File Sharing with Samba

#aptitute install samba

To start, no changes are needed in the config file, it is enough to define a password for the service:

#smbpasswd -a [Username]

/etc/samba/smb.conf

interfaces = 192.168.1.0/24 eth0    #we can specify which interface the service will serve on, which can be use a network range instead of an interface.
workgroup = amir/\hossein
hosts allow = 192.168.1.20 192.168.1.21    #we can identify the clients that can receive service.
log file = /var/log/samba/log.%m %m   #events related to each client should be kept in a separate file
max log size = 1000   #we can put 0 to remove the limit on the size of the files
invalid users = hossein mohammad   #some users can be prevented from entering the system

comment = This is the simple sharing, for hosts
   path = /home/my-folder
   read only = yes
   valid users = root amir mohammad
   public = yes

[the-doc]   #the file will be shared with this name
    comment = This is the simple sharing, for hosts
    path = /home/my-doc
    guest ok = yes
    writable = yes
    valid users = root amir mohammad
    public = yes

[mypics$]   #we use $ to hide the file at the end of it's name
    comment = hidden share
    path = /home/my-pics
    writable = no

[data1]
         comment = Data directory
         path = /data1
         valid users = root,amir,hossein,@officgp   #use @ to add group to use file a
         browseable = yes
public = yes
         read only = no
         printable = yes
         create mask = 0777
         directory = 0777
         admin users = root, amir

When the configuration is finished, to see the options and shared files, we do the following:

#testparm

Also, to view the hidden files, we proceed as follows:

\\[SMBServerIPAddress]\secret$

In order to receive Windows shared files in Linux, we must do the following steps:

#apt-get install smbfs

#mount -t smbfs -o username=administrator,password=123qwe //[WinSerIPAddress]/[Foldername] /root/Wind-Share-FIles

You can also get the shared files by placing the mount command in “fstab” every time when the system is loaded.

ow, I want to receive files with the user Amir defined in the server:

#less /etc/passwd |greap amir
amir:x:1000:1000:amir,,,:/home/amir:/bin/bash     
USR          UID   GID

#smbmount //[SrvIPAddress]/data1 /home/share -o username=amir,password=pass123,uid=1000,gid=1000

Joining a Linux client in a Windows domain

At first, We have to make the time zone of the client and the domain controller the same, Which we do in Linux as follows:

#dpkg-reconfiguration tzdata

The Linux client must be able to support the Windows Kerberos protocol:

#apt-get install krb5-clients

/etc/krb5.conf

default_realm = WWW.HOMENETWORKING.COM

[realms]
        WWW.HOMENETWORKING.COM = {
                kdc = SR1.AMIRMS.COM
                admin_server = SR1.HOMENETWORKING.COM
        }

[login]
        krb4_convert = true
        krb4_get_tickets = false

In the next step, we must add the following lines:

/etc/samba/smb.conf

winbind use default domain =yes
realm = HOMENETWORKING.COM

And we edit the following lines and remove them from explanatory mode:

workgroup = AMIRMS
security = ADS

And we remove the following lines from explanatory mode:

idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash

winbind enum groups = yes
winbind enum users = yes

Windows domain tips

• A record related to the Windows domain must be created on the DNS server.
• It is necessary to make sure that the revers-zones are created on the DNS server.
• Ensure the access of the domain with your DNS name from the client.

Adding a Linux client to the domain:

#net ads join -U [UserName]

In order to be able to login MS Active Directory users in the Linux client with winbind, I do the following steps:

#apt-get install smbclient win bind

/etc/nsswitch.conf

passwd:         compat winbind
group:          compat winbind
shadow:         compat winbind

#/etc/inir.d/winbind restart

With the following commands, We can see the list of Windows users and groups:

#wbinfo -u
#wbinfo -g

Setting up a Linux domain and Windows client membership

 /etc/samba/smb.conf

[global]
workgroup = hossein.com
netbios name = Debian-01
wins support = yes
domain master = auto
domain logons = yes
add machine script  = /usr/sbin/useradd -s /bin/false -d /dev/null -g machines %u
security = user
logon path = \\[ServerIPAddress]\myfolder\%U
   logon drive = H:
   logon home = \\ServerIPAddress]\myfolder
[myfolder]
   comment = netlogon
   path = /home/my-folder
   writable = yes

[netlogon]
   comment = netlogon
   path = /home/netlogon
   writable = yes

The next step is to add the folders and groups we introduced in Samba:

#groupadd machines
#mkdir /home/myfolder
#mkdir /home/netlogon

And then define the Samba user:

#smbpasswd -a root

Wins Server settings on the client

Now we need to introduce Linux as wins server in the Windows client so that the domain can be accessed through its FQDN name.
For this purpose, from the settings section of your Windows network card and
Internet Protocol Version 4 > Advanced, and on the top of the Wins page, add the IP address of your Linux server.

Windows 7 registry settings
Windows 7 is prohibited from joining some domains, to remove this restriction and join the Samba domain, we do the following:
Run > regedit > HKEY_CURRENT_MACHINE\SYSTEM\CCS\Services\Lanmanworkstation\Parameters
In this path, We create a new record named DomainCompatibilityMode of DWORD type and set its value to 1. Then we create another record called DNSNameResolutionRequired and set its value to 0.

#apt-get install swat
#links2 -g 127.0.0.1:901