ࡱ>  cbjbjVV 2<<c|L L Dr^AAA  $D%qqqqqqq$s}vq&&&qA q4:4:4:&nA q4:&q4:4:Ndl`qAMF4 n0qq0r add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u When you have completed the modifications, you'll need to create the samba-clients Linux group that will be used to help identify the all the domain's Windows clients listed in the /etc/passwd file: groupadd samba-clients Point PC Clients To Your Samba PDC Windows 95/98/ME and Windows XP Home Windows 9x machines do not implement full domain membership and therefore don't require machine trust accounts. Here's what you need to do: Navigate to the Network section of the Control Panel (Start ->Settings->Control Panel->Network) Select the Configuration tab Highlight "Client for Microsoft Networks" Click the Properties button. Check "Log onto Windows NT Domain", and enter the domain name. Click all the OK buttons and reboot! Windows NT For Windows NT, you must first create a manual Samba machine trust account as explained earlier, then follow these steps: Navigate to the Network section of the Control Panel (Start ->Settings->Control Panel->Network ) Select the "Identification" tab Click the "Change" button Enter the domain name and computer name, do not check the box Create a Computer Account in the Domain. In this case, the existing machine trust account is used to join the machine to the domain. Click "OK". You should get "Welcome to " message as confirmation that you've been added. Reboot. You can now log in using any account in the /etc/smbpasswd file with your domain as the domain name. Windows 200x and Windows XP Professional For the 200x and XP Professional varieties of Windows, create a dynamic Samba machine trust account, then go through these steps: Press the Windows and Break keys simultaneously to access the System Properties dialogue box. Click on the 'Network Identification' or 'Computer Name' tab on the top. Click the "Properties" button. Click on the "Member of Domain" button. Also enter your domain name and computer name and then click "OK" You will be prompted for a user account and password with rights to join a machine to the domain. Enter the information for your Samba administrator. In this home environment scenario, the user would be root with the corresponding smbpasswd password. Now, you should get a "Welcome to " message confirming that you've been added. Reboot. You can now log in using any account in the /etc/smbpasswd file with your domain as the domain name. Add Users To Your Samba Domain Adding users to a domain has three phases. The first is adding a Linux user on the Samba server, the second is creating a Samba smbpasswd that maps to the new Linux user created previously, and the third is to map a Windows drive letter to the user's Linux home directory. Let's take a closer look: 1) Add Linux Users First, go through the process of adding users in Linux just as you would normally. Passwords won't be necessary unless you want the users to log in to the Samba server via telnet or ssh. Create the user: useradd -g 100 peter Give them a Linux Password (password is only necessary if the user needs to log into the Samba server directly): passwd peter 2) Mapping The Linux Users To An smbpassword Create Samba domain login passwords for the user: /usr/bin/smbpasswd -a username password The -a switch adds the user to the /etc/smbpasswd file. Use a generic password then have users change it immediately from their workstations in the usual way. Remember the smbpasswd sets the Windows Domain login password for a user, which is different from the Linux login password to log into the Samba box. 3) Mapping A Private Windows Drive Share By default, Samba automatically gives each user logged into the domain an H: drive that maps to the /home/username directory on the Linux box. ( If the auto-mapping doesn't work then try: Let the user log into the domain. Right-click on the "My Computer" icon on the desktop. Click on "Map Network Drive". Select a drive letter. Browse to the HOMENET domain, then the Samba server, then the user's home directory. Click on the check box "Reconnect at Logon", to make the change permanent (You can use the command-line method and possibly make it into a script. 1. Create a master logon batch file for all users: vi /home/samba/netlogon/login.bat 2. Add the following lines to mount the user's share as drive P: . REM Drive Mapping Script net use P: \\bigboy\ 3. Make the file world readable using: chmod 644 /home/samba/netlogon/login.bat 4. Linux and Windows format text files slightly differ. As the file resides on a Linux box, but will be interpreted by a Windows machine, you'll have to convert the file to the Windows format. Use the unix2dos command: unix2dos /home/samba/netlogon/login.bat 5. The final step is to edit your smb.conf file's [global] section have a valid entry for the logon script parameter. This can be done using SWAT via the Globals menu. [global] logon script = login.bat Now your users will have additional disk space available on a Windows P: drive whenever they login. Domain Groups And Samba Samba supports domain groups that will allow users who are members of the group to be able to have Administrator rights on each PC in the domain. This enables them to add software and configure network settings. In Windows, Domain Groups also have the ability to join machines to the domain: however, Samba does not support this currently. The domain admin group parameter specifies users who will have domain administrator rights. The argument is a space-separated list of user names or group names (group names must have an @ sign prefixed). For example: domain admin group = USER1 USER2 @GROUP How To Delete Users From Your Samba Domain Deleting users from your Samba domain is a two stage process in which you have to remove the user from the Linux server and also remove the user's corresponding smbpasswd entry. 1. Delete the users using the smbpasswd with the -x switch: smbpasswd -x john 2. Delete The Linux User by following the normal deletion process. For example: userdel -r john 3.You may not want to delete the user's files so that they can be accessed by other userssojust deactivate the user's account: passwd -l username. How To Modify Samba Passwords You can set your Samba server to allow users to make changes in their domain passwords and have these mirrored automatically in their Linux login passwords. This table explains the [global] smb.conf parameters that you need to change. smb.conf Settings, Enabling Online Password Changes ParameterValueDescriptionunix passwd syncYesEnables Samba/Linux password synchronizationpasswd programUse the SWAT defaultsLists the location of the Linux password file which is usually /bin/passwd.passwd chatUse the SWAT defaultsA short script to change the Linux password using the Samba passwordCreating Group Shares in SAMBA On occasion, subgroups of a family need a share that is fully accessible by all members of the group. For example, parents working in a home office environment may need a place where they can share, distribute, or collaboratively work on documents. Here's how it's done. 1. Create a new Linux group parents: /usr/sbin/groupadd parents 2. Create a new directory for the group's files. If one user is designated as the leader, you might want to change the chown statement to make them owner mkdir /home/parent-files chgrp parents /home/parent-files chmod 0770 /home/parent-files 3. Add the group members to the new group: /usr/sbin/usermod -G parents father 4. Next, you need to create the share in Samba using SWAT. - Click on the shares button then enter the name of the share you want to create, such as only-parents. - Click on the "Create Share" button. Make sure the path maps to /home/parent-files and make the valid users be @parents, where parents is the name of the Linux user group. - Click on the "Commit Changes" button to create a new /etc/samba/smb.conf file. - Click on the "Status" tab at the top of the screen and restart smbd and nmbd to restart Samba. - Your /etc/samba/smb.conf file should have an entry like this at the end: # Parents Shared Area [only-parents] path = /home/parent-files valid users = @parents 5. Map The Directory Using "My Computer" - Finally, let the user log into the domain from a remote PC - Right click on the "My Computer" icon on the desktop - Click on "Map Network Drive" - Select a drive letter. - Browse the domain, then the Samba server, then the share named only-parents - Click on the check box "Reconnect at Logon", to make the change permanent. Now the files located in the Linux /home/parent-files directory will be accessible to the parents only and your job is complete! Accessing Windows Drives Using a Linux SAMBA Client - Linux as a Windows Client Up to this point setup has been for your Linux server being a Samba server, but it can also mimic a Windows client using Samba's client software. Windows Setup CDROM Example The Windows client box should be setup first as a member of a Samba domain or workgroup. The next step is to make the CD-ROM drive shared. The steps you used depend on which version of Windows you have. For Windows 98/ME Double click 'My Computer' Right click on the CD-ROM drive and choose 'Sharing' Set the Share Name as 'cdrom' with the appropriate access control Restart windows For Windows 2000 Double click 'My Computer' Right click on the CD-ROM drive and choose 'Sharing' Set the Share Name as 'cdrom' and the appropriate access control Logout and login again as normal using your current login For Windows XP Double click 'My Computer' Right click on the CD-ROM drive and choose 'Sharing and Properties' Set the Share Name as 'cdrom' and the appropriate access control Logout and login again as normal using your current login Test Your Windows Client Configuration Use the smbclient command to test your share. Substitute the name of your Windows client PC for "WinClient," and in place of "username" provide a valid workgroup/domain username that normally has access to the Windows client. You should get output like this when using the username's corresponding password: smbclient -L WinClient -U username Password: non-display password OR smbclient -L WinClient -U username%password Create A CD-ROM Drive Mount Point On Your Samba Server You'll now need to create the mount point on the Linux server to mount and access the CD-ROM drive. Password Prompt Method The Linux mount command will try to access the CD-ROM device as user "username" by using the "username=" option. You will be prompted for a password. mkdir /mnt/winclient-cdrom mount -t smbfs -o username=username //winclient/cdrom /mnt/winclient-cdrom No Prompt Method Linux won't prompt you for a password if you embed the access password into the mount command string along with username as in the example below. mkdir /mnt/winclient-cdrom mount -t smbfs -o username=username,password=password //winclient/cdrom /mnt/cdrom The smbmount Command Method smbmount //winclient/cdrom /mnt/winclient-cdrom -o username=username Password: non-display password Some versions dont support smbmount. Try using smbmount, or Linux mount command. Automating Mounting With Linux SAMBA Clients You can also automate the mounting of shares by placing entries in your /etc/fstab file. In the example below the home directory of user peter on server 192.168.1.100 will be mounted on the /mnt/smb mount point as a samba filesystem (smbfs) using the login information in the file named /etc/cred. # # File: /etc/fstab # //192.168.1.100/peter /mnt/smb smbfs credentials=/etc/cred 0 0 The contents of the /etc/cred file needs to have the username and password for the account in this format: # # File: /etc/cred # username = peter password = peterspassword Once finished you can use the mount -a to mount the new /etc/fstab entry, and the /mnt/smb directory will now contain the contents of the share. mount -a ls /mnt/smb %t 2 3 4 J K / 9 )+CE[lmʥܗܗܗ܉we#jh1"OJQJU^JmH sH #h1"h1">*OJQJ^JmH sH h:OJQJ^JmH sH hjOJQJ^JmH sH hHPI0JOJQJ^JmH sH )jhHPIOJQJU^JmH sH #jhHPIOJQJU^JmH sH h1"OJQJ^JmH sH hHPIOJQJ^JmH sH hHPImH sH $% [\ SZ!/=HI[$\$gd1"?ATlESZdtx2#3#C#D### $$$!$"$?$&}&&'''*'غzpeaehHPIhHPI5B*\phhHPIOJQJ^JhHPI5\mH sH hHPI5OJQJ\^JmH sH hHPImH sH h:OJQJ^JmH sH hHPIOJQJ^JmH sH h1"OJQJ^JmH sH h1"0JOJQJ^JmH sH #jh1"OJQJU^JmH sH )jh1"OJQJU^JmH sH &|S "D######"$?$&&}&&'dd[$\$ & Fdd[$\$[$\$ & Fdd[$\$''+','5'\'t dd$If[$\$mkd$$IfT0jr ``624abpT$dd$If[$\$a$*'+','4'\']'g'''''''''(r(s(t(((8*9****+ +!+++++++---->-?-@---..ڶڶt hHPI5OJQJ\^JmH sH &jhjhjB*UmH phsH hHPIB*mH phsH jhHPIB*UmH phsH jhHPIUmH sH hHPIOJQJ^JhHPIOJQJ^JmH sH hHPImH sH hHPIOJQJ^JhHPICJOJPJQJ^JaJhHPI+\']'h'''''FMkd1$$IfT0jr624aT dd$If[$\$$dd$If[$\$a$Mkd$$IfT0jr624aT''''''(X(r(FMkdw$$IfT0jr624aT dd$If[$\$$dd$If[$\$a$Mkd$$IfT0jr624aTr(s(t(((**++ ,,,,3,L,e,~,,,[$\$Mkd$$IfT0jr624aT,,,----?-@----..[/p//#0-030?0$If[$\$../.t.u.....[/p//#0,0-02030>0?0@0M0R0p0q000g1h1u1z1B2C2K2O222233333333 4y4z444444 5ǼhHPIOJQJ^JhHPIOJQJ^JhHPICJOJPJQJ^JaJhHPIhHPI5B*\phhHPImH sH hHPI0JOJQJ^JmH sH hHPIOJQJ^JmH sH #jhHPIOJQJU^JmH sH 4?0@0N0R0p0mggg$Ifkdo$$IfTF\ (x ```6    22 l4ab pTp0q000g1h1/ekd0 $$IfTF\ (x6    22 l4aT$Ifekdn$$IfTF\ (x6    22 l4aTh1v1z1B2C2L2O22ekd $$IfTF\ (x6    22 l4aT$If223333/ekdv $$IfTF\ (x6    22 l4aT$Ifekd $$IfTF\ (x6    22 l4aT333333 4y4ekd8 $$IfTF\ (x6    22 l4aT$Ify4z44444/ekd $$IfTF\ (x6    22 l4aT$Ifekd $$IfTF\ (x6    22 l4aT44 5 5A5v5566667737Q7l7m789/9r:s:#;~;;;;;$If[$\$ 55A5B5v5w55566m7r7r:s:#;~;;;;;;;;;;;<<<<a<b<m<s<=========B>C>w>x>>>>>BBBBCC!C"CKCLChHPIOJQJ^JhHPIOJQJ^JhHPICJOJPJQJ^JaJhHPIhHPIB*ph hHPI5OJQJ\^JmH sH hHPImH sH hHPIOJQJ^JmH sH jhHPIOJQJ^JmH sH <;;;;<mggg$Ifkd~$$IfTF\ (x ```6    22 l4ab pT<<<<a<b</ekd?$$IfTF\ (x6    22 l4aT$Ifekd}$$IfTF\ (x6    22 l4aTb<n<s<=====ekd$$IfTF\ (x6    22 l4aT$If====B>w>>>????@'@T@AA[$\$ekd$$IfTF\ (x6    22 l4aTAAB)B?B@BKBnBBBBBBBC!CKCrCC0DWDXDDDDDE[FfF[$\$LCrCsCCC0D1DMDWDDDEFFpHH*JPJ"K#KaLbL#NKNOPRRR STTUjUkU2VHVIVlVVLXWXZZ[.[^^__`````aYaZafaaaa&cOcccc٨ hHPI5\hHPIOJQJ^JhHPIhHPI5\mH sH hHPI5OJQJ\^JmH sH hHPImH sH jhHPIOJQJ^JmH sH hHPIOJQJ^JmH sH BfFFFFFFGGrHHI I*J+JOJPJ"K#KKKKaLbLLLLLL[$\$L%NKNOOOPRR-RRR{RRRRR STTTTUjUkUIVlVVW[$\$WWWWW&XLXWXX4YUYpY4ZZZ[.[[\Z\z\\\9^B^ & Fdd[$\$ & Fdd[$\$[$\$ & Fdd[$\$B^^^__```gaaaab&cOcccd1dhdddd@ee & Fdd[$\$[$\$c>e@eAeeeeee#fQfff}ggPhthuhhhkk!kHkIktk$ldlullllUmgmhmjmmtnnnnnnnnnnnoooꞚϊhHPIOJQJ^JhHPICJOJPJQJ^JaJhHPIhHPIB*phhHPI5\mH sH hHPI5OJQJ\^JmH sH hHPI5OJQJ\^JhHPIOJQJ^J jhHPIOJQJ^JmH sH hHPImH sH hHPIOJQJ^JmH sH 2ee#f*OJQJ^JmH sH DA`D Default Paragraph FontVi@V  Table Normal :V 44 la (k (No List B^@B Normal (Web)dd[$\$6U@6 Hyperlink >*B*phFVF FollowedHyperlink >*B* ph*!* tocnumber&1& toctext|e@B| HTML Preformatted7 2( Px 4 #\'*.25@9CJaJ6OR6 h3bodydd[$\$f\f z-Top of Form$&dPa$<CJOJQJ^JaJl]lz-Bottom of Form$$dNa$<CJOJQJ^JaJHB@H Body Text5OJQJ\^JmH sH PK![Content_Types].xmlj0Eжr(΢Iw},-j4 wP-t#bΙ{UTU^hd}㨫)*1P' ^W0)T9<l#$yi};~@(Hu* Dנz/0ǰ $ X3aZ,D0j~3߶b~i>3\`?/[G\!-Rk.sԻ..a濭?PK!֧6 _rels/.relsj0 }Q%v/C/}(h"O = C?hv=Ʌ%[xp{۵_Pѣ<1H0ORBdJE4b$q_6LR7`0̞O,En7Lib/SeеPK!kytheme/theme/themeManager.xml M @}w7c(EbˮCAǠҟ7՛K Y, e.|,H,lxɴIsQ}#Ր ֵ+!,^$j=GW)E+& 8PK!Ptheme/theme/theme1.xmlYOo6w toc'vuر-MniP@I}úama[إ4:lЯGRX^6؊>$ !)O^rC$y@/yH*񄴽)޵߻UDb`}"qۋJחX^)I`nEp)liV[]1M<OP6r=zgbIguSebORD۫qu gZo~ٺlAplxpT0+[}`jzAV2Fi@qv֬5\|ʜ̭NleXdsjcs7f W+Ն7`g ȘJj|h(KD- dXiJ؇(x$( :;˹! I_TS 1?E??ZBΪmU/?~xY'y5g&΋/ɋ>GMGeD3Vq%'#q$8K)fw9:ĵ x}rxwr:\TZaG*y8IjbRc|XŻǿI u3KGnD1NIBs RuK>V.EL+M2#'fi ~V vl{u8zH *:(W☕ ~JTe\O*tHGHY}KNP*ݾ˦TѼ9/#A7qZ$*c?qUnwN%Oi4 =3ڗP 1Pm \\9Mؓ2aD];Yt\[x]}Wr|]g- eW )6-rCSj id DЇAΜIqbJ#x꺃 6k#ASh&ʌt(Q%p%m&]caSl=X\P1Mh9MVdDAaVB[݈fJíP|8 քAV^f Hn- "d>znNJ ة>b&2vKyϼD:,AGm\nziÙ.uχYC6OMf3or$5NHT[XF64T,ќM0E)`#5XY`פ;%1U٥m;R>QD DcpU'&LE/pm%]8firS4d 7y\`JnίI R3U~7+׸#m qBiDi*L69mY&iHE=(K&N!V.KeLDĕ{D vEꦚdeNƟe(MN9ߜR6&3(a/DUz<{ˊYȳV)9Z[4^n5!J?Q3eBoCM m<.vpIYfZY_p[=al-Y}Nc͙ŋ4vfavl'SA8|*u{-ߟ0%M07%<ҍPK! ѐ'theme/theme/_rels/themeManager.xml.relsM 0wooӺ&݈Э5 6?$Q ,.aic21h:qm@RN;d`o7gK(M&$R(.1r'JЊT8V"AȻHu}|$b{P8g/]QAsم(#L[PK-![Content_Types].xmlPK-!֧6 +_rels/.relsPK-!kytheme/theme/themeManager.xmlPK-!Ptheme/theme/theme1.xmlPK-! ѐ' theme/theme/_rels/themeManager.xml.relsPK] c|*'.. 5LCcocCEHMU[`d'\''r(,?0p0h123y44;<b<=AfFLWB^emozorz~ycDFGIJKLNOPQRSTVWXYZ\]^_abcefghi 3Jl "# ####.&t&&c|XXXTCTXT 8@0(  B S  ?(How_to_Get_Samba_Started#Table_10-1_:_File_Format_-_smb.confHow_SWAT_Makes_Samba_Simpler Figure_10-1_Samba_SWAT_Main_MenuBasic_SWAT_SetupControlling_SWAT Creating_A_Starter_ConfigurationThe_.5BGlobal.5D_Section(Table_10-2_:_smb.conf_Minimum_Settings.2Using_The_SWAT_WizardThe_.5Bhomes.5D_Section(Table_10-3_:_smb.conf_Minimum_Settings.2(The_.5Bnetlogon.5D_and_.5Bprofiles.5D_Sh The_.5Bprinters.5D_Share_Section#Shares_For_Specific_Groups_Of_UsersSamba_Passwords(How_To_Create_A_Samba_PDC_Administrator_Home_EnvironmentCorporate_Environment(How_To_Add_Workstations_To_Your_Samba_Do(Create_Samba_Trust_Accounts_For_Each_Wor(Manual_Creation_Of_Machine_Trust_Account(Dynamic_Creation_of_Machine_Trust_Accoun(Make_Your_PC_Clients_Aware_Of_Your_Samba(Windows_95.2F98.2FME_and_Windows_XP_Home Windows_NT(Windows_200x_and_Windows_XP_Professional%How_To_Add_Users_To_Your_Samba_DomainAdding_The_Users_In_LinuxCreate_the_userGive_them_a_Linux_Password(Mapping_The_Linux_Users_To_An_smbpasswor%Mapping_A_Private_Windows_Drive_ShareMapping_Using_.22My_Computer.22Mapping_from_the_Command_LineDomain_Groups_And_Samba(How_To_Delete_Users_From_Your_Samba_DomaHow_To_Modify_Samba_Passwords(Table_10-4_:_smb.conf_Settings.2C_Enabli Conclusion} "#&&[''01~3'8<>>r@A"C%FGGJINlNLPSVWXXgY&[[@]`Icjetfge|  !"#$%&'} "#&&[''01~3'8<>>r@A"C%FGGJINlNLPSVWXXgY&[[@]`Icjetfge|$%S 6JNCipHQRSNYZ[   (oESZHIdetuxy:;23CD!"}t 3!;!!!H"P"""###$ $$$,$/$3$6$C$E$L$O$e$h$x${$~$$$$$$$$$$$$$$$$%%%%,%-%>%@%%%%%&&.&u&&&&&#(C*E*,,o,v,, --A-C-v-w---....../ //%/3/:/Q/X/k/m/r/s/0011.1/1q2s2"3#3-3.3333555B6D6w6y666667777777788:8;89999: :):0:?:A:K:R:n:u:::::::::;;!;#;K;M;r;t;|;~;;;0<2<M<N<W<X<<<<<H>I>Z>\>e>j>>>>>>>??p@r@A A*B,BOBPB"C#CCCaDbDDD#F%FyFzFGGzH{HJJ-J.JzJ{JJJLLLLiMkM0N2NHNIN\N]NoPpPoQpQoRpRRRSSSSVVVGWPWWWWWWXXXXXXXXXXYZYfYgYYYZZ[[ \\>]A]~]]]]]]]]^^+_,___``O`Q`Y`[`t`u`FbHbccHcIclcmcscdd(dudvdddddd*e5eUe[ejeeesftffffffggqgwgzgggii7i8iQiRiiiiijj4j8jjjjjUkZkl l_ldlllmm-m.mw@wewfwwwxw x x]x_xzx{xxxxxxxxx#y$y'y(yQyRyzzzzzz { {x{}{{{{{M|N|Z|[|b|e| ER!-/;=G $$$ $=$D$O$W$h$l$$$$$$$$$''...... //%/'/:/C/X/^/11~3377777778889: ::0:5:A:I:R:V:u:y:::::<<<<<<\>d>j>q>>>>>>>v@x@bDhDDDDDEE6F8FGGJJSJTJ{JJJJLLZN\NPPQQ6S:SVVXXrYuY[[]]^!^<^?^,_2_Q`W`[`````bcMcOcddddnepetf|fiijj8j=j.m:mDmHmfmkmmm@uIuuuuuvwww xx'x,xxxfyjy{{{{{{N|S|W|Y|e|33333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333 Ee|S 8(5(vg"RzNьgD?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijlmnopqrstuwxyz{|}~Root Entry F~TData k1TablevwWordDocument2SummaryInformation(DocumentSummaryInformation8CompObjy  F'Microsoft Office Word 97-2003 Document MSWordDocWord.Document.89q