How to Install Samba on Linux/Windows. Samba is free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. To be exact, it is an open-source implementation of the SMB/CIFS protocol.
The (CIFS) Common Internet File System Protocol is a dialect of the SMB protocol. A collection of message bundles that describes a distinct variant of a protocol is called a dialect.
The (SMB) Server Message Block Protocol is a client-server communication protocol that is used for sharing access to files, printers, serial ports, and other resources on a network.
When using Samba, you can share files and printing services, user authentication and authorization, name resolution, and service announcements between Linux/Unix servers and Windows clients.
Buy VPS, Cheap VPS Hosting Server with Instant Activation
Table of Contents
The Main Tasks of Samba
1. Sharing a Linux drive with Windows machines.
2. Accessing an SMB share with Linux machines.
3. Sharing a Linux printer with Windows machines.
4. Sharing a Windows printer with Linux machines.
5. Setting up a domain controller on a Unix/Linux server and integrating Windows clients to the Domain controller.
Samba can also function as both a domain controller or as a regular domain member. This option makes Samba almost a must-have if you have a blended networking environment containing both Windows and Linux computers.
Introduction before installation
In order to install Samba, you will need to log into your Linux server as a user with Sudo privileges, or as the root user.
Note: To simplify the steps in this tutorial, we will use the root user.
In case you decide to move forward and install the software as your user (with sudo privileges), do not forget to type the Sudo command at the beginning of each command.
You will also need a Windows computer that we will connect from/to.
Installation of Samba on CentOS 7
As installations on CentOS and other RedHat based distributions are mostly managed best using the yum tool, we’ll be using it to install Samba on our CentOS 7 and to get our system up to date.
Firstly let’s remove all packages that might still be cached in our system.
To clean all the cached files from any enabled repository at once, we’ll use the following command:
[root@host ~]# yum clean all
Next, let’s ensure all our system packages are updated.
We are using the -y flag to auto-confirm on any prompts:
[root@host ~]# yum -y update
Now, you can move on to the Samba installation.
Notice how we are using the -y flag once again to auto-confirm the installation prompts.
Samba can be easily installed with the following command:
[root@host ~]# yum -y install samba samba-client samba-common
Yum, being such a great tool, will automatically install any dependencies needed for Samba.
At the end of the installation output, you should see something similar to this output:
Installed: samba.x86_64 0:4.9.1-10.el7_7 samba-client.x86_64 0:4.9.1-10.el7_7 samba-common.noarch 0:4.9.1-10.el7_7 Dependency Installed: libsmbclient.x86_64 0:4.9.1-10.el7_7 libwbclient.x86_64 0:4.9.1-10.el7_7 samba-client-libs.x86_64 0:4.9.1-10.el7_7 samba-common-libs.x86_64 0:4.9.1-10.el7_7 samba-common-tools.x86_64 0:4.9.1-10.el7_7 samba-libs.x86_64 0:4.9.1-10.el7_7 Complete!
After completing the installation, you can check Samba version:
[root@host ~]# smbd --version Version 4.9.1
How to Configure Samba
After installing Samba, you will need to configure it to conform to your set up and standards.
Note: Before you start with Samba configuration on our Linux machine, you’ll need to verify the workgroup on your Windows computer.
To confirm the workgroup on your Windows computer, do the following:
1. Right-click on This PC or My Computer.
2. Click on Properties.
3. Select Advanced System Settings.
4.Computer Name which will show you the following window with the data you need.
You can also run cmd (from the Windows start box) and run the following command:
net config workstation
The above command will display the information you need about the workstation domain.
You will see something like the image below:
Now that you have information about your Windows computer’s workgroup, you can move on to the Samba configuration on your Linux system.
The Samba configuration file can be found at /etc/samba/smb.conf.
Note: Before we make any changes, make sure to create a backup copy of the original configuration file.
To create a backup of your original configuration file smb.conf, you’ll use the following command to create a backup copy called smb.conf_orig:
[root@host ~]# cp /etc/samba/smb.conf /etc/samba/smb.conf_orig
We’ll start by configuring Samba for anonymous file-sharing services.
In this share, any user will be able to read or write. We’ll start by creating a directory called “anonymous_shared_directory” where our files will be stored:
[root@host ~]# mkdir -p /samba/anonymous_shared_directory
Now, you need to apply for the appropriate permissions on your directory:
[root@host ~]# chmod -R 0775 /samba/anonymous_shared_directory [root@host ~]# chown -R nobody:nobody /samba/anonymous_shared_directory
Buy Linux Virtual Private Server
In case you are using SELinux, you will need to change the SELinux security context for the samba shared directory:
[root@host ~]# chcon -t samba_share_t /samba/anonymous_shared_directory
To make the changes needed in your configuration file, you will need to open the /etc/samba/smb.conf file with preferred CLI text editor (Nano or Vim).
[root@host ~]# vim /etc/samba/smb.conf
Now we’ll configure our anonymous share by adding and editing the following directive:
[global] workgroup = WORKGROUP security = user netbios name = centos7 printcap name = cups idmap config * : backend = tdb cups options = raw map to guest = bad user [Anonymous] comment = anonymous file share path = /samba/anonymous_shared_directory browseable = yes writable = yes guest ok = yes guest only = yes read only = no force user = nobody
Your Samba configuration file should now look like below:
[root@host samba]# cat /etc/samba/smb.conf # See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # Run 'testparm' to verify the config is correct after # you modified it. [global] workgroup = WORKGROUP security = user netbios name = centos7 printcap name = cups idmap config * : backend = tdb cups options = raw map to guest = bad user [Anonymous] comment = anonymous file share path = /samba/anonymous_shared_directory browseable = yes writable = yes guest ok = yes guest only = yes read only = no force user = nobody [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @printadmin root force group = @printadmin create mask = 0664 directory mask = 0775
Note: Don’t forget to save the changes made and close the text editor.
Buy Dedicated Server
To verify your current samba settings, run the following command:
[root@host samba]# testparm rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[Anonymous]" Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Loaded services file OK. Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions.
Before you continue starting the Samba service, you’ll need to configure your firewall to work with it.
How to Install Samba on Linux/Windows.
Samba will need the following ports open to operate correctly:
Port 137 (TCP) - netbios-ns - NETBIOS Name Service Port 138 (TCP) - netbios-dgm - NETBIOS Datagram Service Port 139 (TCP) - netbios-ssn - NETBIOS session service Port 445 (TCP) - microsoft-ds - if you are using Active Directory
and:
Port 389 (TCP) - for LDAP (Active Directory Mode) Port 445 (TCP) - NetBIOS was moved to 445 after 2000 and beyond, (CIFS) Port 901 (TCP) - for SWAT service (not related to client communication)
We’ll start by configuring the csf.conf file.
Let’s open our csf configuration file with your chosen text editor:
[root@host ~]# vim /etc/csf/csf.conf
Now, make sure to add the ports to the appropriate section:
# Allow incoming TCP ports TCP_IN = "20,21,25,53,80,110,139,143,443,445,465,587,993,995,53835" # Allow outgoing TCP ports TCP_OUT = "20,21,25,53,80,110,139,143,113,443,445,587,993,995,53835"
Save the changes and reload the firewall rules:
[root@host ~]# csf -r
In case you are running the firewall service, simply add the service using the following command:
[root@host ~]# firewall-cmd --permanent --zone=public --add-service=samba
Reload the firewall service:
[root@host ~]# firewall-cmd --reload
Start the Samba services and ensure that it is started automatically on system boot.
Samba uses two system services to operate:
1. The smb.service: Implements a file sharing and printing service which listens on ports 139 and 445.
2. The nmb.service: Implements the NetBIOS over IP naming services to clients and listens on port 137.
[root@host ~]# systemctl start smb.service [root@host ~]# systemctl start nmb.service
Note: To make sure those services are started automatically on system boot, you need to enable them:
[root@host ~]# [root@host ~]# systemctl enable smb.service Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service. [root@host ~]# systemctl enable nmb.service Created symlink from /etc/systemd/system/multi-user.target.wants/nmb.service to /usr/lib/systemd/system/nmb.service.
To test your newly implemented anonymous share do the following:
1. Go to Windows computer
2. Click Start -> Run, and we are going to input are server IP address like so.
3. Press OK. Your Anonymous directory will be shown in file explorer.
4. Double-click to access the directory, and then right-click to create a new text document.
5. Choose a file name and then save it. (We will name our file testfile for this purpose.)
Make sure the new file is available on your Linux machine as well:
[root@host ~]# [root@host ~]# ls -l /samba/anonymous_shared_directory total 0 -rwxr--r--. 1 nobody nobody 0 Mar 30 22:03 testfile.txt
How to Install Samba on Linux/Windows.
How to Configure Samba for Private Shares
This type of share requires a username and a password for access. We’re going to need to create a user/group of users that are allowed to access our share.
Once we have a group for our Samba users we can easily assign any needed privileges to all of them at once.
To create a new group use the following command:
[root@host ~]# groupadd sambausergroup
We have now successfully created a group for our users called sambausergroup. Let’s move on and create our user as well.
We’ll name it newtestuser and we’ll assign it to our group in a single command along with denying him shell access.
Samba user accounts are separate from system accounts, so our user, to which we intended to grant privileges only for Samba, will not require shell access/password.
If you decide to combine, you can install “samba-winbind” package which is used to sync system users and passwords with the samba user database among other features.
How to Install Samba on Linux/Windows.
To add your user use the following command:
[root@host ~]# useradd -s /sbin/nologin -g sambausergroup newtestuser
There is one more thing our user will need to access our share and that’s a password so let create a Samba access password for him:
[root@host ~]# smbpasswd -a newtestuser New SMB password: Retype new SMB password: Added user newtestuser.
Samba users for this password-protected share will now need a place to store their files so we need to create a directory for them.
This one will be called “password_protected_directory”:
[root@host samba]# mkdir -p /samba/password_protected_directory
Users from group we created sambausergroup,will need permissions to read,write and execute files in this directory so we’ll grant them those with the following command:
root@host samba]# setfacl -R -m "g:sambausergroup:rwx" /samba/password_protected_directory
You’ll need to apply SELinux security context on this one as well:
[root@host samba]# chcon -t samba_share_t /samba/password_protected_directory/
Open the Samba configuration file and add the setting for our private share:
[root@host ~]# vim /etc/samba/smb.conf
[Password Protected] comment = needs username and password to access path = /samba/password_protected_directory valid users = @sambausergroup guest ok = no writable = yes browsable = yes
The full configuration file will now look like the following:
# See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # Run 'testparm' to verify the config is correct after # you modified it. [global] workgroup = WORKGROUP security = user netbios name = centos7 printcap name = cups idmap config * : backend = tdb cups options = raw map to guest = bad user [Password Protected] comment = needs username and password to access path = /samba/password_protected_directory valid users = @sambausergroup guest ok = no writable = yes browsable = yes [Anonymous] comment = anonymous file share path = /samba/anonymous_shared_directory browseable = yes writable = yes guest ok = yes guest only = yes read only = no force user = nobody [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @printadmin root force group = @printadmin create mask = 0664 directory mask = 0775
Now you can test your configuration with testparm command:
[root@host samba]# testparm rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[Password Protected]" Processing section "[Anonymous]" Processing section "[homes]" Processing section "[printers]" Processing section "[print$]" Loaded services file OK. Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions.
For testing, connect from your Windows computer and click on Start –> Run and input your server IP \\serverIP –>Ok.
Now, you’ll have Anonymous directory and Password protected directory:
Double-click on Password Protected directory will open up the following prompt where we’ll need to input our newtestuser credentials:
To make sure everything is working as it’s supposed to create a new directory in your Password Protected one:
This one will be named test_directory for this purpose.
Finally, confirm the existence of your directory from your Linux machine.
[root@host /]# ls -l /samba/password_protected_directory/ total 0 drwxr-xr-x. 2 newtestuser sambausergroup 6 Apr 3 21:12 test_directory
Dear user, we hope you would enjoy this tutorial, you can ask questions about this training in the comments section, or to solve other problems in the field of Eldernode training, refer to the Ask page section and raise your problem in it as soon as possible. Make time for other users and experts to answer your questions.
How to Install Samba on Linux/Windows.
Goodluck.