Mini Project: Configure Samba Server on CentOs machine + Access from Windows 10

In this mini Project, we learn how to configure the Samba server on a Centos Linux machine and access it as a shared directory from Windows 10 machine.

What is Samba

One of the most common ways to network Linux and Windows computers is to configure Samba as a File Server. This section covers setting up a Samba server to share files with Windows clients.

You can choose from several Samba configuration GUIs, but we’ll go the old-fashioned route and point our text editors to smb.conf. The configuration file is commonly found at /etc/samba/smb.conf . Note that you will need to be root to edit these, or use sudo.

You can use the AWS Cloud environment to set up Centos and Windows machines. Make sure both machines belong to the same security group or make sure they have connectivity.

Steps to perform on Centos Linux machine

Step1: Install the Samba server on the Centos machine.

yum -y install samba samba-client

Once installation is completed, create a shared directory for the Samba server and provide permissions as below.

mkdir /home/share
chmod 777 /home/share

Step2:Configure Samba for shared access.

Take a backup of the existing samba configuration file.

cp /etc/samba/smb.conf /etc/samba/smb.conf_bkp 

Make Sure the file /etc/samba/smb.conf content matches like below:

Open the file with vi or nano editor and add following contents to it.

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = WORKGROUP
security = user
passdb backend = tdbsam
map to guest = Bad User
printing = cups
printcap name = cups
load printers = Yes
cups options = raw
unix charset = UTF-8
dos charset = CP932
hosts allow = ALL
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[Public]
path = /home/share
writable = yes
guest ok = yes
guest only = yes
create mode = 0777
directory mode = 0777

Now test your configuration file for any errors using testparm command,

#testparm

Start the Samba service

# systemctl start smb nmb
# systemctl enable smb
# systemctl enable nmb
# systemctl status smb
# systemctl status nmb

Steps to perform on Windows machine.

Log in to a Windows machine as an Administrator or account with Administrator privileges.

Step 3: Access the shared directory from Windows.

Map a Network Drive.

Go to My Computer, Right click on Network, and click Map Network Drive.

Add the private IP of the Samba server followed by Share Name which is Public in my case. Check smb.conf file.

Now, you can see the directory which is created in the Samba server’s /home/share location. If you see nothing. Try creating a directory in the Samba server’s /home/share folder using mkdir test command

Troubleshooting:

Error 1:
“You can’t access this shared folder because your organization’s security policies block unauthenticated guest access”

Reason:
The main reason why such an issue occurs is the lack of SMB1 installation and deactivation of SMB2 in Windows 10 v1709 or later versions
You need to go through some steps to enable SMB1 manually.

It happens because Guest Access in SMB2 is disabled by default. To fix this error in Windows 11 and Windows 10, you can follow these steps

• Open Local Group Policy Editor
• Go to Lanman workstation
• Change the setting of Enable insecure guest logons from Not Configured to Enabled
• Save changes
• Restart the machine (The most important step. Linux users forget it mostly.)

Using Group Policy Editor

Press Win+R or Go Run, and type gpedit.msc

After opening the Local Group Policy Editor, navigate to this path-

Computer configuration > Administrative Templates > Network > Lanman Workstation

On your right side, you should see a setting called Enable insecure guest logons. Double-click on it, change the setting to Not Configured to Enabled, and save your change.

Bonus section: Configure Samba Server with Limited access to Shared Folder.

In this section, we will see how to share folder on the Samba server with limited access.
If you are following the above tutorial then you need to disconnect Network Drive from the windows server.

On the Linux box, Create another folder to share.

#mkdir /home/share2
#chmod 777 /home/share2
#systemctl enable --now smb

Add user

#useradd cent
#smbpasswd -a cent
#groupadd smbgroup01
#usermod -aG smbgroup01 cent

Add the following section to the end of the file /etc/samba/smb.conf

[Share2]
path = /home/share2
writable = yes
guest ok = no     
valid users = @smbgroup01
force group = smbgroup01
force create mode = 770
force directory mode = 770
inherit permissions = yes

Restart the service.

#systemctl restart smb
#systemctl restart nmb

Map network Drive on Windows machine.

Thanks for visiting our blog.