Firewall – ahmetorhan.com

Samba Installation and User Authorization on Ubuntu 24.04

This document provides a step-by-step guide for installing and configuring the Samba service on an Ubuntu 24.04 server, including granting a user access to a specific shared directory (e.g., for storing 5651 logs).

1. System Update and Required Packages

sudo apt update && sudo apt upgrade -y
sudo apt install samba -y

2. Create the Shared Directory

sudo mkdir -p /srv/samba/share5651
sudo chown root:root /srv/samba/share5651
sudo chmod 755 /srv/samba/share5651

3. Create the Samba User

sudo adduser berqlog
sudo smbpasswd -a berqlog

Note: Ensure the password is set for both the system and Samba.

4. Edit Samba Configuration File

Edit /etc/samba/smb.conf with the following content:

[global]
    workgroup = WORKGROUP
    netbios name = COMPANY_SMB
    server string = Company Log Server
    security = user
    map to guest = Bad User
    dns proxy = no
    server min protocol = NT1
    ntlm auth = yes
    log file = /var/log/samba/log.%m
    max log size = 1000
    logging = file
    panic action = /usr/share/samba/panic-action %d
    server role = standalone server
    obey pam restrictions = yes
    unix password sync = yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    pam password change = yes
    usershare allow guests = no
    idmap config * : backend = tdb

[share5651]
    path = /srv/samba/share5651
    read only = no
    valid users = berqlog
    create mask = 0644
    directory mask = 0755
    browseable = yes
    guest ok = no

5. Test the Configuration

testparm

Make sure there are no syntax errors.

6. Restart Samba Service

sudo systemctl restart smbd
sudo systemctl enable smbd

7. Firewall Configuration (If Enabled)

sudo ufw allow 'Samba'

8. Access the Share

From a Windows machine:

\\<ubuntu_ip_address>\share5651

Username: berqlog, Password: the one set during setup.

9. Logs and Troubleshooting

Samba logs are located at:

/var/log/samba/log.smbd
/var/log/samba/log.nmbd
/var/log/samba/log.<client_ip_or_name>

Additional Notes:

The ntlm auth = yes setting allows compatibility with legacy Windows clients.
The server min protocol = NT1 is for compatibility with old systems. For better security, consider using SMB2 or higher.

This setup covers basic file sharing and user authorization. For advanced needs, consider configuring ACLs, audit modules, or integrating with a domain.

IP PBX Systems: Empowering Digital Communication

In today’s business landscape, the pursuit of smarter and more flexible communication solutions is paramount. IP PBX systems offer a modern communication infrastructure compared to traditional phone systems. Leveraging Internet Protocol (IP), these systems enable efficient and cost-effective communication by transmitting voice over the internet.

FortiGate (Fortinet) CLI Configuration for IP PBX: Prioritize Backup!

Efficient operation of IP PBX systems necessitates meticulous security and management. The FortiGate CLI interface aids in configuring your IP PBX while ensuring network security. However, before embarking on any configurations, it is imperative to remember:

The provided commands serve as examples and may vary based on your FortiGate device’s version.
CLI usage directly impacts your device’s configuration; therefore, exercise caution.
Always back up your configuration before initiating any changes. This safeguards your data in case of unexpected issues.

Remember, ensure you have backed up your FortiGate device before initiating any procedures!

Configuring SIP Settings for IP PBX Using FortiGate (Fortinet) CLI

FortiGate (Fortinet)

To configure SIP settings for IP PBX using the FortiGate CLI:

Step 1: Disable SIP Helpers and Monitoring Settings

config system settings
set sip-helper disable
set sip-nat-trace disable
set default-voip-alg-mode kernel-helper-based
end

Step 2: Managing and Deleting Session Helpers:

config system session-helper
show
delete 13 # Burada 13, silmek istediğiniz oturum yardımcısının numarasını temsil eder. Doğru numarayı belirttiğinizden emin olun.
end

Step 3: Creating VoIP Profiles and Configuring RTP Settings

config voip profile
edit default
config sip
set rtp disable
end

After these steps, you should restart the device. You can use the following code for that purpose.

execute reboot

Please note that the provided commands are illustrative and may differ based on your FortiGate device’s version. CLI usage directly influences your device’s configuration, making careful execution crucial. Always remember to back up your configuration before making any changes.

If you have any questions or details you would like to add, feel free to write me.