Home > CentOS > CentOS 6.x > Samba server configuration > Quick samba server with authentication setup

Configure authentication based sharing

To configure samba server with authentication based shares, use following steps:

1. Disable SELinux
2. yum -y install samba
3. Edit /etc/smb.conf so that it only contains:

   [global]
   workgroup = WORKGROUP
   server string = Samba Server Version %v
   netbios name = files.sbarjatiya.com
   
   log file = /var/log/samba/log.%m
   max log size = 50
   
   security = user
   passdb backend = tdbsam
   load printers = no

4. service smb start
5. chkconfig smb on
6. service nmb start
7. chkconfig nmb on

Add samba user

To add a new samba user use:

1. useradd <username>
2. smbpasswd -a <username>

Change samba password of existing user

To change password of user after it has been added use 'smbpasswd <username>'. Linux clients can also change password remotely using 'smbpasswd -r <samba-server-ip> -U <samba-username>'

Create secured samba share

To create a secured samba share append following configuration in /etc/samba/smb.conf

  [<share-name>]
  comment = <Comment>
  path = <absolute-path-of-folder>
  public = yes
  writable = yes
  read only = no
  valid users = <space-separated user names>

Then create the folder with configured path with 777 permissions. Note that if 777 is not feasible giving ownership to user nobody might also suffice. Restart samba using

service smb restart

Accessing samba share from Client

Accessing samba share from Linux

Use "smbclient -U username //<server-ip>/<share-name>" and enter samba user's password. Use 'help' on 'smb>' prompt to learn how to use smb.

Accessing samba share from Windows

Use \\<server-ip>\<share-name> and login with samba user id and password to access the share

Note that in Windows credentials get cached for the current login. To remove cached credentials there are two options:

• Log off from current Windows user and re-login
• Other option is to:
  1. Open 'cmd'
  2. Type 'net use' to see currently used shares
  3. Type 'net use \\<server-ip>\<share-name> /delete' where '\\<server-ip>\<share-name>' should have been displayed in output of previous 'net use' command.

Supporting change of Samba password from windows clients

Linux or MAC clients can easily change passwords as described earlier using 'smbpasswd -r <samba-server> -U <samba-user>'. However for Windows clients there is no easy way to change samba password. To provide a web based administrative interface to reset samba passwords use following steps:

Install webmin

First install webmin using:

1. Download webmin
2. yum localinstall webmin*.rpm
3. service webmin start
4. chkconfig webmin on
5. Set root password
6. Access webmin user interface at https://<server-ip>:10000/
7. Login using root user

Create user for samba password reset

Then create user account for resetting samba password using:

1. Select Webmin -> Webmin Users from left panel
2. Click "Create a new webmin user" option on right
3. Give appropriate username desired for webmin user which would be used to reset samba passwords, eg. samba
4. Set webmin user password.
5. Click available webmin modules
6. Choose 'Samba Windows File Sharing'
7. Click 'Create'

Reduce access of samba password user to only change of password

Restrict access of user to only reset user samba password using:

1. Click on 'samba' or appropriate username on webmin users webpage.
2. Click on 'Available webmin modules'
3. Click on "Samba Windows File Sharing". In this case click on the name which is hyperlink and not on the checkbox in front of the name.
4. Select no for everything except
   • Can view SAMBA users database?
   • Can edit SAMBA users?

     Even for Access file shares, Access print shares untick all three - create, read, write.

5. Click "Save"
6. Use "Switch to user" option to verify settings. Refresh page after clicking "Switch to user" for new settings to take effect.

Home > CentOS > CentOS 6.x > Samba server configuration > Quick samba server with authentication setup