Additional configuration for Samba Server (Part 2)

Additional configuration for Samba Server

Creating & Managing Users & Groups:

Step-1: Create A Group Named “samba-users” & define a directory Named “Resources” for sharing resources.

[root@srv1 ~]# groupadd samba-users

[root@srv1 ~]# mkdir /opt/Resources

Step-2: Create some samba users with password & add them into “samba-users” group also defines the “Resources” directory for those users.

[root@srv1 ~]# useradd –g samba-users –d /opt/Resources user1

[root@srv1 ~]# useradd –g samba-users –d /opt/Resources user2

[root@srv1 ~]# useradd –g samba-users –d /opt/Resources administrator

[root@srv1 ~]# smbpasswd –a user1

[root@srv1 ~]# smbpasswd –a user2

[root@srv1 ~]# smbpasswd –a administrator

Step-3: Set samba “root” password for login as “root” user from both windows & Linux machine.

[root@srv1 ~]# smbpasswd –a root

Step-4: Assign the appropriate permission for “Resources” directory against those users.

[root@srv1 ~]# chown root:samba-users /opt/Resources/

[root@srv1 ~]# chmod 750 /opt/Resources/

Step-5: Now create some sub directory into “Resources” directory named “Documents”, “Software”, & “Others”

[root@srv1 ~]# mkdir –p /opt/Resources/Documents

[root@srv1 ~]# mkdir –p /opt/Resources/Software

[root@srv1 ~]# mkdir –p /opt/Resources/Others

Step-6: Now set the permission for those sub directories that owner can read, write & delete but others users can not delete the files but should have read & write permission.

[root@srv1 ~]# chown root:samba-users /opt/Resources/Documents

[root@srv1 ~]# chown root:samba-users /opt/Resources/Software

[root@srv1 ~]# chown root:samba-users /opt/Resources/Others

[root@srv1 ~]# chmod 1770 /opt/Resources/Documents

[root@srv1 ~]# chmod 1770 /opt/Resources/Software

[root@srv1 ~]# chmod 1770 /opt/Resources/Others

Step-7: Now create an anonymous accessible directory with read & write permission that anonymous user can access this directory

[root@srv1 ~]# mkdir /opt/Public

[root@srv1 ~]# groupadd anonymous-users

[root@srv1 ~]# useradd –g anonymous-users –d /opt/Public guest

[root@srv1 ~]# useradd –g anonymous-users –d /opt/Public nobody

[root@srv1 ~]# chown root:anonymous-users /opt/Public/

[root@srv1 ~]# chmod 777 /opt/Public/

Step-8: Set blank password for anonymous users that they can access this folder without password

[root@srv1 ~]# smbpasswd –a guest

[root@srv1 ~]# smbpasswd –a nobody

Tips: [One complication is fact that Windows encrypts user passwords differently from Unix/Linux - it uses NTLM hash, rather than the MD5 has commonly found in Linux. Worse still, both of these are one-way algorithms - in other words, there's no way to decrypt the NTLM hash to get back the plaintext password and then re-encrypt that with MD5 to compare against the Linux shadow password file. ]