CIS 192 Linux Lab Exercise

Similar documents
CIS 192 Linux Lab Exercise

Install and Configure Samba - CentOS 7

Lab #10: Using Linux with Microsoft Windows

Supplies VLab pod 192 VMs shown above. Forum

The purpose of this lab is to explore the ways client systems download their mail from mail servers that support POP3 and IMAP protocols.

CIS 192 Linux Lab Exercise

Lab 1: Accessing the Linux Operating System Spring 2009

Implementing a Primary Domain Controller for Windows 2000 Clients using Samba

Sharing files and printers with Microsoft Windows

15. Creating a Samba Server in Knoppix v.3

Lesson Module Status Slides Whiteboard with 1st minute quiz

CIS 76 VLab Pod Setup

Lab 2A> ADDING USERS in Linux

Lab X2: PPP Connections (Extra Credit)

CIS 76 VLab Pod Setup

Chapter 6: Connecting Windows Workstations

Lab 1: Introduction to Linux Networking

This tutorial will guide you how to setup and run your own minecraft server on a Linux CentOS 6 in no time.

Remote Access to the CIS VLab (308)

How to Create a NetBeans PHP Project

1.3 Analyzing the performance of various configurations and protocols

Yong Peng High School System Documentation PC Section

Step by Step Gluster Setup Table of Contents

How to Use This Lab Manual

Optional Labs. 0Handouts: 2002 ProsoftTraining All Rights Reserved. Version 3.07

CS Fundamentals of Programming II Fall Very Basic UNIX

Getting Started With UNIX Lab Exercises

Jackson State University Department of Computer Science CSC 437/539 Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan

Linux Essentials Objectives Topics:

Lab Working with Linux Command Line

CIS 191A Final Exam. Fall CIS 191 Final Exam

Virtual Data Center (vdc) Manual

WA1685 WebSphere Portal v6.1 Programming. Classroom Setup Guide. Web Age Solutions Inc. Web Age Solutions Inc

Technical Whitepaper. NetBackup PureDisk Technical Product Management. PureDisk Remote Office Protection. Export to NetBackup Feature

Linux Operating System Environment Computadors Grau en Ciència i Enginyeria de Dades Q2

Supporting Networked Computers

CS 326e Lab 2, Edmondson-Yurkanan, Spring 2004 Router Configuration, Routing and Access Lists

CS 356 Lab #1: Basic LAN Setup & Packet capture/analysis using Ethereal

Installing QuickBooks Enterprise Solutions Database Manager On Different Linux Servers

LAB #7 Linux Tutorial

find starting-directory -name filename -user username

Installing Altiris Agent on Ubuntu

LevelOne FPS-9021/FPS User Manual. Mini Printer Server w/parallel (USB2.0) Port V

1) Log on to the computer using your PU net ID and password.

Flash Video Encoder CS3 Fetch Microsoft Office 2004 (Excel, imovie. Powerpoint, Word, Entourage) itunes

cpouta exercises

RH033 Red Hat Linux Essentials

Dell EMC ME4 Series vsphere Client Plug-in

VMware Server. Virtual PC Basics. VMware is a registered trademark of VMware, Inc. (an EMC company).

CENG 334 Computer Networks. Laboratory I Linux Tutorial

Offloading NDO2DB To Remote Server

ETK Installation and Configuration Manual

Lab 8B: Configuring the WINS Client for Windows XP Professional

CS 215 Fundamentals of Programming II Spring 2019 Very Basic UNIX

RedHat. Rh202. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs)

Setting Up SAMBA. And the response was: salmonberry samba sawtimber scramble. Thus, the name Samba was born.

CS/CIS 249 SP18 - Intro to Information Security

Assignment 1: Build Environment

Software Tips-1. Soma s Software Tips. Software Tips for the X-Ray Facility

IBM Storage Configuration Manager Planning, Installation, and Configuration Guide

DELL EMC UNITY: DR ACCESS AND TESTING. Dell EMC Unity OE 4.3

1. Open VirtualBox and start your linux VM. Boot the machine and log in with the user account you created in Lab #1. Open the Terminal application.

Linux Administration

Getting Started with. Agents for Unix and Linux. Version

202 Lab Introduction Connecting to the Lab Environment

Print Manager Plus 2010 Workgroup Print Tracking and Control

Jackson State University Department of Computer Science CSC / Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan

SELinux Workshop Redux Jamie Duncan, Red Hat RVaLUG 19 April 2014

This is a GENERAL Servant Keeper Network Installation help sheet. If you need further assistance, please contact your network administrator.

Network Monitoring & Management. A few Linux basics

Create a pfsense router for your private lab network template

Recent Operating System Class notes 04 Managing Users on Windows XP March 22, 2004

ETHICAL HACKING LAB SERIES. Lab 3: Using the SYSTEM Account

Introduction to Firewalls using IPTables

JMS USB 2.0 Hi-Speed-Port MFP Server

Novell Open Workgroup Suite Small Business Edition


Ftp Get Command Line Windows 7 Bootable Usb

CS CS Tutorial 2 2 Winter 2018

Send the Ctrl-Alt-Delete key sequence to the Guest OS one of two ways: Key sequence: Ctlr-Alt-Ins Menu Sequence: VM / Guest / Send Ctrl-Alt-Delete

LAB 0: LINUX COMMAND LINE AND SVN

Configuring the WT-4 for ftp (Ad-hoc Mode)

Introduction. Overview of 201 Lab and Linux Tutorials. Stef Nychka. September 10, Department of Computing Science University of Alberta

Introduction. SSH Secure Shell Client 1

SIOS Protection Suite for Linux v9.0. Samba Recovery Kit Administration Guide

FireFox. CIS 231 Windows 10 Install Lab # 3. 1) Use either Chrome of Firefox to access the VMware vsphere web Client.

Print Server. User s Manual

LevelOne FPS port USB/MFP Server. User`s Manual

The Ip address / Name value should be: srvvcenter-cis

Lab - Configure the Firewall in Windows 7 and Vista

Networks Lab Pod Diagram

Remote Desktop How to guide

TEL2821/IS2150: INTRODUCTION TO SECURITY Lab: Operating Systems and Access Control

One Bay SATA/IDE Turbo NAS User Manual

The Ip address / Name value should be: srvvcenter-cis

Telnet Session Hijack

Lab - Configure the Firewall in Windows 8

Introduction to Unix - Lab Exercise 0

Lab IP Addresses and Network Communication

WA1937 WebSphere Portal 7.0 Programming. Classroom Setup Guide. Web Age Solutions Inc. Copyright 2012 Web Age Solutions Inc. 1

Transcription:

CIS 192 Linux Lab Exercise Lab 8: Samba Spring 2009 Lab 8: Samba The purpose of this lab is to share files among Windows and Linux hosts on a common network. The goal is to browse directories on the Linux servers from a Windows machine. This will be accomplished using William and Legolas as clients, and Elrond as the Samba Server. Supplies.1XX is based on your station number and the IP Table in the Appendix N=1 for the classroom and N=4 for the CIS lab or CTC VMWare Server 1.08 or higher 192 VMs: William (Win XP), Elrond (CentOS), and Legolas (CentOS) Virtual networks: VMnet3 Preconfiguration Original versions of all VMs.

If you plan to do this lab at home see: http://simms-teach.com/howtos/129- working-at-home.pdf Forum Use the forum to ask for help, post tips and any lessons learned when you have finished. Forum is at: http://simms-teach.com/forum/viewforum.php?f=18 Background Samba is an implementation of Windows file and print services for Linux allowing the sharing of files and printers between Windows and Linux. Samba s name is based on the protocol used by the Microsoft Windows network file system, SMB (Server Message Block). On the Linux Samba server, the firewall will need to be configured so other systems can access the shared directories. Samba uses ports 137, 138, 139 and 445 so these ports will need to be opened. There are several places where permissions will be to be configured. The normal UNIX file permissions need to be set (with chmod). Additional access controls can be defined in the Samba configuration file for each share. And if SELinux is set to enforcing mode, then shared files must be labeled with extended attributes to comply with the SELinux policy. The commands we will be using for this lab are: mount, umount smbclient smb testparm The configuration of the smb.conf files will require root access; the browsing of directories may be performed by a regular user. Procedure Setup 1. Revert William, Legolas and Elrond to their snapshots. 2. Configure Elrond and Legolas interfaces as shown in the diagram above: a. Configure permanent IP addresses b. Configure default routes (Elrond -> Nosmo, Legolas -> Elrond) c. Configure DNS server (use 207.62.187.54) d. Configure Elrond to forward packets e. Modify Elrond s firewall to not filter forwarded packets: i. iptables -D FORWARD 1 3. Configure William to use DHCP. 4. Configure a static route on William to the Rivendell network. To do this bring up a command line (Start > Run > cmd ) then: route add 192.168.2.0 mask 255.255.255.0 172.30.N.1XX route PRINT 5. Determine IP address assigned to William using ipconfig /all from the command line. 6. Add entries to the /etc/hosts file on Elrond for William and Legolas 7. Add entries to the /etc/hosts file on Legolas for William and Elrond

8. Add entries to C:\WINDOWS\system32\drivers\etc\hosts on William for Elrond and Legolas. 9. Verify you can ping by name all systems from any system. 10. Verify Elrond and Legolas can ping an internet host, e.g. google.com. Part 1 Samba client software on Elrond will be used to access file shares on William, the Windows XP system. The smbclient command will be used to list shares and retrieve files. The mount command will be used to mount a remote Windows file share on the local Linux file tree. 1. On William, the Windows XP system on the Shire network, a. Login as cis192. b. Examine the contents and permissions of the folders, depot and depot192, off the C:\ drive. c. To view permissions, right click on a folder, select Properties, Sharing tab, Permissions button d. Verify the permissions on the depot share are Everyone: Read. e. Verify the permissions on the depot192 share are cis191: none and cis192: Full Control, Change, Read. f. To monitor access to shares right click on My Computer icon (labeled William) and select Manage to run the MMC (MS Management Console). In the MMC left panel, expand (click on the +) Shared Folders. Then click on Shares, Sessions or Open Files to view share status. g. Keep the MMC window open and monitor it as you connect to shares from Elrond 2. On Elrond, the CentOS Linux system, a. Login as root b. use rpm qa grep samba and check that the samba-client and sambacommon packages have been installed. c. List the public shares on William with: smbclient -L william Just hit Enter when prompted for a password. d. Mount the depot share: mount //william/depot /mnt Just hit enter when prompted for a password which is not needed. i. Use more command to view files on share. ii. On William, use the MMC to view share status. It may be necessary to click the little refresh icon under View to get current information. iii. Use umount /mnt to close the session. e. Try to mount the depot192 share as user cis191 using: mount -o username=cis191 //william/depot192 /mnt (enter the correct password) i. This should fail given the user cis191 has no access permissions f. Now mount the depot192 share as user cis192 using: mount -o username=cis192 //william/depot192 /mnt (enter the correct password) i. Verify you can read the files in the share ii. Verify you can add new files to the share iii. Use umount /mnt to close the session g. The smbclient command can also be used in an ftp-like manner to transfer files. Use the following to start a session and copy some files:

smbclient -U cis192 //william/depot192 Type the following commands at the smb: \> prompt: i. help ii. ls iii. dir iv. mget *.txt v. quit Part 2 Install and configure Elrond as a Samba server. The configuration will include making shares, poking holes in the firewall and allowing files to be accessed under the default SELinux policy. The shares will be accessed from the Windows PC (William). 1. Install the server portion of Samba on Elrond yum install samba 2. Verify that samba has been installed: rpm -qa samba grep samba What version of samba are you running? 3. Make two directories to be shared: a. echo "We can do anything we want if we stick to it long enough." - Helen Keller > /tmp/hk.txt b. cd /var c. mkdir -p shares/depot shares/depot192 d. cd shares e. cp /tmp/hk.txt depot/ f. cp /tmp/hk.txt depot192/ g. chmod 755 * h. chown -R cis192:users * 4. Add a cis191 user: a. useradd c CIS 191 g users cis191 5. Add passwords to the Samba password database a. smbpasswd a cis191 b. smbpasswd a cis192 6. Edit /etc/samba/smb.conf file using your favorite editor. a. In the Globals section, make the following changes: i. workgroup = WORKGROUP ii. server string = Cool Samba Server b. Comment out the [homes] and [printers] shares at the end of smb.conf c. Add to the bottom of the smb.conf file the following shares: [depot] comment = Public files on Elrond path = /var/shares/depot read only = yes guest ok = yes [depot192] comment = CIS 192 files on Elrond path = /var/shares/depot192 valid users = cis192 read only = yes guest ok = yes

d. Save and exit the file. 7. Run the testparm command to verify and test the syntax of the smb.conf file. Ensure that no errors are displayed with reference to the file. (Ignore any error messages regarding long share names.) Press Enter to display the dump of the shares, when prompted by the testparm command. 8. You must now start the smb service: service smb start You should see two daemons successfully start: smb and nmb 9. On Willliam, view workgroup computers by: a. Open My Network Places (desktop icon) b. Click View workgroup computers on left panel c. You should now see a Cool Samba Server (Elrond) icon d. Try and open it it will fail with an access error message. Why? 10. On Elrond, open up the firewall for file sharing (ports 137/udp, 138/udp, 139/tcp, and 445/tcp): Option I (Use GUI based Security Level and Firewall Tool) a. startx b. System > Administration > Security Level and Firewall c. Check Samba and click Apply then OK buttons or Option II (insert iptables rules) iptables -I RH-Firewall-1-INPUT 9 -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT iptables -I RH-Firewall-1-INPUT 9 -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT iptables -I RH-Firewall-1-INPUT 9 -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT iptables -I RH-Firewall-1-INPUT 9 -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT 11. On William, see if you can now open the Cool Samba Server (Elrond) icon. a. It should succeed and display the depot share and Printers and Faxes share. b. Try to open the depot share it will fail with an access error message. Why? 12. On Elrond, show then change the SELinux context for /depot from default_t to samba_share_t: a. cd /var/shares b. ls lrz c. chcon -R -t samba_share_t * d. ls lrz 13. On William, you should now be able to open the depot share and view the hk.txt file. Congratulations you have just made your first Samba server! 14. If your need to close connections on William use: a. net use * /delete 15. Close the windows you opened on William to access the Samba server and lets look at quicker way to access the same share: a. Start > Run b. Type //elrond/depot c. Click OK button Part 3 Access the Samba shares on Elrond from another Linux system (Legolas) 1. On Legolas: a. Use smbclient -L elrond to see shares on Elrond (don t enter a password, just hit Enter) b. Now try smbclient -L elrond -U cis192% (should not get prompted for a password now)

c. Now mount the depot192 share as user cis192 using: i. mount -o username=cis192 //elrond/depot192 /mnt ii. Enter the correct password iii. Verify you can read the files in the share iv. Use umount /mnt to close the session d. The smbclient command can also be used in an ftp-like manner to transfer files. Use the following to start a session and copy some files: smbclient -U cis192 //elrond/depot192 Type the following commands at the smb: \> prompt: i. help ii. ls iii. dir iv. mget *.txt v. quit To turn in Your lab08 text file should contain the following sections. Standard boilerplate information: CIS 192 Lab XX Name Date TBA hours: X.X Station number: CIS-Lab-XX Elrond s smb.conf file Elrond s smbclient -L william output Elrond s cat /etc/sysconfig/iptables output to show samba ports open Elrond s ls -lrz /var/shares output to show SELinux Samba contexts Legolas smbclient -U CIS192 //elrond/depot192 and ls subcommand output Example command summary The command summary should be a concise set of documented examples that can be used as a resource for repeated operations in future labs. Check your work for completeness then submit as many times as you wish up until the due date deadline. Remember, late work is not accepted, so start early, plan ahead for things to go wrong and use the forum to ask questions. [p]scp lab08 cis192@opus.cabrillo.edu:lab08.lastname Grading rubric (30 points) 4 points for correct submittal, professional appearance and quality 5 points for Elrond s smb.conf file 4 points for Elrond s smbclient -L william output 4 points for Elrond s cat /etc/sysconfig/iptables output 4 points for Elrond s ls -lrz /var/shares output 4 points for Legolas smbclient -U CIS192 //elrond/depot192 and ls subcommand output 5 points for complete and concise command summary

Appendix - Static IP address table by station number: Station IP Static 1 Static 2 CIS-Lab-01 172.30.4.101 172.30.4.121 172.30.4.122 CIS-Lab-02 172.30.4.102 172.30.4.123 172.30.4.124 CIS-Lab-03 172.30.4.103 172.30.4.125 172.30.4.126 CIS-Lab-04 172.30.4.104 172.30.4.127 172.30.4.128 CIS-Lab-05 172.30.4.105 172.30.4.129 172.30.4.130 CIS-Lab-06 172.30.4.106 172.30.4.131 172.30.4.132 CIS-Lab-07 172.30.4.107 172.30.4.133 172.30.4.134 CIS-Lab-08 172.30.4.108 172.30.4.135 172.30.4.136 CIS-Lab-09 172.30.4.109 172.30.4.137 172.30.4.138 CIS-Lab-10 172.30.4.110 172.30.4.139 172.30.4.140 CIS-Lab-11 172.30.4.111 172.30.4.141 172.30.4.142 CIS-Lab-12 172.30.4.112 172.30.4.143 172.30.4.144 Pod 1 172.30.4.113 172.30.4.145 Pod 2 172.30.4.114 172.30.4.146 Pod 3 172.30.4.115 172.30.4.147 Pod 4 172.30.4.116 172.30.4.148 If you are working at home and using the Nosmo VM, then set Elrond s IP address to 172.30.4.107

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback