前言

一直以來都以為FTP和NFS是局域網(wǎng)文件共享的常用方式蜒灰，但是在最近接觸Samba之后吏垮，了解到一些用戶需要簡化訪問學(xué)習(xí)成本祈搜，滿足基礎(chǔ)的權(quán)限控制管理缕减，并支持實時編輯和保存文件，我才明白這些需求使用之前的方法都是很難滿足的，而Samba卻可以完美的支持上述需求娄昆，雖然在開始接觸時花了一些時間學(xué)習(xí)佩微，但把配置和語法梳理清楚之后就很簡單了缝彬。

Unix與Windows文件共享的最佳方式之一

更新歷史

2015年07月11日 - 初稿

閱讀原文 - http://wsgzao.github.io/post/samba/

擴展閱讀

Samba - https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/
SAMBA服務(wù)器 - http://vbird.dic.ksu.edu.tw/linux_server/0370samba.php
RHEL6.5下部署samba企業(yè)級文件服務(wù)器實戰(zhàn) - http://yuan2.blog.51cto.com/446689/1588085

安裝samba

各個平臺的安裝都蠻簡單的萌焰，略過

配置samba

建議合理規(guī)劃目錄和用戶權(quán)限，可以利用用戶組來簡化授權(quán)管理谷浅，參見擴展閱讀

#創(chuàng)建目錄（舉例）
mkdir -p /data2/sm
chmod -R 777 /data2/sm

#添加用戶（舉例）
groupadd dengling
useradd -g dengling -s /sbin/nologin dengling
smbpasswd -a dengling

#備份smb配置文件并編輯
cd /etc/samba
cp smb.conf smb.conf.bak
vi smb.conf

#全局參數(shù)
[global]
    security = share
    lanman auth = Yes
    log file = /var/log/samba/log.%m
    idmap config * : backend = tdb
    guest ok = Yes
    hosts allow = 127., 172., 192.168.1., 192.168.3.
    cups options = raw

#共享參數(shù)
[homes]
    comment = Home Directories
    read only = No
    browseable = No

[sheji]
    comment = sheji
    path = /data2/sm/sheji
    valid users = share, shenwei, xuwei, shenjiamei, humengchu, rensiqiang, yeting, tongying, jinbo, zengfanan, fengpeisi
    read only = No
    create mask = 0775
    directory mask = 0775

[test]
    comment = sheji
    path = /data2/sm/test
    valid users = test, test2, shenwei
    read only = No
    create mask = 0775
    directory mask = 0775

[q2]
    comment = sheji
    path = /data2/sm/q2
    valid users = xuejia, sungaoshuai, lujingjing, huangsonghe, yefei, lvwenhan, fangyuan, zhanghuichen, liuguofa, xupeiyu, yangpengfei, lisuitao, sunzhen, shenwei, xuwei, shenjiamei, humengchu, rensiqiang, yeting, tongying, jinbo, zengfanan, fengpeisi, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, zhoujian, fenglu, linlijun, chenshuxian, linzhimin, yanyoushan, xiaguoying, zhanghuanrong, mayushu, xuyangjing, guogaoyan, huangyouyang, jinzhibin, huyuqing, shenxuemei, liukui
    read only = No
    create mask = 0775
    directory mask = 0775

[market]
    comment = sheji
    path = /data2/sm/market
    valid users = zhanghuichen, shenwei, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, xuyangjing, chenshuxian, linzhimin, caoling, guogaoyan, xiehaibo, huangyouyang, jinzhibin, huyuqing
    read only = No
    create mask = 0777
    directory mask = 0775

[market_finance]
    comment = sheji
    path = /data2/sm/market_finance
    valid users = yangqiong, shenwei, chenye, wuailing, pengnan, liangzhixue, chenhong, daimengyou, wangxiaoshuo, xiehaibo, gaofangjie, xuyangjing, chenshuxian, linzhimin, huangyouyang, jinzhibin, huyuqing
    read only = No
    create mask = 0777
    directory mask = 0775

[shenwei]
    comment = sheji
    path = /data2/sm/develop/shenwei
    valid users = shenwei
    read only = No
    create mask = 0777
    directory mask = 0775

[qijun]
    comment = qj
    path = /data2/sm/homedir/qijun
    valid users = qijun
    read only = No
    create mask = 0777
    directory mask = 0775
    guest ok = No

[wenyong]
    comment = sheji
    path = /data2/sm/develop/wenyong
    valid users = wenyong
    read only = No
    create mask = 0777
    directory mask = 0775

[wudi]
    comment = sheji
    path = /data2/sm/develop/wudi
    valid users = wudi
    read only = No
    create mask = 0777
    directory mask = 0775

[caijiannan]
    comment = sheji
    path = /data2/sm/develop/caijiannan
    valid users = caijiannan
    read only = No
    create mask = 0777
    directory mask = 0775

[weiduani2]
    comment = weiduan
    path = /data2/sm/develop/raochao/微端
    valid users = wangfeng
    read only = No
    create mask = 0777
    directory mask = 0775

[raochao]
    comment = raochao
    path = /data2/sm/develop/raochao
    read list = wangfeng, xuwei, shenjiamei, chenxianzhe, chenye, wuailing, liuyuting, dainan
    write list = raochao

[product]
    comment = product
    path = /data2/sm/product
    read only = No
    create mask = 0777
    directory mask = 0777

[jinbo]
    comment = JinBo
    path = /data2/sm/homedir/jinbo
    valid users = jinbo
    read only = No
    guest ok = No

[xiaoqiang]
    comment = xiaoqiang
    path = /data2/sm/homedir/xiaoqiang
    valid users = xiaoqiang
    read only = No
    guest ok = No

[share]
    comment = share
    path = /data2/sm/homedir/share
    valid users = share, market, wal, qijun, zhanghua
    read only = No

啟動samba

#常用選項
[shared_name]
    path =                              # 文件系統(tǒng)路徑
    browseable = {yes|no}               # 是否可以被查看到
    public = {yes|no}                   # 是否可被所有人讀
    guest ok = {yes|no}                 # 與 public 相同
    read only = yes                     # 是否只讀
    writeable = yes                     # 是否可寫
    write list = user1, user2           # 可寫用戶列表
                @group, +group          # 可寫組列表
    valid users =                       # 白名單
    invalid users =                     # 黑名單

#檢查語法
testparm

#重啟smb服務(wù)查看狀態(tài)
service smb restart
smbstatus

Windows客戶端訪問

1.Windows上訪問samba

在“計算機”中輸入：\\xxx.xxx.xxx.xxx\

2.Windows斷開samba共享連接扒俯，實在不行可以選擇注銷或者重啟

在【開始】→【運行】→【CMD】回車中輸入：net use * /del /y

3.將samba共享的Linux目錄映射成Windows的一個驅(qū)動器盤符

在【右鍵計算機】→【映射網(wǎng)絡(luò)驅(qū)動器】→【文件夾\XX.XX.XX.XX\】