NUBSolutions

Just another WordPress.com weblog

Membuat Samba Server

Posted by nubsolutions on November 11, 2008

Step by Step Samba Testing pada Fedora Core

0. Membuat direktory
#mkdir /home/sales
#mkdir /home/operational
#mkdir /home/mis
#mkdir /home/accounting
#mkdir /home/admin  (menambah group admin)

1. Check user dan group
#more /etc/passwd
#more /etc/group

2. membuat user dan direktory
#useradd -d /home/users/obama obama
#useradd -d /home/users/barack barack
#useradd -d /home/users/husein husein
#useradd -d /home/users/mark mark
#useradd -d /home/users/kein kein
3. Menambahkan password untuk user linux
#passwd obama
#passwd barack
#passwd husein
#passwd mark
#passwd kein

4. Menambahkan samba password
#smbpasswd -a obama
#smbpasswd -a barack
#smbpasswd -a husein
#smbpasswd -a mark
#smbpasswd -a kein

#smbpasswd -a  (menambahkan password administrator/root)

5. membuat group
# groupadd -f sales
# groupadd -f operational
# groupadd -f mis
# groupadd -f accounting
# groupadd -f admin

6. memasukan user kedalam group
# usermod -G operational barack
# usermod -G sales obama
# usermod -G mis husein
# usermod -G accounting mark
# usermod -G admin kein

7.check user siapa saja yang ada dalam group
# grep -r sales /etc/group
# grep -r operational /etc/group
# grep -r accounting /etc/group
# grep -r mis /etc/group

8. Mengganti group ownership
# chgrp operational -R /home/operational
# chgrp sales -R /home/sales
# chgrp mis -R /home/mis
# chgrp accounting -R /home/accounting
# chgrp admin -R /home/admin

9. Mengganti ownership file somefile.txt agar owner bisa read/write/execute, group member bisa read/execute sedangkan yang lain tidak bisa apa2
# chmod 750 somefile.txt
# chmod 775 /home/admin

10.Penambahan komputer id kedalam domain controller
masukan password root terlebih dulu
#smbpasswd -a

tambahkan setiap komputer
#useradd pc007$
#smbpasswd -a -m pc007

lakukan join domain pada windows anda

Pada saat join domain gunakan user root password xxxx

–>Lakukan test juga untuk join domain (mapping folder) untuk user linux

11. delete cron
rm -Fr /etc/cron.hourly/msec

11. mencari file yang diupdate 5 hari yg lalu
#find /home/sales/ -mtime -5
#find /home/accounting/ -user obama -type f
#find /home/accounting -name *.exe
#find /home/accounting -name *.exe -type f
#find /home -name *.exe

12. Melihat status samba
Melihat status samba
#ps -aux
root      4810  0.7  0.9  13452  2264 ?        Ss   09:27   0:00 smbd -D
root      4813  0.0  0.5  13452  1220 ?        S    09:27   0:00 smbd -D
root      4814  0.2  0.5   8756  1160 ?        Ss   09:27   0:00 nmbd -D

#smbstatus
#nmblookup -S pcmis02
#smbstatus |grep [nomor pid]

13.Mengganti password dari user
Download file changepassword dari alamat http://changepassword.sourceforge.net/

lakukan extract file
# tar zxvf changepassword-0.9.tar.gz

Lokasi username dan password untuk samba pada /etc/samba/smbpasswd

lakukan kompilasi
# ./configure –enable-cgidir=/var/www/cgi-bin –enable-smbpasswd=/etc/samba/smbpasswd –disable-squidpasswd

NOTE 1 :
Untuk FC7, posisi smbpasswd berada pada lokasi : /var/lib/samba/private/smbpasswd

NOTE 2 :
Untuk FC6, default smbpasswd berada pada posisi /etc/samba/ sehingga kita harus melakukan create directory pada /var/lib/samba/private/smbpasswd
kemudian buat suatu hardlink dengan perintah berikut
#ln -s /etc/samba/smbpasswd /var/lib/samba/private/smbpasswd
Kemudian lakukan compile lagi
#./configure –enable-cgidir=/var/www/cgi-bin –enable-smbpasswd=/var/lib/samba/private/smbpasswd –disable-squidpasswd

hasilnya adalah
.
.
.
checking for time.h… yes
checking for crypt in -lcrypt… yes

changepassword 0.9 Configuration
——————————–

Samba password file: /var/lib/samba/private/smbpasswd
Squid password file: no
Logo image         : none
Using Language file: languages/English.h
Apache cgi-bin dir : /var/www/cgi-bin

configure: creating ./config.status
config.status: creating Makefile
Now, type “make” and “make install””

Check status link
# ll
total 0
lrwxrwxrwx 1 root root 20 Jul 31 13:20 smbpasswd -> /etc/samba/smbpasswd

# make
gcc -c -o smbencrypt/SMBPasswdGen.o  smbencrypt/SMBPasswdGen.c
gcc -c -o smbencrypt/encrypt.o       smbencrypt/encrypt.c
gcc -c -o smbencrypt/md4.o           smbencrypt/md4.c
gcc -c -o smbencrypt/smbencrypt.o    smbencrypt/smbencrypt.c
.
.
.
terus sampai tidak ada error

# make install
cp changepassword.cgi /var/www/cgi-bin/changepassword.cgi
chmod 4755 /var/www/cgi-bin/changepassword.cgi

Membatasi akses kedalam samba server
pada file /etc/samba/smb.conf
[global]
hosts deny = ALL
host allow = 192.168.1. 128. (untuk user subnet tersebut dan localhost)

Perintah untuk menjalankan  samba server
#/etc/rc.d/init.d/smb stop
#/etc/rc.d/init.d/smb start
#/etc/rc.d/init.d/smb restart
#/etc/rc.d/init.d/smb status
#/etc/rc.d/init.d/smb reload (reload setting tanpa lakukan restart)

Contoh untuk konfigurasi untuk smb.conf
[global]
workgroup = UJUNGBERUNGDOM
server string = Samba Server
log file = /var/log/samba/%m.log
max log size = 50
add user script = /usr/sbin/useradd %u
delete user script = /usr/sbin/userdel %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
delete user from group script = /usr/sbin/deluser %u %g
logon path = \\%L\Profiles\%U
logon home = \\%L\%U\Profiles
domain logons = Yes
os level = 33
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /usr/spool/samba
printable = Yes
browseable = No

[umum]
path = /home/umum
force user = nobody
force group = nobody
read only = No
force create mode = 0777
force directory mode = 0777
guest ok = Yes

[mis]
path = /home/mis
valid users = obama
force group = mis
read only = No
force create mode = 0777
force directory mode = 0777
inherit permissions = Yes
delete veto files = Yes
veto files = /*.mp3/*.mpg/.recycle/
vfs objects = recycle, audit, extd_audit
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle /%u/Recycle Bin

[accounting]
path = /home/accounting
valid users = mark
force group = mis
read only = No
force create mode = 0777
force directory mode = 0777
inherit permissions = Yes
delete veto files = Yes
veto files = /*.mp3/*.mpg/.recycle/
vfs objects = recycle, audit, extd_audit
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle /%u/Recycle Bin

[sales]
path = /home/sales
valid users = kein
force group = mis
read only = No
force create mode = 0777
force directory mode = 0777
inherit permissions = Yes
delete veto files = Yes
veto files = /*.mp3/*.mpg/.recycle/
vfs objects = recycle, audit, extd_audit
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle /%u/Recycle Bin

[operational]
path = /home/operational
valid users = mark
force group = mis
read only = No
force create mode = 0777
force directory mode = 0777
inherit permissions = Yes
delete veto files = Yes
veto files = /*.mp3/*.mpg/.recycle/
vfs objects = recycle, audit, extd_audit
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle /%u/Recycle Bin

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: