1. 基础安装
yum -y install samba-common samba samba-client smbldap-tools openldap-clients nss-pam-ldapd
2. 配置authconfig-tui
执行命令 “authconfig-tui”
验证配置
# getent passwd
zhangsan:x:6460:18650:zhangsan:/home/zhangsan:/bin/bash #此账户为LDAP用户
3. 配置Samba
/etc/samba/smb.conf
[global]
# 设定 Samba Server 所要加入的工作组或者域。
workgroup = SAMBA
# 设置用户访问Samba Server的验证方式,一共有四种验证方式,
security = user
cups options = raw
log level = 3
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
# LDAP 支持
passdb backend = ldapsam:ldap://172.16.50.117/
ldap suffix = "dc=morepay,dc=cn"
ldap admin dn = "cn=Manager,dc=xx,dc=cn"
ldap user suffix = "ou=People,dc=xx,dc=cn"
ldap group suffix = "ou=Group,dc=xx,dc=cn"
ldap delete dn = no
ldap passwd sync = yes
ldap ssl = no
[homes]
comment = Home Directories
preexec = /data/bin/samba %U
path = /data/smb/home/%U
writeable = yes
[caiwu]
# 共享描述
comment = caiwu
# 共享资源路径
path = /data/smb/caiwu
# 指定该共享路径是否可写
writeable = yes
# 是否有浏览权限
browseable = yes
# 指定允许访问该资源的用户,多个用户用','号间隔,(用户组用@+组名)
valid users = zhangsan
# 指定不允许访问该共享资源的用户,同 valid users
# invalid users =
# 指定可以在该共享下写入文件的用户
# write list =
执行:smbpasswd -W 输入LDAP密码
创建 /data/bin/samba 文件 添加:
umask 077
user=$1
if [ ! -d /data/smb/home/$user ];then
mkdir /data/smb/home/$user
chmod 777 /data/smb/home/$user
fi
chmod 777 /data/bin/samba
mkdir /data/smb/home -p
mkdir /data/smb/caiwu
chmod 777 /data/smb -R
启动samba服务
systemctl restart smb
4. 测试
测试创建文件及目录