Host allow = 192.168.1. 192.168.2. 127. ->>>>>This item is very important for security. It strictly limits the scope of Samba that can be accessed. The default is to allow access from all IPs..
Printcap name = /etc/printcap >>>>>>>>>>>>>>Set the printer configuration file path
Load printers = yes >>>>>>>>>>>>>>> Whether to share printers
Printing = cups >Printer type. If the printer used is a Linux standard type, do not change it.
Guest account = pcguest >>>>If you want user `pcguest` to log in as an anonymous user...; remove the previous comment. And make sure there is this user in /etc/passwd. The pcguest here can be changed to the local user set by the user as needed. Professional web teaching site
Loginfile = /var/log/samba/%m.log >>>>>>>>>>>log will create different log files for each login user (Samba user) in this directory.
Passwd Server = >>>>>>>>>Passwd Server. When a user uses linux via Samba from Windows. Automatically transfer the user name and password when logging in to Windows to Samba. Samba then verifies to the windows server whether these two pieces of information are correct. If it is incorrect, a dialog box will appear asking the user to re-enter the user name and password. This password server can be an NT SERVER (usually the primary domain controller) or another Samba Server . So if Security = share, delete the line about the password server. http://www.webjx.com
Password Level -= 8 >>>>>>>>>>>>>Password level setting
Encrypt password = yes >>>>>>>>>>>>>>User password should be encrypted. Because now 98/NT all use encrypted passwords. So to have this item, of course, you can also require the use of unencrypted passwords.
Smb Passwd file = /etc/samba/smbpasswd >>>>When setting the password server to Samba server, you need to use this line to specify the password file to be verified. The most important thing is the path to the password file setting.
Uin passwd sync = yes
Passwd program = /usr/bin/passwd %u >>>>>>>>The next two lines are used to allow the Linux system password to be updated after the WIN password is changed, confirm `encrypt passwords` and `smb passwd file` item is enabled. http://www.webjx.com
Pam password change = yes >>>>>>>>> Use PAM when the user asks to change the password. Do not use the local password program /user/bin/passwd
Username map = /etc/samba/smbusers >>>>>>>>Set the corresponding user name in this file, for example: root=administrator admin, etc. If each windows user has an account in the samba server, you can Not set,
Include = /etc/samba/smb.conf %m >>>>>>>>This line allows users to customize the basic configuration file of each computer. %M represents the name of the computer that NETBIOS is connecting to. Professional web teaching site
Obey pam restrictions = yew >>>>>>>>>> When the user authenticates, obey the management restrictions of PAM.
Socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >>>>>Set the Socket options for the session between the server and the client. This setting will optimize the transmission speed.
Web Teaching Network-Professional web learning site
Interfaces = 192.168.12.2/24 192.168.13.2/24 >>>>>>If multiple network interfaces are used, they must be listed here.
Remote browse sync = 192.168.3.25 192.168.2.255 >>>>>This line and the next line are remote browsing settings
Remote announce = 192.168.1.255 192.168.2.44
# Browser Control Options Browser control options
local master=no
oslevel=33
domain master=yes
preferred master = yes
domain logos = yes
logon script = %M.bat >>>>>>>>>>>>This line and the next line set the login script
logon script = %U.bat
wins support = yes >>>>>>>>>>>wins server support
wins server = wxyz >>>>>>>>>>>wins client settings
wins proxy = yes >>>>>>>>>>>wins proxy settings
dns proxy = no >>>>>>dns proxy setting, the default is not to do DNS query for the client
[homes] >>>>>>>>>> Set up professional web teaching sites for users to access their own directories
browseable = no >>>>>>>>>>User private directory, no need for others to browse
writeable = yes >>>>>>>>>> User’s permission to write to his own directory
[netlogon]
guest OK = yes
share modes = no
[profiles] >>>>>>>>>>Default profiles settings
[printer] >>>>>>>>>Printer settings
path = /var/spool/samba >>>>>>>>>Printer pool (spool) users must create their own directory
browseable = no >>>>>>>>>This line stores the temporary files of the printer
set public = yes to allow user `guest prinr >>>>>If set, the guest user is allowed to use the printer
printable = yes >>>>>>>>>>>>> Whether the user can print
[temp]
read only = no >>>>>>>>>>>>> Whether it is read-only or writable
public = yes >>>>>>>>>>>>> Whether to share
Web Teaching Network-Professional web learning site
Configure share-level servers
workgroup=linux
hosts allow = 192.168.1. If you don’t want to limit it, you can comment it out.
printcap = /etc/printcap
load printers = yes
printers = lprng
guest account = zjz >>>>>>>This requires specifying a user account zjz is a user account that already exists in samba
logfiles = /var/log/samba/%m.log
maxlog size = 50
security=share
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF =8192
Note: Others may be set by default according to smb.conf
Restart service
Test samba command testparm Professional web teaching site
================================================== ====================
Configure USER level server
Modify the basic configuration of the share level:
security=user
Add to:
guest account = zjz
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd >>>>>>>>>After user-level settings are made in the configuration file /etc/smb.conf, the samba password file needs to be set. Establish the smbpasswd account and password. Make it the same as the account and password of /etc/passwd.
Here's how:
1: Create a local account, generate the password folder /etc/passwd, and add all users in /etc/passwd to the /etc/samba/smppassword file
Note: This process is to first create an account and password locally, and then pass the password file to /etc/samba/smbpasswd. The order cannot be reversed. Because the password of the local account and the password of the account in the samba server are different.
#adduser zjz
#passwd zjz
#cat /etc/passwd mksmbpasswd.sh > /etc/samba/smbpasswd
The `/etc/samba/smbpasswd and smbpassspwd and smbpasswd file = /etc/samba/smbpasswd`r paths here must be the same.
2: Use the smbpasswd command to set the samba server password for the account just created. Web teaching
Note: When using the smbpasswd command to modify the user password. The local system user account of the modified samba account must already exist.
#smbpasswd zjz
Restart the samba service. USER level server configuration is complete.
Note: If mutual access between WIN computer and Samba resources cannot be achieved. You can add the other party's host name and IP address to their respective hosts, and then test again: the method is as follows:
Add: win-IP Win hostname (192.168.0.11 mywinpc) in Linux system/etc/hosts
Add: win-IP Win—hostname in Windows system c:windowshosts
Configure server- level servers
Server level security is higher than USER level. Modify based on suer level configuration:
security=server
Add to:
Password server = libtserver >>>>>>>> Password server, here we use the win2k primary domain controller "libserver" as the password server. Of course, you can also use another samba server as the password server.
Comment out smbpasswd file = /etc/samba/smbpasswd
After setting up, use testparm and smbclient commands to debug. In this way, when a win NT/98 computer logs in to the libserver domain server, it also logs in to the Samba Server . However, the user account and password at this time should be the same on libserver and Samba server. If it is a computer that has joined the libserver primary domain controller, you can enter the user account and password to open the Samba Server shared file. Although other computers are on the same network segment as the samba server, if you do not need to log in with the user account and password shared by libtserver and samba server. You cannot access samba.