由 lanmaster 在 08-11-2003 10:06 发表:
有谁用Samba做过登陆服务器,进来交流一下!
我想用SAMBA做为一个局域网的登陆服务器,局域网所有登陆用户都由SAMBA进行管理,并且对SAMBA做一些共享设置:
下面是SAMBA服务器的配置文件
#======================= Global Settings =====================================
[global]
workgroup = NT-Domain-Name or Workgroup-Name
workgroup = ccgd.com
server string is the equivalent of the NT Description field
server string = Samba Server
This option is important for security. It allows you to restrict
connections to machines which are on your local network. The
following example restricts access to two C class networks and
the "loopback" interface. For more examples of the syntax see
the smb.conf man page
hosts allow = 192.168.0. 172.169.0. 127.
if you want to automatically load your printer list rather
than setting them up individually then you'll need this
printcap name = /etc/printcap
load printers = yes
It should not be necessary to spell out the print system type unless
yours is non-standard. Currently supported print systems include:
bsd, sysv, plp, lprng, aix, hpux, qnx
printing = lprng
Uncomment this if you want a guest account, you must add this to /etc/passwd
otherwise the user "nobody" is used
guest account = guest
this tells Samba to use a separate log file for each machine
that connects
log file = /var/log/samba/%m.log
Put a capping on the size of the log files (in Kb).
max log size = 100
Security mode. Most people will want user level security. See
security_level.txt for details.
security = user
Use password server option only with security = server
The argument list may include:
password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
or to auto-locate the domain controller/s
password server = *
; password server =
1<nt-server-name>
2
3
4
5# Password Level allows matching of _n_ characters of the password for
6
7# all combinations of upper and lower case.
8
9; password level = 8
10
11; username level = 8
12
13
14
15# You may wish to use password encryption. Please read
16
17# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
18
19# Do not enable this option unless you have read those documents
20
21encrypt passwords = yes
22
23smb passwd file = /etc/samba/smbpasswd
24
25
26
27# The following is needed to keep smbclient from spouting spurious errors
28
29# when Samba is built with support for SSL.
30
31; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
32
33
34
35# The following are needed to allow password changing from Windows to
36
37# update the Linux system password also.
38
39# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
40
41# NOTE2: You do NOT need these to allow workstations to change only
42
43# the encrypted SMB passwords. They allow the Unix password
44
45# to be kept in sync with the SMB password.
46
47unix password sync = Yes
48
49passwd program = /usr/bin/passwd %u
50
51passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
52
53
54
55# You can use PAM's password change control flag for Samba. If
56
57# enabled, then PAM will be used for password changes when requested
58
59# by an SMB client instead of the program listed in passwd program.
60
61# It should be possible to enable this without changing your passwd
62
63# chat parameter for most setups.
64
65
66
67pam password change = yes
68
69
70
71# Unix users can map to different SMB User names
72
73username map = /etc/samba/smbusers
74
75
76
77# Using the following line enables you to customise your configuration
78
79# on a per machine basis. The %m gets replaced with the netbios name
80
81# of the machine that is connecting
82
83; include = /etc/samba/smb.conf.%m
84
85
86
87# This parameter will control whether or not Samba should obey PAM's
88
89# account and session management directives. The default behavior is
90
91# to use PAM for clear text authentication only and to ignore any
92
93# account or session management. Note that Samba always ignores PAM
94
95# for authentication in the case of encrypt passwords = yes
96
97
98
99obey pam restrictions = yes
100
101
102
103# Most people will find that this option gives better performance.
104
105# See speed.txt and the manual pages for details
106
107socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
108
109
110
111# Configure Samba to use multiple interfaces
112
113# If you have multiple network interfaces then you must list them
114
115# here. See the man page for details.
116
117interfaces = 192.168.0.35/24 172.169.0.1/24
118
119
120
121# Configure remote browse list synchronisation here
122
123# request announcement to, or browse list sync from:
124
125# a specific host or from / to a whole subnet (see below)
126
127; remote browse sync = 192.168.3.25 192.168.5.255
128
129# Cause this host to announce itself to local subnets here
130
131; remote announce = 192.168.1.255 192.168.2.44
132
133
134
135# Browser Control Options:
136
137# set local master to no if you don't want Samba to become a master
138
139# browser on your network. Otherwise the normal election rules apply
140
141local master = yes
142
143
144
145# OS Level determines the precedence of this server in master browser
146
147# elections. The default value should be reasonable
148
149os level = 64
150
151
152
153# Domain Master specifies Samba to be the Domain Master Browser. This
154
155# allows Samba to collate browse lists between subnets. Don't use this
156
157# if you already have a Windows NT domain controller doing this job
158
159domain master = yes
160
161
162
163# Preferred Master causes Samba to force a local browser election on startup
164
165# and gives it a slightly higher chance of winning the election
166
167preferred master = yes
168
169
170
171# Enable this if you want Samba to be a domain logon server for
172
173# Windows95 workstations.
174
175domain logons = yes
176
177
178
179# if you enable domain logons then you may want a per-machine or
180
181# per user logon script
182
183# run a specific logon batch file per workstation (machine)
184
185; logon script = %m.bat
186
187# run a specific logon batch file per username
188
189; logon script = %U.bat
190
191
192
193# Where to store roving profiles (only for Win95 and WinNT)
194
195# %L substitutes for this servers netbios name, %U is username
196
197# You must uncomment the [Profiles] share below
198
199; logon path = \\\%L\Profiles\%U
200
201
202
203# Windows Internet Name Serving Support Section:
204
205# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
206
207wins support = yes
208
209
210
211# WINS Server - Tells the NMBD components of Samba to be a WINS Client
212
213# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
214
215; wins server = w.x.y.z
216
217
218
219# WINS Proxy - Tells Samba to answer name resolution queries on
220
221# behalf of a non WINS capable client, for this to work there must be
222
223# at least one WINS Server on the network. The default is NO.
224
225; wins proxy = yes
226
227
228
229# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
230
231# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
232
233# this has been changed in version 1.9.18 to no.
234
235dns proxy = no
236
237
238
239# Case Preservation can be handy - system default is _no_
240
241# NOTE: These can be set on a per share basis
242
243; preserve case = no
244
245; short preserve case = no
246
247# Default case is normally upper case for all DOS files
248
249; default case = lower
250
251# Be very careful with case sensitivity - it can break things!
252
253; case sensitive = no
254
255
256
257#============================ Share Definitions ==============================
258
259[homes]
260
261comment = Home Directories
262
263browseable = no
264
265writable = yes
266
267valid users = %S
268
269create mode = 0664
270
271directory mode = 0775
272
273# If you want users samba doesn't recognize to be mapped to a guest user
274
275; map to guest = bad user
276
277
278
279
280
281# Un-comment the following and create the netlogon directory for Domain Logons
282
283[netlogon]
284
285comment = Network Logon Service
286
287path = /usr/local/samba/netlogon
288
289read only =yes
290
291guest ok = no
292
293writable = no
294
295share modes = no
296
297
298
299
300
301# Un-comment the following to provide a specific roving profile share
302
303# the default is to use the user's home directory
304
305;[Profiles]
306
307; path = /usr/local/samba/profiles
308
309; browseable = no
310
311; guest ok = yes
312
313
314
315其中我想问的是:
316
3171、在做netlogo共享时,其权限是什么样的(我的设置如上)。
318
319我重新起动SAMBA服务之后方问服务器的netlogo共享文件夹的时候有错误提示:无法访问\\\192.168.0.35\netlogo ,找不到网络名。
320
3212、当我用WIN2000pro设置成登陆到域时:域名“ccgd.com" 确定后提示:“请输入有加入域权限的帐户的名称和密码。”我输入一个SAMBA用户"lanmaster" 加入域“ccgd.com"时出现以了下错误: 所用帐户是一个计算机帐户。使用你的全局用户帐户或本地用户帐户来访问此服务器。我用本地的Adminitrator用户却提示我:“未知的用户名和密码”
322
323
324
325这就是我刚做时候的一些疑问。
326
327
328
329
330* * *
331
332
333_由 lanmaster 在 08-11-2003 11:29 发表:_
334
335
336
337****
338
339
340
341
342
343还有一个问题想问一下。(配置文件如上)
344
345当我用service smb restart 重新起动SMB服务的时候,NMB关闭服务的时候出现如下提示:
346
347关闭 NMB 服务:/etc/init.d/smb: line 201: kill: (752) - No such process
348
349而我在使用service smb restart 时却提示两行提示:
350
351关闭 NMB 服务:/etc/init.d/smb: line 201: kill: (1083) - No such process
352
353/etc/init.d/smb: line 201: kill: (1066) - No such process
354
355请问这是不是因为第一次重新起动NMB时候造成的(没有提示关闭或启动失败)
356
357__________________
358
359成长中的菜鸟!
360
361E-Mail:[email protected]
362
363QQ :7118899
364
365
366
367
368* * *
369
370
371_由 lanmaster 在 08-11-2003 13:07 发表:_
372
373
374
375****
376
377
378
379
380
381补充两张截图
382
383
384
385
386* * *
387
388
389_由 lanmaster 在 08-11-2003 13:16 发表:_
390
391
392
393****
394
395
396
397
398
399截图</nt-server-name>