Transcript Ferry Astika Saputra Workshop Administrasi Jaringan SAMBA

Workshop
Administrasi Jaringan
SAMBA PROTOCOL
Ferry Astika Saputra
What is SAMBA?
Provides interoperability of resources
between Linux/Unix hosts and hosts
running MS Windows OS.
How did SAMBA get started?
In early 1992, Andrew Tridgell wanted to
mount a disk share from his Unix host on to a
DOS PC.
Reverse engineered the SMB/NetBIOS protocol
using packet sniffer.
Thus was born the SAMBA package as we
know it today!
Andrew has a big team, with members across
the globe contributing to the SAMBA project.
UPDATED : Common Internet File System
(CIFS)
The TCP/IP Properties
NetBIOS Name service
netbios-ns
137/tcp, 137/udp
NetBIOS Datagram service netbios-dgm
138/tcp, 138/udp
NetBIOS Session service
139/tcp, 139/udp
netbios-ssn
NetBIOS tunneled over TCP/IP protocol makes it routable!
SMB on the Network Stack
Functionality Provided
File and Print services
Authentication and Authorization
Name resolution
Service announcement (browsing).
Components
File and Print services provided by smbd daemon.
Name Resolution and Browsing provided by nmbd daemon.
Name Resolution - broadcast and point-to-point.
WINS server [NBNS (NetBIOS Name Service)].
Computers in a LAN hold an election to decide the Local
Master Browser (LMB).
The LMB's job is to keep a list of available services that you
see in the Network Neighborhood
Security Levels
Share Level - single password is given to
everyone who is allowed to use the share.
User Level - each user has their own username
and password and the System Administrator can
grant or deny access on an individual basis.
Configuration – Global
[global]
workgroup = SOHO-SMB
server string = Samba Server
hosts allow = 192.168. 1.23
hosts deny = 192.168.1.10
printcap name = /etc/printcap
load printers = yes
printing = bsd
log file = /var/log/samba/%m.log
max log size = 0
security = user
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
Configuration – HOMES
[homes]
comment = Home Directories
browseable = no
writable = yes
Configuration – Printers
[printers]
comment = Printers
path = /var/spool/samba
browseable = no
writeable = no
guest ok = no
printable = yes
NT Domain Setup
Parameters to be set:
domain master = yes
preferred master = yes
domain logons = yes
logon script = %U.bat - per user logon script
Configure encrypted passwords
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
Use smbpasswd -a <userid> to create encrypted passwords for Samba
Tools/Utilities
/sbin/mount.smb
/usr/bin/wbinfo
/sbin/mount.smbfs
/usr/sbin/winbindd
/usr/bin/findsmb
/usr/bin/smbmount
/usr/bin/nmblookup
/usr/bin/smbprint
/usr/bin/rpcclient
/usr/bin/smbspool
/usr/bin/smbcacls
/usr/bin/smbtar
/usr/bin/smbclient
/usr/bin/smbumount
/usr/bin/smbmnt
/usr/bin/make_printerdef
/usr/bin/testparm
/usr/bin/make_smbcodepage
/usr/bin/testprns
/usr/bin/smbpasswd
Examples
smbclient – a ftp like client to connect to a Samba server
smbclient //milkyway/homes -U jdoe
added interface ip=192.168.1.99 bcast=192.168.1.255
nmask=255.255.255.0
Password:
Domain=[SOHO-SMB] OS=[Unix] Server=[Samba 2.2.4]
smb: \> help
smbmount/mount – mount a Samba share
mount -t smbfs -o username=jdoe //milkyway/homes /mnt/samba/
Password:
Resources
www.samba.org
Source Code
Mailing lists
Docs and Presentations
The Linux Documentation Project –
HOWTOs
USENET linux.samba, linux.samba.announce,
mailing-list.samba, comp.protocols.smb
http://www.microsoft.com/mind/1196/cifs.asp