Configura samba

Solo disponible en BuenasTareas
  • Páginas : 8 (1903 palabras )
  • Descarga(s) : 0
  • Publicado : 11 de mayo de 2010
Leer documento completo
Vista previa del texto
Configure Samba with ACL and Active Directory integration Robert LeBlanc (leblanc@byu.edu) BioAg Computer Support, Brigham Young University This document uses Debain Linux 3.1 (Sarge) on x86 hardware. Your mileage may very. This document is intended to help others wanting to set-up a Linux server to participate in an Active Directory environment as a Samba file server. I am not responsible forany damage done to your computer or network due to following this document. It has worked well in our environment. I suggest testing on a non-production machine before putting into production. Enough of that, lets get into the good stuff. The document is pretty bare without a lot of explanation. If you wish to add some explanations to the document, please send me the comments and I will add them infor others. Install needed packages: apt-get update apt-get install samba krb5-config krb5-user winbind acl ntp-server ntpdate \ xfsprogs attr quota Edit Samba config (/etc/samba/smb.conf):
----------------Start /etc/samba/smb.conf--------------------# # Sample configuration file for the Samba suite for Debian GNU/Linux. # # # This is the main Samba configuration file. You should read the #smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options most of which # are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentary and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever youmodify this file you should run the command # "testparm" to check that you have not many any basic syntactic # errors. # #======================= Global Settings ======================= [global] ## Browsing/Identification ### # Change this to the workgroup/NT-domain name your Samba server will part of workgroup = BA realm = BA.BYU.EDU password server = alfred.ba.byu.edu # server string is theequivalent of the NT Description field server string = %h server (Samba %v) # Windows Internet Name Serving Support Section:

# WINS Support - Tells the NMBD component of Samba to enable its WINS Server ; wins support = no # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # This willprevent nmbd to search for NetBIOS names through DNS. dns proxy = no # What naming service and in what order should we use to resolve host names # to IP addresses ; name resolve order = lmhosts host wins bcast

#### Debugging/Accounting #### # This tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files(in Kb). max log size = 1000 # If you want Samba to only log through syslog then set the following # parameter to 'yes'. ; syslog only = no # We want Samba to log a minimum amount of information to syslog. Everything # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log # through syslog you should set the following parameter to something higher. syslog = 0 # Do somethingsensible when Samba crashes: mail the admin a backtrace panic action = /usr/share/samba/panic-action %d

####### Authentication ####### # "security = user" is always a good idea. This will require a Unix account # in this server for every user accessing the server. See # /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc # package for details. ; security = user security = ADS # You maywish to use password encryption. See the section on # 'encrypt passwords' in the smb.conf(5) manpage before enabling. encrypt passwords = true # If you are using encrypted passwords, Samba will need to know what # password database type you are using. passdb backend = tdbsam guest ; obey pam restrictions = yes ; guest account = nobody invalid users = root # This boolean parameter controls...
tracking img