Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
linux_wiki:cifs_windows_shares [2015/10/04 00:07] billdozor created |
linux_wiki:cifs_windows_shares [2019/05/25 23:50] (current) |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| **General Information** | **General Information** | ||
| - | Mounting CIFS (Windows Shares) on Linux. | + | Creating Samba server file shares |
| **Checklist** | **Checklist** | ||
| - | * Distro: Enterprise Linux 6 | + | * Distro(s): Enterprise Linux 6/7 |
| - | * CIFS share is already present on remote server. | + | |
| ---- | ---- | ||
| - | ===== Install/ | + | ====== Samba (CIFS) Server Setup ====== |
| - | | + | |
| - | | + | |
| - | - List remote shares | + | * Enable and Start the service< |
| - | | + | systemctl start smb</ |
| - | - Create local directory structure to mount the shares in | + | |
| - | | + | * Create a samba user and password< |
| - | - Create root ssh directory if it does not exist | + | |
| - | | + | |
| + | ===== Samba Config ===== | ||
| + | |||
| + | Settings to configure globally and at the share level | ||
| + | |||
| + | / | ||
| + | [global] | ||
| + | dns proxy = no | ||
| + | server string = Samba Server %v | ||
| + | |||
| + | min protocol = SMB2 | ||
| + | max protocol = SMB3 | ||
| + | |||
| + | workgroup = WORKGROUP | ||
| + | log file = / | ||
| + | max log size = 50 | ||
| + | |||
| + | ##-- Security --## | ||
| + | # Only allow the 192.168.1.* network globally to any share | ||
| + | hosts allow = 192.168.1. | ||
| + | security = user | ||
| + | passdb backend = tdbsam | ||
| + | encrypt passwords = yes | ||
| + | client plaintext auth = no | ||
| + | |||
| + | #-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# | ||
| + | server signing = mandatory | ||
| + | |||
| + | #-- smb encrypt: Requires Win8/ | ||
| + | #smb encrypt = mandatory | ||
| + | |||
| + | [share_name] | ||
| + | path = / | ||
| + | valid users = sambauser1, sambauser2 | ||
| + | browsable = yes | ||
| + | guest ok = no | ||
| + | read only = yes | ||
| + | #- Allow only hosts on certain networks only (192.168.1.*) for this share-# | ||
| + | hosts allow = 192.168.1. 127.0.0.1 | ||
| + | </ | ||
| + | |||
| + | \\ | ||
| + | **Config File Help** | ||
| + | <code bash> | ||
| + | vim / | ||
| + | And | ||
| + | man smb.conf | ||
| + | </ | ||
| + | |||
| + | \\ | ||
| + | [Optional] Test samba config syntax | ||
| + | <code bash> | ||
| + | testparm | ||
| + | </ | ||
| + | |||
| + | \\ | ||
| + | Restart the samba service | ||
| + | <code bash> | ||
| + | systemctl restart smb | ||
| + | </ | ||
| + | |||
| + | \\ | ||
| + | Test the samba share | ||
| + | <code bash> | ||
| + | smbclient -L //localhost -U sambauser1 | ||
| + | </ | ||
| + | * Enter samba password (not system) when prompted | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ====== CIFS Client Setup ====== | ||
| + | |||
| + | - Install Packages<code bash>yum install -y cifs-utils samba-client</ | ||
| + | - List remote shares< | ||
| + | - Create local directory structure to mount the shares in<code bash> | ||
| + | - Create root ssh directory if it does not exist< | ||
| chmod 700 / | chmod 700 / | ||
| - | - Create the CIFS credentials file | + | - Create the CIFS credentials file< |
| - | | + | chmod 600 / |
| - | chmod 600 / | + | - Edit the credentials file, add share' |
| - | - Edit the credentials file, add share' | + | |
| - | | + | |
| username=< | username=< | ||
| password=< | password=< | ||
| domain=< | domain=< | ||
| - | - Create persistent CIFS mount in /etc/fstab | + | - Create persistent CIFS mount in / |
| - | - <code bash>vim / | + | //< |
| - | //< | + | - Mount the share< |
| - | - Mount the share | + | |
| - | - <code bash> | + | |
| ---- | ---- | ||