Friday, October 6, 2017

Server Message Block (SMB)

This post is about setting up SMB server, and how to setup for client access. The samba daemon is mainly to provide the file/print service for Workgroups or LanManager, which is out of scope for this post. I have no idea how to link to a Windows AD. :D

Install samba and samba-client package in server.

yum install -y samba samba-client

Let's observe the configuration file (/etc/samba/smb.conf.

This is highlighted in RH administration III manual:
workgroup = <WORKGROUP NAME> : act as "the workgroup".
security = user
passdb backend = tdbsam

At this point, or in this post, let's just leave it as default.

Let's share the /data in the server as user share with the name data.

The [data] denotes the new section for user share, and the share name is data.
path specify the path to share
writable set this path can be modify or not, you can also use read only parameter to control.
browseable is for whether this share is visible when user try to list the shares.

Now enable and start the related services. Also, update the firewall rule.

systemctl enable smb nmb
systemctl start smb nmb
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload

Before I forgot, I also setup a samba user account in the server (for user from client to login) using the following command. It will prompt you to setup the password.

smbpasswd -a jlim

At client site, install cifs-utils and samba-client.

yum install -y cifs-utils samba-client

To list the share from the server in client machine, highlighted in yellow box.

To access it, create a mount point, and mount it.

Remember the /data was used for NFS in previous post? Seems like it's not contradicting with additional share in Samba for the same path.

Now, let's go to Windows. We can connect to this share via net use command.

We can use the same share in Windows!

I just realize I have set the SELinux in this server box to permissive. No wonder I don't see issue in yesterday NFS setup and today's Samba service setup... :D This is another difficult topic, I did a quick test and set it to enforcing, update the fcontext to samba_share_t for the share path, but it still complain access deny at client side. Giving up for now. Maybe I'll revisit this again when I am writing about SELinux in near future.

No comments:

Post a Comment