Samba is a free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains.
# dnf install samba
Edit the /etc/samba/smb.conf file and set the following parameters:
First we start with the global section. This supports WIN3 to WIN-ME also.
You can give workgroup every name you want.
[global] workgroup = WORKGROUP server string = Samba %v netbios name = server5 hosts allow = 127.0.0.1/8 192.168.1.0/24 hosts deny = 0.0.0.0/0 security = user guest account = nobody passdb backend = tdbsam follow symlinks = yes wide links = yes unix extensions = no keep alive = 30 os level = 255 wins support = yes local master = yes domain master = true
The home section is not shown in the shares. Only the user home dir is shown.
[homes] comment = Home Directories valid users = %S, %D%w%S browseable = no writeable = yes create mask = 0660 directory mask = 0770
Next share is for members for the group users.
[users] comment = Voor systeem users toegangelijk path = /home/users browseable = yes writable = yes create mask = 0660 directory mask = 0770 force group = users
The next share is for others that are a member of the LAN. Root and members of the group users can upload files to this share.
[public] comment = Public shares path = /home/public public = yes writable = no printable = no create mask = 664 directory mask = 775 force group = users write list = +users
For direct access to the webserver files add:
[www1] comment = www.example.com path = /srv/www/vhosts/www.example.com/httpsdocs create mask = 0644 directory mask = 0774 read only = No
For samba to export shares in the home and www dirs you have to enter:
# setsebool -P samba_export_all_rw on
# systemctl start smb nmb # systemctl enable smb nmb
# firewall-cmd --permanent --add-service=samba # firewall-cmd --reload
# testparm
Samba doesn't use the normal user account, but has an own. That means you need to add these users to the samba user database.
Windows user must have an samba account on the server. An system account is necessary. This can be without login.
Create and enable the user.
# smbpasswd -a user-name # smbpasswd -e user-name
# smbcontrol all reload-config
# smbpasswd -x user-name
# pdbedit -L -v