Samba服务器配置2

实验01:Samba服务器配置

实验目标:

掌握samba服务器的配置

实验步骤

用户认证的共享设置

  1. 添加共享账号(设置密码)

[root@svr5~]# useradd nick

[root@svr5~]# useradd hunter

[root@svr5~]# pdbedit -a nick

new password:

retype newpassword:

Unixusername:        nick

NT username:         

Account Flags:        [U          ]

User SID:            S-1-5-21-3518153897-1939475618-2660747277-1000

Primary GroupSID:   S-1-5-21-3518153897-1939475618-2660747277-513

Full Name:           

HomeDirectory:       \\svr5\nick

HomeDirDrive:       

LogonScript:         

ProfilePath:         \\svr5\nick\profile

Domain:               SVR5

Accountdesc:        

Workstations:        

Munged dial:         

Logon time:           0

Logoff time:          , 06 2 2036 23:06:39 CST

Kickofftime:         , 06 2 203623:06:39 CST

Password lastset:    , 15 9 2014 01:38:14 CST

Password canchange:  , 15 9 2014 01:38:14 CST

Password mustchange: never

Last badpassword   : 0

Bad passwordcount  : 0

Logon hours         :FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

[root@svr5~]# pdbedit -a hunter

new password:

retype newpassword:

Unixusername:        hunter

NT username:         

AccountFlags:        [U          ]

User SID:            S-1-5-21-3518153897-1939475618-2660747277-1001

Primary GroupSID:    S-1-5-21-3518153897-1939475618-2660747277-513

Full Name:           

HomeDirectory:       \\svr5\hunter

HomeDirDrive:       

LogonScript:        

ProfilePath:         \\svr5\hunter\profile

Domain:               SVR5

Accountdesc:        

Workstations:        

Munged dial:         

Logon time:           0

Logoff time:          , 06 2 2036 23:06:39 CST

Kickofftime:         , 06 2 203623:06:39 CST

Password lastset:    , 15 9 2014 01:38:27 CST

Password canchange:  , 15 9 2014 01:38:27 CST

Password must change:never

Last badpassword   : 0

Bad passwordcount  : 0

Logon hours         :FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

[root@svr5~]# smbpasswd nick

New SMBpassword:

Retypenew SMB password:

  1. 修改tools共享设置

[root@svr5~]# vim  /etc/samba/smb.conf

[global]

security= user                                                                            //启用用户认证

[tools]

        comment = Test Share Direstory

        path = /usr/src                                                         //指定共享路径

        public = no                                                                //不对所有人开放

        read only = yes                                                                  //默认的权限为只读

        valid users = nick,hunter                                       //指定合法用户

        write list = hunter                                                   //用户hunter可读可写

[root@svr5~]# setfacl -m user:hunter:rwx /usr/src/

[root@svr5~]# service smb restart

关闭 SMB 服务:                                            [确定]

启动 SMB 服务:                                            [确定]

  1. 客户端访问验证

smbclient -U  用户名  //服务器地址/共享名

      匿名访问应该被拒绝;

      nick访问时为只读;

      hunter访问时可读可写

[root@pc205~]# smbclient -U nick //192.168.4.5/tools

Enter nick'spassword:

Domain=[TARENA]OS=[Unix] Server=[Samba 3.6.9-164.el6]

smb: \> ls

  .                                   D        0 Fri Sep 12 10:29:13 2014

  ..                                  D        0 Fri Sep 12 10:29:13 2014

  debug                               D        0 Tue Jun 28 22:13:01 2011

  kernels                             D        0 Tue Jun 28 22:13:01 2011


                  39371blocks of size 1048576. 33888 blocks available

练习十:共享账号别名

[root@pc205~]# vim /etc/samba/smbusers

# Unix_name =SMB_name1 SMB_name2 ...

root =administrator admin

nobody = guestpcguest smbguest

hunter= hijack

  1. 启用别名映射

[root@svr5~]# vim /etc/samba/smb.conf

 [global]

 username map = /etc/samba/smbusers

[root@pc205~]# service smb restart

关闭 SMB 服务:                                            [确定]

启动 SMB 服务:                                            [确定]

  1. 客户端验证

[root@pc205~]# smbclient -U hijack //192.168.4.5/tools

Enter hijack'spassword:

Anonymous loginsuccessful

Domain=[TARENA]OS=[Unix] Server=[Samba 3.6.9-164.el6]

tree connectfailed: NT_STATUS_ACCESS_DENIED

  • 问题和经验总结

故障现象:

[root@pc205 ~]#smbclient -U nick 192.168.4.5/tools

192.168.4.5\tools:Not enough '\' characters in service

用法: smbclient [-?EgBVNkPeC] [-?|--help] [--usage]

        [-R|--name-resolve NAME-RESOLVE-ORDER][-M|--message HOST]

        [-I|--ip-address IP] [-E|--stderr][-L|--list HOST]

        [-m|--max-protocol LEVEL] [-T|--tar<c|x>IXFqgbNan] [-D|--directory DIR]

        [-c|--command STRING] [-b|--send-bufferBYTES] [-p|--port PORT]

        [-g|--grepable] [-B|--browse][-d|--debuglevel DEBUGLEVEL]

        [-s|--configfile CONFIGFILE][-l|--log-basename LOGFILEBASE]

        [-V|--version] [--option=name=value]

        [-O|--socket-options SOCKETOPTIONS][-n|--netbiosname NETBIOSNAME]

        [-W|--workgroup WORKGROUP] [-i|--scopeSCOPE] [-U|--user USERNAME]

        [-N|--no-pass] [-k|--kerberos][-A|--authentication-file FILE]

        [-S|--signing on|off|required][-P|--machine-pass] [-e|--encrypt]

        [-C|--use-ccache] service<password>

解决办法:

检查命令输入是否正确,这里的错误是在服务器的地址前面少了//,加上去就可以访问

 


你可能感兴趣的:(服务器,用户,认证,密码,账号)