DuyMinh Software
Bạn có muốn phản ứng với tin nhắn này? Vui lòng đăng ký diễn đàn trong một vài cú nhấp chuột hoặc đăng nhập để tiếp tục.
Tìm kiếm
 
 

Display results as :
 


Rechercher Advanced Search

Liên kết
DuyMinh Software
Minh Hoang HiTech
Music

What is SAMBA?

Go down

What is SAMBA? Empty What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:03 pm

When you connect a Linux machine and a Microsoft Windows machine to the same Local Area Network, they may not automatically see each other. That is, the Linux machine won’t show up in Windows’ Network Neighborhood nor will the Windows disks be available under Linux. Samba changes that — with it, you can quite easily do both.

The name “samba” comes from the protocol used in Microsoft’s Network Neighborhood, which was originally called Server Message Block or SMB. “Samba” is reverse-engineered software, developed from scratch, that allows other operating systems (Unix, Linux, VMS, Macs, whatever) to connect to a Network Neighborhood. (A “protocol” is just a well-defined way of doing something.)

SMB is also known under the old name NetBIOS, or the new buzzword CIFS, for “Common Internet File Standard.” A Mac running OS X will ask you if you want to access “SMB/CIFS shares.” Same thing, but nicely automated. My new copy of Leopard found every machine on my home network, including a standalone Iomega network hard drive, with no prompting at all.


You can also use SMB to share Windows printers or other Windows services; we’re not going to get into that here, but CUPS (the Common Unix Printer Standard) makes it pretty painless. See the references section for more information.

What SAMBA is not
Samba is not a way to share your Internet connection. I’ve documented that elsewhere.

Samba is not a safe way to share files over the Internet. You should take serious steps to keep a Network Neighborhood connection from leaking out of your LAN onto the Internet — if you followed the recommended steps when setting up IP Masquerade, you will not be forwarding the SMB ports to the Internet. (This is the same trick that keeps SMB from dialing your modem over and over again.) It is essential to block these ports in order to protect your Windows “shares” from rude strangers.

Samba is two things
As hinted above, samba is really two separate things. You can enable one part without the other, so let’s start with the easy part: attaching a shared Windows disk, or “share,” to your Linux machine.

“Mounting” a disk
“Mounting” a drive is the act of making the operating system aware that it is available to be used. Think about a floppy drive — it doesn’t work if you don’t stick a disk in, right? When you do that, the operating system has to notice it, and then “do something” about it. There is actually a little switch that the drive uses to signal the motherboard that “media has been inserted.” From there it’s a short step to doing something about it, such as “Display an updated directory listing for the A: drive.”

But Linux doesn’t have drive letters (and no, it’s not limited to 26 disks and disk partitions, either). Instead of a “C:” drive, Linux has a filesystem, where all of its disks and partitions reside. The filesystem has a tree structure, meaning that it starts from a “root” directory, and all other devices branch out from that point.

The root directory is symbolized by the single slash character, “/”. You can then have an unlimited number of other partitions or physical disks mounted beneath the root. A device is mounted at a mount point which is simply a directory; it acts as a label, a named location, so you can find the new branch of the filesystem tree. To add a new disk you make sure there is a directory to act as a mount point — create one if necessary — then use the mount command.

See the Unix 101 page for more about the mount command.

The root filesystem is mounted for you when Linux boots. You probably mount some other partitions as well, depending on how you set up your Linux installation.

You have probably mounted cdrom disks or floppy disks; you can also mount local hard drives. (Yes, drives, plural.) But a disk doesn’t have to be physically present on the Linux computer — you can also mount network disks, connected by any of a number of different protocols such as NFS (Network File System), AFS (Andrew File System), even Appletalk — or, of course, our current topic of interest, SMB.

As a Microsoft user, you may think the need to run the mount command is strange; it may seem natural that your PC “knows” when a new CD or floppy has been slipped into a drive. Well, without making a big fuss, let’s just say that in the Unix world some of us prefer not to take those things for granted. You can automate the mounting of floppies and CDs; look around for information on “automount”.

On the Windows side…
We have to start somewhere, and in this case we’re assuming that you have established networking on your Windows PC. There are several “layers” of networking available to you in the Network section of the Windows Control Panel, but for our purposes there are two that matter. You need to enable TCP/IP networking as (one of) your available protocols, and you need to turn on Microsoft networking. The details vary between the different versions of Windows.

Of course, even if you’re networking two Windows PCs, you can’t connect to a drive unless it has been “shared.” So: Pick a drive in Windows Explorer and right-click on it to get the context menu. One of the items on that menu will be “Sharing”. If there is a little “hand” icon holding up the disk, there is some form of sharing enabled; but you ought to verify whether it is read-only or read-and-write, and whether there is more than one password set on the share. It makes sense to try to protect your information as much as possible; don’t give write access to the share if read-only access is good enough.

The more things change… Okay, you’re probably running XP rather than Windows 98, so where it says “Network Neighborhood” below, replace that with “Microsoft Windows Network”, which is under “Network Places,” “Entire Network.” It’s the same darn thing.

If you have more than one Windows machine, you can verify that they show up in each others’ Network Neighborhood and that you can connect to each others’ shared directories or shared disks (referred to as “shares”). If that is the case, you’re ready to add Linux to the mix. If not, you need to work on your Windows settings a bit more — Linux is good, but you can hardly expect it to make a Windows-style connection if Windows itself can’t!

For what it’s worth, back when I still had a Windows for Workgroups 3.11 box on my LAN, I had a problem with shared machines “disappearing” from (what later became) the Network Neighborhood. Someone suggested, and I confirmed, that if you eliminate all references to the NetBEUI protocol in the Network applet of Control Panel, you can still share Windows resources over TCP/IP, and everything is much more stable. I still do it that way, and I recommend it to anyone who is having a problem. Even without adding Linux to the mix, my Windows LAN runs much more smoothly as a pure TCP/IP network.

(NetBIOS and NetBEUI are not the same thing! You need NetBIOS support to use samba, or to share Win9x machines; but you do not need NetBEUI unless you want to include plain MS-DOS machines in your networking plans. Even I’m not that old-fashioned.)
Kernel support

To use samba, you must have samba support available in your Linux kernel. You have two choices: compile it in, or enable the “hooks” in your kernel configuration that accept loadable modules, and compile support for smbfs as a module. It’s just another type of filesystem as far as Linux is concerned. The program that actually “mounts” the shared drive is called smbmount. The syntax of the command line used by smbmount changed slightly over the various versions (Microsoft has been a “moving target”, what with MS Windows 95, 98, NT, 2000, ME, and XP… and now 2003); but it will look like one of these — and yes, two of them are the same. For the purpose of the example, //winbox is the name of the Windows machine — its Network Neighborhood or NetBIOS name. /C is its shared “C:” drive, the “share name.” /mnt/win is the Linux mount point — an empty directory created just as a place to mount the share. If you are already using /mnt to mount another device, you may need to use a different mount point. Let’s say you decide to use /win; to do that, create the new mount point by typing mkdir /win as root. You only have to do that once, and only if it doesn’t already exist. In that case you’d replace ‘/mnt/win’ with ‘/win’ in the examples below.

% smbmount //winbox/c /mnt/win # samba version 2.05 - 2.09
% smbmount //winbox/c -c "mount /mnt/win" # version 2.04
% smbmount //winbox/c /mnt/win # samba versions < 2.04


What’s with that alternate form? For a relatively short time, someone thought it would be cool to use the “real” Linux mount command, and so smbmount became a mere shell that called another program. It didn’t last. Try the other, more intuitive form of the command first. If it fails, try the alternate form — but if that one works, you should upgrade your samba package, because you have an old one with many known problems.


If you’re running this as root, as is necessary with most commands that mount filesystems, you’ll need to tell smbmount what username to use on the MS Windows box. I’m assuming you don’t have a Windows user named “root”! So you may want to export your Windows username in the variable USER before you give the smbmount command, like so:

% export USER=WINUSER
% smbmount //winbox/c /mnt/win


(This assumes WINUSER is a valid login name on the machine Winbox.) You can also pass the username as a parameter on the same line as the smbmount command, like so:

% smbmount //winbox/c /mnt/win -U=WINUSER

Or you can enter it this way, which is about like putting a “kick me!” sign on your own back:

% smbmount //WINUSER:MYPASS@workgroup/winbox/c /mnt/win

In the other formats, smbmount will ask for your Windows password. In this one, it doesn’t, which makes it somewhat more useful in scripts. It’s not such a good idea from the command line (for one thing, if you’re using a shell that keeps a “history” such as bash, it ends up in your command history, and it’s in plain text.) I recommend you use the approach that requires you to key it in when prompted; it should not echo on the screen.

The MS Windows disk is now mounted and is visible to Linux the same as any other filesystem. You can cd /mnt/win, you can use Linux tools such as ls or grep, and you can cp or mv files between your Linux partitions and the MS Windows shared disk, in either direction. (You can also shoot yourself in the foot with good old rm -rf — I can testify from experience that this will work quite well enough to destroy a Windows installation.)
One down, one to go

Okay, we can see a Windows disk from our Linux box! What about going the other way?

To make our Linux machine show up in the Network Neighborhood, we have to run not just one but two services. One of them is a naming service called named, for “name daemon.” The other is the SMB service itself, smbd. These are usually handled by a single startup script, which is invoked at system startup. Look for it under the /etc directory, perhaps as /etc/rc3.d/S99samba, or /etc/init.d/rc.local/samba. You can also run it manually by typing the full name of the script and a parameter such as “start” or “stop”:

/etc/rc3.d/S99samba start

In the examples below, the Samba team use # to mark their comments, and a semicolon ; to comment out (turn off) lines of code. Using two different comment markers makes it easier to turn options on and off, and not mix them up with comments that are for humans only. Removing a semicolon makes that code line active, but removing a # will probably break something.

Before you turn on samba, though, you need to look through the smbd configuration file, /etc/smb.conf (It’s a plain-text file, and it is full of informative comments, so don’t be intimidated by it.) You can get more help by looking at the man (or manual pages) for the smb tools. To get a list of the man pages available to you, the command man -k or its alias, apropos is useful. (”Apropos” is just a fancy way of saying “about” — so apropos smb is just French for “tell me about smb”. Try apropos smb and also apropos samba. This will list all the man pages that mention the string “smb” or “samba” in their one-line descriptions.)

You can configure smbd to make your Linux box look just like a full-blown Windows NT domain controller. Our example will be a more modest goal: to get the Linux machine to show up in our Network Neighborhood and to offer a directory or two as a Windows share.

With that in mind, here is a partial selection of lines from a couple of my smb.conf files, with some notes in addition to the comments that were part of the original file as installed by the samba distribution RPM.

Example one - Linux notebook on a Windows 98 Workgroup

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example.
workgroup = BRASSHAT
server string = STINGER
hosts allow = 192.168.32. 127.
security = user
# Essential to using Samba with Windows 98 or NT 4.0:
encrypt passwords = yes
# You'll need to create this file by running "smbpasswd -c someuser" --
# see more about that below:
smb passwd file = /etc/smbpasswd
# Unix users can map to different SMB User names
username map = /etc/smbusers
local master = no
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
; wins support = no
# The line above is turned off by the leading ;

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups.
dns proxy = yes

#============================ Share Definitions =========================
[homes]
# Basically, give each user who has a Linux account the ability to see
# her directory from her Windows box as a "share":
comment = Home Directories
browseable = no
writable = yes


That’s (most of) the smb.conf I use when I’m at home. At a recent assignment, though, I needed to share my notebook on a Windows NT domain, rather than a Windows 98 Workgroup, and so I had to make some temporary changes to support that environment:


Example two - Linux notebook on a Windows NT Domain

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page yada yada yada
#======================= Global Settings ===============================
[global]

# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MYCLIENT-HQ

# server string is the equivalent of the NT Description field
server string = BRASSMAN (consultant)

# Client has a complex LAN with three separate networks plus localhost:
hosts allow = 192.168.1. 192.168.2. 192.168.3. 127.

# And to get along with the NT "Primary Domain Controller", we
# need to set:
security = server

# Use password server option only with security = server
password server = THE-PDC

# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/smbpasswd

# Unix users can map to different SMB User names
username map = /etc/smbusers

# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# Cause this host to announce itself to local subnets here
remote announce = 192.168.1.255 192.168.2.63
# Note that the second subnet is not a whole Class C! That's legal.

# Use only if you have an NT server on your network that has been
# configured at install time to be a primary domain controller.
; domain controller = THE-PDC
# I had this commented out, and things seemed to work without it.

# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per username
logon script = %U.bat

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
; wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
wins server = 192.168.1.110
# Above address was provided by the NT admin.


The main difference between a Workgroup and a Domain, at least for our purposes, is that domains have “domain controllers.” You must log in to a domain controller in order to join the domain.


Example three - Linux desktop in a Windows 9x environment

Finally, here's my home Linux server, where I've dropped in a mirrored pair of drives and shared them as /export:

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page yada yada yada
#======================= Global Settings ===============================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = BRASSHAT

# server string is the equivalent of the NT Description field
server string = Howie Samba Server

# Restrict connections to local machines.
hosts allow = 192.168.32 127.

# Security mode. Permissions based on username and password:
security = user
encrypt passwords = yes
smb passwd file = /etc/smbpasswd

# The following allows password changing from Windows to
# update the Linux sytsem password also.
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

# Cause this host to announce itself to local subnets here
remote announce = 192.168.32.31
# Note that I am NOT USING a whole Class C - I'm using a smaller netmask
# of 255.255.255.224, so my broadcast address is .31, not .255.
# See http://handsonhowto.com/lan101.html for more about netmasks!!!

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. Easier way to handle this for a small, stable LAN
# is by adding local machine's names and IP addresses to the file
# /etc/lmhosts
dns proxy = no
password level = 0
preferred master = no
os level = 0
null passwords = no
dead time = 0
debug level = 0
domain master = no
load printers = no

#============================ Share Definitions =========================
[Howie]
comment = Howie Samba server
available = yes
public = yes
path = /export
guest only = no
writable = yes
browseable = yes
valid users = hoser,mamacita,digger
only user = no
allow hosts = 192.168.32.2 192.168.32.3


But we’re not done yet!

Note the “valid users” line above. Windows has a username and password scheme, which looks nothing at all like the Unix one. And unlike a certain round-heeled excuse for an operating system, Unix (Linux) is not about to let some stranger start messing around with its files without so much as a “Hi, how are you?” What do we do about that?

The answer is, we set up a separate, parallel username and password system especially for smb. Before you can allow smb connections, you need to create this username database with the smbpasswd program, and set Windows-style passwords for the users you add to it.

It’s not that hard, actually:

% smbpasswd -c # Create a new smbpasswd file -- ONE TIME ONLY!
% smbpasswd -a hoser
New SMB password: razzbat
Retype new SMB password: razzbat
Added user hoser.
Password changed for user hoser.
%


Now the Windows user named HOSER can log on to your SMB share with the password RAZZBAT — and in true Windows fashion, it doesn’t care about uppercase vs lowercase letters. If you make this password the same as the one you use to start Windows, the Linux shares should be visible just like any other Windows share. If they aren’t the same, Windows should prompt you when you try to connect and also offer to save the password for reuse.

You only use the -c option to create the file — once you have created the file, don’t ever use the -c option again, or it will blow away your existing file and all the passwords you’ve added!

To add a user once you have created the smbpasswd file, you will use smbpasswd -a username:

% smbpasswd mamacita
New SMB password:
Retype new SMB password:
Failed to find entry for user mamacita.
Failed to change password entry for mamacita
# D'oh! You have to ADD mamacita with -a !
% smbpasswd -a mamacita
New SMB password:
Retype new SMB password:
Added user mamacita.
Password changed for user mamacita.
%


To change the password for an existing user, just use smbpasswd username. If you have enabled the password synchronization script in your smb.conf file, changing the SMB password will also update that user’s Linux password.

There’s more! But…
Truth be told, this month (6/2002) is the first time I’ve ever found a need to use the other nifty features offered by samba, such as the ability to share printers. It turns out that CUPS (the Common Unix Printer System) and samba get along quite well, and the default information in the smb.conf will share a CUPS printer effectively. Configure a printer on your Linux box, but tell your Windows machine that it’s talking to a generic Postscript printer. Even if it isn’t, the GNU Ghostscript interpreter will turn Postscript input into the proprietary format your printer needs. In effect, a Linux box can turn almost any printer into a Postscript printer!

Update, 10/2003: There have been some interesting Samba tools added to later distributions — I just poked around a bit on a Mandrake 9.1 machine which includes LinNeighborhood, which happily managed my Windows passwords and let me browse a variety of Windows shares. I also told CUPS about a LaserJet 6L on a nearby XP machine and it printed a test page quite painlessly. The “URI” it needed was in the format “smb://user:pass@server/printer” as described above. May I suggest you set up a Windows user for printing purposes only, and give that name a password you won’t be tempted to use elsewhere.

In theory a Linux box should be able to access anything that a Windows machine is willing to share. I hope that these few examples have got the basics working for you, and that this success will give you the courage to dig into the man files and HOW-TOs to find any other features you need or want.

http://handsonhowto.com/2007/what-is-samba/
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:06 pm

Mac OS X 10.1 or later: How to Connect to Windows File Sharing (SMB)


Summary
Follow the steps in this article to connect to Windows File Sharing (SMB) from Mac OS X 10.1 or later. SMB is the native sharing protocol for Microsoft Windows operating systems, but it may be offered by other computers.

Products Affected
Mac OS X 10.4, Mac OS X 10.3, Mac OS X 10.2, Mac OS X 10.1, Mac OS X 10.5

Follow these steps:

Click the Finder icon in the Dock.
Choose Connect to Server from the Go menu (see Note 1).
In the address field of the Connect to Server dialog, type the URL using this syntax (see Note 3):
smb://ServerName/ShareName/



Click Connect.

You will be prompted for the workgroup, user name, and password. In addition to connecting to actual Microsoft Windows computers, you may also use the Connect to Server dialog to connect to a Macintosh that is offering Windows File Sharing.

Important: Review all of the Notes section, below, for important information on Windows File Sharing. To set up sharing service, see the Related Documents.
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:09 pm

Configuring a Samba Server

The default configuration file (/etc/samba/smb.conf) allows users to view their Red Hat Linux home directories as a Samba share. It also shares any printers configured for the Red Hat Linux system as Samba shared printers. In other words, you can attach a printer to your Red Hat Linux system and print to it from the Windows machines on your network.

17.2.1. Graphical Configuration
To configure Samba using a graphical interface, use the Samba Server Configuration Tool. For command line configuration, skip to Section 17.2.2 Command Line Configuration.

The Samba Server Configuration Tool is a graphical interface for managing Samba shares, users, and basic server settings. It modifies the configuration files in the /etc/samba/ directory. Any changes to these files not made using the application are preserved.

To use this application, you must be running the X Window System, have root privileges, and have the redhat-config-samba RPM package installed. To start the Samba Server Configuration Tool from the desktop, go to the Main Menu Button (on the Panel) => System Settings => Server Settings => Samba Server or type the command redhat-config-samba at a shell prompt (for example, in an XTerm or a GNOME terminal).



Figure 17-1. Samba Server Configuration Tool


Note
The Samba Server Configuration Tool does not display shared printers or the default stanza that allows users to view their own home directories on the Samba server.


17.2.1.1. Configuring Server Settings
The first step in configuring a Samba server is to configure the basic settings for the server and a few security options. After starting the application, select Preferences => Server Settings from the pulldown menu. The Basic tab is displayed as shown in Figure 17-2.



Figure 17-2. Configuring Basic Server Settings

On the Basic tab, specify which workgroup the computer should be in as well as a brief description of the computer. They correspond to the workgroup and server string options in smb.conf.



Figure 17-3. Configuring Security Server Settings

The Security tab contains the following options:


Authentication Mode — This corresponds to the security option. Select one of the following types of authentication.


Domain — The Samba server relies on a Windows NT Primary or Backup Domain Controller to verify the user. The server passes the username and password to the Controller and waits for it to return. Specify the NetBIOS name of the Primary or Backup Domain Controller in the Authentication Server field.

The Encrypted Passwords option must be set to Yes if this is selected.

Server — The Samba server tries to verify the username and password combination by passing them to another Samba server. If it can not, the server tries to verify using the user authentication mode. Specify the NetBIOS name of the other Samba server in the Authentication Server field.

Share — Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server.

User — (Default) Samba users must provide a valid username and password on a per Samba server basis. Select this option if you want the Windows Username option to work. Refer to Section 17.2.1.2 Managing Samba Users for details.

Encrypt Passwords — (Default value is Yes) This option must be enabled if the clients are connecting from a Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transfered between the server and the client in an encrypted format instead of in as a plain-text word that can be intercepted. This corresponds to the encrypted passwords option. Refer to Section 17.2.3 Encrypted Passwords for more information about encrypted Samba passwords.

Guest Account — When users or guest users log into a Samba server, they must be mapped to a valid user on the server. Select one of the existing usernames on the system to be the guest Samba account. When guests logs in to the Samba server, they have the same privileges as this user. This corresponds to the guest account option.

After clicking OK, the changes are written to the configuration file and the daemon is restart; thus, the changes take effect immediately.

17.2.1.2. Managing Samba Users
The Samba Server Configuration Tool requires that an existing user account be active on the Red Hat Linux system acting as the Samba server before a Samba user can be added. The Samba user is associated with the existing Red Hat Linux user account.



Figure 17-4. Managing Samba Users

To add a Samba user, select Preferences => Samba Users from the pulldown menu, and click the Add User button. On the Create New Samba User window select a Unix Username from the list of existing users on the local system.

If the user has a different username on a Windows machine and will be logging into the Samba server from the Windows machine, specify that Windows username in the Windows Username field. The Authentication Mode on the Security tab of the Server Settings preferences must be set to User for this option to work.

Also configure a Samba Password for the Samba User and confirm the Samba Password by typing it again. Even if you select to use encrypted passwords for Samba, it is recommended that the Samba passwords for all users are different from their Red Hat Linux system passwords.

To edit an existing user, select the user from the list, and click Edit User. To delete an existing Samba user, select the user, and click the Delete User button. Deleting a Samba user does not delete the associated Red Hat Linux user account.

The users are modified immediately after clicking the OK button.

17.2.1.3. Adding a Share


Figure 17-5. Adding a Share

To add a share, click the Add button. The Basic tab configures the following options:


Directory — The directory to share via Samba. The directory must exist.

Descriptions — A brief description of the share.

Basic Permissions — Whether users should only be able to read the files in the shared directory or whether they should be able to read and write to the shared directory.

On the Access tab, select whether to allow only specified users to access the share or whether to allow all Samba users to access the share. If you select to allow access to specific users, select the users from the list of available Samba users.

The share is added immediately after clicking OK.

17.2.2. Command Line Configuration
Samba uses /etc/samba/smb.conf as its configuration file. If you change this configuration file, the changes do not take effect until you restart the Samba daemon with the command service smb restart.

To specify the Windows workgroup and a brief description of the Samba server, edit the following lines in your smb.conf file:

workgroup = WORKGROUPNAME
server string = BRIEF COMMENT ABOUT SERVER


Replace WORKGROUPNAME with the name of the Windows workgroup to which this machine should belong. The BRIEF COMMENT ABOUT SERVER is optional and is used as the Windows comment about the Samba system.

To create a Samba share directory on your Linux system, add the following section to your smb.conf file (after modifying it to reflect your needs and your system):

[sharename]
comment = Insert a comment here
path = /home/share/
valid users = tfox carole
public = no
writable = yes
printable = no
create mask = 0765


The above example allows the users tfox and carole to read and write to the directory /home/share, on the Samba server, from a Samba client.

17.2.3. Encrypted Passwords
In Red Hat Linux 9 encrypted passwords are enabled by default because it is more secure. If encrypted passwords are not used, plain text passwords are used, which can be intercepted by someone using a network packet sniffer. It is recommended that encrypted passwords be used.

The Microsoft SMB Protocol originally used plaintext passwords. However, Windows NT 4.0 with Service Pack 3 or higher, Windows 98, Windows 2000, Windows ME, and Windows XP require encrypted Samba passwords. To use Samba between a Red Hat Linux system and a system running one of these Windows operating systems, you can either edit your Windows registry to use plaintext passwords or configure Samba on your Linux system to use encrypted passwords. If you choose to modify your registry, you must do so for all your Windows machines — this is risky and may cause further conflicts. It is recommended that you use encrypted passwords for better security.

To configure Samba on your Red Hat Linux system to use encrypted passwords, follow these steps:


Create a separate password file for Samba. To create one based on your existing /etc/passwd file, at a shell prompt, type the following command:

cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd


If the system uses NIS, type the following command:

ypcat passwd | mksmbpasswd.sh > /etc/samba/smbpasswd


The mksmbpasswd.sh script is installed in your /usr/bin directory with the samba package.

Change the permissions of the Samba password file so that only root has read and write permissions:

chmod 600 /etc/samba/smbpasswd


The script does not copy user passwords to the new file, and a Samba user account is not active until a password is set for it. For higher security, it is recommended that the user's Samba password be different from the user's Red Hat Linux password. To set each Samba user's password, use the following command (replace username with each user's username):

smbpasswd username


Encrypted passwords must be enabled in the Samba configuration file. In the file smb.conf, verify that the following lines are not commented out:

encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd


Make sure the smb service is started by typing the command service smb restart at a shell prompt.

If you want the smb service to start automatically, use ntsysv, chkconfig, or Services Configuration Tool to enable it at runtime. Refer to Chapter 14 Controlling Access to Services for details.


Tip
Read /usr/share/doc/samba-<version>/docs/htmldocs/ENCRYPTION.html to learn more about encrypted passwords. (replace <version> with the version number of Samba that you have installed).


The pam_smbpass PAM module can be used to sync users' Samba passwords with their system passwords when the passwd command is used. If a user invokes the passwd command, the password he uses to log in to the Red Hat Linux system as well as the password he must provide to connect to a Samba share are changed.

To enable this feature, add the following line to /etc/pam.d/system-auth below the pam_cracklib.so invocation:

password required /lib/security/pam_smbpass.so nullok use_authtok try_first_pass


17.2.4. Starting and Stopping the Server
On the server that is sharing directories via Samba, the smb service must be running.

View the status of the Samba daemon with the following command:

/sbin/service smb status


Start the daemon with the following command:

/sbin/service smb start


Stop the daemon with the following command:

/sbin/service smb stop


To start the smb service at boot time, use the command:

/sbin/chkconfig --level 345 smb on


You can also use chkconfig, ntsysv or the Services Configuration Tool to configure which services start at boot time. Refer to Chapter 14 Controlling Access to Services for details.

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-configuring.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:10 pm

Connecting to a Samba Share

To connect to a Linux Samba share from a Microsoft Windows machine, use Network Neighborhood or the graphical file manager.

To connect to a Samba share from a Linux system, from a shell prompt, type the following command:

smbclient //hostname/sharename -U username


Replace hostname with the hostname or IP address of the Samba server you want to connect to, sharename with the name of the shared directory you want to browse, and username with the Samba username for the system. Enter the correct password or press [Enter] if no password is required for the user.

If you see the smb:\> prompt, you have successfully logged in. Once you are logged in, type help for a list of commands. If you wish to browse the contents of your home directory, replace sharename with your username. If the -U switch is not used, the username of the current user is passed to the Samba server.

To exit smbclient, type exit at the smb:\> prompt.

You can also use Nautilus to view available Samba shares on your network. Select Main Menu Button (on the Panel) => Network Servers to view a list of Samba workgroups on your network. You can also type smb: in the Location: bar of Nautilus to view the workgroups.

As shown in Figure 17-6, an icon appears for each available SMB workgroup on the network.



Figure 17-6. SMB Workgroups in Nautilus

Double-click one of the workgroup icons to view a list of computers within the workgroup.



Figure 17-7. SMB Machines in Nautilus

As you can see from Figure 17-7, there is an icon for each machine within the workgroup. Double-click on an icon to view the Samba shares on the machine. If a username and password combination is required, you are prompted for them.

Alternately, you can also specify a username and password combination in the Location: bar using the following syntax (replace user, password, servername, and sharename with the appropriate values):

smb://user:password@servername/sharename/

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-samba-connect-share.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:10 pm

Chapter 17. Samba
Samba uses the SMB protocol to share files and printers across a network connection. Operating systems that support this protocol include Microsoft Windows (through its Network Neighborhood), OS/2, and Linux.

17.1. Why Use Samba?
Samba is useful if you have a network of both Windows and Linux machines. Samba allows files and printers to be shared by all the systems in your network. If you want to share files between Red Hat Linux machines only, use NFS as discussed in Chapter 16 Network File System (NFS). If you want to share printers between Red Hat Linux machines only, you do not need to use Samba; refer to Chapter 27 Printer Configuration.


http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-samba.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:11 pm

Chapter 16. Network File System (NFS)
Network File System (NFS) is a way to share files between machines on a network as if the files were located on the client's local hard drive. Red Hat Linux can be both an NFS server and an NFS client, which means that it can export file systems to other systems and mount file systems exported from other machines.

16.1. Why Use NFS?
NFS is useful for sharing directories of files between multiple users on the same network. For example, a group of users working on the same project can have access to the files for that project using a shared directory of the NFS file system (commonly known as an NFS share) mounted in the directory /myproject. To access the shared files, the user goes into the /myproject directory on his machine. There are no passwords to enter or special commands to remember. Users work as if the directory is on their local machines

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-nfs.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:12 pm

16.2. Mounting NFS File Systems
Use the mount command to mount a shared NFS directory from another machine:

mount shadowman.example.com:/misc/export /misc/local



Warning
The mount point directory on local machine (/misc/local in the above example) must exist.


In this command, shadowman.example.com is the hostname of the NFS fileserver, /misc/export is the directory that shadowman is exporting, and /misc/local is the location to mount the file system on the local machine. After the mount command runs (and if the client has proper permissions from the shadowman.example.com NFS server) the client user can execute the command ls /misc/local to display a listing of the files in /misc/export on shadowman.example.com.

16.2.1. Mounting NFS File Systems using /etc/fstab
An alternate way to mount an NFS share from another machine is to add a line to the /etc/fstab file. The line must state the hostname of the NFS server, the directory on the server being exported, and the directory on the local machine where the NFS share is to be mounted. You must be root to modify the /etc/fstab file.

The general syntax for the line in /etc/fstab is as follows:

server:/usr/local/pub /pub nfs rsize=8192,wsize=8192,timeo=14,intr


The mount point /pub must exist on the client machine. After adding this line to /etc/fstab on the client system, type the command mount /pub at a shell prompt, and the mount point /pub will be mounted from the server.

16.2.2. Mounting NFS File Systems using autofs
A third option for mounting an NFS share is the use of autofs. Autofs uses the automount daemon to manage your mount points by only mounting them dynamically when they are accessed.

Autofs consults the master map configuration file /etc/auto.master to determine which mount points are defined. It then starts an automount process with the appropriate parameters for each mount point. Each line in the master map defines a mount point and a separate map file that defines the file systems to be mounted under this mount point. For example, the /etc/auto.misc file might define mount points in the /misc directory; this relationship would be defined in the /etc/auto.master file.

Each entry in auto.master has three fields. The first field is the mount point. The second field is the location of the map file, and the third field is optional. The third field can contain information such as a timeout value.

For example, to mount the directory /proj52 on the remote machine penguin.example.net at the mount point /misc/myproject on your machine, add the following line to auto.master:

/misc /etc/auto.misc --timeout 60


Add the following line to /etc/auto.misc:

myproject -rw,soft,intr,rsize=8192,wsize=8192 penguin.example.net:/proj52


The first field in /etc/auto.misc is the name of the /misc subdirectory. This directory is created dynamically by automount. It should not actually exist on the client machine. The second field contains mount options such as rw for read and write access. The third field is the location of the NFS export including the hostname and directory.


Note
The directory /misc must exist on the local file system. There should be no subdirectories in /misc on the local file system.


Autofs is a service. To start the service, at a shell prompt, type the following commands:

/sbin/service autofs restart


To view the active mount points, type the following command at a shell prompt:

/sbin/service autofs status


If you modify the /etc/auto.master configuration file while autofs is running, you must tell the automount daemon(s) to reload by typing the following command at a shell prompt:

/sbin/service autofs reload


To learn how to configure autofs to start at boot time, refer to Chapter 14 Controlling Access to Services for information on managing services.


http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-nfs-mount.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:13 pm

16.3. Exporting NFS File Systems
Sharing files from an NFS server is known as exporting the directories. The NFS Server Configuration Tool can be used to configure a system as an NFS server.

To use the NFS Server Configuration Tool, you must be running the X Window System, have root privileges, and have the redhat-config-nfs RPM package installed. To start the application, select Main Menu Button (on the Panel) => System Settings => Server Settings => NFS Server, or type the command redhat-config-nfs.



Figure 16-1. NFS Server Configuration Tool

To add an NFS share, click the Add button. The dialog box shown in Figure 16-2 will appear.

The Basic tab requires the following information:


Directory — Specify the directory to share, such as /tmp.

Host(s) — Specify the host(s) to which to share the directory. Refer to Section 16.3.2 Hostname Formats for an explanation of possible formats.

Basic permissions — Specify whether the directory should have read-only or read/write permissions.



Figure 16-2. Add Share

The General Options tab allows the following options to be configured:


Allow connections from port 1024 and higher — Services started on port numbers less than 1024 must be started as root. Select this option to allow the NFS service to be started by a user other than root. This option corresponds to insecure.

Allow insecure file locking — Do not require a lock request. This option corresponds to insecure_locks.

Disable subtree checking — If a subdirectory of a file system is exported, but the entire file system is not exported, the server checks to see if the requested file is in the subdirectory exported. This check is called subtree checking. Select this option to disable subtree checking. It the entire file system is exported, selecting to disable subtree checking can increase the transfer rate. This option corresponds to no_subtree_check.

Sync write operations on request — Enabled by default, this option does not allow the server to reply to requests before the changes made by the request are written to the disk. This option corresponds to sync. If this is not selected, the async option is used.


Force sync of write operations immediately — Do not delay writing to disk. This option corresponds to no_wdelay.

The User Access tab allows the following options to be configured:


Treat remote root user as local root — By default, the user and group IDs of the root user are both 0. Root squashing maps the user ID 0 and the group ID 0 to the user and group IDs of anonymous so that root on the client does not have root privileges on the NFS server. If this option is selected, root is not mapped to anonymous, and root on a client has root privileges to exported directories. Selecting this option can greatly decrease the security of the system. Do not select it unless it is absolutely necessary. This option corresponds to no_root_squash.

Treat all client users as anonymous users — If this option is selected, all user and group IDs are mapped to the anonymous user. This option corresponds to all_squash.


Specify local user ID for anonymous users — If Treat all client users as anonymous users is selected, this option lets you specify a user ID for the anonymous user. This option corresponds to anonuid.

Specify local group ID for anonymous users — If Treat all client users as anonymous users is selected, this option lets you specify a group ID for the anonymous user. This option corresponds to anongid.

To edit an existing NFS share, select the share from the list, and click the Properties button. To delete an existing NFS share, select the share from the list, and click the Delete button.

After clicking OK to add, edit, or delete an NFS share from the list, the changes take place immediately — the server daemon is restarted, and the old configuration file is saved as /etc/exports.bak. The new configuration is written to /etc/exports.

The NFS Server Configuration Tool reads and writes directly to the /etc/exports configuration file. Thus, the file can be modified manually after using the tool, and the tool can be used after modifying the file manually (provided the file was modified with correct syntax).

16.3.1. Command Line Configuration
If you prefer editing configuration files using a text editor or if you do not have the X Window System installed, you can modify the configuration file directly.

The /etc/exports file controls what directories the NFS server exports. Its format is as follows:

directory hostname(options)


The only option that needs to be specified is one of sync or async (sync is recommended). If sync is specified, the server does not reply to requests before the changes made by the request are written to the disk.

For example:

/misc/export speedy.example.com(sync)


would allow users from speedy.example.com to mount /misc/export with the default read-only permissions, but:

/misc/export speedy.example.com(rw,sync)


would allow users from speedy.example.com to mount /misc/export with read/write privileges.

Refer to Section 16.3.2 Hostname Formats for an explanation of possible hostname formats.

Refer to the Red Hat Linux Reference Guide for a list of options that can be specified.


Caution
Be careful with spaces in the /etc/exports file. If there are no spaces between the hostname and the options in parentheses, the options apply only to the hostname. If there is a space between the hostname and the options, the options apply to the rest of the world. For example, examine the following lines:

/misc/export speedy.example.com(rw,sync)
/misc/export speedy.example.com (rw,sync)


The first line grants users from speedy.example.com read-write access and denies all other users. The second line grants users from speedy.example.com read-only access (the default) and allows the rest of the world read-write access.


Each time you change /etc/exports, you must inform the NFS daemon of the change, or reload the configuration file with the following command:

/sbin/service nfs reload


16.3.2. Hostname Formats
The host(s) can be in the following forms:


Single machine — A fully qualified domain name (that can be resolved by the server), hostname (that can be resolved by the server), or an IP address

Series of machines specified with wildscards — Use the * or ? character to specify a string match. Wildcards are not to be used with IP addresses; however, they may accidently work if reverse DNS lookups fail. When specifying wildcards in fully qualified domain names, dots (.) are not included in the wildcard. For example, *.example.com includes one.example.com but does not include one.two.example.com.

IP networks — Use a.b.c.d/z, where a.b.c.d is the network and z is the number of bits in the netmask (for example 192.168.0.0/24). Another acceptable format is a.b.c.d/netmask, where a.b.c.d is the network and netmask is the netmask (for example, 192.168.100.8/255.255.255.0).

Netgroups — In the format @group-name, where group-name is the NIS netgroup name.

16.3.3. Starting and Stopping the Server
On the server that is exporting NFS file systems, the nfs service must be running.

View the status of the NFS daemon with the following command:

/sbin/service nfs status


Start the NFS daemon with the following command:

/sbin/service nfs start


Stop the NFS daemon with the following command:

/sbin/service nfs stop


To start the nfs service at boot time, use the command:

/sbin/chkconfig --level 345 nfs on


You can also use chkconfig, ntsysv or the Services Configuration Tool to configure which services start at boot time. Refer to Chapter 14 Controlling Access to Services for details.

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-nfs-export.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  duyminh Sun Nov 22, 2009 12:14 pm

Chapter 27. Printer Configuration
The Printer Configuration Tool allows users to configure a printer in Red Hat Linux. This tool helps maintain the printer configuration file, print spool directories, and print filters.

Starting with version 9, Red Hat Linux defaults to the CUPS printing system. The previous default printing system, LPRng is still provided. If the system was upgraded from a previous Red Hat Linux version that used LPRng, the upgrade process did not replace LPRng with CUPS; the system will continue to use LPRng.

If a system was upgraded from a previous Red Hat Linux version that used CUPS, the upgrade process preserved the configured queues, and the system will continue to use CUPS.

The Printer Configuration Tool configures both the CUPS and LPRng printing system, depending on which one the system is configured to use. When you apply changes, it configures the active printing system.

To use the Printer Configuration Tool you must have root privileges. To start the application, select Main Menu Button (on the Panel) => System Settings => Printing, or type the command redhat-config-printer. This command automatically determines whether to run the graphical or text-based version depending on whether the command is executed in the graphical X Window System environment or from a text-based console.

You can also force the Printer Configuration Tool to run as a text-based application by using the command redhat-config-printer-tui from a shell prompt.


Important
Do not edit the /etc/printcap file or the files in the /etc/cups/ directory. Each time the printer daemon (lpd or cups) is started or restarted, new configuration files are dynamically created. The files are dynamically created when changes are applied with Printer Configuration Tool as well.


If you are using LPRng and want to add a printer without using the Printer Configuration Tool, edit the /etc/printcap.local file. The entries in /etc/printcap.local are not displayed in the Printer Configuration Tool but are read by the printer daemon. If you upgraded your system from a previous version of Red Hat Linux, your existing configuration file was converted to the new format used by this application. Each time a new configuration file is generated, the old file is saved as /etc/printcap.old.

If you are using CUPS, the Printer Configuration Tool does not display any queues or shares not configured using the Printer Configuration Tool; however, it will not remove them from the configuration files.



Figure 27-1. Printer Configuration Tool

The following types of print queues can be configured:


Locally-connected — a printer attached directly to the computer through a parallel or USB port.

Networked CUPS (IPP) — a printer that can be accessed over a TCP/IP network via the Internet Printing Protocol, also known as IPP (for example, a printer attached to another Red Hat Linux system running CUPS on the network).

Networked UNIX (LPD) — a printer attached to a different UNIX system that can be accessed over a TCP/IP network (for example, a printer attached to another Red Hat Linux system running LPD on the network).

Networked Windows (SMB) — a printer attached to a different system which is sharing a printer over a SMB network (for example, a printer attached to a Microsoft Windows™ machine).

Networked Novell (NCP) — a printer attached to a different system which uses Novell's NetWare network technology.

Networked JetDirect — a printer connected directly to the network through HP JetDirect instead of to a computer.


Important
If you add a new print queue or modify an existing one, you must apply the changes to them to take effect.


Clicking the Apply button saves any changes that you have made and restarts the printer daemon. The changes are not written to the configuration file until the printer daemon is restarted. Alternatively, you can choose Action => Apply.

27.1. Adding a Local Printer
To add a local printer, such as one attached through a parallel port or USB port on your computer, click the New button in the main Printer Configuration Tool window to display the window in Figure 27-2. Click Forward to proceed.



Figure 27-2. Adding a Printer

In the window shown in Figure 27-3, enter a unique name for the printer in the Name text field. The printer name cannot contain spaces and must begin with a letter. The printer name may contain letters, numbers, dashes (-), and underscores (_). Optionally, enter a short description for the printer, which can contain spaces.



Figure 27-3. Selecting a Queue Name

After clicking Forward, Figure 27-4 appears. Select Locally-connected from the Select a queue type menu, and select the device. The device is usually /dev/lp0 for a parallel printer or /dev/usb/lp0 for a USB printer. If no devices appear in the list, click Rescan devices to rescan the computer or click Custom device to specify it manually. Click Forward to continue.



Figure 27-4. Adding a Local Printer

The next step is to select the type of printer. Go to Section 27.7 Selecting the Printer Model and Finishing to continue.

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ch-printing.html
duyminh
duyminh

Tổng số bài gửi : 2887
Points : 5567
Reputation : 83
Join date : 12/09/2008
Age : 42
Đến từ : http://diendan.phamduyminh.com

http://www.phamduyminh.com

Về Đầu Trang Go down

What is SAMBA? Empty Re: What is SAMBA?

Bài gửi  Sponsored content


Sponsored content


Về Đầu Trang Go down

Về Đầu Trang


 
Permissions in this forum:
Bạn không có quyền trả lời bài viết