Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux_wiki:cifs_windows_shares [2018/03/23 16:17] billdozor |
linux_wiki:cifs_windows_shares [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 10: | Line 10: | ||
---- | ---- | ||
- | ====== CIFS Server Setup ====== | + | ====== |
+ | * Install the service< | ||
- | FIXME -> Need to add server install steps. | + | * Enable and Start the service< |
+ | systemctl start smb</ | ||
+ | * Create a samba user and password< | ||
- | ===== Global Config ===== | ||
- | Settings to configure globally. | + | ===== Samba Config ===== |
+ | |||
+ | Settings to configure globally | ||
/ | / | ||
Line 24: | Line 28: | ||
dns proxy = no | dns proxy = no | ||
server string = Samba Server %v | server string = Samba Server %v | ||
+ | |||
min protocol = SMB2 | min protocol = SMB2 | ||
max protocol = SMB3 | max protocol = SMB3 | ||
+ | |||
workgroup = WORKGROUP | workgroup = WORKGROUP | ||
log file = / | log file = / | ||
max log size = 50 | max log size = 50 | ||
+ | |||
+ | ##-- Security --## | ||
+ | # Only allow the 192.168.1.* network globally to any share | ||
+ | hosts allow = 192.168.1. | ||
security = user | security = user | ||
passdb backend = tdbsam | passdb backend = tdbsam | ||
encrypt passwords = yes | encrypt passwords = yes | ||
client plaintext auth = no | client plaintext auth = no | ||
+ | |||
#-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# | #-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# | ||
server signing = mandatory | server signing = mandatory | ||
+ | |||
#-- smb encrypt: Requires Win8/ | #-- smb encrypt: Requires Win8/ | ||
#smb encrypt = mandatory | #smb encrypt = mandatory | ||
- | </ | ||
- | ---- | ||
- | |||
- | ===== Share Config ===== | ||
- | |||
- | Share config settings. | ||
- | |||
- | / | ||
[share_name] | [share_name] | ||
path = / | path = / | ||
Line 52: | Line 56: | ||
guest ok = no | guest ok = no | ||
read only = yes | read only = yes | ||
- | #- Allow only hosts on certain networks only (192.168.1.*) -# | + | #- Allow only hosts on certain networks only (192.168.1.*) |
hosts allow = 192.168.1. 127.0.0.1 | hosts allow = 192.168.1. 127.0.0.1 | ||
</ | </ | ||
+ | |||
+ | \\ | ||
+ | **Config File Help** | ||
+ | <code bash> | ||
+ | vim / | ||
+ | And | ||
+ | man smb.conf | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | [Optional] Test samba config syntax | ||
+ | <code bash> | ||
+ | testparm | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Restart the samba service | ||
+ | <code bash> | ||
+ | systemctl restart smb | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Test the samba share | ||
+ | <code bash> | ||
+ | smbclient -L //localhost -U sambauser1 | ||
+ | </ | ||
+ | * Enter samba password (not system) when prompted | ||
---- | ---- |