Untitled

Samba is a client/server system that implements network resource sharing for Linux and other UNIX computers. With Samba, UNIX files and printers can be shared with Windows clients and vice versa. Samba supports the Session Message Block (SMB) protocol. Nearly all Windows computers include SMB support with their internal network subsystems (NetBIOS in particular).
With an appropriately-configured Samba server on Linux, Windows clients can map drives to the Linux filesystems. Likewise, the Samba client on UNIX can connect to Windows shares by their UNC name. Although differences among various operating systems (such as filesystem naming conventions, end-of-line conventions, and authentication) can limit interoperability, Samba offers a generally serviceable mechanism for resource sharing on a heterogenous network.

To install the samba package,enter the following command:

# yum install samba samba-client samba-common
Check the version of installed samba software by using this command:

# smbd --version

https://imgur.com/iQrXP9g

Check Samba version

Configure the samba service, so that, it will start automatically at boot time:

# chkconfig smb on
# chkconfig nmb on
Add these Iptables rules, so that samba will work perfectly:

# iptables -I INPUT 4 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
# iptables -I INPUT 6 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
# service iptables save
Backup the smb.conf file, then delete it and create the new one:

# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
# rm /etc/samba/smb.conf
# touch /etc/samba/smb.conf
# nano /etc/samba/smb.conf
Add these lines, in your smb.conf file (or change it according to your requirement):

#======================= Global Settings =====================================
[global]
workgroup = WORKGROUP
security = share
map to guest = bad user
#============================ Share Definitions ==============================
[MyShare]
path = /home/samba/share
browsable =yes
writable = yes
guest ok = yes
read only = no
Save the smb.conf file and restart the service:

# service smb restart
# service nmb restart
Change permission for samba share:

# chmod -R 0777 /home/samba/share
Access the samba share from windows (where 192.168.1.15 ip address of my samba server):

https://imgur.com/uUrjxoN

https://imgur.com/0cjHCyK

Access to Samba share

https://imgur.com/yNBIRKx

Successfully access to Samba share

Add and manage Samba users and groups

Add a group in your CentOS server:

# useradd smbuser
# groupadd smbgrp
# usermod -a -G smbgrp smbuser
# smbpasswd -a smbuser
Create a new share, set the permission on the share:

# cd /home/samba/
# mkdir secure
# chown -R smbuser:smbgrp secure/
# chmod -R 0770 secure/
Edit the smb.conf file:

# vi /etc/samba/smb.conf
Add the newly created samba share in smb.conf file:

[Secure]
path = /home/samba/secure
valid users = @smbgrp
guest ok = no
writable = yes
browsable = yes

https://imgur.com/mvNhcsd

Create new samba share

Restart the samba service:

# service smb restart
# service nmb restart
Check the syntax error with testparm:

# testparm
Testing from Windows Machine:

https://imgur.com/4nAyoMv

Below is used to install the samba server

For Linux server without a GUI configured with Samba and Apache

-Create a group for developers populated with a few users.

user@Ubuntu1004:~$ pwd

/home/user

user@Ubuntu1004:~$ groupadd –f developers     (Adds Group)

user@Ubuntu1004:~$ id nbe1

user@Ubuntu1004:~$ id nbe2

user@Ubuntu1004:~$ id nbe3

uid=1001(nbe1) gid=1001(nbe1)

groups=1001(nbe1), 502(developers)

context=root:system_r:unconfined_t:SystemLow-SystemHigh

user@Ubuntu1004:~$ useradd –D –G developers nbe1 (Adds User)

user@Ubuntu1004:~$ useradd –D –G developers nbe2 (Adds Another User)

user@Ubuntu1004:~$ useradd –D –G developers nbe3 (Adds Another)

-Share the default web path for Apache using Samba.

Firstly mount Samba Share in the Apache Directory. Where Apache’s httpd.conf file under your VirtualHost section is there, then update DocumentRoot to the directory where you have actually mounted that.

user@Ubuntu1004:~$ gedit /etc/httpd/conf/httpd.conf

-Allow the developers group to write to the share, give read access to others.

sudo usermod -a -G developers nbe1

sudo chgrp -R developers /var/www

sudo chmod -R g+w /var/www

sudo chgrp -R defualt /var/www

For Windows client

-Mapped network drive to the share on Linux server.

Open Windows adventurer by choosing the beginning so laptop.

Select Map network drive.

A Map Network Drive window can seem. Choose a Drive letter and a Folder path.

For Drive: choose a drive not already in use on your laptop.

For Folder: your department or IT support ought to offer a path to enter during this box. An example for format would be: file-server.sam.digipru.edufileshare for Windows which will connect to:ad.digipru.edusaminstructionalmirde876 (net ID)

To connect mechanically at any time, check the Reconnect at logon box.

Check Connect victimization totally different credentials.

Click end.

A Windows Security box can arouse login data for the network file share.

If the association is in, a drive for the network file share can seem.

-Access shared folder and create a few webpages.

In Gnome the best manner is to press ALT+F2 to observe the run dialog and kind smb:// followed by the science address and therefore the folder name. Linux mechanically detects and connects to Windows networks. In Gnome, by about to Places so Network you’ll mechanically see all the Windows networks. You’ll then navigate through the Windows networks and connect with the shared folder. This can be a straightforward thanks to manage your shared folders if you have got several Windows networks with shared folders.

-Display webpages through a web browser.

If you know basic HTML tags, you can create a notepad file, put the desired data in it & change it’s extension to html. The file when opened next time after you save it will be opened in a web browser. Even if there’s data in file & no HTML tag is used the file would still be opened but a blank page would appear in the browser.

For Linux client

-Create directory /disk2 mounted to a second disk added to the VM

mkdir /disk2

mount -t ext2 /dev/hdb1 /disk2

-Mount directory /webfiles to the share on Windows server.

mkdir ~/mounts/ webfiles

sudo mount.cifs //hostname/webfiles ~/mounts/webfiles -o user=username

-Access Windows shared folder.

mkdir /mnt/share

mount -t cifs //windowsmachineip/webfiles -o username=user,password=urPassword /mnt/share

-Display IIS webpages through a web browser.

lynx file://localhost/FULL/PATH/FILENAME

lynx path/filename.html

lynx –trace www.indowebster.com

For Windows server with file sharing and IIS

-Create a group for developers populated with a few users.

Group Creation: dsadd group <GroupDN> -samid<SAMName> -secgrp {yes|no} -scope {l|g|u}

User Add in Group: dsmod group <GroupDN> -addmbr <MemberDN>

IIS 7 additionally makes the method of configuring via application pool identity and creating all necessary changes easier. Once IIS starts an employee method, it must produce a token that the method can use. Once this token is made, IIS mechanically adds the IIS_IUSRS membership to the employee processes token at runtime. The accounts that run as ‘application pool identities’ not ought to be an exact a part of the IIS_IUSRS group. This transformation helps you to line up your systems with fewer obstacles and makes your overall expertise additional favorable.

If you would like to disable this feature and manually add accounts to the IIS_IUSRS group, disable this new feature by setting the manualGroupMembership worth to true. The subsequent example shows however this may be done to the defaultAppPool

<applicationPools>

<add name=”DefaultAppPool”>

<processModel manualGroupMembership=”true” />

</add>

</applicationPools >

-Share web directory.

appcmd set vdir /vdir.name: string /physicalPath: string

appcmd set vdir /vdir.name: contoso / networking / images /physicalPath: C:Pictures

By default the Windows Server web site is located at
C:INETPUBWWWROOT.

Files stored at that location will be accessible from the server’s web site at its DNS address, e.g.

http://server.newdomain.com.

Subfolders like
C:INETPUBWWWROOTFOLDER

Would be accessed as

http://server.newdomain.com/folder.

Other folders which are not subfolders of
C:INETPUBWWWROOT

-Allow the developers group to write to the share, give read access to others.

In the group Policy Management Console (GPMC) console tree, expand the group Policy Objects node within the forest and domain containing the group Policy object (GPO) that you wish to feature or take away permissions.

Click the GPO.

In the results pane, click the Delegation tab.

Click Add.

In the choose User, Computer, or group panel, click Object types, choose the kinds of objects that you wish to feature GPO permissions, then click OK.

Click Locations, choose either Entire Directory or the domain or structure unit containing the thing that you wish to feature GPO permissions, then click OK.

In the Enter the thing name to pick out box, sort the name of the thing that you wish to feature GPO permissions by performing arts one in all the subsequent actions:

If you recognize the name, sort it then click OK.

To search for the name, click Advanced , sort the search criteria, click realize currently , choose the name within the list box, click OK , then click OK once more. In the Permissions box of the Add group or User panel, choose the suitable permissions from the drop-down list, then click OK.