[[http://tmade.de|Home tmade.de]] [[http://wiki.tmade.de|Home Wiki]] ===== Samba ===== ==== Access ==== smb://IP #Access from Filebrowser (e.g.Konqueror) ==== Test ==== testparm nmblookup netbiosname smbclient -L //fileserver smbclient -L IP smbclient -L 10.6.7.67 -U username smbclient -L //printserver/laser -c 'print letter.ps' smbclient -L hostname.domain.local -U 'domain.local\username' ==== Autostart Service ==== chkconfig smb on && chkconfig nmb on #Add service to autostart in defined runlevel systemctl is-enabled smb && systemctl is-enabled nmb #Add service to autostart on systemd systems or insserv nmb #Add service to autostart in defined runlevel insserv smb #Add service to autostart in defined runlevel Manual start: rcnmb start #Start service nmb rcsmb start #Start service smb ==== Configure Samba ==== Configuration file: /etc/samba/smb.conf Example Configuration: workgroup = WORKGROUP Access to only one user: [samba-share] #Share-Name (shown on network-access) comment = samba-share #Comment inherit acls = Yes path = /path/to/share/ #Path to share create mask = 0644 directory mask = 0755 browseable = Yes #Show or hide (No) share on network browsing guest ok = no #Deny guest login read only = No #Permit writing (No = deny writing) valid users = tmade #Allowed user(s) Access to several users: [samba_share] comment = windows-transfer inherit acls = Yes path = /path/to/share/ create mask = 0644 directory mask = 0755 read only = Yes valid users = user1 user2 root write list = root #Just root has write rights Access to a group of users: [samba_share] comment = windows-transfer inherit acls = Yes path = /path/to/share/ create mask = 0644 directory mask = 0755 read only = No valid users = @groupname @group2 Access home-directory of all users: [homes] comment = Home Directories browseable = no valid users = %S writeable = yes create mode = 0600 directory mode = 0700 ==== Configure Users ==== smbpasswd -a username #Add a Samba user. Note: To add a samba user the user has to exist in Linux (systemuser) smbpasswd username #Change samba password smbpasswd -x login #Delete a Samba user smbpasswd -d login #Disable Samba user smbpasswd -e login #Reenable Samba user pdbedit -L #show samba users ==== Access Commands ==== Linux to Linux: smbclient //10.6.7.203/samba_share -U tmade smbclient //172.22.49.111/samba_share -U tmade -W password ==== Mount Samba ==== Linux to Windows (and Linux): mount -t smbfs -o lfs //172.22.49.111/windows_share/ /mnt/folder -o username=username smbclient //172.22.49.111/samba_share -U username -W MEDICOR smbclient -L pcbad11 -I 172.22.49.111 -U myuser mount -t cifs -o lfs //10.6.7.67/temp/ /home/samba -o username=myuser mount -t cifs -o lfs //10.6.7.67/temp/ /home/samba -o dom=DOMAIN,username=myuser,password=PASSWORD mount -t smbfs -o lfs //172.22.49.111/share/ /mnt -o dom=DOMAIN,username=myuser,password=PASSWORD #"dom" can be a workgroup as well mount -t cifs -o lfs //IP/c$/folder /mnt/backup/ -o username=Administrator mount -t cifs -o vers=3.0 //test.local/linux_images /mnt/backup/ -o username=testuser,domain=TESTDOMAIN -o sec=ntlmssp #Mount Win 2012/ 2016 Share - option "-o sec=ntlmssp" is required! mount -t cifs //test.local/linux_images /mnt/backup/ -o username=testuser,domain=TESTDOMAIN -o sec=ntlmssp #Mount >= SLES12/ Win 2012/ 2016 Share - option "-o sec=ntlmssp" is required! Linux to Linux: mount -t cifs -o username=myuser //172.22.49.111/share_name /mnt/mountfolder/ mount -t cifs -o username=myuser,password=mypasswd //172.22.49.111/share_name /mnt/mountfolder/ Windows to Linux via batch: @ECHO off ECHO Please wait... SET PINGTIME=5 SET IP=10.0.0.253 ping -n %PINGTIME% %IP% :START ECHO ************************************************** ECHO DELETE EXISTING NETCONNECTION.... ECHO ************************************************** NET USE * /DELETE /Y > NUL ping -n %PINGTIME% %IP% ECHO ************************************************** ECHO Connecting.... ECHO ************************************************** SET ERRORLEVEL= NET USE U: \\%IP%\bunny-share /persistent:yes /USER:bunny IF NOT "%ERRORLEVEL%"=="0" GOTO FPASSWORT IF "%ERRORLEVEL%"=="0" GOTO ENDE :FPASSWORT ECHO ************************************************** ECHO Please enter password! ECHO ************************************************** goto START :ENDE ECHO ************************************************** ECHO done! Drive connected! ECHO ************************************************** ping -n %PINGTIME% %IP% exit ==== Permanent Mount ==== === Windows Share on Linux === To mount a network-share on startup add the following line into "/etc/fstab": //Servername_or_IP/share /Path/to/mountpoint cifs ro,username=myusername,password=mypassword,iocharset=utf8,domain=DOMAIN_NAME 0 0 To aviod plain-text password inside fstab create a "credentials-file": Add to /etc/fstab //Servername_or_IP/share /Path/to/mountpoint cifs ro,codepage=850,iocharset=iso8859-15,credentials=/Path/to/smbcreds.txt 0 0 //Servername_or_IP/share /Path/to/mountpoint cifs rw,codepage=850,iocharset=utf8,domain=DOMAIN_NAME,credentials=/Path/to/smbcreds.txt 0 0 //Servername_or_IP/share /Path/to/mountpoint cifs uid=user,gid=group,file_mode=0775,dir_mode=0775,credentials=/Path/to/smbcreds.txt 0 0 Credentials: /Path/to/smbcreds.txt Content: username=myusername password=mypassword domain=DOMAIN_NAME or username=domain/myusername password=mypassword Make it saver: chown foo:users /Path/to/smbcreds.txt chmod 400 /Path/to/smbcreds.txt === Linux to Linux === Add to fstab: //servername/sharename /mountdirectory smbfs username=userename,password=password 0 0 or //servername/sharename /mountdirectory cifs username=userename,password=password 0 0 ==== Samba AD integration ==== https://debian-administration.org/article/395/Samba_ADS_integration_without_Kerberos ==== MISC ==== Show configured smb-users: pdbedit -Lv