Simple Samba Setup: Difference between revisions
		
		
		
		Jump to navigation
		Jump to search
		
| No edit summary | |||
| Line 56: | Line 56: | ||
|   usermod -a -G ldapgrp  <ldap user> |   usermod -a -G ldapgrp  <ldap user> | ||
|  [global] | |||
|     workgroup = WORKGROUP | |||
|     server string = %h server (Linux) | |||
|     interfaces = eth0 | |||
|     bind interfaces only = yes | |||
|     log file = /var/log/samba/log.%m | |||
|     panic action = /usr/share/samba/panic-action %d | |||
|     server role = standalone server | |||
|     '''<s>#obey pam restrictions = Yes</s>''' | |||
|     passwd program = /usr/bin/passwd %u | |||
|     passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . | |||
|     pam password change = Yes | |||
|     map to guest = Bad User | |||
|     #log level = 4 #To be used for debugging purposes | |||
|  [www] | |||
|     comment = www | |||
|     path = /var/www | |||
|     valid users = @ldapgrp | |||
|     browsable = yes | |||
|     writable = yes | |||
|     read only = no | |||
|     force user = www-data | |||
Revision as of 19:33, 16 March 2021
Simple Samba (SMB) Setup with the focus of having a file share method for www developers on windos machines.
Install Samba on Debian or Ubuntu
apt-get install samba samba-common system-config-samba
Configure Samba with a local user for www-data
Configure Samba with a local user to authenticate and enforce the user www-data to be used on the share level
- Add a new group
addgroup sambagrp
- Create a user (demo01), no home directory and no local login, just to authenticate with Samba, add the user to the new group
useradd demo01 -M -G sambagrp -s /usr/sbin/nologin
- Add a the new user (-a) to the Samba authentication and create a new password
smbpasswd -a demo01
- Create or edit /etc/samba/smb.conf
[global] workgroup = WORKGROUP server string = %h server (Linux) interfaces = eth0 bind interfaces only = yes log file = /var/log/samba/log.%m panic action = /usr/share/samba/panic-action %d server role = standalone server obey pam restrictions = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = Yes map to guest = Bad User #log level = 4 #To be used for debugging purposes [www] comment = www path = /var/www valid users = @sambagrp browsable = yes writable = yes read only = no force user = www-data
- Restart Samba
systemctl restart smbd
Ready to use the demo01 user to connect to the Samba Server
Configure Samba with a foreign user for www-data
Configure a new user which gets authenticated with other methods such as 'sssd (ldap authentication)' like with ActiveDirectory
addgroup ldapgrp
usermod -a -G ldapgrp <ldap user>
[global] workgroup = WORKGROUP server string = %h server (Linux) interfaces = eth0 bind interfaces only = yes log file = /var/log/samba/log.%m panic action = /usr/share/samba/panic-action %d server role = standalone server#obey pam restrictions = Yespasswd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = Yes map to guest = Bad User #log level = 4 #To be used for debugging purposes [www] comment = www path = /var/www valid users = @ldapgrp browsable = yes writable = yes read only = no force user = www-data