Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== CIFS Windows Shares ====== **General Information** Creating Samba server file shares (CIFS) and mounting CIFS shares on Linux. **Checklist** * Distro(s): Enterprise Linux 6/7 ---- ====== Samba (CIFS) Server Setup ====== * Install the service<code bash>yum install samba samba-client</code> * Enable and Start the service<code bash>systemctl enable smb systemctl start smb</code> * Create a samba user and password<code bash>smbpasswd -a sambauser1</code> ===== Samba Config ===== Settings to configure globally and at the share level /etc/samba/smb.conf<code bash> [global] dns proxy = no server string = Samba Server %v min protocol = SMB2 max protocol = SMB3 workgroup = WORKGROUP log file = /var/log/samba/%m.log max log size = 50 ##-- Security --## # Only allow the 192.168.1.* network globally to any share hosts allow = 192.168.1. security = user passdb backend = tdbsam encrypt passwords = yes client plaintext auth = no #-- server signing mandatory : Resolves Security Scanners finding SMB Password Encryption Not Required --# server signing = mandatory #-- smb encrypt: Requires Win8/10/Server2012 or newer clients due to smbv3 --# #smb encrypt = mandatory [share_name] path = /path_to_share valid users = sambauser1, sambauser2 browsable = yes guest ok = no read only = yes #- Allow only hosts on certain networks only (192.168.1.*) for this share-# hosts allow = 192.168.1. 127.0.0.1 </code> \\ **Config File Help** <code bash> vim /etc/samba/smb.conf.example And man smb.conf </code> \\ [Optional] Test samba config syntax <code bash> testparm </code> \\ Restart the samba service <code bash> systemctl restart smb </code> \\ Test the samba share <code bash> smbclient -L //localhost -U sambauser1 </code> * Enter samba password (not system) when prompted ---- ====== CIFS Client Setup ====== - Install Packages<code bash>yum install -y cifs-utils samba-client</code> - List remote shares<code bash>smbclient -L <remote-cifs-server></code> - Create local directory structure to mount the shares in<code bash>mkdir -p /data/shared/<cifs-share-name></code> - Create root ssh directory if it does not exist<code bash>mkdir /root/.ssh chmod 700 /root/.ssh</code> - Create the CIFS credentials file<code>touch /root/.ssh/.<cifs-share-name> chmod 600 /root/.ssh/.<cifs-share-name></code> - Edit the credentials file, add share's user/pass/domain<code>vim /root/.ssh/.<cifs-share-name> username=<user> password=<password_here> domain=<domain></code> - Create persistent CIFS mount in /etc/fstab<code bash>vim /etc/fstab //<remote-cifs-server>/<sharename> /data/shared/<cifs-share-name> cifs auto,credentials=/root/.ssh/.<cifs-share-name>,_netdev,uid=<user>,gid=<users>,rw 0 0</code> - Mount the share<code bash>mount -a</code> ---- linux_wiki/cifs_windows_shares.txt Last modified: 2019/05/25 23:50(external edit)