Server/SAMBA: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „== Installation == Mit grafischer Oberfläche: apt-get install gadmin-samba kann aber auch über Konfigurationsdatei eingestellt werden. <!-- template == Ko…“) |
K (→Server starten) |
||
(3 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 5: | Zeile 5: | ||
kann aber auch über Konfigurationsdatei eingestellt werden. | kann aber auch über Konfigurationsdatei eingestellt werden. | ||
== Konfiguration == | == Konfiguration == | ||
$ vim /etc/ | $ vim /etc/samba/smb.conf | ||
[global] | |||
realm = | |||
netbios name = Samba24 | |||
server string = Elektrixx Samba server | |||
workgroup = Elektrixx | |||
security = ads | |||
hosts allow = 127. 192.168. 10. 172.22. 172.23. | |||
interfaces = 127.0.0.1/8 192.168.0.0/16 10.0.0.0/8 172.22.0.0/15 | |||
bind interfaces only = yes | |||
remote announce = 192.168.0.255 | |||
remote browse sync = 192.168.0.255 | |||
printcap name = cups | |||
load printers = yes | |||
cups options = raw | |||
printing = cups | |||
guest account = smbguest | |||
log file = /var/log/samba/samba.log | |||
max log size = 1000 | |||
null passwords = no | |||
username level = 6 | |||
password level = 6 | |||
encrypt passwords = yes | |||
unix password sync = yes | |||
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 | |||
local master = yes | |||
domain master = yes | |||
preferred master = yes | |||
domain logons = yes | |||
os level = 80 | |||
logon drive = m: | |||
logon home = \\%L\homes\%u | |||
logon path = \\%L\profiles\%u | |||
logon script = %G.bat | |||
time server = yes | |||
name resolve order = wins lmhosts bcast | |||
wins support = yes | |||
wins proxy = yes | |||
dns proxy = no | |||
preserve case = yes | |||
short preserve case = yes | |||
client use spnego = no | |||
client signing = no | |||
client schannel = no | |||
server signing = no | |||
server schannel = no | |||
nt pipe support = yes | |||
nt status support = yes | |||
allow trusted domains = no | |||
obey pam restrictions = yes | |||
enable spoolss = yes | |||
client plaintext auth = no | |||
disable netbios = no | |||
follow symlinks = no | |||
update encrypted = yes | |||
pam password change = no | |||
passwd chat timeout = 120 | |||
hostname lookups = no | |||
username map = /etc/samba/smbusers | |||
passdb backend = tdbsam | |||
passwd program = /usr/bin/passwd '%u' | |||
passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n | |||
add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u' | |||
add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u' | |||
add group script = /usr/sbin/groupadd '%g' | |||
delete user script = /usr/sbin/userdel '%u' | |||
delete user from group script = /usr/sbin/userdel '%u' '%g' | |||
delete group script = /usr/sbin/groupdel '%g' | |||
add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u' | |||
machine password timeout = 120 | |||
idmap uid = 16777216-33554431 | |||
idmap gid = 16777216-33554431 | |||
template shell = /dev/null | |||
winbind use default domain = yes | |||
winbind separator = @ | |||
winbind cache time = 360 | |||
winbind trusted domains only = yes | |||
winbind nested groups = no | |||
winbind nss info = no | |||
winbind refresh tickets = no | |||
winbind offline logon = no | |||
[netlogon] | |||
comment = Network Logon Service | |||
path = /home/netlogon | |||
read only = no | |||
available = yes | |||
browseable = yes | |||
writable = no | |||
guest ok = no | |||
public = no | |||
printable = no | |||
locking = no | |||
strict locking = no | |||
[uploads] | |||
path = /var/www/upload | |||
comment = Elektrixx Upload Directory | |||
alid users = @ftpuser | |||
write list = @ftpuser | |||
directory mask = 0775 | |||
create mode = 0775 | |||
force user = ftp | |||
force group = ftpuser | |||
read only = no | |||
available = yes | |||
browseable = yes | |||
writable = yes | |||
guest ok = yes | |||
public = yes | |||
printable = no | |||
locking = no | |||
strict locking = no | |||
== Nutzer anlegen == | == Nutzer anlegen == | ||
Für den FTP Zugriff wird ein eigener Benutzer erstellt, ohne gültiger Login Shell und mit dem Homeverzeichnis /var/www/upload: | Für den FTP Zugriff wird ein eigener Benutzer erstellt, ohne gültiger Login Shell und mit dem Homeverzeichnis /var/www/upload: | ||
Zeile 38: | Zeile 137: | ||
=== Anonymous Account === | === Anonymous Account === | ||
Zeile 67: | Zeile 146: | ||
Done. | Done. | ||
== Server starten == | |||
systemctl start samba.service | |||
; Autostart | |||
systemctl | systemctl enable samba.service | ||
[[Kategorie:Gaming]] | [[Kategorie:Gaming]] |
Aktuelle Version vom 8. August 2016, 12:04 Uhr
Installation[Bearbeiten]
Mit grafischer Oberfläche:
apt-get install gadmin-samba
kann aber auch über Konfigurationsdatei eingestellt werden.
Konfiguration[Bearbeiten]
$ vim /etc/samba/smb.conf [global] realm = netbios name = Samba24 server string = Elektrixx Samba server workgroup = Elektrixx security = ads hosts allow = 127. 192.168. 10. 172.22. 172.23. interfaces = 127.0.0.1/8 192.168.0.0/16 10.0.0.0/8 172.22.0.0/15 bind interfaces only = yes remote announce = 192.168.0.255 remote browse sync = 192.168.0.255 printcap name = cups load printers = yes cups options = raw printing = cups guest account = smbguest log file = /var/log/samba/samba.log max log size = 1000 null passwords = no username level = 6 password level = 6 encrypt passwords = yes unix password sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes domain master = yes preferred master = yes domain logons = yes os level = 80 logon drive = m: logon home = \\%L\homes\%u logon path = \\%L\profiles\%u logon script = %G.bat time server = yes name resolve order = wins lmhosts bcast wins support = yes wins proxy = yes dns proxy = no preserve case = yes short preserve case = yes client use spnego = no client signing = no client schannel = no server signing = no server schannel = no nt pipe support = yes nt status support = yes allow trusted domains = no obey pam restrictions = yes enable spoolss = yes client plaintext auth = no disable netbios = no follow symlinks = no update encrypted = yes pam password change = no passwd chat timeout = 120 hostname lookups = no username map = /etc/samba/smbusers passdb backend = tdbsam passwd program = /usr/bin/passwd '%u' passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u' add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u' add group script = /usr/sbin/groupadd '%g' delete user script = /usr/sbin/userdel '%u' delete user from group script = /usr/sbin/userdel '%u' '%g' delete group script = /usr/sbin/groupdel '%g' add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u' machine password timeout = 120 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /dev/null winbind use default domain = yes winbind separator = @ winbind cache time = 360 winbind trusted domains only = yes winbind nested groups = no winbind nss info = no winbind refresh tickets = no winbind offline logon = no [netlogon] comment = Network Logon Service path = /home/netlogon read only = no available = yes browseable = yes writable = no guest ok = no public = no printable = no locking = no strict locking = no [uploads] path = /var/www/upload comment = Elektrixx Upload Directory alid users = @ftpuser write list = @ftpuser directory mask = 0775 create mode = 0775 force user = ftp force group = ftpuser read only = no available = yes browseable = yes writable = yes guest ok = yes public = yes printable = no locking = no strict locking = no
Nutzer anlegen[Bearbeiten]
Für den FTP Zugriff wird ein eigener Benutzer erstellt, ohne gültiger Login Shell und mit dem Homeverzeichnis /var/www/upload:
$ adduser ftpuser --shell /bin/false --home /var/www/upload Adding user `ftpuser' ... Adding new group `ftpuser' (1001) ... Adding new user `ftpuser' (1001) with group `ftpuser' ... Creating home directory `/var/www/upload' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully [...]
Anonymous Account[Bearbeiten]
Damit der Benutzer ftp auf den anonymen FTP-Bereich zugreifen darf, muss er der Gruppe ftpuser hinzugefügt werden:
$ adduser ftp ftpuser Adding user `ftp' to group `ftpuser' ... Adding user ftp to group ftpuser Done.
Server starten[Bearbeiten]
systemctl start samba.service
- Autostart
systemctl enable samba.service