The objective is to configure basic Samba server to share user home directories as well as provide read-write anonymous access to selected directory.
There are myriads of possible other Samba configurations, however the aim of this guide is to get you started with some basics which can be later expanded to implement more features to suit your needs.
Operating System and Software Versions
- Operating System: – Ubuntu 18.04 Bionic Beaver
- Software: – Samba Version 4.7.4-Ubuntu or higher
Privileged access to your Ubuntu 18.04 Bionic Beaver will be required.
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
- $ – requires given linux commands to be executed as a regular non-privileged user
Other Versions of this Tutorial
The below configuration procedure will assume a following scenario and pre-configured requirements:
- Server and MS Windows client are located on the same network and no firewall is blocking any communication between the two
- MS Windows client can resolve samba server by hostname
- MS Windows client’s Workgroup domain is
Install Samba Server
Let’s begin by installation of Samba server. This is rather a trivial task. First, install
tasksel command if it s not available yet on your system. Once ready use
tasksel to install Samba server.
$ sudo apt install tasksel $ sudo tasksel install samba-server
We will be starting with a fresh clean configuration file, while we also keep the default config file as a backup for reference purposes. Execute the following linux commands to make a copy of an existing configuration file and create a new one:
$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf_backup $ sudo bash -c 'grep -v -E "^#|^;" /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf'
In this section we will be adding user home share directories into our new
/etc/samba/smb.conf samba configuration file.
Samba has its own user management system. However, any user existing on the samba user list must also exist within
/etc/passwd file. If your system user does not exist yet, hence cannot be located within
/etc/passwd file, first create a new user using the
useradd command before creating any new Samba user. Once your new system user eg. linuxconfig exits, use the
smbpasswd command to create a new Samba user:
$ sudo smbpasswd -a linuxconfig New SMB password: Retype new SMB password: Added user linuxconfig.
Next, use your favorite text editor to edit our new
/etc/samba/smb.conf samba configuration file:
$ sudo nano /etc/samba/smb.conf
and add the following lines:
[homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S
Create Anonymous Share
In this section we will add a new publicly available read-write Samba share accessible by anonymous/guest users. First, create a directory you wish to share and change its access permission. Example:
$ sudo mkdir /var/samba $ sudo chmod 777 /var/samba/
Next, add the following lines into Samba configuration file using your favorite text editor
sudo nano /etc/samba/smb.conf:
[public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yes
Your current Samba configuration file should look similar to the one below:
[global] workgroup = WORKGROUP server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d server role = standalone server passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user usershare allow guests = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S [public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yes
Restart Samba Server
Our basic Samba server configuration is done. Remember to always restart your samba server, after any change has been done to
/etc/samba/smb.conf configuration file:
$ sudo systemctl restart smbd
Once you restart your Samba server, confirm that all shares have been configured correctly:
$ smbclient -L localhost WARNING: The "syslog" option is deprecated Enter WORKGROUP\linuxconfig's password: Anonymous login successful Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers homes Disk Home Directories public Disk public anonymous access IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu)) Reconnecting with SMB1 for workgroup listing. Anonymous login successful Server Comment --------- ------- Workgroup Master --------- ------- WORKGROUP UBUNTU
Optionally create some test files. Once we successfully mount our Samba shares, the below files should be available to our disposal:
$ touch /var/samba/public-share $ touch /home/linuxconfig/home-share
Lastly, confirm that your Samba server is up and running:
$ sudo systemctl status smbd ● smbd.service - Samba SMB Daemon Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2018-01-31 19:50:19 AEDT; 1min 12s ago Docs: man:smbd(8) man:samba(7) man:smb.conf(5) Main PID: 3561 (smbd) Status: "smbd: ready to serve connections..." Tasks: 5 (limit: 4915) CGroup: /system.slice/smbd.service ├─3561 /usr/sbin/smbd --foreground --no-process-group ├─3578 /usr/sbin/smbd --foreground --no-process-group ├─3579 /usr/sbin/smbd --foreground --no-process-group ├─3590 /usr/sbin/smbd --foreground --no-process-group └─3611 /usr/sbin/smbd --foreground --no-process-group
Mount Samba Shares
At this stage we are ready to turn our attention to MS Windows. Mounting network drive directories might be slightly different for each MS Windows version. This guide uses MS Windows 7 in a role of a Samba client.
Mount user Home Directory
To start, open up you
Windows Explorer then right-click on
Network and click on
Map network drive... tab. Select drive letter and type Samba share location. Make sure you tick
Connect using different credentials if your username and password is different from the one created previously:
Enter your Samba user name and password:
You should now have a read-write access to your user’s home directory:
Mount Anonymous Samba Share
Similarly, mount your anonymous/guest Samba share. However this time no username and password will be required: