Samba(Server Messages Block)是一种linux系统和windws系统之间依靠网络协议共享文件的服务程序,(Samba has provided secure, stable and fast file and print services for all clients using the SMB/CIFS protocol ),下面简单介绍在Centos 7部署记录(IP:192.168.1.19)

一、安装Samba

SRE实战 互联网时代守护先锋,助力企业售后服务体系运筹帷幄!一键直达领取阿里云限量特价优惠。 
[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core) 
[root@localhost ~]# yum install -y samba

二、配置防火墙和Selinux,否则windows无法访问,在生产环境一般防火墙都不会关闭

[root@localhost ~]# systemctl status firewalld        #一般情况下默认是开的,如果关闭,就启动一下
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2019-04-08 09:40:24 EDT; 2h 11min ago
     Docs: man:firewalld(1)
 Main PID: 4711 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─4711 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Apr 08 09:51:09 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POS...ame.
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOC...ame.
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C ...n?).
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POS...ame.
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOC...ame.
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C ...n?).
Apr 08 09:57:39 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POS...ame.
Apr 08 11:10:18 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOC...ame.
Apr 08 11:10:18 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C ...n?).
Apr 08 11:10:18 localhost.localdomain firewalld[4711]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POS...ame.
Hint: Some lines were ellipsized, use -l to show in full.

[root@localhost ~]# firewall-cmd --add-service samba --permanent
success

[root@localhost ~]# firewall-cmd --reload    #重启防火墙
success

[root@localhost ~]# firewall-cmd --list-all|grep samba    #确认是否加策略成功
  services: ssh dhcpv6-client samba

关闭Selinux,否则windows客户端连接不上samba
[root@localhost ~]# vim /etc/selinux/config
SELINUX=disabled

[root@localhost ~]# setenforce 0    
[root@localhost ~]# getenforce 
Permissive

三、Samba服务器的配置

[root@localhost samba]# cp /etc/samba/smb.conf /etc/samba/smb.conf_bak_20190426
[root@localhost samba]# cat /etc/samba/smb.conf
[global]                                    #全局配置
        workgroup = SAMBA
        security = user  #安全验证的方式
     #1、share 来访主机无需验证口令,比较方便,但是安全性较差,现在新版本限制使用,如果使用服务无法启动
     #2、user 需要验证来访主机提供的口令才能访问
      #3、使用独立的远程主机验证来验证提供的口令
      #4、domain使用域控制器进行身份验证

        passdb backend = tdbsam
 
        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw
 
[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes
 
[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
 
[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @printadmin root
        force group = @printadmin
        create mask = 0664
        directory mask = 0775
[database]  #共享名称,也是文件夹的标识,配置了多少个,登陆的时候就会显示多少文件夹
        comment=do not modify it all will   #对该共享的描述,随意自己定义
        path=/home/database                 #该共享的路径
        public=no                           #是否对所有人共享
        writeable=yes                       #允许写入操作
!!!如果是拷贝配置的话,去掉汉字,否则smb服务无法启动   

[root@localhost samba]# systemctl restart smb

4、访问方式一、任何人都可以匿名访问,可以增删改查

[root@localhost home]# chmod 777 database/

[root@localhost database]# vim /etc/samba/smb.conf
[global]
        workgroup = SAMBA
        security = user
        map to guest = Bad User
        passdb backend = tdbsam

        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes

[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @printadmin root
        force group = @printadmin
        create mask = 0664
        directory mask = 0775
[database]
        comment=do not modify it all will
        path=/home/database
        public = yes
        writeable=yes
        guest ok = yes

 这中方法谨慎使用,因为存在很大的安全因素,如果别人不小心删除或者修改文件,我们就无法恢复了。

访问方式二、通过账号密码访问

  

扫码关注我们
微信号:SRE实战
拒绝背锅 运筹帷幄