#aptitute install samba
To start, no changes are needed in the config file, it is enough to define a password for the service:
#smbpasswd -a [Username]
/etc/samba/smb.conf
interfaces = 192.168.1.0/24 eth0 #we can specify which interface the service will serve on, which can be use a network range instead of an interface.
workgroup = amir/\hossein
hosts allow = 192.168.1.20 192.168.1.21 #we can identify the clients that can receive service.
log file = /var/log/samba/log.%m %m #events related to each client should be kept in a separate file
max log size = 1000 #we can put 0 to remove the limit on the size of the files
invalid users = hossein mohammad #some users can be prevented from entering the system
comment = This is the simple sharing, for hosts
path = /home/my-folder
read only = yes
valid users = root amir mohammad
public = yes
[the-doc] #the file will be shared with this name
comment = This is the simple sharing, for hosts
path = /home/my-doc
guest ok = yes
writable = yes
valid users = root amir mohammad
public = yes
[mypics$] #we use $ to hide the file at the end of it's name
comment = hidden share
path = /home/my-pics
writable = no
[data1]
comment = Data directory
path = /data1
valid users = root,amir,hossein,@officgp #use @ to add group to use file a
browseable = yes
public = yes
read only = no
printable = yes
create mask = 0777
directory = 0777
admin users = root, amir
When the configuration is finished, to see the options and shared files, we do the following:
#testparm
Also, to view the hidden files, we proceed as follows:
\\[SMBServerIPAddress]\secret$
In order to receive Windows shared files in Linux, we must do the following steps:
#apt-get install smbfs
#mount -t smbfs -o username=administrator,password=123qwe //[WinSerIPAddress]/[Foldername] /root/Wind-Share-FIles
You can also get the shared files by placing the mount command in “fstab” every time when the system is loaded.
ow, I want to receive files with the user Amir defined in the server:
#less /etc/passwd |greap amir
amir:x:1000:1000:amir,,,:/home/amir:/bin/bash
USR UID GID
#smbmount //[SrvIPAddress]/data1 /home/share -o username=amir,password=pass123,uid=1000,gid=1000
Joining a Linux client in a Windows domain
At first, We have to make the time zone of the client and the domain controller the same, Which we do in Linux as follows:
#dpkg-reconfiguration tzdata
The Linux client must be able to support the Windows Kerberos protocol:
#apt-get install krb5-clients
/etc/krb5.conf
default_realm = WWW.HOMENETWORKING.COM
[realms]
WWW.HOMENETWORKING.COM = {
kdc = SR1.AMIRMS.COM
admin_server = SR1.HOMENETWORKING.COM
}
[login]
krb4_convert = true
krb4_get_tickets = false
In the next step, we must add the following lines:
/etc/samba/smb.conf
winbind use default domain =yes
realm = HOMENETWORKING.COM
And we edit the following lines and remove them from explanatory mode:
workgroup = AMIRMS
security = ADS
And we remove the following lines from explanatory mode:
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum groups = yes
winbind enum users = yes
Windows domain tips
- A record related to the Windows domain must be created on the DNS server.
- It is necessary to make sure that the revers-zones are created on the DNS server.
- Ensure the access of the domain with your DNS name from the client.
Adding a Linux client to the domain:
#net ads join -U [UserName]
In order to be able to login MS Active Directory users in the Linux client with winbind, I do the following steps:
#apt-get install smbclient win bind
/etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat winbind
#/etc/inir.d/winbind restart
With the following commands, We can see the list of Windows users and groups:
#wbinfo -u
#wbinfo -g
Setting up a Linux domain and Windows client membership
/etc/samba/smb.conf
[global]
workgroup = hossein.com
netbios name = Debian-01
wins support = yes
domain master = auto
domain logons = yes
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g machines %u
security = user
logon path = \\[ServerIPAddress]\myfolder\%U
logon drive = H:
logon home = \\ServerIPAddress]\myfolder
[myfolder]
comment = netlogon
path = /home/my-folder
writable = yes
[netlogon]
comment = netlogon
path = /home/netlogon
writable = yes
The next step is to add the folders and groups we introduced in Samba:
#groupadd machines
#mkdir /home/myfolder
#mkdir /home/netlogon
And then define the Samba user:
#smbpasswd -a root
Wins Server settings on the client
Now we need to introduce Linux as wins server in the Windows client so that the domain can be accessed through its FQDN name.
For this purpose, from the settings section of your Windows network card and
Internet Protocol Version 4 > Advanced, and on the top of the Wins page, add the IP address of your Linux server.
Windows 7 registry settings
Windows 7 is prohibited from joining some domains, to remove this restriction and join the Samba domain, we do the following:
Run > regedit > HKEY_CURRENT_MACHINE\SYSTEM\CCS\Services\Lanmanworkstation\Parameters
In this path, We create a new record named DomainCompatibilityMode of DWORD type and set its value to 1. Then we create another record called DNSNameResolutionRequired and set its value to 0.
#apt-get install swat
#links2 -g 127.0.0.1:901