Configuration tutorial of samba server on Linux system

Time:2021-12-5

Step 1:

Enter the / etc / Samba directory, back up smb.conf, delete this file, and re-establish one yourself. Enter the following

 

Copy code

The code is as follows:

[global]
workgroup = WORKGROUP
NetBIOS name = www.e2fsck.org # here is the key point. This name should be the same as the machine name. This name should be used for remote access
server string = e2fsck is samba server
security = share</p>
Disable spool = yes # hides the printer
Cups options = raw # printer type</p>
dos charset =GBK
display charset = utf8
client lanman auth = yes
client plaintext auth = yes</p>
path = /var/wujie
writeable = yes
browseable = yes
guest ok = yes

Briefly explain the above content [global] global configuration, which must be available. The first three lines show what is said. If security is share, the account password is not used. If it is user, it is to be verified.

[WuJie] this is the shared directory displayed on the client. Path is the shared path. Guest OK is yes, which means authentication is not required.

 

Step 2:

Create a folder called WuJie in the / var / directory to be used as a shared folder

 

Copy code

The code is as follows:

[[email protected] ~]# id nobody
uid=99(nobody) gid=99(nobody) groups=99(nobody)</p>
<p>[[email protected] ~]# chown -R nobody:nobody /var/wujie

OK, then restart the SMB server service SMB restart and service NMB start. A simple shared server without verification is done.

Step 3: make a shared server that requires an account password

1. First use the command useradd WuJie – S / SBIN / nologin (the system establishes an account called WuJie and cannot log in to the system)

2. Then use the command smbpasswd – a WuJie (use this command to add an SMB account called WuJie)

3. Chown WuJie: WuJie / var / WuJie (allow the WuJie account to have permission to use the directory / var / WuJie)

4. Then modify / etc / Samba / smb.conf:

Copy code

The code is as follows:

[global]
Workgroup = workgroup / / used to specify the NT domain name on the network of your machine
NetBIOS name = www.e2fsck. Org / / host name, the address used to access, which is important
server string = e2fsck is samba server
Guest account = WuJie / / if you want to create an account, fill in the user name again and add the account in / etc / passwd. Otherwise, use the default ‘nobody’ as the account
security = user

//This is the security level of the samba server. The default is user level. Samba has four security levels.

1. Share level, sharing security level. Users can log in without entering an account and password

2. User level, user security level. Users need an account and password to log in

3. Server level, server security level. You can specify another Samba server to check the password

4. Domain domain security level, you need to specify a server such as XP to verify the user password

Copy code

The code is as follows:

unix charset = utf8
dos charset = GBK
display charset = utf8
client lanman auth = yes
client plaintext auth = yes

Copy code

The code is as follows:

[wujie]
path = /var/wujie
writeable = yes
browseable = yes
Guest OK = no / / the user needs a password, and yes means no password (matching the security level above)</p>
create mask = 0777

It mainly changes security to user guest and OK to No

5. Finally, service SMB restart and service NMB start are used as a shared file server with command access

6. If the firewall is turned on, turn it on

Copy code

The code is as follows:

[[email protected] ~]# iptables -A INPUT -p tcp –dport 139 -j ACCEPT
[[email protected] ~]# iptables -A INPUT -p tcp –dport 445 -j ACCEPT
[[email protected] ~]# iptables -A INPUT -p udp –dport 137 -j ACCEPT
[[email protected] ~]# iptables -A INPUT -p udp –dport 138 -j ACCEPT</p>
<p>[[email protected] ~]# iptables -A INPUT -i lo -j ACCEPT