service Packages:Packages: samba{,-common,-client} samba{,-common,-client} Daemons:Daemons: nmbd, smbdnmbd, smbd Script:Script: smbsmb Ports:(netbios) Ports:(netbios) 137(-ns)137(-ns)

138(-dgm)138(-dgm)139(-ssn)139(-ssn)

Configs:Configs: /etc/samba/*/etc/samba/* Log:Log: /var/log/samba/*/var/log/samba/*

Configuring SambaConfiguring Samba

Configuration in /etc/samba/smb.confConfiguration in /etc/samba/smb.confRed Hat provides a well-commented default Red Hat provides a well-commented default

configuration, suitable for most situationsconfiguration, suitable for most situationsgrep ^[^;#] /etc/samba/smb.confgrep ^[^;#] /etc/samba/smb.conf

Configuration tools are availableConfiguration tools are availableredhat-config-sambaredhat-config-sambaHand-editing smb.conf is recommendedHand-editing smb.conf is recommended

Overview of smb.conf SectionsOverview of smb.conf Sections

smb.conf is styled after the “.ini” file fsmb.conf is styled after the “.ini” file format and is split into different [ ] sectioormat and is split into different [ ] sectionsns[global] : section for server generic or global [global] : section for server generic or global

settings settings [homes] : used to grant some or all users ac[homes] : used to grant some or all users ac

cess to their home directoriescess to their home directories[printers] : defines printer resources and ser[printers] : defines printer resources and ser

vicesvices

Configuring File and Directory Configuring File and Directory SharingSharing

Shares should have their own [ ] sectionShares should have their own [ ] section Some options to use: Some options to use:

public - share can be accessed by guestpublic - share can be accessed by guest(No)(No) browseable - share is visible in browse listsbrowseable - share is visible in browse lists(Yes)(Yes) writable - resource is read and write enabledwritable - resource is read and write enabled(No)(No) printable - resource is a printer, not a diskprintable - resource is a printer, not a disk(No)(No) group - all connections to the share use the specified grougroup - all connections to the share use the specified grou

p as their primary groupp as their primary group

Printing to the Samba ServerPrinting to the Samba Server http://localhost:631/http://localhost:631/

raw printer queueraw printer queue

All printers defined in /etc/cups/printers.All printers defined in /etc/cups/printers.conf are shared as resources by defaultconf are shared as resources by default

Can be changed to allow only explicitly Can be changed to allow only explicitly publicized printerspublicized printers

PasswordsPasswords

Encrypted password considerationsEncrypted password considerationsStored in /etc/samba/smbpasswdStored in /etc/samba/smbpasswdUsers managed with smbpasswdUsers managed with smbpasswdUsers must have local accounts, or implemeUsers must have local accounts, or impleme

nt windbindd, a separate servicent windbindd, a separate servicesmbpasswd –a qoo(a:add)smbpasswd –a qoo(a:add)

Samba Client Tools: smbclientSamba Client Tools: smbclient

Can be used as an ftp-style file retrieval toolCan be used as an ftp-style file retrieval tool smbclient //machine/servicesmbclient //machine/service

cd directorycd directory get fileget file

Allows for simple view of shared servicesAllows for simple view of shared services smbclient -L hostnamesmbclient -L hostname smbclient -L hostnamesmbclient -L hostname -N-N smbclient -L hostname –U qoo%passwordsmbclient -L hostname –U qoo%password

nmblookupnmblookup list specific machine from WINS Serverlist specific machine from WINS Server

nmblookup -U server -R 'name‘(U:Unicast)nmblookup -U server -R 'name‘(U:Unicast) list all machineslist all machines

nmblookup \*(broadcast)nmblookup \*(broadcast)

smbmountsmbmount The SMB file system is supported by the The SMB file system is supported by the

Linux kernelLinux kernel Use smbmount to mount a SMB-shared rUse smbmount to mount a SMB-shared r

esource:esource:smbmount service mountpoint -o optionssmbmount service mountpoint -o optionsmount –t smbfs –o username=qoo,passwormount –t smbfs –o username=qoo,passwor

d=password //server1/samba /mnt/sambd=password //server1/samba /mnt/samb

Samba Mounts in /etc/fstabSamba Mounts in /etc/fstab Samba mounts can be performed automSamba mounts can be performed autom

atically upon system boot by placing an atically upon system boot by placing an entry in /etc/fstabentry in /etc/fstab

Specify the UNC path to the samba serveSpecify the UNC path to the samba server, local mount point, smbfs as the file sysr, local mount point, smbfs as the file system type, and a user name.tem type, and a user name.//server1/samba /mnt/samba smbfs default//server1/samba /mnt/samba smbfs default

s,username=qoo%password 0 0s,username=qoo%password 0 0 chkconfig netfs onchkconfig netfs on

T h an k Y ou !