Saturday, December 30, 2023

A Step-by-Step Guide to Configuring Samba Server on Red Hat/CentOS/Rocky Linux 8

Introduction:

Samba, an open-source implementation of the SMB/CIFS networking protocol, enables seamless file and print sharing between Linux and Windows systems. Configuring a Samba server on Red Hat 8 is a straightforward process that allows you to create a shared network resource accessible from various operating systems. In this step-by-step guide, we'll walk you through the process of setting up a Samba server on Red Hat 8.


Prerequisites:

1.  Red Hat 8 Installation:

   Ensure that you have a Red Hat 8 system up and running.

2. Root or Sudo Access:

   You need administrative privileges to install and configure packages.


 Step 1: Install Samba Package:

Open the terminal and use the following command to install the Samba package:

#sudo dnf install samba samba-common samba-client
 

Step 2: Configure Samba:

1. Backup the Original Configuration:

   Before making any changes, it's wise to back up the original configuration file:

#sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
 

2. Edit the Samba Configuration File:

   Use your preferred text editor to open the Samba configuration file:   

   Update the file according to your preferences. Below are some essential configurations:

#sudo vim /etc/samba/smb.conf

 [global]

       workgroup = WORKGROUP
       server string = Samba Server %v
        security = user


   [sharename]

       path = /DATA/Samba_share
       writable = yes
       browseable = no
       guest ok = no
       valid users = user1 user2 @smb_group
       hosts allow = 127.  192.168.1.

  

   - `workgroup`: Set the workgroup name (default is WORKGROUP).

   - `server string`: Add a description for your Samba server.

   - `security`: Set to "user" for user-level security.

   Adjust the `[sharename]` section according to your needs.


Step 3: Create a Samba User and group:

Create a Samba user and set a password. This user should have access to the shared folder.

#sudo groupadd smb_group 

#sudo useradd -M username

#sudo smbpasswd -a username 
 

If you are managing access through group  add user in group too

#sudo usermod -aG smb_group  username
 

Step 4: Create the Shared Folder:

Create a folder to be shared and adjust permissions:

#sudo mkdir -p /DATA/Samba_share

#sudo chown  root:smb_group -R /DATA/Samba_share

#sudo chmod  0775 -R /DATA/Samba_share

 

Step 5: Start and Enable Samba Service:

Start the Samba service and enable it to start at boot:

#sudo systemctl enable smb

#sudo systemctl start smb 

#sudo systemctl status smb


Step 6: Configure Firewall:

If the firewall is active, allow Samba traffic:

#sudo firewall-cmd --add-service=samba --permanent

#sudo firewall-cmd --reload 
 

Step 7: Configure selinux:  

if the selinux is enabled set context  

#sudo chcon -t samba_share_t  /DATA/Samba_share

#sudo chown -R root:smb_group /DATA/Samba_share
 

Step 8: Test the Configuration:

Access the shared folder from a Windows or Linux machine using the Samba user credentials.

Here we have some commands to verify on Linux Server 

 A . Connect to a Samba Share:

#smbclient //server/sharename -U username 
 

- Replace `server` with the hostname or IP address of the Samba server.

- Replace `sharename` with the name of the shared folder.

- Replace `username` with the Samba username.


If you didn't specify a password during connection, you can enter it interactively:


B. List Files on the Samba Share:

Once connected, you can list files on the Samba share using:

#smb: \> dir
 

C. Download and Upload a File from the Samba Share:

To download a file from the Samba share to your local machine:

#smb: \> get filename 
 

- Replace `filename` with the name of the file you want to download.


D. Upload a File to the Samba Share:

To upload a file from your local machine to the Samba share:

#smb: \> put localfile 
 

- Replace `localfile` with the name of the file you want to upload.


E. Change Directory on the Samba Share:

Navigate to a specific directory on the Samba share:

#smb: \> cd directory 
 

- Replace `directory` with the name of the target directory.


F. Delete a File on the Samba Share:

To delete a file on the Samba share

#smb: \> del filename 
 

- Replace `filename` with the name of the file to be deleted.


G. Exit `smbclient`:

To exit the `smbclient` session:

#smb: \> exit 
 

These `smbclient` commands provide a basic set of functionalities for interacting with Samba shares. You can explore additional options and features by referring to the `smbclient` manual (`man smbclient`) or by typing `help` within the `smbclient` interactive session. This tool is invaluable for testing your Samba server configuration and ensuring seamless file sharing across your network.


Bonus:

The pdbedit --list command can be used to list the user that have been added to the SMB database. The output should be identical to the smb.passwd file.

#pdbedit --list


The smbpasswd command with the -x option can be used to delete a user from the SMB database.
 
#smbpasswd -x username

 



Congratulations! You have successfully configured a Samba server on Red Hat 8 or any RPM based server, allowing seamless file sharing across your network.


Closing Thoughts:

Configuring a Samba server on Red Hat 8 is a valuable skill for anyone working in a mixed operating system environment. With this guide, you can easily set up a Samba server and enhance collaboration between Linux and Windows systems on your network. Happy sharing!

No comments:

Post a Comment

Linux server hardening | Secure Linux Servers

 Linux server hardening is the process of securing a Linux server by reducing its attack surface and mitigating security risks. The goal is ...