Samba is the bridge between Linux and Windows. It's thanks to Samba that we can communicate between Linux and Windows.
1, Samba server configuration workflow
(1) Edit the main configuration file, specify the directories that need to be shared, and set sharing permissions for the unshared directories.
(2) Specify the log file name and storage path in the file.
(3) Set the local system permissions for the shared directory.
(4) Reload the configuration file or restart the SMB service to make the configuration take effect.
2. Interpretation of the main configuration file
2.1 Global Settings
(1) Edit the main configuration file, specify the directories that need to be shared, and set sharing permissions for the unshared directories.
(2) Specify the log file name and storage path in the file.
(3) Set the local system permissions for the shared directory.
(4) Reload the configuration file or restart the SMB service to make the configuration take effect.
2.1 Global Settings
Global settings is set to the global variables area.The global variable area is where we can just set the Global is
,Then this setting item is effective for all shared resources
Commonly used fields in [Global] and how to set them are as follows
(1)Setting the workgroup or domain name
A workgroup is a group of computers with equal status in a network. You can set the workgroup or domain name of the workgroup where the Samba server is located by setting the workgroup field.
(2)Setting the Samba server security mode
The Samba server has a total of share, user, andserverThere are five security modes: domain and ads.
2.2 Client Access Control
The hosts allow field defines the clients that are allowed access.
The hosts deny field defines the clients that are denied access.
3. The most commonly used fields
(1)Setting the share name。
Format:
[share name]
(2)Shared Resource Description。
comment = comment information
(3)Shared Resource Path。
path = absolute path to the resource
(4)Setting up anonymous access。
public = yes //Allow anonymous access
public = no //Anonymous access not allowed
(5)Setting up access users。
valid users = username
valid users = @group name
valid users = @group name, username
(6) Setting a directory to be read-only。
read only = yes //read-only (computing)
read only = no //fill out or in (information on a form)
(7)Setting the directory writable
writable = yes //read and write
writable = no //read only
4. Samba service password file
After the samba server publishes a shared resourceIf the client accesses the samba server, it needs to submit its user name and password for authentication, and can log in only if it passes the authentication.
. The Samba server, in order to implement the client authentication feature, will beUsernames and passwords are stored in /etc/samba/smbpasswd
In the client access, the information submitted by the user is compared with the information stored in smbpasswd, and if it is the same, the connection between the client and the samba server can be established successfully.
After creating the account we use the following command to create an account in the samba service
useradd cyh //create a system account
passwd cyh //Set password
smbpasswd -a cyh //create samba service account -a is to add samba user
5. Share server example analysis
1. Create a share directory and create test files under it
mkdir /share
toch /share/toto
2. Modify the main samba configuration file
[global]
workgroup = SAMBA
security = user
map to guest = bad user
guest ok = yes
[public]
path = /share
browseable = yes
public = yes
3. Modify the owner and permissions of the file /share
[root@localhost ~]# mkdir /opt/samba
[root@localhost ~]# chmod 777 /opt/samba
[root@localhost ~]# chown /opt/samba
nobody is a non-loginable account in linux, special user
4. Reload the configuration file
[root@localhost ~]# systemctl restart smb nmb
The NMB service is responsible for resolving files, similar to what DNS does, NMB can match the name of a shared workgroup with the IP of the Linux system.
If the NMB service is not started, you can only access the shared files via IP, listening on UDP ports 137 and 138.
5. Turn off the firewall and disable selinux
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
6. samba server client configuration
We can use two different methods to log in to the samba server between the windows client and the linux client
6.1 Linux client access to Samba server
install -y samba-client //The client package needs to be downloaded.
You can list the list of shared directories of the target host.
The format is as follows:
smbclient -L Destination IP address -U Login username //If you do not specify a user, the default is an anonymous user.
Command line shared access mode to browse shared profiles.
The format is as follows:
smbclient //target IP address or hostname/shared directory -U username % password
7. Use windows client to access Samba shared directory
Method 1: windows+R
Method 2: This computer > mapping network drives