RHEL7: Provide SMB network shares to specific clients.

Share this link

Note: This is an RHCE 7 exam objective.

Configuration Procedure

Install the Samba packages:

# yum groupinstall -y "file-server"
# yum install -y samba-client samba-winbind

Create a new /etc/samba/smb.conf file and add the following lines (for a workgroup named MYGROUP, a server called MYSERVER, a local network with IP addresses in 192.168.1.0/24, a user named user01 and a share called shared):

workgroup = MYGROUP
server string = Samba Server Version %v
netbios name = MYSERVER
interfaces = lo eth0 192.168.1.0/24
hosts allow = 127. 192.168.1.
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
[shared]
comment = Shared directory
browseable = yes
path = /shared
valid users = user01
writable = yes

Note: with “passdb backend = tdbsam“, passwords are stored in the /var/lib/samba/private/passdb.tdb file.

Check the syntax of the configuration file:

# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[shared]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
    workgroup = MYGROUP
    netbios name = MYSERVER
    server string = Samba Server Version %v
    interfaces = lo, eth0, 192.168.1.0/24
    log file = /var/log/samba/log.%m
    max log size = 50
    idmap config * : backend = tdb
    hosts allow = 127., 192.168.1.

[shared]
    comment = Shared directory
    path = /shared
    valid users = user01
    read only = No

Create the shared directory:

# mkdir /shared

Give full access rights to the new directory:

# chmod 777 /shared

Create a file inside called test:

# echo "This is a test." > /shared/test

Set up the correct SELinux context:

# yum install -y setroubleshoot-server
# semanage fcontext -a -t samba_share_t "/shared(/.*)?"
# restorecon -R /shared

Add the new service to the firewall:

# firewall-cmd --permanent --add-service=samba

Reload the firewall configuration:

# firewall-cmd --reload

Activate the Samba services at boot:

# systemctl enable smb
# systemctl enable nmb
# systemctl enable winbind

Start the Samba services:

# systemctl start smb
# systemctl start nmb
# systemctl start winbind

Create the samba user user01 with the password pass:

# useradd -s /sbin/nologin user01
# smbpasswd -a user01
New SMB password: pass
Retype new SMB password: pass
Added user user01.

Check the configuration:

# smbclient //localhost/shared -U user01%pass
Domain=[MYGROUP] OS=[Unix] Server=[Samba 4.1.1]
smb: \> ls
  .                                   D        0  Sun Aug  3 00:19:00 2014
  ..                                  D        0  Sat Aug  2 23:16:27 2014
  test                                N        0  Sun Aug  3 00:15:20 2014

        47356 blocks of size 65536. 26414 blocks available

Additional Resources

Useful information about SELinux and Samba is available in the RHEL 7 SELinux User’s and Administrator’s Guide.
Fedora documentation‘s got a chapter about Configuring Samba.
You can also read the Samba Howto.
The learnitguide website provides a tutorial about Configuring a Samba server on RHEL 7.
The Lisenet website offers a tutorial about Setting up a Samba Server with SELinux on RHEL 7.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

20 Comments on "RHEL7: Provide SMB network shares to specific clients."

Notify of
Sort by:   newest | oldest
redhat0329
Member
redhat0329
workgroup = MYGROUP server string = Samba Server Version %v netbios name = MYSERVER interfaces = lo eth0 192.168.1.0/24 hosts allow = 127. 192.168.1. log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [shared] comment = Shared directory browseable = yes path = /shared valid users = user01 writable = yes Hi CertDepot, On hosts allow, ip 127. 192.168.1. shouldn’t have any space (correct value is 127.192.168.1). We’ll I have just copied/pasted it on /etc/samba/smb.conf file as instructed and changed only interfaces based on my test server. I’ve got an error message while… Read more »
Gjorgi
Member
Gjorgi

All went well till the very last step where I need to test configuration. I never get to the smb prompt. At smbclient //localhost/shares -U user01%pass, I get response:
Domain=[SAMBAGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

Years ago, I got to deal with a Samba setup and there were few pretty miserable failures despite following official docs of the day, I didn’t have high expectations while following this guide and my suspicions were correct: Samba is still miserable.

Gjorgi
Member
Gjorgi

Resolved. It was a stanza in the smb.conf. Instead of substituting [shared] with my own custom samba share I created, I went on and copied [shared]. When I put [my_custom_share] as a stanza, I got to the smb prompt.

beginner
Member
beginner

Hi Guys, this is a great tutorial. Thanks for putting it together. I have a question about the client side. Is there a _netdev option that is needed if I were to add samba in to the fstab? I’ve been looking for examples online with little luck. I was assuming that if you used the cifs mount type it would know to about the network dependency.

mohit.3616
Member
mohit.3616

How can I connect linux to Windows?

kkroopani
Member
kkroopani

I am getting permission denied when I login from client, does anyone know why?

mount -v -t cifs //192.168.2.27/home /mnt/smbshr/ -o username=smbuser
Password for smbuser@//192.168.2.27/home: ********

group = MYGROUP
server string = Samba Server AKA Linux-server %v
interfaces = lo eth0 192.168.2.0/24
idmap config * : backend = tdb
hosts allow = 127. 192.168.2.

[home]
comment = homedir
path = /home
valid users = MYDOMAIN\%S
read only = No

Lisenet
Member

I’m able to mount the share by using your configuration above ensuring the home directory of my Samba user is created.

What’s the home directory for the user smbuser that you use? It must exist on the Samba server.

kkroopani
Member
kkroopani

/home/smbuser

Tarlan
Member
Tarlan

Hi guys,

Is Kerberized Samba Shares providing RHCE exam ?

alexritm
Member
alexritm

local users or LDAP users should be granted access to the share? so, is it necessary to tune “passdb backend” option?

wpDiscuz

RHCSA7: Task of the day

Allowed time: 8 minutes.
Find all files bigger than 100MB and write their names into the /root/results.txt file.

RHCE7: Task of the day

Allowed time: 10 minutes.
Configure a httpd server that executes a Perl script in the /var/www/cgi-bin directory displaying "Hello!".

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...