File and Print Services for Microsoft® Windows® Clients (Samba)
2016-01-07 12:17
369 查看
28.10. File and Print Services for Microsoft® Windows® Clients (Samba)
Samba is a popular open source software package that provides file and print services using the SMB/CIFS protocol. This protocol is built into Microsoft® Windows®systems. It can be added to non-Microsoft® Windows® systems by installing the Samba client libraries. The protocol allows clients to access shared data and printers.
These shares can be mapped as a local disk drive and shared printers can be used as if they were local printers.
On FreeBSD, the Samba client libraries can be installed using the net/samba-smbclient port
or package. The client provides the ability for a FreeBSD system to accessSMB/CIFS shares in a Microsoft® Windows® network.
A FreeBSD system can also be configured to act as a Samba server. This allows the administrator to create SMB/CIFS shares on the FreeBSD system which can be accessed by clients running Microsoft® Windows®
or the Samba client libraries. In order to configure a Samba server on FreeBSD, the net/samba36 port
or package must first be installed. The rest of this section provides an overview of how to configure a Samba server on FreeBSD.
28.10.1. Configuration
A default Samba configuration file is installed as /usr/local/share/examples/samba36/smb.conf.default. This file must be copied to
/usr/local/etc/smb.confand
customized before Sambacan be used.
Runtime configuration information for Samba is found in
smb.conf, such as definitions of the printers and “file system shares” that
will be shared with Windows® clients. The Samba package includes a web based tool called swat which provides a simple way for configuring
smb.conf.
28.10.1.1. Using the Samba Web Administration Tool (SWAT)
The Samba Web Administration Tool (SWAT) runs as a daemon from inetd. Therefore, inetd must be enabled as shown in Section 28.2,“The inetd Super-Server”. To enableswat, uncomment the following line in
/etc/inetd.conf:
swat stream tcp nowait/400 root /usr/local/sbin/swat swat
As explained in Example 28.1,
“Reloading the inetd Configuration File”, the inetd configuration must be reloaded after this configuration file is changed.
Once swat has been enabled, use a web browser to connect to
http://localhost:901. At first
login, enter the credentials for
root.
Once logged in, the main Samba configuration page and the system documentation will be available. Begin configuration by clicking on the Globals tab. The Globals section
corresponds to the variables that are set in the
[global]section of
/usr/local/etc/smb.conf.
28.10.1.2. Global Settings
Whether swat is used or /usr/local/etc/smb.confis edited directly, the first directives encountered when configuring Samba are:
workgroup
The domain name or workgroup name for the computers that will be accessing this server.
netbios name
The NetBIOS name by which a Samba server is known. By default it is the same as the first component of the host's DNS name.
server string
The string that will be displayed in the output of
net viewand some other networking tools that seek to display descriptive text about the server.
28.10.1.3. Security Settings
Two of the most important settings in /usr/local/etc/smb.confare the security model and the backend password format for client users. The following directives control these options:
security
The two most common options are
security = shareand
security = user. If the clients use usernames that are the same as their usernames on the FreeBSD machine, user level security should be used.
This is the default security policy and it requires clients to first log on before they can access shared resources.
In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource. This was the default security model for older versions of Samba.
passdb backend
Samba has several different backend authentication models. Clients may be authenticated with LDAP, NIS+, an SQL database, or a modified password file. The default authentication method is
smbpasswd,
and that is all that will be covered here.
Assuming that the default
smbpasswdbackend is used,
/usr/local/etc/samba/smbpasswdmust be created to allow Samba to authenticate clients.
To provide UNIX® user accounts access from Windows® clients, use the following command to add each required user to that file:
#
smbpasswd -a[/code]username
Note:
The recommended backend is nowtdbsam. If this backend is selected, use the following command to add user accounts:
#
pdbedit -a -u[/code]username
This section has only mentioned the most commonly used settings. Refer to the Official Samba HOWTO for additional
information about the available configuration options.
28.10.2. Starting Samba
To enable Samba at boot time, add the following line to /etc/rc.conf:
samba_enable="YES"
Alternately, its services can be started separately:
nmbd_enable="YES"
smbd_enable="YES"
To start Samba now:
#
service samba start
Starting SAMBA: removing stale tdbs :
Starting nmbd.
Starting smbd.[/code]
Samba consists of three separate daemons. Both the nmbd and smbd daemons are started by
samba_enable. If winbind name resolution
services are enabled in
smb.conf, thewinbindd daemon is started as well.
Samba may be stopped at any time by typing:
#
service samba stop[/code]
Samba is a complex software suite with functionality that allows broad integration with Microsoft® Windows® networks. For more information about functionality
beyond the basic configuration described here, refer to
http://www.samba.org.
相关文章推荐
- Samba NT Domain Controller
- RHE5服务器配置-搭建Samba服务器步骤(图)
- samba不允许一个用户使用一个以上用户名与一个服务器或共享资源的多重连接
- Linux和Windows 文件共享
- 在linux上安装配置samba服务器
- Samba配置文件常用参数详解
- Linux下的网络邻居Samba
- Samba 的配置
- Samba经典案例完全解读(2009年3月最新)
- 使用samba将linux主机加入AD域
- SAMBA的一些特殊设置
- samba-2.2.8 < remote root exploit
- samba服务配置
- samba
- 终于实现samba可写不可删除
- samba使用大全----服务器
- samba的安装(tar.gz方式) (转载)
- Samba修改密码
- Samba服务搭建
- Linux下samba源码安装(非RPM包)