samba

本文档详细记录了在CentOS服务器上安装Samba,设置开机启动,验证端口开放,创建用户并配置共享,以及在客户端安装samba-client并进行连接的全过程。包括检查smb.conf配置,创建用户目录,通过smbclient进行交互式访问,以及设置挂载共享目录。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

1.服务端安装samba下面所有的包
[root@server ~]# yum -y install samba*
nstalled:
  libldb-devel-2.0.7-3.el8.x86_64                    libtalloc-devel-2.2.0-7.el8.x86_64            libtdb-devel-1.4.2-2.el8.x86_64               libtevent-devel-0.10.0-2.el8.x86_64          
  perl-Algorithm-Diff-1.1903-9.el8.noarch            perl-Archive-Tar-2.30-1.el8.noarch            perl-Compress-Raw-Bzip2-2.081-1.el8.x86_64    perl-Compress-Raw-Zlib-2.081-1.el8.x86_64    
  perl-IO-Compress-2.081-1.el8.noarch                perl-IO-Zlib-1:1.10-416.el8.noarch            perl-Parse-Yapp-1.21-2.el8.noarch             perl-Text-Diff-1.45-2.el8.noarch             
  python3-dns-1.15.0-10.el8.noarch                   python3-ldb-2.0.7-3.el8.x86_64                python3-samba-4.11.2-13.el8.x86_64            python3-talloc-2.2.0-7.el8.x86_64            
  python3-tdb-1.4.2-2.el8.x86_64                     python3-tevent-0.10.0-2.el8.x86_64            samba-4.11.2-13.el8.x86_64                    samba-client-4.11.2-13.el8.x86_64            
  samba-common-tools-4.11.2-13.el8.x86_64            samba-krb5-printing-4.11.2-13.el8.x86_64      samba-libs-4.11.2-13.el8.x86_64               samba-pidl-4.11.2-13.el8.noarch              
  samba-test-4.11.2-13.el8.x86_64                    samba-test-libs-4.11.2-13.el8.x86_64          samba-winbind-4.11.2-13.el8.x86_64            samba-winbind-clients-4.11.2-13.el8.x86_64   
  samba-winbind-krb5-locator-4.11.2-13.el8.x86_64    samba-winbind-modules-4.11.2-13.el8.x86_64   

Complete!

1.1 设置开机自动启动并启动服务
[root@server ~]# systemctl enable smb nmb.service 
Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/nmb.service → /usr/lib/systemd/system/nmb.service.
[root@server ~]# systemctl start smb nmb.service 

1.2 查看TCP端口号是否为139和445
[root@server ~]# ss -antl
State                     Recv-Q                    Send-Q                                       Local Address:Port                                        Peer Address:Port                   
LISTEN                    0                         50                                                 0.0.0.0:139                                              0.0.0.0:*                      
LISTEN                    0                         128                                                0.0.0.0:111                                              0.0.0.0:*                      
LISTEN                    0                         32                                           192.168.122.1:53                                               0.0.0.0:*                      
LISTEN                    0                         128                                                0.0.0.0:22                                               0.0.0.0:*                      
LISTEN                    0                         5                                                127.0.0.1:631                                              0.0.0.0:*                      
LISTEN                    0                         128                                                0.0.0.0:52665                                            0.0.0.0:*                      
LISTEN                    0                         128                                              127.0.0.1:6010                                             0.0.0.0:*                      
LISTEN                    0                         50                                                 0.0.0.0:445                                              0.0.0.0:*                      
1.3 查看UDP端口号是否为137和138
[root@server ~]# ss -anul|grep -E '137|138'
UNCONN   0         0            192.168.122.255:137              0.0.0.0:*      
UNCONN   0         0              192.168.122.1:137              0.0.0.0:*      
UNCONN   0         0            192.168.240.255:137              0.0.0.0:*      
UNCONN   0         0            192.168.240.134:137              0.0.0.0:*      
UNCONN   0         0                    0.0.0.0:137              0.0.0.0:*      
UNCONN   0         0            192.168.122.255:138              0.0.0.0:*      
UNCONN   0         0              192.168.122.1:138              0.0.0.0:*      
UNCONN   0         0            192.168.240.255:138              0.0.0.0:*      
UNCONN   0         0            192.168.240.134:138              0.0.0.0:*      
UNCONN   0         0                    0.0.0.0:138              0.0.0.0:*   
2.客户端只需安装samba-client这个包
[root@client ~]# yum -y install samba-client
Installed:
  samba-client-4.11.2-13.el8.x86_64                                                                                                  

Complete!

3.在服务端上添加一个系统账户feige并为其设置密码
[root@server ~]# useradd -r -M -s /sbin/nologin feige
[root@server ~]# su - feige
su: warning: cannot change directory to /home/feige: No such file or directory
This account is currently not available.
[root@server ~]# smbpasswd -a feige
New SMB password:
Retype new SMB password:
Added user feige.

4.查看smb的配置文件
[root@server ~]# cd /etc/samba/
[root@server samba]# ls
lmhosts  smb.conf  smb.conf.example
[root@server samba]# vim smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
        workgroup = SAMBA
        security = user

        passdb backend = tdbsam

        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes

"smb.conf" 37L, 706C    
5.关闭防火墙并在windows上面访问smb共享账户
[root@server samba]# systemctl restart smb nmb.service 
[root@server samba]# systemctl disable firewalld
[root@server samba]# systemctl stop firewalld
[root@server samba]# setenforce 0
[root@server samba]# vim /etc/selinux/config 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

在这里插入图片描述

6.检查smb.conf配置文件是否有问题
[root@server samba]# testparm 
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
	printcap name = cups
	security = USER
	workgroup = SAMBA
	idmap config * : backend = tdb
	cups options = raw


[homes]
	browseable = No
	comment = Home Directories
	inherit acls = Yes
	read only = No
	valid users = %S %D%w%S

7.创建一个普通账户feige666并为其设置密码进行认证(注:这里创建成功后,需要在windos上面切换用户登陆,并在网络中输入\192.168.240.134,然后进行验证登陆共享账户并创建文件,文件的位置在服务端/home/feige666/里面)
[root@server samba]# useradd feige666
[root@server samba]# smbpasswd -a feige666
New SMB password:
Retype new SMB password:
Added user feige666.

8.在客户端上交互式查看服务端上的共享账户
[root@client ~]# smbclient -L 192.168.240.134 -U feige666
Enter SAMBA\feige666's password: 

	Sharename       Type      Comment
	---------       ----      -------
	IPC$            IPC       IPC Service (Samba 4.11.2)
	feige666        Disk      Home Directories
SMB1 disabled -- no workgroup available

9.在客户端上交互式访问服务端上的共享账户,并创建一个目录123
[root@client ~]# smbclient //192.168.240.134/feige666 -U feige666
Enter SAMBA\feige666's password: 
Try "help" to get a list of possible commands.
smb: \> 
smb: \> mkdir 123
smb: \> ls
  .                                   D        0  Wed Oct 14 00:49:14 2020
  ..                                  D        0  Wed Oct 14 00:16:52 2020
  .mozilla                           DH        0  Mon Aug 31 23:33:34 2020
  .bash_logout                        H       18  Fri Aug 30 13:30:21 2019
  .bash_profile                       H      141  Fri Aug 30 13:30:21 2019
  .bashrc                             H      312  Fri Aug 30 13:30:21 2019
  123                                 D        0  Wed Oct 14 00:49:14 2020

		17811456 blocks of size 1024. 13020704 blocks available

10.在服务端上查看共享账户的目录是否创建成功
[root@server samba]# ls /home/feige666
123

11.在客户端上用挂载的方式将共享目录永久挂载到media里面
[root@client ~]# vim /etc/fstab 
# 
# /etc/fstab
# Created by anaconda on Mon Aug 24 08:47:33 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/rhel-root   /                       xfs     defaults        0 0
UUID=588ba91c-dfe7-423c-80c2-d7c7a0c4a790 /boot                   xfs     defaults        0 0
/dev/mapper/rhel-swap   swap                    swap    defaults        0 0
//192.168.240.134/feige666/media cifs defaults,username=feige666,password=123456  0 0


评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值