[[linux_wiki:cifs_windows_shares]]

CIFS Windows Shares

General Information

Creating Samba server file shares (CIFS) and mounting CIFS shares on Linux.

Checklist

  • Distro(s): Enterprise Linux 6/7

Samba (CIFS) Server Setup

  • Install the service
    yum install samba samba-client
  • Enable and Start the service
    systemctl enable smb
    systemctl start smb
  • Create a samba user and password
    smbpasswd -a sambauser1

Settings to configure globally and at the share level

/etc/samba/smb.conf

[global]
dns proxy = no
server string = Samba Server %v
 
min protocol = SMB2
max protocol = SMB3
 
workgroup = WORKGROUP
log file = /var/log/samba/%m.log
max log size = 50
 
##-- Security --##
# Only allow the 192.168.1.* network globally to any share
hosts allow = 192.168.1.
security = user
passdb backend = tdbsam
encrypt passwords = yes
client plaintext auth = no
 
#-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --#
server signing = mandatory
 
#-- smb encrypt: Requires Win8/10/Server2012 or newer clients due to smbv3 --#
#smb encrypt = mandatory
 
[share_name]
path = /path_to_share
valid users = sambauser1, sambauser2
browsable = yes
guest ok = no
read only = yes
#- Allow only hosts on certain networks only (192.168.1.*) for this share-#
hosts allow = 192.168.1. 127.0.0.1


Config File Help

vim /etc/samba/smb.conf.example
And
man smb.conf


[Optional] Test samba config syntax

testparm


Restart the samba service

systemctl restart smb


Test the samba share

smbclient -L //localhost -U sambauser1
  • Enter samba password (not system) when prompted

CIFS Client Setup

  1. Install Packages
    yum install -y cifs-utils samba-client
  2. List remote shares
    smbclient -L <remote-cifs-server>
  3. Create local directory structure to mount the shares in
    mkdir -p /data/shared/<cifs-share-name>
  4. Create root ssh directory if it does not exist
    mkdir /root/.ssh
    chmod 700 /root/.ssh
  5. Create the CIFS credentials file
    touch /root/.ssh/.<cifs-share-name>
    chmod 600 /root/.ssh/.<cifs-share-name>
  6. Edit the credentials file, add share's user/pass/domain
    vim /root/.ssh/.<cifs-share-name>
    
    username=<user>
    password=<password_here>
    domain=<domain>
  7. Create persistent CIFS mount in /etc/fstab
    vim /etc/fstab
    //<remote-cifs-server>/<sharename> /data/shared/<cifs-share-name>  cifs  auto,credentials=/root/.ssh/.<cifs-share-name>,_netdev,uid=<user>,gid=<users>,rw  0 0
  8. Mount the share
    mount -a

  • linux_wiki/cifs_windows_shares.txt
  • Last modified: 2019/05/26 03:50
  • (external edit)