Wednesday, June 3, 2009

SAMBA Notes

SAMBA

Samba Client Commands:

IN WINDOWS:

Delete the current session with the windows machine(asking the password again for a samba share)
# net use \\centos\ipc$ /delete (delete the current sessions)
# net use (shows the current session)

Mapping a Drive using a specific user name
```````````````````````````````````````````````````````````````````
C:\Documents and Settings\krn>net use * \\centos\privilage /user:kiran
The password is invalid for \\centos\privilage.

Enter the password for 'kiran' to connect to 'centos':
Drive Z: is now connected to \\centos\privilage.

The command completed successfully.

To delete the mapped Drive
`````````````````````````````````````````````````````````````````````
C:\Documents and Settings\krn>net use z: /delete
z: was deleted successfully.
`````````````````````````````````````````````````````````````````````
# net view (shows the workgroup computers in windows)

IN LINUX:

smbmount:
# mount -t smbfs -ousername=krn,fmask=777,dmask=755 //kiran/sOftwares/ /mnt
# mount -t smbfs -ousername=krn //kiran/sOftwares/ /mnt
# mount -t smbfs -ocredentials=/home/samba-credential-file.txt //kiran/sOftwares/ /mnt

module smbfs needs to be compiled with the kernel

smbtar:
backup the directory "dell" from share "sOftwares " from windows host "kiran" with credentials krn & Matha***

# smbtar -s kiran -u krn -t test.tar -p Mathapoo -v -x sOftwares dell

smbget:
# smbget -u kiran -p Mathapoo smb://kiran/sOftwares/putty.exe

smbclient:
# smbclient -A samba_credentials //kiran/sOftwares
# smbclient -U kiran //kiran/sOftwares

Remote Desktop
# rdesktop -g 700x500 -a 16 192.168.1.1

NETSTAT:
# netstat -ntlp |grep :631
Finding a port that engaed with a service



STAT: To check the configutation file access by a Deamon
# stat smb.conf

/etc/samba/smbuser:
:
This translates the users submitted by the windows machine to users in UNIX machine
eg:- root = administrator admin
nobody = guest pcguest smbguest
Samba server can refer the users in this file to the user name submitted by windows machinexternal machine.
(If guest is attempted to connect from windows it translates to nobody)

SAMBA Security Modes:
1. SHARE - Security Level on SHARE
2. USER- Securit Level Based on Users(Old method)
a. User-level (/etc/passwd, /etc/shadow & /etc/samba/smbpasswd (back-end))
1. Multiple Back ends for user level security
a. smbpasswd
b. tdbsam
c. LDAP
d.MySQL
Note:-
(How User-level mode works?
Client makes request to samba - > samba consults back ends for credentials and grants permission )

3. SERVER - Pass-thru
4. DOMAIN - Member Server (making a member of domain (passing the request to a configued Domain))
5. ADS - Kerberos realm (making as PDC)




samba configuration settings:

smb.conf file:
Two secssions:
1. Global secssion
2. shared secssion


1. Global secssion (how the samba server appears in the network and whom to trust)
workgroup = sets the workgroup(forces the machine to be in this perticular workgroup)
server string = the machine name appear while brows the machine
name resolve order = The order of the name resolution done (wins hosts lmhosts bcast)
Notes:
Samba Name Resolution for all the samba client service is done through the following steps respectively:-

First it consults
1. /etc/hosts; if the host name is not able to resolve it check the ----
2. /etc/samba/lmhosts ; if not able to resolve then consults the ----
3. WINS - one or more IP Addresses
4. Broadcast Address (192.168.1.255) = reffered in the smb.conf using derivative "bcast"

WINS config:(making the samba server as a WINS server/client)
wins support = (making the samba server as WINS server)
wins server = w.x.y.z (the wins server address that this samba server has to bind to)

security = (defines the type of security that samba server accepts while accessing the share)
security = user (samba uses /etc/passwd for authentication while accessing the share; users home directories will be shared for the respective users)
security = share (samba doesnt uses the /etc/passwd file for authentication & doent prompts for password; if public = yes given. if public = no is given it refers for the users defined in the share. The users home directory will not be exported )

PRINTER Configuration:
printcap name = /etc/printcap (automatically cups will update the details to this file and the samba reads from this file the printer information and servers)
cups options = raw (reformate the print job submitted by the client to actual server format)

NETBIOS Alias in SAMBA:
netbios aliases = jithu (add this parameter to [global] session this will add a new netbios name to an existing server,Adding multipile name to a SAMBA server.If a old server has decommissioned and need to preserve the old netbios name)

2. shared secssion(can deffine the shares & permissions here)
public = yes (this derivative makes the share available for everyone)
invalid users = kiran (The user (kiran) will not be able to access this perticular share)

1 comment:

  1. Hi Kiran,

    You are doing a nice job. Could you post, in simple steps, "How to integrate Active directory in SAMBA" as it is asked by the most of the interviewers.

    //santosh

    ReplyDelete

tag ur valuable ideas below