samba添加用戶

一、首先新增linux的系統用戶
useradd -G samba UserName <br/>echo 'Password' |passwd --stdin UserName<br/>
二、修改添加用戶的共享目錄的可寫入權限
vim /etc/samba/smb.conf<br/>

三、添加smmba用戶
smbpasswd -a UserName

四、重啓smb服務
systemctl restart smb.service

企業案例

財務內控團隊這邊須要建一個公共盤，主要用於收集7個事業部（車險事業部、健康險事業部、金融事業部、電商事業部、航旅事業部、技術平臺和運營平臺）上傳的文檔資料。
其中7個事業部之間的訪問須要進行隔離，本事業部的同事只能訪問本身事業部的文件夾，而財務內控團隊的同事不受此限制（須要由訪問、下載等權限）

smb.conf配置文件添加一下配置信息

[public]  #財務部
comment = FinancialDepartment   #
public = no
browseable = no
guest ok = no
path = /etc/samba/public
valid users = FinancialDepartment
write list = FinancialDepartment
admin users = FinancialDepartment

[LifestyleConsumption]  #電商事業部
comment = LifestyleConsumption
public = no
browseable = no
guest ok = no
path = /etc/samba/public/LifestyleConsumption
valid users = LifestyleConsumption
write list = LifestyleConsumption
admin users = FinancialDepartment,LifestyleConsumption

[Travel]  #航旅
comment = Travel
public = no
browseable = no
guest ok = no
path = /etc/samba/public/Travel
valid users = Travel
write list = Travel
admin users = FinancialDepartment,Travel

[Health]  #健康險
comment = Health
public = no
browseable = no
guest ok = no
path = /etc/samba/public/Health
valid users = Health
write list = Health
admin users = FinancialDepartment,Health

[ConsumerFinance]  #金融技術部
comment = ConsumerFinance
public = no
browseable = no
guest ok = no
path = /etc/samba/public/ConsumerFinance
valid users = ConsumerFinance
write list = ConsumerFinance
admin users = FinancialDepartment,ConsumerFinance

[Auto]  #車險
comment = Auto
public = no
browseable = no
guest ok = no
path = /etc/samba/public/Auto
valid users = Auto
write list = Auto
admin users = FinancialDepartment,Auto

[TechnicalPlatform]  #技術平臺
comment = TechnicalPlatform
public = no
browseable = no
guest ok = no
path = /etc/samba/public/TechnicalPlatform
valid users = TechnicalPlatform
write list = TechnicalPlatform
admin users = FinancialDepartment,TechnicalPlatform

[OperationPlatform_OP]  #運營平臺-開放平臺
comment = OperationPlatform_OP
public = no
browseable = no
guest ok = no
path = /etc/samba/public/OperationPlatform_OP
valid users = OperationPlatform_OP
write list = OperationPlatform_OP
admin users = FinancialDepartment,OperationPlatform_OP

[OperationPlatform_TD]  #運營平臺-運營技術
comment = OperationPlatform_TD
public = no
browseable = no
guest ok = no
path = /etc/samba/public/OperationPlatform_TD
valid users = OperationPlatform_TD
write list = OperationPlatform_TD
admin users = FinancialDepartment,OperationPlatform_TD

[分享的資源名稱]
<指令1>; = (參數)
<指令2>; = (參數)

要提供分享資源時，須先把欲分享的資源以 [ ] 符號括住，底下一般會帶指令和參數來表示此資源的設定和存取權限等，詳情以下：

comment---------註釋說明
path------------分享資源的完整路徑名稱，除了路徑要正確外，目錄的權限也要設對
browseable------是yes/否no在瀏覽資源中顯示共享目錄，若爲不然必須指定共享路徑才能存取
printable-------是yes/否no容許打印
hide dot ftles--是yes/否no隱藏隱藏文件
public----------是yes/否no公開共享，若爲不然進行身份驗證(只有當security = share 時此項才起做用)
guest ok--------是yes/否no公開共享，若爲不然進行身份驗證(只有當security = share 時此項才起做用)
read only-------是yes/否no以只讀方式共享當與writable發生衝突時也writable爲準
writable--------是yes/否no不以只讀方式共享當與read only發生衝突時，無視read only
vaild users-----設定只有此名單內的用戶才能訪問共享資源(拒絕優先)(用戶名/@組名)
invalid users---設定只有此名單內的用戶不能訪問共享資源(拒絕優先)(用戶名/@組名)
read list-------設定此名單內的成員爲只讀(用戶名/@組名)
write list------若設定爲只讀時，則只有此設定的名單內的成員纔可做寫入動做(用戶名/@組名)
create mask-----創建文件時所給的權限
directory mask--創建目錄時所給的權限
force group-----指定存取資源時須以此設定的羣組使用者進入才能存取(用戶名/@組名)
force user------指定存取資源時須以此設定的使用者進入才能存取(用戶名/@組名)
allow hosts-----設定只有此網段/IP的用戶才能訪問共享資源
allwo hosts = 網段 except IP
deny hosts------設定只有此網段/IP的用戶不能訪問共享資源
allow hosts=本網段指定IP指定IP
deny hosts=指定IP本網段指定I