samba 服务有2模块组成

  1. smb:service message block --------progress:smbd port:445/tcp
  2. netbios:本地名称解析 --------progress:nmbd port:137/udp 138/udp 139/tcp

1、服务器安装

[root@localhost f1]# yum install samba

2、创建用户

[root@localhost ~]# useradd smbuser   #不设置系统登入密码
[root@localhost ~]# smbpasswd -a smbuser #设置samba登入密码    -a 是添加  不加是修改    smbpasswd -h
New SMB password:
Retype new SMB password:
Added user smbuser.

#[root@localhost ~]# smbpasswd  smbuser   #修改密码
#[root@localhost ~]# smbpasswd -x smbuser #删除用户

#所有用户查看
[root@localhost samba]# pdbedit -L
smbuser:1004:
#显示单个用户详细信息
[root@localhost ~]# pdbedit -u smbuser -v

3、配置文件

[root@localhost f1]# cp /etc/samba/smb.conf{,.bak}    
[root@localhost f1]# vim /etc/samba/smb.conf  #主要配置gloal部分
[global]
        workgroup = SAMBA
        server string = Samba Server Version %v
        interfaces = ens33              #监听网卡
        hosts allow = 172.16.86.        #允许主机可以是网络或者主机
        log file = /var/log/samba/log.%m   #日志
        max log size = 50               #日志滚动大小

        security = user                #表示用服务器登入验证表
        passdb backend = tdbsam

        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw
[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    browseable = No    #必须是no,不然可以客户模式直接登入
    writable = no     #家目录写权限   默认是能写的 这个跟下面read noly选一样
    inherit acls = Yes

测试参数
[root@localhost samba]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.

4、启动服务

[root@localhost samba]# systemctl start nmb smb

5、客户端安装

[root@ns1 ~]# yum install samba-client

5.1 指定用户查看

[root@ns1 ~]# smbclient -L 172.16.86.210 -U smbuser
Enter SAMBA\smbuser's password:   上述密码

    Sharename       Type      Comment
    ---------       ----      -------
    print$          Disk      Printer Drivers
    IPC$            IPC       IPC Service (Samba Server Version 4.7.1)
    smbuser         Disk      Home Directories
Reconnecting with SMB1 for workgroup listing.

    Server               Comment
    ---------            -------

    Workgroup            Master
    ---------            -------
    SAMBA                LOCALHOST

5.2 指定用户登入

[root@ns1 ~]# smbclient //172.16.86.210/smbuser -U smbuser
Enter SAMBA\smbuser's password:
Try "help" to get a list of possible commands.
smb: \>   #之后操作跟ftp一样
smb: \> put cekt
putting file cekt as \cekt (56.1 kb/s) (average 56.1 kb/s)

#服务器
[root@localhost samba]# ls  /home/smbuser/
.bash_logout   .bash_profile  .bashrc        cekt

5.3 共享目录

#服务器
[root@localhost samba]# mkdir /sambashared/node1 -pv
[root@localhost samba]# chmod o+w /sambashared/node1  #可以用setfacl方式对指定用户开放权限  个人绝对这里都可以写,在smb中控制具体那些用户能写
[root@localhost samba]# vim smb.conf
[node1]
        comment = shared node1
        path = /sambashared/node1
        write list = smbuser,smbuser2
        browseable = no   #yes 个人账户登入会显示node1   no个人账户登入不会显示node1节点
        guest ok = no

[root@localhost samba]# systemctl restart nmb smb

#客户端
[root@ns1 ~]# smbclient //172.16.86.210/node1 -U smbuser
Enter SAMBA\smbuser's password:
Try "help" to get a list of possible commands.
smb: \> put ks3.cfg
putting file ks3.cfg as \ks3.cfg (480.9 kb/s) (average 481.0 kb/s)

共享目录另外使用场景

#共享目录本是为每个用户提供一个公共文件目录。以下是个人对共享目录的另外一种使用场景
#每个用户不创建家目录,只能在公共目录中访问,
#在共享目录下 创建每个用户的家目录,属主用户,数组smbroot,权限770,公共目录pub  
#这么设计的好处是smbroot 能管理所有账号,文件存放位置比较统一,容易管理
[root@localhost ~]# useradd -M smbuser2
[root@localhost ~]# smbpasswd -a smbuser2
[root@localhost node1]# chown smbuser2.root t1
[root@localhost node1]# ll
总用量 8
drwxrwx--- 3 smbuser smbroot       68 5月  21 19:05 smbuser
drwxrwx--- 3 smbuser2 smbroot       68 5月  21 19:05 smbuser2  

6、客户端挂载到本地:

[root@marvin samba]# yum install cifs-utils -y
[root@ns1 ~]# mkdir /mnt/t5

[root@ns1 mnt]# mount -t cifs //172.16.86.210/node1 /mnt/t5 -o username=smbuser,password=zander
[root@ns1 ~]# mount -t cifs //172.16.86.210/node1 /mnt/t5 -o username=smbuser
Password for smbuser@//172.16.86.210/node1:  ******
[root@ns1 ~]# cd /mnt/t5
[root@ns1 t5]# ll
total 4
-rwxr--r-- 1 1004 1004 1970 May 21 02:38 ks3.cfg   #id 

7、挂载用户信息查看

[root@localhost node1]# smbstatus

Samba version 4.7.1
PID     Username     Group        Machine                                   Protocol Version  Encryption           Signing
----------------------------------------------------------------------------------------------------------------------------------------
29289   smbuser      smbuser      172.16.86.1 (ipv4:172.16.86.1:53772)      SMB3_02           -                    partial(AES-128-CMAC)

Service      pid     Machine       Connected at                     Encryption   Signing
---------------------------------------------------------------------------------------------
node1        29289   172.16.86.1   一 5月 21 19时39分50秒 2018 CST -            -

Locked files:
Pid          Uid        DenyMode   Access      R/W        Oplock           SharePath   Name   Time
--------------------------------------------------------------------------------------------------
29289        1004       DENY_NONE  0x100081    RDONLY     NONE             /sambashared/node1   .   Mon May 21 19:39:53 2018
29289        1004       DENY_NONE  0x100081    RDONLY     NONE             /sambashared/node1   .   Mon May 21 19:39:53 2018