Additional configuration for Samba Server (Part 2)HARDWARE NETWORKING LINUX SOFTWAREIt Tech Technology

It Tech Technology



Home Top Ad

Post Top Ad

Monday, January 4, 2016

Additional configuration for Samba Server (Part 2)

Additional configuration for Samba Server

Creating & Managing Users & Groups:

Step-1: Create A Group Named “samba-users” & define a directory Named “Resources” for sharing resources.

[[email protected] ~]# groupadd samba-users

[[email protected] ~]# mkdir /opt/Resources

Step-2: Create some samba users with password & add them into “samba-users” group also defines the “Resources” directory for those users.

[[email protected] ~]# useradd –g samba-users –d /opt/Resources user1

[[email protected] ~]# useradd –g samba-users –d /opt/Resources user2

[[email protected] ~]# useradd –g samba-users –d /opt/Resources administrator

[[email protected] ~]# smbpasswd –a user1

[[email protected] ~]# smbpasswd –a user2

[[email protected] ~]# smbpasswd –a administrator

Step-3: Set samba “root” password for login as “root” user from both windows & Linux machine.

[[email protected] ~]# smbpasswd –a root

Step-4: Assign the appropriate permission for “Resources” directory against those users.

[[email protected] ~]# chown root:samba-users /opt/Resources/

[[email protected] ~]# chmod 750 /opt/Resources/

Step-5: Now create some sub directory into “Resources” directory named “Documents”, “Software”, & “Others

[[email protected] ~]# mkdir –p /opt/Resources/Documents

[[email protected] ~]# mkdir –p /opt/Resources/Software

[[email protected] ~]# mkdir –p /opt/Resources/Others

Step-6: Now set the permission for those sub directories that owner can read, write & delete but others users can not delete the files but should have read & write permission.

[[email protected] ~]# chown root:samba-users /opt/Resources/Documents

[[email protected] ~]# chown root:samba-users /opt/Resources/Software

[[email protected] ~]# chown root:samba-users /opt/Resources/Others

[[email protected] ~]# chmod 1770 /opt/Resources/Documents

[[email protected] ~]# chmod 1770 /opt/Resources/Software

[[email protected] ~]# chmod 1770 /opt/Resources/Others

Step-7: Now create an anonymous accessible directory with read & write permission that anonymous user can access this directory

[[email protected] ~]# mkdir /opt/Public

[[email protected] ~]# groupadd anonymous-users

[[email protected] ~]# useradd –g anonymous-users –d /opt/Public guest

[[email protected] ~]# useradd –g anonymous-users –d /opt/Public nobody

[[email protected] ~]# chown root:anonymous-users /opt/Public/

[[email protected] ~]# chmod 777 /opt/Public/

Step-8: Set blank password for anonymous users that they can access this folder without password

[[email protected] ~]# smbpasswd –a guest

[[email protected] ~]# smbpasswd –a nobody

Tips: [One complication is fact that Windows encrypts user passwords differently from Unix/Linux - it uses NTLM hash, rather than the MD5 has commonly found in Linux. Worse still, both of these are one-way algorithms - in other words, there's no way to decrypt the NTLM hash to get back the plaintext password and then re-encrypt that with MD5 to compare against the Linux shadow password file. ]

Post Bottom Ad