How to Configure SAMBA Server in Red Hat Linux?

In this article, I will explain how to setup SAMBA in Red Hat Servers followed by how to access the samba shared  files from the Windows client system.

1. With the help of the SAMBA Program, you can configure Linux server for files and printer sharing with the Microsoft Windows Client.SAMBA uses the TCP/IP Protocol for sharing the data between the cross-platform servers.

2. If you want to use Linux as a file server in a windows network, then you must have to know how to configure the SAMBA in Linux. Both Windows and Linux servers use different filesystems, It is impossible to create a Linux file server just by granting the windows clients/users to access the Linux File/Directories.

3. Windows server/system would not be able to access the data/files in the Linux Directories. So many differences are there between Windows and Linux  file systems, Let me tell you one example,

Windows filenames are not  Case sensitive whereas Linux filenames are case-sensitive, In windows data.txt and Data.txt are the same file, In Linux, both the files are different individual files.

4. Windows uses the CIFS(Common Internet File System) protocol for the sharing and this protocol is developed from the Server Message Block(SMB) protocol.

5.SAMBA is implemented by these two Protocols SMB&CIFS

6. Linux Doesn’t have SMB support by default, this is why SAMBA is required here, So SAMBA just imitates the behavior of windows file server by configuring the SMB protocol, when you run the SAMBA on the Linux Server, the Windows servers on the network can able to see the Linux server.

 

RPM’s Required to Configure SAMBA:

Before we configure SAMBA in Linux Server, let me show you what all are the rpm’s required to implement SAMBA.

1.samba = This rpm needed for SAMBA server

2.samba-client = Needed for samba client

3.samba-common = This rpm includes all the samba commands needed to configure SAMA in Linux.

4.samba-winbind = This rpm establish the connection between windows and Linux servers

5.samba-domain-join-GUI = To connect the Linux users with windows domains and workgroup

6.samba-doc =  Contains  SAMBA help documents

 

Configure SAMBA in Linux:

First check the following packages are already installed or not, if it is not installed, install it

*Samba

*Samba-winbind

*samba-common

Check the  Required Samba Packages are already installed or not by using the following command,

#rpm  -qa  samba

#rpm  -qa samba-common

#rpm  -qa samba-wi*

As you can see from the above output all the required packages are installed.

Services Needed to configure SAMBA

smb = Important service for providing authorization and authentication for file sharing between the windows and Linux.

nmb = This service understands and replies to NetBIOS name service requests to those produced by the windows server.

winbind  = This service is needed for host and username resolution

Note: smb&nmb services are mandatory and winbind is an optional service.

Check the status of each service by running the following command,

#service smb status

#service nmb status

#service samba-winbind status

As you can see from the above output, both the services are stopped, Now bring the service online by using the following command,

#service smb start

#service nmb start

Check the status again,

#service smb status

#service nmb status

As you can see from the above output, both the samba services now brought it back to online.

Now make these service online always when the Linux server is booted next time by using the following command,

#chkconfig smb on

#chkconfig nmb on

From now onwards, whenever the server enters the run level,3 or 5 the above services will come to online automatically.

Create new samba users from Linux server

#useradd  nirmal

#useradd jaslyn

Create a password for both the users,i.e don’t create a password for  users to access the local system,

you need to create a samba password for these users, so that these users can access  only the samba services

To create a samba password and add the users to samba database

Syntax:

#smbpasswd -a  <user>

#smbpasswd -a nirmal

#smbpasswd -a jaslyn

 

Configure Samba:

Create a directory and assign full permission, so that other users can read or write the contents from the directory. By default, other users don’t have write access to the directory created by the root user.

#mkdir  /data

#chmod 777 /data

#cd /data

#touch f1 f2 f3

cd /

 

As you can see from the above output, a directory with the name data has been created with full permission.

Now open the samba configuration file and put the  shared data details,

#vi   /etc/samba/smb.conf

Scroll down to the workgroup directory value and mention your workgroup name

Note: Make sure you have created the same workgroup on windows system also.

Now, look for the shared definition variable and mention the directory details along with the permissions.

browsable = yes/No you can Limit the users to his own home directory.

You no need to mention the home directory details here, since the samba reads the user home directory details from the /etc/passwd file.

Now save and exit  from the samba configuration file

To check whether you have mentioned all the details correctly inside the samba configuration file, run the command “testparm”  , if any invalid entries are present it prints the error details on your screen.

#testparm

 

As you can see from the above screenshot, everything so far  configured properly, press the enter button to see the output,

From the above output, the testparm command didn’t find any errors inside the samba configuration file, we have successfully applied all the needed parameters inside the samba configuration file.

Now restart the samba services to take effect

#service smb restart

#service nmb restart

In this Lab, I will disable the firewall and SELinux security features, so that I will not block the access.

Note: If you have Enabled Firewall and SELinux Security, At the end of this article I have explained what are all the policies we need it to enable from firewall and SELinux.

 

To stop the firewall services:

#service iptables stop

#service iptables save

As you can see from the above output, firewall services have been stopped successfully.

To stop the SELinux features:

#setenforce 0

Check the workgroup name from the windows server

As you can see from the above output, windows client system is on the same workgroup LINUXVASANTH as Linux server has.

If you see here different workgroup name then change it to LINUXVASANTH.

Check the connectivity from windows client system:

#ping 192.168.1.253

Linux server IP= 192.168.1.253

As you can see from the above output Linux server is communicating from the windows system.

Now try to connect to the Linux server from windows system  to access the samba shared resources as below,

Now Login as samba user(nirmal)

Now the user(nirmal) will be logged in his home directory path as below,

That’s it…Now we have successfully configured Windows system as a  client system of SAMBA

Now try to edit some files from the shared directory “data”, Let me edit the file “f1” from this directory

Since I have given full permission to the /data directory, samba users can write all the files from the /data directory.

 

Check the /data  directory from Linux server whether the appended content is updated on Linux server samba shared directory file f1,

We have successfully configured the SAMBA in Linux server and also verified the access from the client windows system.

 

*******************************************************************************************************************************

The PORTS and BOOLEAN Needs to be Enable if Firewall and SELinux security features are Enabled:

Allow SAMBA through firewall (i.e iptables)

The following port Numbers are used by the SAMBA

PORT 137 = UDP NetBIOS name service (WINSthe )

PORT 138 = DBP NetBIOS Datagram

PORT 139 = TCP (Windows File and Printer sharing)

PORT 445 = Microsooft DS-Active Directory,shares

PORT 445 = Microsoft DS  SMB file sharing (UDP)

To allow Firewall  for SAMBA ,Add the Following Rules in iptables,

#iptables -A INPUT -m state  --state NEW -m udp -p udp  --dport 137 -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m udp -p udp  --dport 138  -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m tcp -p tcp  --dport 139 -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m tcp  -p tcp  --dport 445 -j ACCEPT

Restart the iptables services to make the changes update

#service iptables restart

#service iptables save

Allow SAMBA through SElinux

In Linux SELinux security features by default, it denies access to any shared resources, You need to enable some couple of booleans from SELinux security

1.samba_enable_home_dirs    =  Enable  the sharing of home directories 

2.samba_export_all_ro = Enable read-only access

3.samba_export_all_rw = Enable read and write access 

4.samba_share_t_Default  = SAMBA could share
#chcon -R -t samba_share_t  /data

Always mention the directory name you would like to give access from SELinux, otherwise, it would be a security risk.

 

 

I hope you have enjoyed this article, if it was please share it with your friends, hit the Subscribe button below and be sure to share among with your friends.

###################################################################################

If you found this article useful, Kindly Subscribe here 👉  Click this link to Subscribe
For More Videos Subscribe My Youtube Channel    https://youtu.be/A7a72pmPa5o