====== CIFS Windows Shares ======
**General Information**
Creating Samba server file shares (CIFS) and mounting CIFS shares on Linux.
**Checklist**
* Distro(s): Enterprise Linux 6/7
----
====== Samba (CIFS) Server Setup ======
* Install the serviceyum install samba samba-client
* Enable and Start the servicesystemctl enable smb
systemctl start smb
* Create a samba user and passwordsmbpasswd -a sambauser1
===== Samba Config =====
Settings to configure globally and at the share level
/etc/samba/smb.conf
[global]
dns proxy = no
server string = Samba Server %v
min protocol = SMB2
max protocol = SMB3
workgroup = WORKGROUP
log file = /var/log/samba/%m.log
max log size = 50
##-- Security --##
# Only allow the 192.168.1.* network globally to any share
hosts allow = 192.168.1.
security = user
passdb backend = tdbsam
encrypt passwords = yes
client plaintext auth = no
#-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --#
server signing = mandatory
#-- smb encrypt: Requires Win8/10/Server2012 or newer clients due to smbv3 --#
#smb encrypt = mandatory
[share_name]
path = /path_to_share
valid users = sambauser1, sambauser2
browsable = yes
guest ok = no
read only = yes
#- Allow only hosts on certain networks only (192.168.1.*) for this share-#
hosts allow = 192.168.1. 127.0.0.1
\\
**Config File Help**
vim /etc/samba/smb.conf.example
And
man smb.conf
\\
[Optional] Test samba config syntax
testparm
\\
Restart the samba service
systemctl restart smb
\\
Test the samba share
smbclient -L //localhost -U sambauser1
* Enter samba password (not system) when prompted
----
====== CIFS Client Setup ======
- Install Packagesyum install -y cifs-utils samba-client
- List remote sharessmbclient -L
- Create local directory structure to mount the shares inmkdir -p /data/shared/
- Create root ssh directory if it does not existmkdir /root/.ssh
chmod 700 /root/.ssh
- Create the CIFS credentials filetouch /root/.ssh/.
chmod 600 /root/.ssh/.
- Edit the credentials file, add share's user/pass/domainvim /root/.ssh/.
username=
password=
domain=
- Create persistent CIFS mount in /etc/fstabvim /etc/fstab
/// /data/shared/ cifs auto,credentials=/root/.ssh/.,_netdev,uid=,gid=,rw 0 0
- Mount the sharemount -a
----