-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathSamba Guide.txt
166 lines (115 loc) · 4.58 KB
/
Samba Guide.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# install samba server(ubuntu)
sudo apt-get install samba samba-common python-glade2
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.org
# install samba server(centos)
sudo yum install samba samba-client samba-common
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.org
# config samba
sudo vim /etc/samba/smb.conf
.....
.....
.....
# enable and restart samba service (ubuntu)
sudo systemctl restart smbd
sudo systemctl enable smbd
# enable and restart samba service (centos)
sudo systemctl restart smb.service nmb.service
sudo systemctl enable smb.service nmb.service
# allow ports through firewall
sudo ufw reload
sudo ufw allow 139/tcp
sudo ufw allow 445/tcp
sudo ufw reload
# create user for samba (ubuntu)
sudo adduser --no-create-home --disabled-password --disabled-login sambausername
sudo smbpasswd -a sambausername
# create user for samba (centos)
sudo useradd --no-create-home metanol-admin
sudo usermod -s /sbin/nologin metanol-admin
sudo smbpasswd -a metanol-admin
# set SELinux to allow folder to be shared (centos)
sudo chcon -t samba_share_t /rbd-metanol-metanol
# access control options
Option Parameters Function Default Scope
admin users string (list of usernames) Users who can perform operations as root None Share
valid users string (list of usernames) Users who can connect to a share None Share
invalid users string (list of usernames) Users who will be denied access to a share None Share
read list string (list of usernames) Users who have read-only access to a writable share None Share
write list string (list of usernames) Users who have read/write access to a read-only share None Share
max connections numeric Maximum number of connections for a share at a given time 0 Share
guest only (only guest) Boolean If yes, allows only guest access no Share
guest account string (name of account) Unix account that will be used for guest access nobody Share
# specifying valid/invalid users/groups
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
If a name is prefixed by an at sign (@), it is interpreted as a group name—with NIS groups searched before Unix groups. If the name is prefixed by a plus sign (+), it is interpreted as the name of a Unix group, and NIS is not searched. If the name is prefixed by an ampersand (&), it is interpreted as an NIS group name rather than as a Unix group name.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
# mount using cifs
sudo mount -t cifs -v //<HOST>/<share> /mnt -o username=root,password=123,iocharset=utf8,sec=ntlm
# mount using cifs in fstab
//servername/sharename /mnt cifs username=root,password=123,iocharset=utf8,sec=ntlm 0 0
# open smbclient shell in linux (Ubuntu)
apt-get install samba-common smbclient cifs-utils
smbclient //<HOST>/<SHARE> -U <username>
[database]
valid users = mary ellen sue &sales +marketing @dbadmin
invalid users = gavin syd dana &techies +&helpdesk
# public share to use with everyone! (writeable)
[global]
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = no
cups options = raw
dns proxy = no
map to guest = bad user
log level = 3
max log size = 10000
workgroup = WORKGROUP
server role = standalone server
[junk]
comment = junk
path = /home/arcana/junk
browsable = yes
writable = yes
guest ok = yes
read only = no
force user = arcana
force group = arcana
[metanol-backup]
comment = metanol backup
path = /rbd-metanol-metanol
browsable = yes
writable = yes
read only = yes
valid users = metanol metanol-admin
write list = metanol-admin
admin users = metanol-admin
guest ok = no
force group = metanol
force user = metanol
# public readonly share to use with everyone! (readonly)
[general]
map to guest = bad user
[junk]
comment = junk
path = /home/arcana/junk
browsable = yes
writable = no
guest ok = yes
read only = yes
force user = arcana
force group = arcana
# create a read/write share for specific users with administrators
[sales]
path = /home/sales
comment = Sedona Real Estate Sales Data
writable = yes
valid users = sofie shelby adilia
admin users = mike
# create a readonly share that only specific users can write to
[sales]
path = /home/sales
comment = Sedona Real Estate Sales Data
read only = yes
write list = sofie shelby