Настроил samba-server под федорой. Все работает нормально, кроме того, что на систему не могут попасть компьютеры, что в домене. Сам я не член домена. С компьютерамы вне домена УМВР. Как поправить?
/etc/samba/smb.conf
[global] workgroup = tcurkan server string = Samba Server Version %v ; netbios name = MYSERVER ; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 ; hosts allow = 127. 192.168.12. 192.168.13. log file = /var/log/samba/log.%m max log size = 50 # ----------------------- Standalone Server Options ------------------------ # # security = the mode Samba runs in. This can be set to user, share # (deprecated), or server (deprecated). # # passdb backend = the backend used to store user information in. New # installations should use either tdbsam or ldapsam. No additional configuration # is required for tdbsam. The "smbpasswd" utility is available for backwards # compatibility. # security = share ; passdb backend = tdbsam # ----------------------- Domain Members Options ------------------------ # # security = must be set to domain or ads. # # passdb backend = the backend used to store user information in. New # installations should use either tdbsam or ldapsam. No additional configuration # is required for tdbsam. The "smbpasswd" utility is available for backwards # compatibility. # # realm = only use the realm option when the "security = ads" option is set. # The realm option specifies the Active Directory realm the host is a part of. # # password server = only use this option when the "security = server" # option is set, or if you cannot use DNS to locate a Domain Controller. The # argument list can include My_PDC_Name, [My_BDC_Name], and [My_Next_BDC_Name]: # # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # # Use "password server = *" to automatically locate Domain Controllers. ; realm = MY_REALM ; password server = <NT-Server-Name> # ----------------------- Domain Controller Options ------------------------ # # security = must be set to user for domain controllers. # # passdb backend = the backend used to store user information in. New # installations should use either tdbsam or ldapsam. No additional configuration # is required for tdbsam. The "smbpasswd" utility is available for backwards # compatibility. # # domain master = specifies Samba to be the Domain Master Browser, allowing # Samba to collate browse lists between subnets. Do not use the "domain master" # option if you already have a Windows NT domain controller performing this task. # # domain logons = allows Samba to provide a network logon service for Windows # workstations. # # logon script = specifies a script to run at login time on the client. These # scripts must be provided in a share named NETLOGON. # # logon path = specifies (with a UNC path) where user profiles are stored. # # ; domain master = yes ; domain logons = yes # the following login script name is determined by the machine name # (%m): ; logon script = %m.bat # the following login script name is determined by the UNIX user used: ; logon script = %u.bat ; logon path = \\%L\Profiles\%u # use an empty path to disable profile support: ; logon path = # various scripts can be used on a domain controller or a stand-alone # machine to add or delete corresponding UNIX accounts: ; add user script = /usr/sbin/useradd "%u" -n -g users ; add group script = /usr/sbin/groupadd "%g" ; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u" ; delete user script = /usr/sbin/userdel "%u" ; delete user from group script = /usr/sbin/userdel "%u" "%g" ; delete group script = /usr/sbin/groupdel "%g" # ----------------------- Browser Control Options ---------------------------- # # local master = when set to no, Samba does not become the master browser on # your network. When set to yes, normal election rules apply. # # os level = determines the precedence the server has in master browser # elections. The default value should be reasonable. # # preferred master = when set to yes, Samba forces a local browser election at # start up (and gives itself a slightly higher chance of winning the election). # ; local master = no ; os level = 33 ; preferred master = yes #----------------------------- Name Resolution ------------------------------- # # This section details the support for the Windows Internet Name Service (WINS). # # Note: Samba can be either a WINS server or a WINS client, but not both. # # wins support = when set to yes, the NMBD component of Samba enables its WINS # server. # # wins server = tells the NMBD component of Samba to be a WINS client. # # wins proxy = when set to yes, Samba answers name resolution queries on behalf # of a non WINS capable client. For this to work, there must be at least one # WINS server on the network. The default is no. # # dns proxy = when set to yes, Samba attempts to resolve NetBIOS names via DNS # nslookups. ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes ; dns proxy = yes # --------------------------- Printing Options ----------------------------- # # The options in this section allow you to configure a non-default printing # system. # # load printers = when set you yes, the list of printers is automatically # loaded, rather than setting them up individually. # # cups options = allows you to pass options to the CUPS library. Setting this # option to raw, for example, allows you to use drivers on your Windows clients. # # printcap name = used to specify an alternative printcap file. # ; load printers = yes cups options = raw ; printcap name = /etc/printcap # obtain a list of printers automatically on UNIX System V systems: ; printcap name = lpstat ; printing = cups # --------------------------- File System Options --------------------------- # # The options in this section can be un-commented if the file system supports # extended attributes, and those attributes are enabled (usually via the # "user_xattr" mount option). These options allow the administrator to specify # that DOS attributes are stored in extended attributes and also make sure that # Samba does not change the permission bits. # # Note: These options can be used on a per-share basis. Setting them globally # (in the [global] section) makes them the default for all shares. ; map archive = no ; map hidden = no ; map read only = no ; map system = no ; encrypt passwords = yes guest ok = yes ; guest account = nobody ; store dos attributes = yes #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes ; valid users = %S ; valid users = MYDOMAIN\%S [printers] comment = All Printers path = /var/spool/samba browseable = no ; guest ok = no ; writable = No printable = yes # Un-comment the following and create the netlogon directory for Domain Logons: ; [netlogon] ; comment = Network Logon Service ; path = /var/lib/samba/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share. # The default is to use the user's home directory: ; [Profiles] ; path = /var/lib/samba/profiles ; browseable = no ; guest ok = yes # A publicly accessible directory that is read only, except for users in the # "staff" group (which have write permissions): ; [public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = +staff [iso] comment = OS Images path = /home/keed/iso read only = no ; browseable = yes guest ok = yes [Завантаження] comment = Усі усе кидаємо сюди path = /home/keed/Завантаження read only = no ; browseable = yes guest ok = yes
