====== Gerenciamento do SAMBA via CLI ======
Para todos os exemplos utilizaremos o nome de dominio **ricardobarbosams.com.br** e usuário **ricardobarbosa** e grupo **g_ti**
===== Criação de usuário =====
# samba-tool user add ricardobarbosa --given-name=Ricardo --surname=barbosa --mail-address=ricardobarbosa@ricardobarbosams.com.br --login-shell=/bin/bash
===== Listar usuários =====
# samba-tool user list
===== Excluir um usuário =====
# samba-tool user delete ricardobarbosa
===== Reseta a senha do usuário do dominio =====
# samba-tool user setpassword ricardobarbosa
===== Desativar o usuário =====
# samba-tool user disable ricardobarbosa
===== Ativando o usuário =====
# samba-tool user enable ricardobarbosa
===== Criando grupo de usuários =====
# samba-tool group add g_ti
===== Excluindo grupo de usuários =====
# samba-tool group delete g_ti
===== Listando grupos de usuários =====
# samba-tool group list
===== Listando usuários membros do grupo =====
# samba-tool group listmembers "g_ti"
===== Adicionando usuários a determinado grupo =====
# samba-tool group addmembers g_ti ricardobarbosa
===== Removendo usuários de determinado grupo ======
samba-tool group remove members g_ti ricardobarbosa
===== Visualizando politicas de senha do samba(Active Directory)
# samba-tool domain passwordsettings show
# samba-tool domain passwordsettings set --complexity=off
# samba-tool domain passwordsettings set --history-length=0
# samba-tool domain passwordsettings set --min-pwd-age=0
# samba-tool domain passwordsettings set --max-pwd-age=0
# samba-tool domain passwordsettings set --min-pwd-length=4
===== Verificar registro da zone DNS do AD =====
samba-tool dns query agamenon _msdcs.freewaynet.corp @ ALL -U administrator --password=123456
Password for [FREEWAYNET\administrator]:
Name=, Records=2, Children=0
SOA: serial=109, refresh=900, retry=600, expire=86400, minttl=3600, ns=agamenon.freewaynet.corp., email=hostmaster.freewaynet.corp. (flags=600000f0, serial=109, ttl=3600)
NS: agamenon.freewaynet.corp. (flags=600000f0, serial=1, ttl=900)
Name=3f8e7991-853a-41c1-854b-2dc24cf51667, Records=1, Children=0
CNAME: agamenon.freewaynet.corp. (flags=f0, serial=1, ttl=900)
Name=dc, Records=0, Children=2
Name=domains, Records=0, Children=1
Name=gc, Records=0, Children=2
Name=pdc, Records=0, Children=1
root@agamenon:~#
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
Name=, Records=0, Children=0
Name=9ab474e0-d6c2-431d-a769-c44ba1f20818, Records=0, Children=1
root@agamenon:~#
samba-tool dns query agamenon _msdcs.freewaynet.corp 9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
Name=, Records=0, Children=0
Name=_tcp, Records=0, Children=1
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
Name=, Records=0, Children=0
Name=_ldap, Records=1, Children=0
SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~#
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _ldap._tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
Name=, Records=1, Children=0
SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~#
===== Mostrar informações dominio =====
net rpc info
root@agamenon:~# net rpc info -U administrator
Enter administrator's password:
Domain Name: FREEWAYNET
Domain SID: S-1-5-21-1615479121-2557752159-4193669972
Sequence number: 1
Num users: 13
Num domain groups: 11
Num local groups: 26
root@agamenon:~#
===== Consultando o horario =====
root@agamenon:~# net time
Tue Sep 11 18:59:42 2018
root@agamenon:~# net time -S agamenon
Tue Sep 11 18:59:47 2018
root@agamenon:~#
===== Setando o horário =====
root# net time set -S MAGGOT -U Administrator
Tue May 17 00:55:30 MDT 2005
===== Consultando o time zone =====
Mostra o timezone em horas a partir do GMT
root# net time zone -S SAURON
-0600
===== Consultando todos os registros DNS =====
** samba-tool dns query @ ALL -U administrator **
root# samba-tool dns query localhost yamaha.corp @ ALL -U administrator
===== Renomeando registro DNS =====
** samba-tool dns update A -U administrator **
root# samba-tool dns update localhost yamaha.corp mail A 192.168.1.10 192.168.1.20 -U administrator
====== Setando permissão via setfacl ======
root# setfacl -m u:"DOMINIO\ricardobarbosa":rwx -R /diretorio/
====== DNS ======
===== Alterando o registro SOA do samba =====
Para atualizar o registro SOA, primeiro visualize o SOA atual para pegar os valores de serial, ttl, expire, etc. Deve retornar algo semelhante a isso
SOA: **serial=4, refresh=900, retry=600, expire=86400, minttl=3600,** ns=ns1.yamaha.corp., email=hostmaster.yamaha.corp. (flags=600000f0, serial=4, ttl=3600)
# samba-tool dns update localhost yamaha.corp @ SOA 'ns1.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' 'dc01.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' -U Administrator
==== Para visualizar os diretórios disponíveis para um determinado usuário: ====
$ smbclient -L //servidor --user=usuário
===
Para acessar um compartilhamento disponível para um determinado usuário: ===
$ smbclient //servidor/compartilhamento --user=usuário
===== Verificar compartilhamentos =====
smbclient -L zimmerman
Server time is Sat Aug 10 15:58:27 1996
Timezone is UTC+10.0
Password:
Domain=[WORKGROUP] OS=[Windows NT 3.51] Server=[NT LAN Manager 3.51]
Server=[ZIMMERMAN] User=[] Workgroup=[WORKGROUP] Domain=[]
Sharename Type Comment
--------- ---- -------
ADMIN$ Disk Remote Admin
public Disk Public
C$ Disk Default share
IPC$ IPC Remote IPC
OReilly Printer OReilly
print$ Disk Printer Drivers
This machine has a browse list:
Server Comment
--------- -------
HOPPER Samba 1.9.15p8
KERNIGAN Samba 1.9.15p8
LOVELACE Samba 1.9.15p8
RITCHIE Samba 1.9.15p8
ZIMMERMAN
===== Acessar um compartilhamento via prompt (tipo telnet) =====
smbclient \\\\zimmerman\\public mypasswd
Server time is Sat Aug 10 15:58:44 1996
Timezone is UTC+10.0
Domain=[WORKGROUP] OS=[Windows NT 3.51] Server=[NT LAN Manager 3.51]
smb: \>
smb: \> h
ls dir lcd cd pwd
get mget put mput rename
more mask del rm mkdir
md rmdir rd prompt recurse
translate lowercase print printmode queue
cancel stat quit q exit
newer archive tar blocksize tarmode
setmode help ? !
smb: \>
===== Montar compartilhamento =====
[root@postel]# smbmount "\\\\samba1\\customers" -U rtg2t -c 'mount /customers -u 500 -g 100'
Added interface ip=192.168.35.84 bcast=192.168.255.255 nmask=255.255.0.0
Got a positive name query response from 192.168.168.158 ( 192.168.168.158 )
Server time is Tue Oct 5 10:27:36 1999
Timezone is UTC-4.0
Password:
Domain=[IPM] OS=[Unix] Server=[Samba 2.0.3]
security=user
[root@postel]# mount
/dev/hda2 on / type ext2 (rw)
none on /proc type proc (rw)
none on /dev/pts type devpts (rw,mode=622)
//SAMBA1/CUSTOMERS on /customers type smbfs (0)
===== Montar compartilhamento via comando mount ======
root# mount -t cifs -o username=ricardobarbosa,password=123456 //192.168.1.3/bkp /mnt