宜蘭縣教育支援平台 會員登入 會員註冊 我的i教書

« 上一篇 | 下一篇 »

1. 搜尋 Samba 套件
# yum search samba | grep ^samba
samba-client.x86_64 : Samba client programs
samba-common.i686 : Files used by both Samba servers and clients
samba-common.x86_64 : Files used by both Samba servers and clients
samba-doc.x86_64 : Documentation for the Samba suite
samba-glusterfs.x86_64 : Samba VFS module for GlusterFS
samba-swat.x86_64 : The Samba SMB server Web configuration program
samba-winbind.x86_64 : Samba winbind
samba-winbind-clients.i686 : Samba winbind clients
samba-winbind-clients.x86_64 : Samba winbind clients
samba-winbind-krb5-locator.x86_64 : Samba winbind krb5 locator
samba4-client.x86_64 : Samba client programs
samba4-common.x86_64 : Files used by both Samba servers and clients
samba4-devel.x86_64 : Developer tools for Samba libraries
samba4-libs.x86_64 : Samba libraries
samba4-python.x86_64 : Samba Python libraries
samba4-test.x86_64 : Testing tools for Samba servers and clients
samba4-winbind.x86_64 : Samba winbind
samba4-winbind-clients.x86_64 : Samba winbind clients
samba4-winbind-krb5-locator.x86_64 : Samba winbind krb5 locator
samba.x86_64 : Server and Client software to interoperate with Windows machines
samba-domainjoin-gui.x86_64 : Domainjoin GUI
samba-winbind-devel.i686 : Developer tools for the winbind library
samba-winbind-devel.x86_64 : Developer tools for the winbind library
samba4.x86_64 : Server and Client software to interoperate with Windows machines
samba4-dc.x86_64 : AD Domain Controller placeholder package.
samba4-dc-libs.x86_64 : AD Domain Controller libraries placeholder package.
samba4-pidl.x86_64 : Perl IDL compiler

2. 安裝 Samba 4
# yum install -y samba4

3. 修改 /etc/samba/smb.conf 設定檔
# cat /etc/samba/smb.conf | grep -E -v '^#|^;'
[global]
        workgroup = HOME
        server string = Samba Server Version %v
        # log files split per-machine:
        log file = /var/log/samba/log.%m
        # maximum size of 50KB per log file, then rotate:
        max log size = 50

        security = user
        passdb backend = tdbsam

[homes]
        comment = Home Directories
        browseable = no
        writable = yes
        valid users = %S
        create mode = 0664
        directory mode = 0775
        veto files=/.*/

4. 測試設定檔
# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
        workgroup = HOME
        server string = Samba Server Version %v
        security = USER
        log file = /var/log/samba/log.%m
        max log size = 50
        idmap config * : backend = tdb

[homes]
        comment = Home Directories
        valid users = %S
        read only = No
        create mask = 0664
        directory mask = 0775
        veto files = /.*/
        browseable = No

5. 建立使用者 Samba 密碼
# /usr/bin/pdbedit -a t850008
new password:
retype new password:
Unix username:        t850008
NT username:
Account Flags:        [U          ]
User SID:             S-1-5-21-1562595748-815096285-1647261660-1000
Primary Group SID:    S-1-5-21-1562595748-815096285-1647261660-513
Full Name:
Home Directory:       \\localhost\t850008
HomeDir Drive:
Logon Script:
Profile Path:         \\localhost\t850008\profile
Domain:               LOCALHOST
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Wed, 06 Feb 2036 23:06:39 CST
Kickoff time:         Wed, 06 Feb 2036 23:06:39 CST
Password last set:    Wed, 29 Jun 2016 09:06:19 CST
Password can change:  Wed, 29 Jun 2016 09:06:19 CST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

6. SELinux 在 Samba Server 上的設定
# setsebool -P samba_enable_home_dirs on
# chcon -R -t samba_share_t /home/homework
# chcon -R -t samba_share_t /home/share

7. 啟動 Samba Server
# /etc/init.d/smb start
# /etc/init.d/nmb start

8. 檢查 Samba Server 是否有正常啟動
# netstat -an | grep -E ':137|:138|:139|:445'
tcp        0      0 0.0.0.0:445                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:139                 0.0.0.0:*                   LISTEN
tcp        0      0 :::445                      :::*                        LISTEN
tcp        0      0 :::139                      :::*                        LISTEN
udp        0      0 0.0.0.0:137                 0.0.0.0:*
udp        0      0 0.0.0.0:138                 0.0.0.0:*

9. 設定開機時啟動 Samba Server
# chkconfig --level 3 smb on
# chkconfig --level 3 nmb on

10. 防火牆上的設定
防火牆設定 設定內部網路 IP 192.168.1.0/24
# iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
# iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
# iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
# iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
# iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -m udp -p udp --dport 445 -j ACCEPT




 
 
 
用LINE傳送

發表迴響

 暱稱 (必填)

 悄悄話

 標題

 個人網頁

 電子郵件

authimage 
 認證碼 (必填)