# Setup Samba file sharing

The Samba project provides file sharing and print services for computers on a network.
It uses the SMB/CIFS protocol, so the services created by running Samba are available to Linux, Windows, and macOS clients.
It's an essential service to run in an organization supporting multiple operating systems, and it's even useful on homogenous networks.
It's not difficult to set up, and all you need is at least one server (it doesn't have to be rack mounted, and could even be a dedicated workstation) you want to designate as a file share host.
For the clients, Samba is either built-in or easily installed from a repository.

## Install

On your designated Samba server, install the Samba package.
This command also installs the `samba-common-tools` and `samba-libs` packages:

```bash
$ sudo dnf install samba
```

Next, start the SMB and NMB daemons.
The SMB daemon manages most of the Samba services, while the NMB provides NetBIOS services.

```bash
$ systemctl enable --now smb
$ systemctl enable --now nmb
```

That's the install taken care of.
All that's left is a little configuration.

## Firewall

Make sure that your file share server is accessible over your network by adding the `samba` service to your [firewall config](https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd).

```bash
$ sudo systemctl enable --now firewalld
$ sudo firewall-cmd --list-services
cockpit dhcpv6-client ssh
$ sudo firewall-cmd --add-service samba
success
$
```

## Configure Samba

Create a directory to hold your shared files and folders, and change the SELinux context to `samba_share_t`:

```bash
$ sudo mkdir /sambashare
$ sudo chcon -t samba_share_t /sambashare/
```

To configure shares and users, you edit the `/etc/samba/smb.conf` file.
The default file has several good examples of common options, including provisions for shared printers and home directories.

There's a **global** section, which defines a workgroup.
I arbitrarily set mine to `SAMBA`.
I have no other existing workgroups on my network, so the workgroup hardly matters for my setup.
If your organization has a specific workgroup structure, then follow that.

```ini
[global]
 workgroup = SAMBA
 security = user
 passdb backend = tdbsam
..
```

By default, the NetBIOS name of your Samba server is the server's Linux host name.
If you don't have [DNS configured on your local network](https://www.redhat.com/sysadmin/dns-configuration-introduction), you can use the server's IP address when contacting the Samba server.

## Create a shared location

To create a new share location, add a section to the `/etc/samba/smb.conf` configuration file with these two definitions:

```ini
[sambashare]
  path = /sambashare
  read only = No
```

Each section of this configuration file defines a *service*.
When a users connect to a Samba server, they connect to service named for one of the bracket sections in the config, such as `[sambashare]`, `[homes]`, `[print$]`, and so on.
Most users don't need to be aware of this subtlety, but you might see these service names when testing and troubleshooting.

You can test your Samba configuration with the `testparm` command:

```bash
$ testparm /etc/samba/smb.conf
```

## Add users

Users logging into a Samba share must either have accounts on the server, or else login as a guest.
You can also use standard UNIX groups to manage access.
For instance, to create a group of staff members you want to provide access to the server:

```bash
[server]$ sudo groupadd staff
```

Assuming you need to add a staff member named `tux` to your Samba server, the process is initially the same as usual:

```bash
[server]$ sudo adduser -g staff \
--create-home \
tux
$ passwd tux
```

You must also set a dedicated Samba password:

```bash
[server]$ sudo smbpasswd -a tux
```

## Restart and test Samba

To load in the new configuration, restart Samba:

```bash
[server]$ sudo systemctl restart {s,n}mb
```

Samba is now serving `sambashare` to any authenticated user.
You can test it using the `smbclient` command:

```bash
[client]$ smbclient -L //sambaserver
Enter SAMBA\tux's password:

Sharename    Type   Comment
---------    ----   -------
sambashare   Disk
print$       Disk   Printer Drivers
IPC$         IPC    IPC Service (Samba 4.14.5)
tux          Disk   Home Directories
```

Users can access their Samba shares through file managers, terminal commands, and other services that communicate oven SMB.
For instance, in KDE dolphin:


## Share with Samba

Setting up file sharing with Samba is easy and provides flexible cross-platform collaboration.
There are additional configuration options available when using workgroups and domains, or when Samba is the Active Directory controller.
It's built into all major operating systems, it has rich terminal and GUI tools, and it's quick to configure.
Help your users break through silos and share data with Samba.

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.