0% found this document useful (0 votes)
21 views9 pages

3-Samba Server

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
21 views9 pages

3-Samba Server

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Samba Server:

Server Message Block (SMB) is the standard file-sharing protocol for


Microsoft windows Servers and Clients.

It can be used with Windows domain with Windows domain controller to


authenticated users.

Samba service: It is used in file sharing inside the datacenter, compatible with
Windows, and Unix Machines.

Samba Services:

 nmb is responsible of the naming as Microsoft work (used with wins


server to translate net bios names)
 smb is responsible of file sharing and authentication
 winbind is of authentication with active directory domains (natively
windows)

 samba service ports:


o 137/nmbd and 138/nmd udp
o 139/smb and 445/cifs tcp for smb service

 We have to Create the Shared directories:

 Add two groups sales and marketing:


Add the user accounts with their passwords to access the share, notice that the
accounts must be added to smbpasswd also (Samba database)

Add the accounts to the groups:

Add SELinux Context:

Samba Package Installation:


[root@srv1 ~]# dnf install samba samba-client –y
[root@srv1 ~]# cp /etc/samba/smb.conf.example /etc/samba/smb.conf
cp: overwrite '/etc/samba/smb.conf'? y
[root@srv1 ~]# vim /etc/samba/smb.conf

General Section:

workgroup = WORKGROUP ==> for windows machine to access share


server string = Network share ==> Version of Samba, hide it
netbios name = server ==> server display name in share
interfaces = lo ens160 192.168.10.25/24 ==> service listen interfaces
hosts allow = 127. 192.168.10. ==> allowed hosts to access the share
Logging Options:

The log size option will specify the maximum size of the log and it will be
rotated

Standalone Server option Section:


security = user ( anonymous or credential share)
ads (authenticate from active directory)
passdb backend = tdbsam ==> as the sam autherntication

Browser control options:


Therefore local master browser’s function is
- Provide naming service to machines in the network
- Provide the method to access any new machine in the network
local master = yes
OS level = 50
preferred master = yes

Share definition:
Private share:

[myshare] ==> what user will see


comment = welcome to my share ==> what the user will see
path = /sambashare/sales ==> location of the data
writable = yes ==> rw permission and need write list
write list = ali, @users, +users ==> users with write permission
vaild users = user3, @users ==> @ means a group or
+groupname

Note: if we use valid users we have to disable public share.


Public Share:
[public] ==> share name
comment = public share ==> what the user will see
path = /sambashare/public ==> location of the data
public = yes ==> public to all users
browseable = yes ==> can view the share content
read only =no ==> means read/write
guest account = any ==> this account must be valid
in /etc/passwd and smbpasswd utility
guest ok = yes ==> //allow anonymous user to
enter without username and password and no password is required.

Note: share name displayed in the configuration file is case sensitive [Sales]
is not the same as [sales], it can cause problems when we access the share
from smbclient tool.

Adding users to samba database


[root@srv1 ~]# smbpasswd -a user1
[root@srv1 ~]# smbpasswd -a user2
[root@srv1 ~]# smbpasswd -a user3
[root@srv1 ~]# smbpasswd -a user4

To test our configuration:


[root@server ~]#testparm

To protect our service:

Enable and start the service:


View and Login to the share:

List of users added to the samba database:

Linux Client Side:


[root@client ~]# dnf install samba-client cifs-utils -y
Create Mount Point and sharing with cifs:

To make it permanent share:


Over Windows Machine:
Windows Authentication:
To disable the caching over windows:
cmd> net use * /delete

You might also like