Linux系统管理.Samba配置文件
Samba配置文件的位置:#/etc/samba/smb.conf
[global]
workgroup = WORKGROUP <--------工作组名
netbios name = redhat <--------netbios主机名
server string = samba server <——————服务器注释说明
security = share/user/server <-----三种安全级别,默认为user
;password server = <server> <—去掉;号后,指定的数据库server的路径
logfile = /var/log/samba/log.%m <———日志存放的目录及日志名,日志名是一个变量表示的.
encrypt passwords = yes <———-加密密码
smb passwd file = /etc/samba/smbpasswd <——smb帐号文件的存放目录,此目录路径要为绝对路径
include = /etc/samba/smb.conf.%m
interfaces = 192.168.0.0/24 <————–开启的端口
;name resolve order = wins lmhosts bcast <–主机名的解析顺序:先是wins服务器,再是lmhost文件,最后广播
;wins support = yes <————-本地做不做wins服务器,与下面的wins server 不能同时使用.
;wins server = w.x.y.z <———-与上面的wins support 不能同时使用
配置文件中,以#开头的为注释,去除#后为无意义的字段行,而以;开头的虽然也是注释,但是去除;后是有意义的命令行或字段.
Samba的安全级别:
[global]
secutiry = < level >
level 包括三种安全级:
1、share windows用户不需要认证,就能直接访问共享的目录列表
2、user 客户端必须输入合法的用户才能访问共享目录列表,服务器上需要建立用户帐号和设定密码
3、server 客户端必须输入合法的用户才能访问共享目录列表,但客户端需要连到其他的服务器上进行相应的认证
访问控制
一、全局访问控制 (允许优先)
[global]
host deny = ALL
host allow = 192.168.0.
二、局部访问控制 (允许优先)
[docs]
host deny =192.168.0. (拒绝192.168.0.这个网段的所有主机)
host allow = 192.168.0.153 (只对192.168.0.153主机开放访问权限)
[redhat]
host allow = 192.168.0. (允许192.168.0.网段的所有主机)
host deny = 192.168.0.153 (只对192.168.0.153主机开放访问权限,将会失去限制的意义,允许优先)
所以设定访问权限的时候,要注意此项(host allow =192.168.0. EXCEPT 192.168.0.153)
如下的配置文件:
#============= Global Settings ==================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = WORKGROUP
# server string is the equivalent of the NT Description field
server string = linux
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 0
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = user
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server = <NT-Server-Name>
# Password Level allows matching of _n_ characters of the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# The following is needed to keep smbclient from spouting spurious errors
# when Samba is built with support for SSL.
; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
# The following are needed to allow password changing from Windows to
# update the Linux system password also.
# NOTE: Use these with ‘encrypt passwords’ and ‘smb passwd file’ above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
# You can use PAM’s password change control flag for Samba. If
# enabled, then PAM will be used for password changes when requested
# by an SMB client instead of the program listed in passwd program.
# It should be possible to enable this without changing your passwd
# chat parameter for most setups.
pam password change = yes
# Unix users can map to different SMB User names
username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
# of the machine that is connecting
; include = /etc/samba/smb.conf.%m
# This parameter will control whether or not Samba should obey PAM’s
# account and session management directives. The default behavior is
# to use PAM for clear text authentication only and to ignore any
# account or session management. Note that Samba always ignores PAM
# for authentication in the case of encrypt passwords = yes
obey pam restrictions = yes
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Configure remote browse list synchronisation here
# request announcement to, or browse list sync from:
# a specific host or from / to a whole subnet (see below)
; remote browse sync = 192.168.3.25 192.168.5.255
# Cause this host to announce itself to local subnets here
; remote announce = 192.168.1.255 192.168.2.44
# Browser Control Options:
# set local master to no if you don’t want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don’t use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support – Tells the NMBD component of Samba to enable it’s WINS Server
; wins support = yes
# WINS Server – Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy – Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy – tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
dns proxy = no
# Case Preservation can be handy – system default is _no_
# NOTE: These can be set on a per share basis
; preserve case = no
; short preserve case = no
# Default case is normally upper case for all DOS files
; default case = lower
# Be very careful with case sensitivity – it can break things!
; case sensitive = no
#============== Share Definitions ================
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn’t recognize to be mapped to a guest user
; map to guest = bad user
# Un-comment the following and create the netlogon directory for Domain Logons
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user’s home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user ‘guest account’ to print
guest ok = no
writable = no
printable = yes
# Other examples.
#
# A private printer, usable only by fred. Spool data will be placed in fred’s
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
;[fredsprn]
; comment = Fred’s Printer
; valid users = fred
; path = /home/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary’s and Fred’s stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
[redhat]
path = /home/redhat
comment = redhat’s files
public = no
valid users = redhat
write list = redhat
create mask = 0660
directory mask = 0770
最后的这个redhat是自己加的目录,属于自定义的内容目录.
转载于:https://blog.51cto.com/leekwen/500582
Linux系统管理.Samba配置文件相关推荐
- 《Linux系统管理与应用》课程知识点整理+书后习题全文解答(Linux知识点大纲)
目录 第一章:Linux操作系统概述 知识点整理部分 课后习题与参考答案 第二章:Linux系统的环境搭建 知识点整理部分 课后习题与参考答案 第三章:Linux操作基础 知识点整理部分 课后习题与参 ...
- Linux下samba的安装与配置
physique 博客园 首页 新随笔 联系 管理 订阅 随笔- 203 文章- 0 评论- 33 Linux下samba的安装与配置 转载来源:http://blog.chinaunix.net ...
- 尚硅谷 Linux系统管理教程 笔记
目录 Linux简介 Linux的安装 虚拟机配置 系统分区 分区的形式 分区类型 分区格式化 设备文件名 挂载点 Linux的安装 SSH连接 初学注意事项 与WIndwos的区别 Linux服务器 ...
- 做一个好管家 Linux系统管理技巧大荟萃
做一个好管家 Linux系统管理技巧大荟萃 [上海央邦]学一送一,超值! 必读版<十一攻破RHCE6.0.OCP>安博亚威]CCIE考试通过率第一! Cisco网络技术系列讲座 试听一个月 ...
- 4.10 第十三章:Linux系统管理技巧
第十三章:Linux系统管理技巧 13.1监控系统的状态 13.1.1使用w命令查看当前系统的负载 13.1.2用vmstat命令监控系统的状态 13.1.3用top命令显示进程所占的系统资源 13. ...
- linux系统管理学习笔记之三----软件的安装
linux系统管理学习笔记之三----软件的安装 2009-12-29 19:10:02 标签:linux 系统管理 [推送到技术圈] 版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 ...
- ×××linux下samba服务器
一.检查本机是否已安装samba [root@YYzs tmp]# rpm -qa | grep samba samba-winbind-clients-3.5.4-68.el6.i686 samba ...
- linux系统管理学习笔记之一-------linux解压缩命令
linux系统管理学习笔记之一-------linux解压缩命令 2009-12-29 11:52:55 标签:linux tar [推送到技术圈] 版权声明:原创作品,允许转载,转载时请务必以超链接 ...
- 【Linux】 Samba 服务器安装配置实现与Windows系统的文件共享服务
Samba服务器是用来实现Linux与Windows系统之间文件传输服务的,如果经常需要在两个系统之间传送文件,安装Samba并配置共享路径是很有益的 如下是整个详细的配置过程,使用Ubuntu12. ...
- python linux系统管理与自动化运维_《Python Linux系统管理与自动化运维》赖明星著【摘要 书评 在线阅读】-苏宁易购图书...
商品参数 作者: 赖明星著 出版社:机械工业出版社 出版时间:2017-09-01 版次:1 开本:16开 装帧:平装 ISBN:9787111578659 版权提供:机械工业出版社 基本信息 商品名 ...
最新文章
- 线性八叉树_octree八叉树数据结构原理与实现
- 额外篇 | basemap(上)
- ABAP COMMIT WORK关键字在CRM content management应用里的使用场景
- linux 文件 字符集设置,Linux字符集和系统语言设置-LANG,locale,LC_ALL,POSIX等命令及参数详解...
- qt 子窗口写到线程就卡死_QT/C++实现卡通漫画风格化
- c 打印html文档,C# C/S程序使用HTML文件作为打印模板
- 信贷系统学习总结(1)——现金贷之行业概况
- Qt 利用海康摄像头的ISAPI协议进行抓图等操作
- ERROR 1356 (HY000): View 'information_schema. SCHEMATA'
- 远程手机控制开关应用
- 高斯平滑算法 c语言,高斯模糊算法(gaussian)
- java 文字串叠字检查_正则表达式的相关应用
- 升级JDK版本注意事项
- 为什么苹果蓝牙耳机连上还是公放_如何测试蓝牙设备的延时
- chrome 前端开发插件:尺子
- 大学中明白的一百件事情
- postgis导入shp文件失败Shapefile import failed提示dbf file (dbf) can not be opened
- 【Auto.js 】Android 脚本软件 简要介绍及学习资料
- Android Qcom Camx CHI 架构
- 基于Netty最简单的WebSocket通讯