User Tools

Site Tools


samba50

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
samba50 [2019/02/13 10:04]
root
samba50 [2020/04/27 12:52] (current)
zog
Line 1: Line 1:
 ====== Network neighborhood ====== ====== Network neighborhood ======
    
-===== Main page of the module =====+For data exchange in a LAN SMB (Server Message Block) protocol is used. It’s a network application layer protocol for remote access to files, printers and other network resources, and also for interprocess communication. In ICS CUBE the “Network neighborhood” service is responsible for implementing this protocol.
  
-For data exchange in a LAN SMB protocol ​is used (short from Server Message Block)It’s a network application layer protocol for remote access ​to files, printers ​and other network resources, and  also for interprocess communication. In ICS CUBE this protocol is implemented with Samba.+The “Network neighborhood” module ​is located in “Fileserver” menuThis module is designed to configure and manage the remote access and contains four tabs: “Network neighborhood”“Authentication”,​ “Shared resources” ​and “Log”.
  
-{{en50-ics-samba0.png?700|}}+==== Network neighborhood====
  
-At the entrance of the module you can see its status, “Disable” button (or “Enable”,​ if it’s disabled already) and last of the log messages+{{:samba1.png?|}}
  
-===== Identification =====+On the “Network neighborhood” tab you can see status of this service and the “Disable” button (or “Enable”,​ if the module is disabled) and last log messages.
  
-{{:​идентификация.png?​700|}} +==== Authentication====
-  +
-“Identification” tab defines the role of ICS CUBE in the company’s LAN. After entering a network NetBIOS-name for the server, you can choose one of the following roles:  +
-|role|meaning| +
-|Workgroup|Company does not use domain controller (AD) in its network, computers are in a workgroup, there’s no WINS-server. By default ICS CUBE belongs to workgroup named “WORKGROUP”,​ but you can rename it if necessary| +
-|Domain|Company uses domain controller (AD) in its network. ICS CUBE can be connected to the domain. It will allow you to import domain users, synchronize them and also to use domain authorization for ICS CUBE network resources.|+
  
-Checkbox **«Sign SMB requests»** is responsible for enable additional security parameters for network resources, but they may be not maintained by old operation systems+{{:samba2.png?|}}
  
-{{en:​en50-ics-samba1.png}}+This tab is designed to determine the operating mode of the ICS CUBE in the local network of the enterprise.
  
-After clicking the button ​Join” ICS CUBE will apply the role you chose in the network neighborhood. If you chose the role “Domain”,​ the server will ask you for a login and password ​for the domain connection+The Computer name” field is responsible ​for assigning ​NetBIOS network name for the server.
  
-{{en:​en50-ics-samba2.png}}+The “Automatically create a permitting rule” checkbox creates permitting rule in the firewall to access shared resources from external networks.
  
-** +ICS CUBE can be in the working group or be joined ​to the domain:
-Attention: for ICS CUBE to import users from a domain and synchronize them using LDAP, the domain ​user that is using from the side of ICS CUBE, must have administrator rights. ​+
  
-Attention: for ICS CUBE to connect to a domain and exchange data with it, it is necessary ​that domain controller ​server is on the user list of ICS CUBE and that this user uses authorization ​based on ip-address.**+|Workgroup|Company does not use domain controller (AD) in its network, computers are in a workgroup, there’s no WINS-server. By default ​ICS CUBE belongs ​to workgroup named “WORKGROUP”but you can rename ​it if necessary
 +**Important! Users with a “\” in the login will not be able to log in (for example, domain).**| 
 +|Domain|Company uses domain controller ​(AD) in its network. ​ICS CUBE can be connected to the domain. It will allow you to import domain users, synchronize them and also to use domain ​authorization ​for ICS CUBE network resources. 
 +**Important! Only domain Users are authorized.**|
  
-It is quite common that access to the zone where domain lies can’t be permitted for exterior servers. For solving this issueyou can create a zone with redirection in the DNS module +When you select ​the "​Workgroup"​ mode, the field for entering the name of the group is activated.
  
-{{:en50-ics-samba02.png?600|}}+When you select the "​Domain"​ mode, a block of fields is activated for connecting to the domain controller. There are“Domain name” and “DNS name of domain” fields, and also the “Create DNS forward zone” checkbox with the “DNS forward server” field.
  
-If connection between ICS CUBE and the domain was successful, the green dot will appear near the field with the domain name.+{{:samba3.png?|}}
  
-===== Shared resources =====+The “Sign SMB requests” checkbox is responsible for signing using SMB.
  
-You can add new resource ​to the network neighborhood in the tab “Shared resources”using the “Add” - “Shared resource” buttons+SMB Signing is a security mechanism for the SMB protocol, also called security signatures. SMB signing is designed ​to enhance ​the security of the SMB protocol. May not be supported by older operating systems (Win98WinXP).
  
-{{en50-ics-samba3.png}} +{{:samba4.png?|}}
-  +
-After entering a name and description for the resource, you should choose a directory from fileserver structure. Press the button […] in the field “source” and choose the folder where the shared resource will be. You can create a new folder into the directory if necessary. ​+
  
-{{en50-ics-samba4.png}}+After clicking the “Join” button, the ICS CUBE will apply the selected role in the network environment. If the "​Domain"​ mode is selected, the server will request a username and password of a user with administrator rights to join the domain.
  
-In the “access rights” window choose users and groups and set access rights for them. If you will mark **Allow guest access**, you will grant access ​to view and change files to anyone who can connect to the server. ​+**Attention: in order for the ICS CUBE to join the domain ​and exchange data with the controller, it is necessary that the server-controller of the domain be included in the list of users of the ICS CUBE, and its authorization should go to the IP-addressIt is also necessary that the ICS CUBE use the DNS of the domain controller.**
  
-**Important:​ network neighborhood can work only with logins without capital letters (if ICS CUBE wasn’t connected ​to a domain).** +After trying ​to connect to the domain, ​message about the successful or unsuccessful result will appear under the field with the domain ​name.
-  +
-===== Log =====+
  
-{{en50-ics-samba5.png?700|}}+==== Shared resources. ==== 
 + 
 +{{:​samba5.png?​|}} 
 + 
 +The “Shared resources” tab designed to manage shared resources placed on ICS CUBE. 
 + 
 +For adding a shared resource you need to press the “Add” button. In the opened window you should fill in a required fields ​the “Resource name” and the “Source”,​ and the optional field the “Description”. 
 + 
 +The “Source” is the directory from the structure of the ICS CUBE file storage, in which the contents of the shared resources will be located. 
 + 
 +If necessary, it is possible to create a new folder in the directory. 
 + 
 +The “Description” is intended for a brief description of the resource, which will be displayed in the list of shared resources, as well as in the file storage next to the corresponding folder. 
 + 
 +{{:samba6.png?|}} 
 + 
 +The “Access permissions” tree determines the list of users who have read and write access to this resource. 
 + 
 +The “Guest login” checkbox allows viewing and writing by any source. 
 + 
 +{{:​samba7.png?​|}} 
 + 
 +It is worth noting that if ICS CUBE is joined to a domain, it will only authorize domain users. 
 + 
 +**Note 1: network environment only works with logins written without the use of capital letters (if the ICS CUBE is not joined to the domain).** 
 + 
 +**Note 2: feature of the samba application does not allow you to use the “root” as a login.** 
 + 
 +==== Log. ==== 
 + 
 +{{:​samba8.png?​|}} 
 + 
 +The “Log” tab displays a summary of all system messages of the corresponding servers with the date and time. The log is divided into pages, using the “forward” and “back” buttons it is possible to go from page to page, or enter the number of the desired page. 
 + 
 +Log entries are highlighted in color depending on the type of message. Normal system messages are marked in white, system status messages (on / off, user connection) are green, warnings are yellow, errors are red. 
 + 
 +In the upper right corner of the log is a search bar. And the ability to select the period for displaying the event log. By default, the log displays events for the current date. If necessary, you can save the log data to a file by clicking the “Export” button or delete the log data for a certain period by clicking the “Delete logs” button.
  
-In the Log tab you can find all system messages from SMB-server. Log is divided to pages, you can navigate between them using arrow icons, or you can enter page number to go to it directly. ​ 
  
-Log messages are colored depending on message type. Ordinary messages are white, system status messages (turning on/off, user connection) are green, errors are red.  
  
-In the top right corner there is search line. You can use it to look for the messages you need.  
  
-Log tab always shows messages of the current date. If you want to see other day log, you can pick the date you need, using the calendar in the top left corner. 
  
-If necessary, data can be saved from log to file, using the “Export” button. ​ 
samba50.txt · Last modified: 2020/04/27 12:52 by zog