Objective
The objective is to configure basic Samba server to share user home directories as well as provide read-write anonymous access to selected directory.
There are myriads of possible other Samba configurations, however the aim of this guide is to get you started with some basics which can be later expanded to implement more features to suit your needs.
Operating System and Software Versions
- Operating System: – Ubuntu 18.04 Bionic Beaver
- Software: – Samba Version 4.7.4-Ubuntu or higher
Requirements
Privileged access to your Ubuntu 18.04 Bionic Beaver will be required.
Conventions
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
sudo
command - $ – requires given linux commands to be executed as a regular non-privileged user
Other Versions of this Tutorial
Scenario
The below configuration procedure will assume a following scenario and pre-configured requirements:
- Server and MS Windows client are located on the same network and no firewall is blocking any communication between the two
- MS Windows client can resolve samba server by hostname
ubuntu-samba
- MS Windows client’s Workgroup domain is
WORKGROUP
Instructions
Install Samba Server
Let’s begin by installation of Samba server. This is rather a trivial task. First, install tasksel
command if it s not available yet on your system. Once ready use tasksel
to install Samba server.
$ sudo apt install tasksel $ sudo tasksel install samba-server
Configuration
We will be starting with a fresh clean configuration file, while we also keep the default config file as a backup for reference purposes. Execute the following linux commands to make a copy of an existing configuration file and create a new one:
$ sudo cp /etc/samba/smb.conf /etc/samba/smb.conf_backup $ sudo bash -c 'grep -v -E "^#|^;" /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf'
Homes share
In this section we will be adding user home share directories into our new /etc/samba/smb.conf
samba configuration file.
Samba has its own user management system. However, any user existing on the samba user list must also exist within /etc/passwd
file. If your system user does not exist yet, hence cannot be located within /etc/passwd
file, first create a new user using the useradd
command before creating any new Samba user. Once your new system user eg. linuxconfig exits, use the smbpasswd
command to create a new Samba user:
$ sudo smbpasswd -a linuxconfig New SMB password: Retype new SMB password: Added user linuxconfig.
Next, use your favorite text editor to edit our new /etc/samba/smb.conf
samba configuration file:
$ sudo nano /etc/samba/smb.conf
and add the following lines:
[homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S
Create Anonymous Share
In this section we will add a new publicly available read-write Samba share accessible by anonymous/guest users. First, create a directory you wish to share and change its access permission. Example:
$ sudo mkdir /var/samba $ sudo chmod 777 /var/samba/
Next, add the following lines into Samba configuration file using your favorite text editor sudo nano /etc/samba/smb.conf
:
[public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yes
Your current Samba configuration file should look similar to the one below:
[global]
workgroup = WORKGROUP
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
[homes]
comment = Home Directories
browseable = yes
read only = no
create mask = 0700
directory mask = 0700
valid users = %S
[public]
comment = public anonymous access
path = /var/samba/
browsable =yes
create mask = 0660
directory mask = 0771
writable = yes
guest ok = yes
Restart Samba Server
Our basic Samba server configuration is done. Remember to always restart your samba server, after any change has been done to /etc/samba/smb.conf
configuration file:
$ sudo systemctl restart smbd
Once you restart your Samba server, confirm that all shares have been configured correctly:
$ smbclient -L localhost WARNING: The "syslog" option is deprecated Enter WORKGROUP\linuxconfig's password: Anonymous login successful Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers homes Disk Home Directories public Disk public anonymous access IPC$ IPC IPC Service (ubuntu server (Samba, Ubuntu)) Reconnecting with SMB1 for workgroup listing. Anonymous login successful Server Comment --------- ------- Workgroup Master --------- ------- WORKGROUP UBUNTU
Optionally create some test files. Once we successfully mount our Samba shares, the below files should be available to our disposal:
$ touch /var/samba/public-share $ touch /home/linuxconfig/home-share
Lastly, confirm that your Samba server is up and running:
$ sudo systemctl status smbd ● smbd.service - Samba SMB Daemon Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2018-01-31 19:50:19 AEDT; 1min 12s ago Docs: man:smbd(8) man:samba(7) man:smb.conf(5) Main PID: 3561 (smbd) Status: "smbd: ready to serve connections..." Tasks: 5 (limit: 4915) CGroup: /system.slice/smbd.service ├─3561 /usr/sbin/smbd --foreground --no-process-group ├─3578 /usr/sbin/smbd --foreground --no-process-group ├─3579 /usr/sbin/smbd --foreground --no-process-group ├─3590 /usr/sbin/smbd --foreground --no-process-group └─3611 /usr/sbin/smbd --foreground --no-process-group
Mount Samba Shares
At this stage we are ready to turn our attention to MS Windows. Mounting network drive directories might be slightly different for each MS Windows version. This guide uses MS Windows 7 in a role of a Samba client.
Mount user Home Directory
To start, open up you Windows Explorer
then right-click on Network
and click on Map network drive...
tab. Select drive letter and type Samba share location. Make sure you tick Connect using different credentials
if your username and password is different from the one created previously:

Enter your Samba user name and password:

You should now have a read-write access to your user’s home directory:

Mount Anonymous Samba Share
Similarly, mount your anonymous/guest Samba share. However this time no username and password will be required:

