1, the preface

Assume that the IP address of server A is 192.168.6.101 and that of server B is 192.168.6.102. Now you need to share the folder in the /share directory of server A to the /share directory of server B.

Samba is open source software based on the SMB protocol (ServerMessage Block). Samba can also be a trademark of the SMB protocol. SMB is a protocol for sharing resources such as files and printers on Linux and UNIX systems. It is based on the Client\Server protocol. The Client can access shared resources on the Server through THE SMB. When Windows is a Client and CentOS is a server, Samba enables Windows to access Linux resources and realize data interaction between the two systems.

2. Installation and configuration

2.1, A Machine configuration

[root@A /]# yum install samba -y
#Lists the Samba downloads[root@A /]# yum list Fastestmirror Loading mirror speeds from cached hostfile * base: Mirrors.aliyun.com * extras: mirrors.ustc.edu.cn * updates: mirrors.aliyun.com Installed package Samba.x86_64 4.10.16-7.el7_9Copy the code
[root@A /]#yum list samba [root@A /]#yum remove samba [root@A /]#yum check-update samba [root@A /]#yum update samba //Copy the code

After the installation is complete, add the configuration file

[root@A /]# CD /etc/samba/ [root@A samba]# ll total amount 24 -rw-r--r-- 1 root root 20 10月 1 01:50 lmhosts -rw-r--r-- 1 root Root 417 12月 16 13:57 smb.conf -rw-r--r-- 1 root root 11327 10月 1 01:50 smb.conf. Example#The backup[root@A samba]# cp smb.conf smb.conf.bak [root@A samba]# ll total amount 24 -rw-r--r-- 1 root root 20 10月 1 01:50 lmhosts -rw-r--r-- 1 root root 417 12月 16 13:57 smb.conf -rw-r--r-- 1 root root 706 10月 1 01:50 smb.conf. Bak -- rw-r--r-- 1 root Example [root@A samba]# vim smb.conf [global] workgroup = MYGROUP server string = samba Server Version %v log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [homes] comment = Home Directories browseable = no writable = yes [share] comment = Share test path = /share valid users = test directory mask = 775 writable = yes browseable = yesCopy the code

Configuration description:

The main Samba configuration file is /etc/samba/smb.conf. The main configuration file consists of two parts: Global Settings. These Settings are related to the overall operating environment of the Samba service. Share Definitions This setting is specific to a shared directory and applies only to the current shared resource. Global parameters:#==================Global Settings ===================The [global] config file = / usr/local/samba/lib/SMB. Conf. % m: config file allows you to use another configuration file to override the default configuration file. If the file does not exist, the item is invalid. This parameter is useful to make samba configuration more flexible, allowing one Samba server to emulate multiple servers with different configurations. For example, if you want PC1 (host name) to use its own configuration file when accessing Samba Server, configure smb.conf. PC1 in /etc/samba/host-/ and add smb.conf: The config file = / etc/samba/host/SMB. Conf. % m. So when PC1 requests to connect to the Samba Server, smb.conf.%m is replaced with smb.conf.pc1. Thus, for PC1, the Samba service it uses is defined by SMb.conf.pc1, while other machines accessing Samba Server still apply smb.conf. Workgroup = workGroup Description: Set the workgroup or domain to which the Samba Server is to be added. Server string = Samba server Version %v Note: Specify a comment for the Samba server. The comment can be any string or blank. The macro %v displays the Samba version number. Netbios name = smbServer Note: Set the NetBIOS name of the Samba Server. If this parameter is not specified, the first part of the DNS name of the server is used by default. Netbios name and workGroup name must be different. Interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 Note: To set the network interface on which the Samba Server listens, write either the network interface name or the IP address of the network interface. Hosts allow = 127.192.168.1.192.168.10.1 Note: Indicates that clients are allowed to connect to the Samba Server. Multiple parameters are separated by Spaces. It can be an IP address or a network segment. Hosts deny indicates the opposite of hosts allow. Such as: Hosts allow = 172.17.2. Allow from 172.17.2 EXCEPT172.17.2.50 said. * host connection, 172.17.2.50 hosts allow=172.17.2.0/255.255.0.0 indicates that all hosts from 172.17.2.0/255.255.0.0 are allowed to connect to hosts M1. M2: allows connections from M1 and M2. Hosts allow= @peGA: allows connections from all computers in the PEGA domain. Max Connections = 0 Max connections Specifies the maximum number of connections to the Samba Server. If the number of connections exceeds, the new connection request will be rejected. 0 indicates no limit. Deadtime = 0 Note: Deadtime is used to set the time for breaking a connection without opening any files. The unit is minutes. 0 indicates that the Samba Server does not automatically disconnect any connections. Time server = yes/no Log file = /var/log/samba/log.%m Note: Set the samba Server log file storage location and log file name. A macro %m (host name) after the file name indicates that a separate log file is logged for each machine accessing the Samba Server. If PC1 and PC2 have accessed the Samba Server, two log files log.pc1 and log.pc2 are stored in /var/log/samba. Max log Size = 50 Note: Set the maximum size of log files of the Samba Server. The unit is kB. 0 indicates that there is no limit. Security = user Note: Set the authentication modes for users to access the Samba Server. There are four authentication modes. 1. Share: Users do not need to provide user names and passwords to access the Samba Server, resulting in low security performance. 2. User: Only authorized users can access the Samba Server shared directory. The Samba Server checks the account and password. The account and password must be set up on the Samba Server. 3. Server: Uses another Windows NT/2000 or Samba server to authenticate user accounts and passwords. It is a proxy authentication. In this security mode, the system administrator can gather all the Windows users and passwords on one NT system and use Windows NT for Samba authentication. The remote server can automatically authenticate all the users and passwords. If the authentication fails,Samba uses user-level security mode as an alternative. 4. Domain: Domain security level, using the primary domain Controller (PDC) for authentication. Passdb backend = tdbSAM Note: Passdb backend is the user background. There are currently three types of background: smbPasswd, TDBSAM and LDapSAM. Sam is probably short for Security Account Manager. 1. Smbpasswd: Smbpasswd, the SMB tool, is used to set a Samba password for system users (real or virtual users). Clients use this password to access Samba resources. The smbpasswd file is in the /etc/samba directory by default, although it is sometimes created manually. 2. Tdbsam: This method is to use a database file to establish the user database. The database file is called passdb.tdb and is in /etc/samba by default. The passdb.tdb user database can use smbpasswd -a to create Samba users, but the Samba users to be created must first be system users. We can also set up the Samba account using the pdbedit command. There are many parameters to the pdbedit command, and we list a few major ones. Pdbedit -a username: creates a Samba account. Pdbedit -x username: Deletes the Samba account. Pdbedit -l: Lists the Samba users and reads the passdb.tdb database file. Pdbedit -lv: Lists the details of the Samba user list. Pdbedit -c [D] -u username: suspends the account of the Samba user. Pdbedit -c "[]" -u username: restores the account of the Samba user. 3. Ldapsam: Authenticates users based on LDAP account management. You need to set up the LDAP service and set Passdb backend = LDapsam: LDAP ://LDAP Server. Encrypt passwords = yes/no Description: Whether authentication passwords are encrypted. Because most Windows operating systems use encrypted passwords, you must enable this function. However, the configuration file is enabled by default. SMB passwd file = /etc/samba/smbpasswd Description: It defines the password file of the Samba user. If you don't have the smbpasswd file, create it manually. Username map = /etc/samba/smbusers note: this parameter is used to define username mapping. For example, you can change root to administrator or admin. However, this should be defined in the smbusers file. For example, if root = administrator admin, you can use administrator or admin to log in to the Samba Server instead of root, which is more similar to the custom of Windows users. Guest account = nobody Description: Used to set the guest user name. Socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Domain master = yes/no Description: Set whether the Samba server is to become the primary browser of the network domain. The primary browser of the network domain can manage the browsing service across subdomains. Local master = yes/no Note: The local master is used to specify whether the Samba Server attempts to become the primary browser of the local domain. If this parameter is set to no, it will never become the primary browser of the local domain. But even if set to yes, the Samba Server does not become the primary browser, and needs to vote. Preferred Master = YES/NO Note: Setting the Samba Server to force primary browser election upon startup improves the chance that the Samba Server becomes the primary browser in the local domain. If this parameter is set to yes, it is better to set the domain master to yes. Note when using this parameter: If there are other machines (whether Windows NT or other Samba Servers) on the subnet where the Samba Server resides that are also designated as the primary primary browser, these machines will broadcast over the network for the primary browser, affecting network performance. If there are multiple Samba servers in the same area, set the above three parameters to one. OS level = 200 Note: Set the OS level of the Samba server. This parameter determines whether the Samba Server has a chance to become the primary browser in the local domain. The OS level ranges from 0 to 255. For winNT, the OS level is 32, and for Win95/98, the OS level is 1. The OS level of Windows 2000 is 64. If set to 0, it means that Samba Server loses browsing options. If you want Samba Server to be a PDC, set its OS level value to a larger value. Domain logons = yes/no Description: Set whether to use the Samba Server as the local area controller. Enable this function on both the primary domain controller and backup domain controller. Note: Samba provides a login file when the user logs in with a Windows client. If set to % U.bat, provide a login file for each user. If there are too many people, it's more trouble. You can set it to a specific file name, such as start.bat, so that the user will execute start.bat after logging in, instead of creating a login file for each user. This file will be placed in the directory path set by [netlogon]. Wins support = yes/no Description: Set whether the Samba server provides WINS services. Wins Server = WINS server IP address Description: Set whether the Samba server uses other WINS servers to provide WINS services. Wins proxy = yes/no Description: Set whether to enable the WINS proxy service on the Samba Server. DNS proxy = yes/no Description: Set whether to enable the DNS proxy service on the Samba Server. Load printers = yes/no Description: Sets whether printers are shared when Samba is started. Printcap name = cups Description: Sets the configuration file for the shared printer. Printing = cups Description: Sets the type of Samba shared printers. Currently supported printing systems are: BSD, SYSV, PLP, LPRNG, AIX, HPUX, QNX#================== Share Definitions ==================[Share name] comment = Any character string: Comment indicates the description of the share. It can be any character string. Path = Shared directory path Description: Path specifies the path of the shared directory. You can replace the Unix user and client Netbios names in the path with macros such as %u and %m, which are used primarily for the [homes] shared domain. For example, if we do not plan to use the home segment as a share for customers, but create a directory under /home/share/ for each Linux user with his username as his share directory, then path can be written as: path = /home/share/%u; . When a user connects to the share, the specific path is replaced by his or her username. Note that the username path must exist; otherwise, the client will not find the network path when accessing the share. Similarly, if we were to divide the directories not by users but by clients, and create a path with its NetBIOS name for each machine on the network that has access to Samba as a shared resource for the different machines, we could write: path = /home/share/%m. Browseable = yes/no Description: Browseable specifies whether the share can be browsed. Writable = yes/no Description: Writable specifies whether the share path is writable. Available = yes/no Description: Available Specifies whether the shared resource is available. Admin Users = Administrator of the share Description: The admin users command is used to specify the administrator of the share who has full control over the share. In Samba 3.0, this item does not work if the user authentication mode is set to Security =share. For example, admin Users = David, sandy (multiple users are separated by commas). Valid users = Users allowed to access the share Description: Valid Users specifies users allowed to access the share. For example, valid Users = David, @dave, @tech (Multiple users or groups are separated by commas (,). If you want to join a group, use @group name.) Invalid Users = Users who are not allowed to access the share Description: Invalid Users is used to specify users who are not allowed to access the share. For example, invalid Users = root, @bob (multiple users or groups are separated by commas.) Write List = Allowed users to write files to the share Description: The write list is used to specify the users who can write files to the share. For example, write list = David, @dave public = yes/no Note: public specifies whether the share can be accessed by guest accounts. Guest OK = yes/no Note: The meaning is the same as public. [homes] comment = Home Directories browseable = no writable = yes valid users = %S; valid users = MYDOMAIN\%S [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes Writable = no share modes = no [Profiles] path = /var/lib/samba/profiles browseable = no guest OK = yes Run the testparm command to test whether the smb.conf configuration is correct. The testparm -v command lists the configuration parameters supported by smb.conf in detail.Copy the code

Create account

[root@A samba]# useradd -d /share -s /sbin/nologin test 
#Share password assigned to the account 
[root@A samba]# smbpasswd -a test  
New SMB password: 
Retype new SMB password:

#View the newly created user
[root@A samba]# cat /etc/passwd
......
test:x:1000:1000::/share:/sbin/nologin                                                           
Copy the code

Start services such as SMB

[root@A samba]# systemctl start smb.service [root@A samba]# systemctl start nmb.service [root@A samba]# systemctl enable  smb.service Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service. [root@A samba]# systemctl enable nmb.service Created symlink from /etc/systemd/system/multi-user.target.wants/nmb.service to /usr/lib/systemd/system/nmb.service.Copy the code

2.2, B Machine configuration

Operate in machine B

[root@B /]# mkdir share
[root@B /]# yum install cifs-utils
#Mount the shared file on server A to server B[root@B /]# mount -t cifs //192.168.6.101/share /share -o The username = test and password = 'test @ 2.', domain = domain, vers = 2.0, dir_mode = 0777, file_mode = 0777
#View the mounting status
[root@B /]# df -h
...
//192.168.6.101/share    20G  4.1G   16G   21% /share


#Automatic mounting upon startupLocal [root@B /]# vi /etc/rc.local [root@B /]# mount -t cifs //192.168.6.101/share /share -o username = test and password = 'test @ 2.', domain = domain, vers = 2.0, dir_mode = 0777, file_mode = 0777Copy the code

2.3, tests,

A machine

[root@A share]# echo "test" > test. TXT [root@A share]# echo "test" > 2. TXT [root@A share]# ll Total usage 12-rw-r --r-- 1 root TXT -rw-r--r-- 1 root root 5 12月 16 14:35 test.txtCopy the code

B machine

[root@B share]# root root 12 -rw-r--r-- 1 root root 2 12月 16 14:36 2.txt -rw-r--r-- 1 root root 5 12月 16 14:35 test.txtCopy the code

Test the success of folder sharing on machine AB.

Try writing a file to machine B

[root@B share]# echo 4 > 4.txt -bash: 4.txt: permission not enoughCopy the code

The samba Server folder does not have permissions, so go to machine A and do it

[root@A /]# chmod 777 /share
Copy the code

Pass the test again.

3. Extensions – Window10 connects to samba Server

Now that we have implemented file sharing between AB and centos machines, how to connect the Windows desktop to samba Server locally and implement file synchronization between the three machines?

Window + E go to the filer, right-click and select Add a network location

Then enter the password of the test account

Window Create a new folder in the current network location

#A machine[root@A share]# ll 990736-rw-r --r-- 1 test test 0 12月 16 15:05 1. sh-rw-r --r-- 1 root root 2 12月 16 14:36 22.txt TXT -rw-r--r-- 1 root root 2 12月 16 14:41 3. TXT -rw-r--r-- 1 test test 3 12月 16 14:55 8. TXT -rw-r--r-- 1 root root 1014496833 12月 1 11:16 docker.tar.gz drwxrwxr-x 2 test test 6 12月 16 15:14 new drwxrwxr-x 2 test test 22 12月 16 15:03 Test-rw-r --r-- 1 root root 5 12月 16 14:35 test.txt
#B machine[root@B share]# ll 990736-rw-r --r-- 1 test test 0 12月 16 15:05 1. sh-rw-r --r-- 1 root root 2 12月 16 14:36 22.txt TXT -rw-r--r-- 1 root root 2 12月 16 14:41 3. TXT -rw-r--r-- 1 test test 3 12月 16 14:55 8. TXT -rw-r--r-- 1 root root 1014496833 12月 1 11:16 docker.tar.gz drwxrwxr-x 2 test test 6 12月 16 15:14 new drwxrwxr-x 2 test test 22 12月 16 15:03 Test-rw-r --r-- 1 root root 5 12月 16 14:35 test.txtCopy the code

Test passed.

After that, any new files we add will be synchronized across all three machines.

4. Docker builds Samba

Now that we’ve done this, if we want to deploy another Samba Server on another machine, we need to follow these steps one by one, which can seem cumbersome.

So we’re going to use Docker to build Samba, and subsequent migrations will be much easier.

[root@A /]# docker search samba NAME DESCRIPTION STARS OFFICIAL AUTOMATED dperson/samba 443 [OK] svendowideit/samba Sharing a Docker container's volume should B... 55 [OK] Nowsci/Samba-domain A well documented and tested Samba Active Di... 29 [OK] servercontainers/samba samba - (servercontainers/samba) (+ optional... 19 [OK] Elswork/Samba Multi-arch container of Samba for AMD & ARM... 17 Appcontainers /samba CentOS 6.6 Samba 4 Container - 282.2MB 13 [OK] jenserat/ samba-publicShare Simple Docker image for Publically sharing a... 12 [OK] Joebiellik /samba-server Simple Samba server running on Alpine Linux... 10 [OK] dreamcat4/samba 8 [OK] instantlinux/samba-dc Samba domain controller 8 [OK] sixeyed/samba Samba server, FROM dperson/samba 6 [OK] gists/samba-server Samba server based on alpine 6 [OK] pwntr/samba-alpine Simple and Lightweight Samba docker containe... 5 [OK] Timjdfletcher /samba-timemachine Samba configured to run as a timemachine tar... 5 rsippl/samba-ad-dc Samba 4 Active Directory Domain Controller 4 [OK] andrespp/samba-ldap Docker image for SAMBA with LDAP authenticat... 4 [OK] willtho/samba-timemachine Samba based Time Machine 3 [OK] nestyurkin/samba4timemachine Latest Samba Server for Support OSX High Sie... 2 [OK] rootlogin/samba Samba smbd daemon 1 [OK] cptactionhank/samba 1 [OK] b32147/samba A dockerized instance of Samba On Apline 1 [OK] Znedw/Samba Samba 4+ based on Alpine, designed to be run... 1 charlesmknox/samba https://gitlab.com/charles-m-knox/samba-dock... 0 mediadepot/samba Samba container 0 [OK] hivesolutions/samba Simple stand-alone samba server. 0 [OK]Copy the code

So let’s use Star number one dperson/ Samba

Create a new directory /docker/samba

The sm.conf configuration file is generated in the current directory

[global]
workgroup = MYGROUP
server string = Samba Server Version %v

log file = /var/log/samba/log.%m
max log size = 50

security = user
passdb backend = tdbsam

[homes]
comment = Home Directories
browseable = no
writable = yes

[share]
comment = Share test
path = /share
valid users = test
directory mask = 775
writable = yes
browseable = yes

Copy the code

Dockerfilie

# Alpine Linux
from dperson/samba
Change the default configuration
COPY smb.conf /etc/samba
# Modify the mirror source
COPY repositories /etc/apk/repositories
RUN mkdir /share \
    && chmod 777 /share \
    # install vim
    && apk add vim \
    # ll installation
    && echo "alias ll='ls $LS_OPTIONS -l'" >> ~/.bashrc \
    && source ~/.bashrc 
Copy the code

Generate the mirror

[root@A samba]# docker build -t mysamba .
Copy the code

Start the container

[root@A samba]# docker run -itd --name samba-test -p 139:139 -p 445:445 -v /share:/share -v /etc/localtime:/etc/localtime mysamba -u "test; test@2." -s "test; /share; yes; no; no; test; test;"
#Explanation: where -u"test; test@2."Is the password of the created user
# -s "test; /share; yes; no; no; test; test;"Is editor of sm. Conf
#Is equal to:Add [test] path = /share browsable = yes Read only = no guest OK = no veto files = /.apdisk/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/ delete veto files = yes valid users = test admin users = testCopy the code

test

Add a mapped network drive to the window network.

The test pass

5, summary

There are many ways to set up Samba sharing files, and docker is the most convenient way to migrate and deploy.