1. 服务端安装rpm软件包
[root@localhost ~]# yum -y install samba
2. 服务端配置Samba
[root@localhost ~]# mkdir /pub
[root@localhost ~]# chmod -R 777 /pub
[root@localhost ~]# mkdir /public
[root@localhost ~]# chmod -R 777 /public/
[root@localhost ~]# echo data > /public/1.txt
[root@localhost ~]# echo data > /pub/2.txt
[root@localhost ~]# vim /etc/samba/smb.conf #修改全局配置并在尾部追加两个模块
[global]
workgroup = SAMBA
security = user
map to guest = Bad User
guest account=Nobody #新添加的 后边有解释
passdb backend = smbpasswd #新添加的
[files]
comment = share files
path = /pub
browseable = yes
writable = yes
public = yes
[check]
comment = share files
path = /public
browseable = yes
writable = yes
public = no
files模块用于验证匿名共享是否OK public字段等于yes
check模块用于验证需要验证的模块是否OK pulic字段等于no
这里写了两个模块,是想说明可以同时分享多个模块
下边添加用于验证Samba服务的用户,主要是给check模块使用
[root@localhost ~]# useradd -M -s /sbin/nologin smb1
[root@localhost ~]# smbpasswd -a smb1 # -a表示添加Samba用户
New SMB password:
Retype new SMB password:
Added user smb1.
map to user默认值是Never 表示不允许使用无效密码的用户登陆
写上它并改为Bad user 表示当用户名存在时,可以使用无效密码
我们使用匿名用户挂载和登陆的时候都是默认用当前系统的登陆用户,
用户是有的,所以想登陆和挂载要设置成这个值
guest account=Nobody 表示如果被认为是访客则账户等同于nobody账户
passdb backend = tdbsam
passdb backend就是用户后台的意思。目前有三种后台:smbpasswd、tdbsam和ldapsam。
一般选择smbpasswd对Samba服务进行管理
3. 服务端调整防火墙和selinux的状态
[root@localhost ~]# firewall-cmd --permanent --add-service=samba
success
[root@localhost ~]# firewall-cmd --permanent --add-service=samba-client
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# setenforce 0
4. 服务端检测并启动服务
[root@localhost ~]# testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[files]"
Processing section "[check]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
printcap name = cups
security = USER
workgroup = SAMBA
idmap config * : backend = tdb
cups options = raw
[homes]
browseable = No
comment = Home Directories
inherit acls = Yes
read only = No
valid users = %S %D%w%S
[printers]
browseable = No
comment = All Printers
create mask = 0600
path = /var/tmp
printable = Yes
[print$]
comment = Printer Drivers
create mask = 0664
directory mask = 0775
force group = @printadmin
path = /var/lib/samba/drivers
write list = @printadmin root
[files]
comment = share files
guest ok = Yes
path = /pub
read only = No
[check]
comment = share files
path = /pub
read only = No
[root@localhost ~]# systemctl start smb
5. 客户端登陆和挂载使用
先验证匿名用户是否可以登陆,遇到输入密码,直接回车即可
[root@localhost ~]# yum -y install samba-client cifs-utils
[root@localhost ~]# smbclient -L 192.168.20.121/files
Enter SAMBA\root's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
files Disk share files
check Disk share files
IPC$ IPC IPC Service (Samba 4.8.3)
Reconnecting with SMB1 for workgroup listing.
Anonymous login successful
Server Comment
--------- -------
Workgroup Master
--------- -------
再测试需要验证的是否OK
[root@localhost ~]# smbclient -U smb1 -L 192.168.20.121/check
Enter SAMBA\smb1's password:
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
files Disk share files
check Disk share files
IPC$ IPC IPC Service (Samba 4.8.3)
smb1 Disk Home Directories
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
下边挂载带验证的模块
[root@localhost ~]# mkdir /yanzheng
[root@localhost ~]# mount -t cifs -o username=smb1 //192.168.20.121/check /yanzheng/
Password for smb1@//192.168.20.121/check: ******
[root@localhost ~]# ls /yanzheng/
1.txt
下边挂载匿名用户的
[root@localhost ~]# mkdir /niming
[root@localhost ~]# mount -t cifs //192.168.20.121/files /niming
Password for root@//192.168.20.121/files:
[root@localhost ~]# ls
anaconda-ks.cfg Documents initial-setup-ks.cfg nginx.conf Pictures Templates
Desktop Downloads Music original-ks.cfg Public Videos
[root@localhost ~]# ls /niming/
2.txt
6. windows系统访问Samba服务
