实验需求
一.搭建匿名用户共享服务器
二.搭建用户认证共享服务器
实验环境
服务器IP | 客户端IP |
---|---|
172.16.12.11 | 172.16.12.14 |
①.在服务端安装samba,并开启
[root@lizihan ~]# yum -y install samba-*
[root@lizihan ~]# systemctl start smb
②.客户端安装samba-client
[root@lizihan ~]# yum -y install samba-client
③.在客户端和服务器端都关闭防火墙
[root@lizihan ~]# systemctl stop firewalld
实验步骤
一.搭建匿名用户共享服务器
- 服务端
①.修改配置文件,在global全局配置下添加
[root@lizihan ~]# vim /etc/samba/smb.conf
[global]
map to guest = Bad User
②.创建共享目录,并在配置文件里面配置共享目录
[root@lizihan ~]# mkdir /opt/xixi
[root@lizihan ~]# vim /etc/samba/smb.conf
[xixi]
comment = xixi
browseable = yes
write list = Bad User
path = /opt/xixi
guest ok = yes
public = yes
③.设置共享目录的权限
[root@lizihan ~]# chmod 777 /opt/xixi
[root@lizihan ~]# ll /opt/xixi -d
drwxrwxrwx 2 root root 18 Sep 11 04:22 /opt/xixi
- 客户端
①.使用smbclient查看共享资源
[root@lizihan ~]# smbclient -L 172.16.12.11 -U 'Bad User'
Enter SAMBA\Bad User's password:
OS=[Windows 6.1] Server=[Samba 4.6.2]
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
xixi Disk xixi
IPC$ IPC IPC Service (Samba 4.6.2)
OS=[Windows 6.1] Server=[Samba 4.6.2]
Server Comment
--------- -------
Workgroup Master
--------- -------
②.将samba服务器挂载到本地
[root@lizihan ~]# mkdir /samba
[root@lizihan ~]# mount -t cifs //172.16.12.11/xixi /samba -o username='Bad User'
[root@lizihan ~]# df -h | grep 172
//172.16.12.11/xixi 17G 1.2G 16G 7% /samba
- 验证结果
①.在samba服务器的共享目录创建一个文件,在客户端上可以访问samba服务器的共享目录里面的内容
[root@lizihan ~]# touch /opt/xixi/hehe
[root@lizihan ~]# ls /samba/
hehe
②.因为设置了可写权限,客户端是可以在samba服务端的共享目录里面创建目录和文件的
[root@lizihan ~]# mkdir /samba/123456
[root@lizihan ~]# ls /samba/
123456 hehe
二.搭建用户认证共享服务器
- 服务端
①.在服务端上创建一个用户,并修改他的samba用户密码
[root@lizihan ~]# useradd xx
[root@lizihan ~]# smbpasswd -a xx
New SMB password:
Retype new SMB password:
Added user xx.
②.修改/etc/samba/smbusers和/etc/samba/smb.conf
[root@lizihan ~]# vim /etc/samba/smbusers
xx = hh
[root@lizihan ~]# vim /etc/samba/smb.conf
[global]
username map = /etc/samba/smbusers
③.修改共享目录配置文件,重启服务
[root@lizihan ~]# vim /etc/samba/smb.conf
[xixi]
comment = xixi
browseable = yes
write list = xx
path = /opt/xixi
guest ok = yes
public = yes
[root@lizihan ~]# systemctl restart smb
- 客户端
①.使用smbclient查看共享目录
[root@lizihan ~]# smbclient -L 172.16.12.11 -U xx
Enter SAMBA\xx's password:
Domain=[LIZIHAN] OS=[Windows 6.1] Server=[Samba 4.6.2]
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
xixi Disk xixi
IPC$ IPC IPC Service (Samba 4.6.2)
xx Disk Home Directories
Domain=[LIZIHAN] OS=[Windows 6.1] Server=[Samba 4.6.2]
Server Comment
--------- -------
Workgroup Master
--------- -------
②.将samba服务器的共享目录挂载到本地
[root@lizihan ~]# mount -t cifs //172.16.12.11/xixi /tmp/samba -o username=hh,password=123
[root@lizihan ~]# df -h | grep 172
//172.16.12.11/xixi 17G 1.2G 16G 7% /tmp/samba
- 验证结果
①.在samba服务器的共享目录创建一个文件,在客户端上可以访问samba服务器的共享目录里面的内容
[root@lizihan ~]# touch /opt/xixi/aaaaaa
[root@lizihan ~]# ls /tmp/samba/
aaaaaa
②.设置了指定用户可写,所以可以在samba服务器的共享目录里面创建文件
[root@lizihan ~]# mkdir /tmp/samba/bbbbb
[root@lizihan ~]# ls /tmp/samba/
aaaaaa bbbbb
③.因为设置的是指定用户可写,用其他的用户是不能创建文件和目录的,在服务端再创建一个samba用户,然后服务端挂载,创建文件测试
[root@lizihan ~]# smbpasswd -a hehe
New SMB password:
Retype new SMB password:
Added user hehe.
[root@lizihan ~]# mount -t cifs //172.16.12.11/xixi /tmp/samba/ -o username=hehe,password=1
[root@lizihan ~]# mkdir /tmp/samba/11111
mkdir: cannot create directory ‘/tmp/samba/11111’: Permission denied