迷彩 潜伏 隐蔽 伪装
分类: LINUX
2013-08-05 17:14:11
需求描述
创建3个文档目录:
/var/share/public,存放公共数据
/var/share/training,存放技术培训资料
/var/share/devel,存放项目开发资料
将/var/share/public目录共享名为pub
所有员工可访问,但是只能读取文件,不能写入
将/var/share/training目录共享名为peixun
只允许管理员admin及技术部的员工只读访问
将/var/share/devel/目录共享为kaifa
要求是隐藏共享
技术部的员工都可以读取该目录中的文件
但是只有管理员admin及kaifa项目组的员工有写入权限
需求描述
创建2个部门组:jsb kfb
创建技术部的员工js1和js2
创建开放部的员工kf1和kf2
分别使用管理员和上述员工账户进行测试
实验步骤:
1.新建用户
[root@localhost yum.repos.d]# groupadd jsb
[root@localhost yum.repos.d]# groupadd kfb
[root@localhost yum.repos.d]# useradd js1 -g jsb
[root@localhost yum.repos.d]# useradd js2 -g jsb
[root@localhost yum.repos.d]# useradd kf1 -g kfb
[root@localhost yum.repos.d]# useradd kf2 -g kfb
[root@localhost share]# useradd admin
2.建立相关共享目录名
[root@localhost yum.repos.d]# mkdir /var/share -p
[root@localhost yum.repos.d]# cd /var/share
[root@localhost share]# mkdir public
[root@localhost share]# mkdir training
[root@localhost share]# mkdir devel
[root@localhost share]# chmod o+w devel
[root@localhost share]#cp /etc/passwd public
[root@localhost share]#cp /etc/passwd training
[root@localhost share]#cp /etc/passwd devel:
3.编辑配置文件
[root@localhost share]# vim /etc/samba/smb.conf
4.将系统用户添加samba用户
[root@localhost share]# smbpasswd -a admin
New SMB password:
Retype new SMB password:
Added user admin.
[root@localhost share]# smbpasswd -a js1
New SMB password:
Retype new SMB password:
Added user js1.
[root@localhost share]# smbpasswd -a js2
New SMB password:
Retype new SMB password:
Added user js2.
[root@localhost share]# smbpasswd -a kf1
New SMB password:
Retype new SMB password:
Added user kf1.
[root@localhost share]# smbpasswd -a kf2
New SMB password:
Retype new SMB password:
Added user kf2.
[root@localhost share]# smbpasswd -a admin
New SMB password:
Retype new SMB password:
5.里面可以给用户起别名,可以是一对多关系,可以隐藏服务器名
[root@localhost share]# vim /etc/samba/smbusers
[root@localhost share]# vim /etc/samba/smb.conf
6.检测我们的配置文件是否正确
[root@localhost share]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[pub]"
Processing section "[peixun]"
Processing section "[kaifa]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
========================================配置选项
[pub]
path = /var/share/public
guest ok = Yes
[peixun]
path = /var/share/training
valid users = admin, @jsb
[kaifa]
path = /var/share/devel
valid users = admin, @kfb, @jsbcp
write list = admin, @kfb
browseable = No
[root@localhost share]# service smb restart 刷新服务
Shutting down SMB services: [FAILED]
Starting SMB services: [ OK ]
在windows下进行测试即可
|
|
在doc窗口消除访问记录
net use * /del
net user administrator 12 改密码
消除密码记录
控制面板-->用户管理---》用户账户---》管理你的凭证,消除来访地址即可
