0% found this document useful (0 votes)
14 views

Managing Samba in Oracle Linux

Samba is an open-source implementation of the SMB protocol that allows an Oracle Linux server to share files and printers with Windows, Linux, and macOS clients. It includes the smb, nmb, and winbind services. The smb.conf configuration file manages Samba settings and consists of sections like [global] for global settings and sections for individual shares. The [homes] section provides personal shares for users, while [printers] shares the printer folder.
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
14 views

Managing Samba in Oracle Linux

Samba is an open-source implementation of the SMB protocol that allows an Oracle Linux server to share files and printers with Windows, Linux, and macOS clients. It includes the smb, nmb, and winbind services. The smb.conf configuration file manages Samba settings and consists of sections like [global] for global settings and sections for individual shares. The [homes] section provides personal shares for users, while [printers] shares the printer folder.
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

9/22/23, 3:15 PM Managing Samba in Oracle Linux

Oracle Linux 9: Managing Shared File Systems Search

le Linux / Release 9

g Shared File Systems

4 Managing Samba in Oracle Linux


This chapter includes information about managing Samba in Oracle Linux 9.

For information about local file system management in Oracle Linux, see Oracle
Linux 9: Managing Local File Systems.

About Samba
Samba is an open-source implementation of the Server Message Block (SMB)
protocol that enables Oracle Linux to interoperate with clients that are running
different operating systems, including Windows, other Linux flavors, and macOS.

You can configure Samba to share both file and print resources from a Linux server.
For example, you might use Samba to configure a Linux host to create a file share
location that Windows users on the network can access using the following syntax:

\\samba_server\share_name

In the preceding example:

samba_server is the IP address or a network resolvable host name of the


system running the Samba service.

share_name is the name of the resource as defined in the Samba


configuration file /etc/samba/smb.conf.

Note: The format of the location path can vary depending upon the client
operating system. For example, on Unix and Linux based operating systems,
including macOS, the path format may appear as follows:
smb://samba_server/share_name.

Samba includes capability for integrating with a Windows workgroup and an Active
Directory (AD) domain.

Samba implements the Distributed Computing Environment Remote Procedure Call


(DCE RPC) protocol that is used by Microsoft Windows to provision file and print
services for Windows clients.

Samba uses the NetBIOS over TCP/IP protocol, which allows computer applications
that depend on the NetBIOS API to work on TCP/IP networks.

About Samba Services

The Samba server consists of the following important services:

smb Service

The smb service enables file sharing and printing services by using the SMB
protocol. This service is also responsible for resource locking and for authenticating
connecting users.

The smb systemd service starts and stops the smbd daemon. The following is an
example command:

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 1/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

sudo systemctl start smb.service  Copy

To use the smbd service, you need to install the samba package on your system.
nmb Service

The nmb (NetBIOS Message Block) service provides host name and IP resolution by
using the NetBIOS over IPv4 protocol. The nmb service also enables browsing of the
SMB network to locate domains, workgroups, hosts, file shares, and printers.

The nmb systemd service starts and stops the nmbd daemon. The following is an
example command:

sudo systemctl start nmb.service  Copy

To use the nmbd service, you need to install the samba package on your system.

winbind Service

The winbind service is a Name Service Switch (NSS) daemon for resolving AD
Users and Groups. The daemon enables AD Users to securely access services that
are hosted on the Samba server.

The winbind systemd service starts and stops the winbindd daemon. The
following is an example command:

sudo systemctl start winbind.service  Copy

To use the winbindd service, install the samba-winbind package.

Note: If you are setting up Samba as a domain member, you must start the
winbind service before starting the smb service. Otherwise, domain users
and groups are not available to the local system.

About the Samba Configuration File

Samba uses the /etc/samba/smb.conf file to manage Samba configuration.

smb.conf File Structure Overview

The smb.conf file consists of several sections that you can configure to support
the required services for a specific Samba configuration. Consider the following
sample extract from an smb.conf file:

#========== Global Settings =======


[global]  Copy
security = ADS
realm = EXAMPLE.REALM
password server = krbsvr.example.com
.
.
.
load printers = yes
printing = cups
printcap name = cups

#========== Share Definitions =========

[homes]
comment = User home directories
path = /data/pchome/%S
valid users = %S, WWW.EXAMPLE.COM\%S
browsable = no
https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 2/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

read only = no
guest ok = no

[printers]
comment = All Printers
path = /var/spool/samba
printable = yes

[test_share]
comment = Shared /usr/local/test_share directory created for
path = /usr/local/test_share
valid users = @examplegroup
browsable = yes
read only = no

The following list describes the sections in the preceding configuration example:

[global]

This section contains global settings for the Samba server.

In the preceding example, the security parameter value of ADS means the server
is a member of an AD domain that is running in native mode. In this scenario,
Samba relies on tickets issued by the Kerberos server to authenticate clients who
want to access local services.

[homes]

The [homes] section provides a personal share for users that log onto the Samba
server. In the example, the location of each user's home directory is set by the line
path = /data/pchome/%S (the %S macro will be substituted with the user
name). The settings for browsable = no and read only = no prevent other
users from browsing home directories, while allowing full access to valid users.

Important: Be careful with settings, such as security, especially in the special


sections [global], [homes], and [printers].
For example, if guest access is specified in the [homes] section, all home
directories will be visible to all clients without a password.
You may wish to consider using the invalid users parameter for users
such as root and other users with administrative privileges.

[printers]

Specifies support for print services. The path parameter specifies the location of a
spooling directory that receives print jobs from Windows clients before submitting
them to the local print spooler.

Samba advertises all locally configured printers on the server.

[test_share]

Specifies a share named test_share, which grants users belonging to group


examplegroup browsing and write permissions to the /usr/local/test_share
directory.

Note: The read only = no configuration entry is essential to ensure


Samba shares the directory as a writeable share.

For more information see /etc/samba/smb.conf.example, smb.conf(5)


manual page, and https://wiki.samba.org/index.php/User_Documentation

Using the testparm Program to Validate Samba Configuration File Content

You use the testparm program to validate a Samba configuration file after making
configuration changes. The testparm program detects invalid parameters and

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 3/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

values, as well as any incorrect settings such as incorrect ID mappings.

Note: testparm checks a configuration file for internal correctness only. The
testparm command is not capable of testing whether configured services
will be available or work as expected.

The following example shows how you might use the command to test a copy of
the file you are working on:

sudo testparm /etc/samba/smb.conf.my_copy  Copy

Load smb config files from /etc/samba/smb.conf.my_copy


Loaded services file OK.
...

If, instead of a copy, you want to test the default Samba configuration file, you do
not have to specify the file as a parameter. You can simply run testparm as follows:

sudo testparm  Copy

If the testparm command reports any errors or misconfiguration in the


configuration file, you should fix the problem and then re-run the command.

For more information, see the testparm(1) manual page.

Best Practice When Editing Samba Configuration

Samba services reload their configuration as follows:

Most configuration values are reloaded automatically, every 3 minutes.

You can also manually request a reload, for example by using the
smbcontrol all reload-config command.

Note: Some parameters, such as security, require a restart of the smb


service to take effect.

The frequent reloading of configuration values does not give you much time to
validate any changes you are planning to make to /etc/samba/smb.conf.
Therefore, it is best practice to first test your changes on a copy of the configuration
file. The following steps describe how you might do this:

1. Make a copy of the samba configuration file.

 Copy
sudo cp /etc/samba/smb.conf /etc/samba/samba.conf.myc

2. Edit the copy of the file after opening it in an editor of your choice, for
example vi:

sudo vi /etc/samba/samba.conf.mycopy  Copy

3. Validate your changes using testparm:

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 4/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

sudo testparm /etc/samba/smb.conf.my_copy  Copy

4. Overwrite the original file with the copy you have validated:

 Copy
sudo mv /etc/samba/samba.conf.my_copy /etc/samba/smb

5. Use the smbcontrol all reload-config command to reload the


configuration:

sudo smbcontrol all reload-config  Copy

About Samba Server Roles

The following sections give an overview of different roles you can configure for your
Samba server.

Standalone

You can configure the Samba server role as a standalone server in small networks,
for instance peer-to-peer workgroups, where the server is not required to be part of
a domain.

To provide a Windows user with authenticated access to a share on a standalone


server, you create the following accounts on the Samba server:

A Local Linux Account


The local Linux account is required to validate access to local file system
objects.

A Samba Account
In a standalone configuration, Samba authenticates users to a local
database rather than a domain controller. You use the Samba smbpasswd
command to create such accounts.

In addition to authenticated access, you can also enable guest access to allow users
to connect to some services without authentication.

Domain Member of an Active Directory Domain

Note: Oracle Linux does not support running Samba as an AD domain


controller (DC)

You configure a Samba server’s role to be a domain member of an Active Directory


(AD) domain when you need to set up Samba shares in an AD domain network.

The Samba AD domain member setup requires the following:

Installation of Kerberos

The Samba server uses Kerberos to authenticate Windows AD users


against the domain controller.
Installation of the winbind service

The winbind service provides information about Windows AD users and


groups to the Linux operating system. Hence, when a Samba server is
configured as an AD member, there is no need to manually create local
Linux users and groups for authenticated access to the Samba shares.

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 5/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

Configuration of ID Mapping Back Ends


Samba provides various ID mapping methods, referred to as back ends,
that can be configured to map each Linux GID and UID to its
corresponding Windows SID. You choose which back ends you wish to
use and configure them in the /etc/samba/smb.conf file.

See ID Mapping Back Ends in the Active Domain Member Setup

ID Mapping Back Ends in the Active Domain Member Setup


Linux and Windows each use a different ID system to identify groups and users.

Linux assigns unique GID and UID numbers to groups and users, whereas Windows
uses a Security Identifier values (SID) for each user and group.

The winbind service maintains the necessary mapping of each Linux GID and UID to
its corresponding Windows SID. However, you are responsible for specifying which
of the available mapping methods, or back ends as they are called in Samba, are to
be used for this mapping.

Overview of ID Mapping in the Samba Configuration File

You configure the mapping in the [global] section of the Samba configuration
file /etc/samba/smb.conf.

Consider the following example extract from an /etc/samba/smb.conf file:

#========== Global Settings =======


[global]  Copy
security = ADS
.
.
.
#..........................................
# Using tdb backend for default* domain.
# UID/GID range 1000000-2000000
#..........................................
idmap config * : backend = tdb
idmap config * : range = 1000000-2000000

#..........................................
# Using rid backend to map EXAMPLE.COM users
# UID/GID range 10000-49999
nd #..........................................   
idmap config EXAMPLE.COM : backend = rid
idmap config EXAMPLE.COM: range = 10000-49999 4 Managing S
and Copyright Information
Linux
ce
#.......................................... About Sam
out Shared File System # Using rid backend to map EXAMPLE.NET users
agement in Oracle Linux
# UID/GID range 50000-99999 ID Mappi
naging the Network File System
#.......................................... the Active
acle Linux idmap config EXAMPLE.NET : backend = rid Member S
idmap config EXAMPLE.NET : range = 50000 -99999
naging the Oracle Cluster File
Configurin
m Version 2 in Oracle Linux
Standalon

naging Samba in Oracle Linux The preceding example extract shows the following configurations:
Configurin
About Samba The Samba server is a member of the EXAMPLE.COM AD domain and uses as an AD M
the rid backend to map SIDs belonging to that domain. The backend is
About Samba Services authoritative for those SIDs that the rid method translates to UIDs and Accessing

About the Samba Configuration GIDs within the range specified in the file (10000-49999).
File
The Samba server also provides share access to a trusted AD domain
About Samba Server Roles
EXAMPLE.NET. The trusted domain is also configured to use the rid
D Mapping Back Ends in the Active backend. The range for EXAMPLE.NET is 50000-99999.
Domain Member Setup

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 6/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux
Overview of ID Mapping in the The default * domain uses backend tdb. The tdb range is specified as
Samba Configuration File
1000000-2000000
Domains That Require ID Mapping
Configuration
WARNING:
Available Back Ends ID ranges must not overlap.

onfiguring a Samba Standalone Only one range can be assigned to a domain.


erver
Once a range has been set and Samba has started using the range,
onfiguring a Samba Server as an AD you can only increase the upper number of the range. Any other
Member
change to the range can result in new ID assignments, and thus a
loss of file ownership data.
Accessing Samba Shares

The following sections give a further overview on using the different backends to
configure ID Mapping for domains.

For more information, see /etc/samba/smb.conf.example and the


smb.conf(5) manual pages. See also
https://wiki.samba.org/index.php/User_Documentation and upstream
documentation.

Domains That Require ID Mapping Configuration

You need to configure ID Mapping for the following:

The AD domain of which the Samba server is a member.

Each trusted AD domain that might access the Samba Server.

The * default domain.

The default domain includes Samba built-in accounts and groups, such as
BUILTIN\Administrators.

Available Back Ends

The following table describes the most commonly used back ends and their
different use cases.

Table 4-1 The Most Commonly Used ID Mapping Back Ends

Domains With Which the Back End Can Be


Back End Used

tdb Use with * default domain only.

ad Use with AD domains.

rid Use with AD domains.

autorid Can be used both with AD, and * default domain.

The following sections give an overview of the back ends listed in the preceding
table.

tdb Mapping Back End

The tdb back end is the default back end used by winbindd for storing Security
Identifier (SID), UID, and GID mapping tables.

The tdb back end must only be used for the * default domain.

The default domain includes Samba built-in accounts and groups, such as
BUILTIN\Administrators.

The tdb back end is a writeable backend that needs to allocate new user and group
IDs to create new mappings.

The ID mappings are local to the server.

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 7/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

ad Mapping Back End

The ad backend enables winbind to read the id mappings from an AD server that
uses RFC2307 schema extensions.

For example, when using the ad backend, you set a user’s Linux UID number by
entering its value in their AD account’s uidNumber attribute.

Some of the attributes you set in the Windows AD Server are listed in the following
table's first column together with the corresponding Linux value each one maps to
in the second column:

Table 4-2 Table showing some of the attributes set up in the AD Server when ad
mapping is used.

Corresponding Linux Value to Which AD


Attribute Set on Windows AD Server Attribute Maps

uidNumber UID

gidNumber GID

sAMAccountName User Name or Group Name

Note:
The list in the preceding table is given as an overview. See
upstream documentation for more attributes.
The mapping IDs must be within the range configured in
/etc/samba/smb.conf. Objects with IDs outside the range will
not be available on the Samba server.

Advantages of ad include:

UIDs and GIDs are consistent on all Samba servers that use ad.

The ID values are not stored in a local database, so there is less chance of
local data corruption and loss of file ownership data.

rid Mapping Back End

The rid back end is an algorithmic mapping scheme that uses the RID (relative
identifier) portion of the Windows SID to map Windows groups and Users to UIDs
and GIDs.

Advantages of rid include:

All domain user accounts and groups are automatically available on the
domain member providing the mapped ID falls within the domain's rid
range specified in /etc/samba/smb.conf.

No attributes need to be set for domain users and groups.

autorid Mapping Back End

The autorid back end works in a similar way to the rid ID mapping back end, but
one advantage of autorid is that it can automatically assign IDs for different
domains. This enables you to use the autorid back end for the following:

The * default domain and additional domains, without the need to create
ID mapping configurations for each of the additional domains.

Only for specific domains.

Configuring a Samba Standalone Server


The following procedure shows one way of configuring a Samba standalone server:
https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 8/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

1. Install the samba package:

sudo dnf install samba  Copy

2. Edit the /etc/samba/smb.conf file and configure the various sections


to support the services that are required for your specific configuration.

Note: See Best Practice When Editing Samba Configuration for


more information on safely editing a Samba configuration file.

Consider the following example:

#========== Global Settings =========


[global]  Copy

workgroup = EXAMPLE_WORKGROUP
netbios name = Server_Netbios_Name

security = user
role = standalone server
passdb backend = tdbsam
log file = /var/log/samba/%m
log level = 1

#========== File Share =========

[shareexample]
path = /srv/samba/shareexample/
read only = no

The preceding example configures a standalone server named


Server_Netbios_Name with the workgroup EXAMPLE_WORKGROUP with
the following settings:

role = standalone server

This specifies the type of server we are setting up.

passdb backend = tdbsam

This is the default setting in which Samba stores user accounts


in the /var/lib/samba/private/passdb.tdb database.

log level = 1

The lowest level of logging.

log file = /var/log/samba/%m

This specifies the path to the log file. The %m variable is


substituted with the NetBIOS name of the client machine.

[shareexample]

The name of the share is configured as shareexample. This is


the name users use to access the share.

read only = no

This configuration entry is essential to ensure Samba shares


the directory as a writeable share.

3. Verify the Samba configuration file:

sudo testparm  Copy

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh_c… 9/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

4. Create a local Linux user account without a home directory (-M) and
without a login shell (-s /sbin/nologin):

 Copy
sudo useradd -M -s /sbin/nologin exampleUser

5. Enable the user by setting a password:

sudo passwd exampleUser


 Copy
Changing password for user exampleUser.
New password:
Retype new password:
passwd: all authentication tokens updated succes

Note: The local password set with the passwd account is not the
one used by Samba.
However, setting a local password is required to enable the
account (Samba denies access if the account is disabled locally).

6. Add exampleUser account to the Samba database:

sudo smbpasswd -a exampleUser


New SMB password:  Copy
Retype new SMB password:
Added user exampleUser

Note: The Samba account password set in this step, using the
smbpasswd command, is the password that will be used by Samba

7. Create a Linux Group:

sudo groupadd exampleGroup  Copy

Add the user exampleUser to the group exampleGroup created in the


previous step:

sudo usermod -aG exampleGroup exampleUser  Copy

8. Make the share directory referenced in the named share in


/etc/samba/smb.conf if it does not already exist:

sudo mkdir -p /srv/samba/shareexample/  Copy

Note:

If you run SELinux in enforcing mode, set the samba_share_t


context on the directory so that SELinux allows Samba to read and
write to it:

sudo semanage fcontext -a -t samba_share_t "/sr


 Copy
sudo restorecon -Rv /srv/samba/shareexample/

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 10/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

9. Set the group for the share directory to be the group you created in a
previous step for your Samaba users:

 Copy
sudo chgrp -R exampleGroup /srv/samba/shareexample/

10. Set permissions for the shared directory:

sudo chmod 2770 /srv/samba/shareexample/  Copy

11. Open the required ports and reload the firewall configuration using the
firewall-cmd utility:

sudo firewall-cmd --permanent --add-service=samba


sudo firewall-cmd --reload  Copy

12. Enable and start the smb service:

systemctl enable --now smb  Copy

Configuring a Samba Server as an AD Member


The following procedure shows one way of configuring a Samba server as an AD
member:

1. You need to install the following packages:

realmd

The realmd tool is used to for joining Kerberos realms, like


Active Directory domains.
oddjob and oddjob-mkhomedir

oddjob is a D-Bus service which runs jobs on behalf of client


applications.
oddjob-mkhomedir is an oddjob helper which creates and
populates home directories.
samba-winbind-clients, samba-winbind, samba-
common-tools, samba-winbind-krb5-locator, and
samba.

You can run the following command to install the required


packages:

sudo dnf install realmd \


oddjob-mkhomedir \  Copy
oddjob \
samba-winbind-clients \
samba-winbind \
samba-common-tools \
samba-winbind-krb5-locator \
samba

2. Make a backup copy of the Samba configuration file:

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 11/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

 Copy
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.copy

3. Use the realm join command to join AD domain. The following


example assumes you wish to join domain EXAMPLE.COM:

sudo realm join --membership-software=samba \


--client-software=winbind EXAMPLE.COM  Copy

When you run the command as shown, realm does the following:

Creates the /etc/samba/smb.conf file with membership of


the EXAMPLE.COM domain configured.

Adds the winbind module for user and group lookups to the
/etc/nsswitch.conf file.

Updates the Pluggable Authentication Module (PAM)


configuration files in the /etc/pam.d/directory

Starts, and enables, the winbind service.

4. Set up ID Mapping in the /etc/samba/smb.conf file required in your


configuration.
For further details on ID Mapping see ID Mapping Back Ends in the Active
Domain Member Setup

5. Check that the entries in the /etc/samba/smb.conf file meet all your
configuration requirements.
For more information on the configuration file see About the Samba
Configuration File

6. Verify that the winbind service is running:

sudo systemctl status winbind  Copy

Important: The winbind service must be running before you


start the smb service. Otherwise, Samba will not be able to retrieve
domain user and group information.

7. Having verified the winbind is running in the preceding step, start and
enable the smb service:

sudo systemctl enable --now smb  Copy

8. Perform verification steps such as the following:

Get the details of a domain user. The following assumes the


details of user exampleuser in the EXAMPLE.COM domain are
being retrieved:

 Copy
sudo getent passwd EXAMPLE.COM\\exampleuser

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 12/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

EXAMPLE.COM\exampleuser:*:10000:10000::/home

Test the command to get users from the “Domain Users”


group in the domain. The following assumes the details of
users in the “Domain Users” group in the EXAMPLE.COM
domain are being retrieved:

 Copy
sudo getent group "EXAMPLE.COM\Domain Users"

EXAMPLE.COM\domain users:x:10000:exampleuser

Confirm that you can use domain users and groups when
using file and directory commands. For example, to set the
owner of the /srv/samba/shareexample/ directory to
EXAMPLE.COM\administrator and the group to
EXAMPLE.COM\Domain Users run the following command:

 Copy
sudo chown "EXAMPLE.COM\administrator":"EXAM

Accessing Samba Shares


The following tasks describe how to access Samba shares from a Windows client
and an Oracle Linux client.

Accessing Samba Shares From a Windows Client

To access a share on a Samba server from Windows, open Computer or Windows


Explorer, and enter the host name of the Samba server and the share name using
the following format:

\\server_name\share_name  Copy

If you enter \\server_name, Windows displays the directories and printers that
the server is sharing. You can also use the same syntax to map a network drive to a
share name.

Accessing Samba Shares From an Oracle Linux Client

To access a Samba share from an Oracle Linux host you can install the following
packages:

samba-client

Installing the samba-client package gives you the smbclient utility


that provides SFTP-like commands to access Samba shares. For example,
smbclient provides a get command for downloading a file from a
remote Samba share, and a put command for uploading a file.

cifs-utils

Installing the cifs-utils package enables you to mount a Samba


share.

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 13/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

Using smbclient Commands

The following steps give a brief overview of how you might use the smbclient
commands:

1. Log onto a share example_samba_share hosted on server


example_samba_server using account EXAMPLE.COM/user1:

 Copy
sudo smbclient -U "EXAMPLE.COM\user1" //example_samba

2. Change to directory location /directory1/ :

smb: \> cd /directory1/  Copy

3. Download file ExampleFile.txt:

smb: \directory1\> get ExampleFile.txt  Copy

4. End your session:

smb: \directory1\> exit  Copy

For more information, see the smbclient(1) manual page.

Mounting a Samba Share with cifs

To mount a Samba share, use a command similar to the following:

 Copy
sudo mount -t cifs //server_name/share_name mountpoint -o cr

In the previous command, the credentials file contains settings for username,
password, and domain:

username=username
password=password  Copy
domain=EXAMPLE.COM

The parameter to domain can be the name of a domain or a workgroup.

Caution: Because the credentials file contains a plain-text password, use


chmod to make it readable by only you, for example:

sudo chmod 400 credfile  Copy

If the Samba server is a domain member server in an AD domain, and your current
login session was authenticated by the Kerberos server in the domain, you can use
your existing session credentials by specifying the sec=krb5 option instead of a
credentials file:
© Oracle About Oracle Contact Us Products A-Z Terms of Use & Privacy Cookie Preferences Ad Choices

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 14/15
9/22/23, 3:15 PM Managing Samba in Oracle Linux

 Copy
sudo mount -t cifs //server_name/share_name mountpoint -o se

For more information, see mount.cifs(8) manual page.

 Previous Page Next Page 

https://docs.oracle.com/en/operating-systems/oracle-linux/9/shareadmin/shareadmin-ManagingSambainOracleLinux.html#topic_uxh… 15/15

You might also like