====== SMB Provide Network Shares Suitable For Group Collaboration ======

**General Information**

Samba shares for groups.

**Prerequisites**
  * [[linux_wiki:smb_provide_network_shares_to_specific_clients#server_install_and_config|Samba server installed and configured]]
  * [[linux_wiki:smb_provide_network_shares_to_specific_clients#client_install_and_config|Samba client installed and configured]]

----

====== Lab Setup ======

The following virtual machines will be used:
  * server1.example.com (192.168.1.150) -> Perform all SMB client tests from here
  * server2.example.com (192.168.1.151) -> Install the Samba Server here

----

====== Group Shares: Server ======

Create a group
<code bash>
groupadd smbgrp
</code>

\\
Add users to the group
<code bash>
usermod -G smbgrp user1
usermod -G smbgrp user2
</code>

\\
Create samba passwords
<code bash>
smbpasswd -a user1
smbpasswd -a user2
</code>

\\
Setup the group directory for sharing
<code bash>
mkdir /sambashare_group
chown :smbgrp /sambashare_group
chmod 770 /sambashare_group
</code>

\\
SELinux: Set file context
<code bash>
semanage fcontext -at samba_share_t "/sambashare_group(/.*)?"
restorecon -Rv /sambashare_group
</code>

\\
Create the new directory share config
<code bash>
vim /etc/samba/smb.conf

[sambashare_group]
 comment = My Groups Samba Share
 path = /sambashare_group
 valid users = @smbgrp
 write list = @smbgrp
 writable = yes
 force group = +smbgrp
 create mask = 0664
 directory mask = 0775

 # Defaults, but listing in case something in [global] over rides
 browsable = yes
 public = no
</code>
  * +smbgrp  -> The "+" means that only users already in the group (smbgrp) will use that as their primary group when accessing the share.

\\
Restart the service for changes to take effect
<code bash>
systemctl restart smb
</code>

----

====== Group Shares: Client ======

Ensure the same users and group exist on the client
  * **uids and gids must match!**

\\
List shares
<code bash>
smbclient -L //192.168.1.200 -U user1
</code>

\\
Setup local directory for mounting the remote samba share
<code bash>
mkdir /collaborate
</code>

\\
Mount Persistently
<code bash>
vim /root/.sharedcreds
 
username=user1
password=password


vim /etc/fstab
 
//192.168.1.200/smbgroupshare /collaborate  cifs _netdev,rw,credentials=/root/.sharedcreds,uid=1004,gid=1004  0 0
</code>

----