CIFS Windows Shares
General Information
Creating Samba server file shares (CIFS) and mounting CIFS shares on Linux.
Checklist
- Distro(s): Enterprise Linux 6/7
Samba (CIFS) Server Setup
- Install the service
yum install samba samba-client
- Enable and Start the service
systemctl enable smb systemctl start smb
- Create a samba user and password
smbpasswd -a sambauser1
Samba Config
Settings to configure globally and at the share level
/etc/samba/smb.conf
[global] dns proxy = no server string = Samba Server %v min protocol = SMB2 max protocol = SMB3 workgroup = WORKGROUP log file = /var/log/samba/%m.log max log size = 50 ##-- Security --## # Only allow the 192.168.1.* network globally to any share hosts allow = 192.168.1. security = user passdb backend = tdbsam encrypt passwords = yes client plaintext auth = no #-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# server signing = mandatory #-- smb encrypt: Requires Win8/10/Server2012 or newer clients due to smbv3 --# #smb encrypt = mandatory [share_name] path = /path_to_share valid users = sambauser1, sambauser2 browsable = yes guest ok = no read only = yes #- Allow only hosts on certain networks only (192.168.1.*) for this share-# hosts allow = 192.168.1. 127.0.0.1
Config File Help
vim /etc/samba/smb.conf.example And man smb.conf
[Optional] Test samba config syntax
testparm
Restart the samba service
systemctl restart smb
Test the samba share
smbclient -L //localhost -U sambauser1
- Enter samba password (not system) when prompted
CIFS Client Setup
- Install Packages
yum install -y cifs-utils samba-client
- List remote shares
smbclient -L <remote-cifs-server>
- Create local directory structure to mount the shares in
mkdir -p /data/shared/<cifs-share-name>
- Create root ssh directory if it does not exist
mkdir /root/.ssh chmod 700 /root/.ssh
- Create the CIFS credentials file
touch /root/.ssh/.<cifs-share-name> chmod 600 /root/.ssh/.<cifs-share-name>
- Edit the credentials file, add share's user/pass/domain
vim /root/.ssh/.<cifs-share-name> username=<user> password=<password_here> domain=<domain>
- Create persistent CIFS mount in /etc/fstab
vim /etc/fstab //<remote-cifs-server>/<sharename> /data/shared/<cifs-share-name> cifs auto,credentials=/root/.ssh/.<cifs-share-name>,_netdev,uid=<user>,gid=<users>,rw 0 0
- Mount the share
mount -a