===Overview===
Samba allows you to share data between servers. Like the NFS, Samba requires a server and a client configuration.
===Server Configuration===
The samba can be installed using the yum repository:
[root@ag-hk-backup1 ~]# yum install samba
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.01link.hk
* extras: centos.01link.hk
* updates: centos.01link.hk
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:4.7.1-6.el7 will be installed
--> Processing Dependency: samba-libs = 4.7.1-6.el7 for package: samba-4.7.1-6.el7.x86_64
--> Processing Dependency: samba-common-tools = 4.7.1-6.el7 for package: samba-4.7.1-6.el7.x86_64
--> Processing Dependency: samba-common-libs = 4.7.1-6.el7 for package: samba-4.7.1-6.el7.x86_64
--> Processing Dependency: samba-common = 4.7.1-6.el7 for package: samb
Dependencies Resolved
============================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================
Installing:
samba x86_64 4.7.1-6.el7 base 661 k
Installing for dependencies:
pytalloc x86_64 2.1.10-1.el7 base 17 k
samba-common-libs x86_64 4.7.1-6.el7 base 162 k
samba-common-tools x86_64 4.7.1-6.el7 base 463 k
samba-libs x86_64 4.7.1-6.el7 base 275 k
Updating for dependencies:
dbus x86_64 1:1.10.24-7.el7 base 245 k
dbus-libs x86_64 1:1.10.24-7.el7 base 169 k
krb5-libs x86_64 1.15.1-19.el7 updates 747 k
krb5-workstation x86_64 1.15.1-19.el7 updates 814 k
libkadm5 x86_64 1.15.1-19.el7 updates 175 k
libldb x86_64 1.2.2-1.el7 base 131 k
libsmbclient x86_64 4.7.1-6.el7 base 132 k
libtalloc x86_64 2.1.10-1.el7 base 33 k
libtdb x86_64 1.3.15-1.el7 base 48 k
libtevent x86_64 0.9.33-2.el7 base 37 k
libwbclient x86_64 4.7.1-6.el7 base 107 k
samba-client-libs x86_64 4.7.1-6.el7 base 4.8 M
samba-common noarch 4.7.1-6.el7 base 205 k
Transaction Summary
============================================================================================================================================================================
Install 1 Package (+ 4 Dependent packages)
Upgrade ( 13 Dependent packages)
Installed:
samba.x86_64 0:4.7.1-6.el7
Dependency Installed:
pytalloc.x86_64 0:2.1.10-1.el7 samba-common-libs.x86_64 0:4.7.1-6.el7 samba-common-tools.x86_64 0:4.7.1-6.el7 samba-libs.x86_64 0:4.7.1-6.el7
Dependency Updated:
dbus.x86_64 1:1.10.24-7.el7 dbus-libs.x86_64 1:1.10.24-7.el7 krb5-libs.x86_64 0:1.15.1-19.el7 krb5-workstation.x86_64 0:1.15.1-19.el7
libkadm5.x86_64 0:1.15.1-19.el7 libldb.x86_64 0:1.2.2-1.el7 libsmbclient.x86_64 0:4.7.1-6.el7 libtalloc.x86_64 0:2.1.10-1.el7
libtdb.x86_64 0:1.3.15-1.el7 libtevent.x86_64 0:0.9.33-2.el7 libwbclient.x86_64 0:4.7.1-6.el7 samba-client-libs.x86_64 0:4.7.1-6.el7
samba-common.noarch 0:4.7.1-6.el7
Complete!
===Location Configuration===
After the installation, you have to edit the configuration file, located in: /etc/samba/smb.conf
Here you can see an example of smb.conf file:
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = SAMBA
security = user
server role = standalone
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
create mask = 0664
directory mask = 0775
[casino]
comment = Casino Backups
browseable = no
read only = no
create mask = 0700
directory mask = 0700
path = /backup/databases/ <- Shared location
valid users = mssql <- Users allowed to use the shared location.
===User Configuration===
Once we have it set up, we have to configure samba user, the same as the valid users, depending on the configuration you want:
Let's configure a single user.
[root@ag-hk-backup1 databases]# groupadd backup
[root@ag-hk-backup1 databases]# useradd mssql -G backup
[root@ag-hk-backup1 databases]# smbpasswd -a mssql
New SMB password:
Retype new SMB password:
Added user mssql.
[root@ag-hk-backup1 databases]# ls -alrt
This will define a UNIX group "backup" and a user "mssql" to that group. After, we set up a password for that user in Samba using the "smbpasswd" command. Remember tat if the user is used for SQL Server backup, the password for the samba user (mssql) should be the same as the mssql user on the Windows server.
===Permission Configuration===
Be sure to define the permission for the shared location, in order to prevent other users from modifying the shared location:
[root@ag-hk-backup1 databases]# chown mssql:mssql ag-ph-csql1
[root@ag-hk-backup1 databases]# ls -lart
total 36
drwxr-xr-x. 2 mssql mssql 4096 Aug 24 2017 ag-ph-csql1
===Start Service===
After the samba is configure we can start the samba service:
[root@ag-hk-backup1 databases]# service smb restart
Redirecting to /bin/systemctl restart smb.service
[root@ag-hk-backup1 databases]#
===Client Configuration===
On the Client server (Windows), we can just access it using the windows explorer.
===Monitoring===
You can monitor the sessions and connections of the samba share as follows:
[root@ag-hk-backup1 casino]# smbstatus -v
using configfile = /etc/samba/smb.conf
Samba version 4.7.1
PID Username Group Machine Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
13793 mssql mssql 10.80.5.100 (ipv4:10.80.5.100:50122) SMB3_02 - partial(AES-128-CMAC)
Service pid Machine Connected at Encryption Signing
---------------------------------------------------------------------------------------------
casino 13793 10.80.5.100 Fri Aug 10 11:30:05 AM 2018 CEST - -
Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
13793 1000 DENY_NONE 0x100080 RDONLY NONE /backup/databases/ag-ph-csql1 . Fri Aug 10 11:30:05 2018
13793 1000 DENY_ALL 0x12019f RDWR LEASE(RWH) /backup/databases/ag-ph-csql1 casino/casino_backup_2018_08_10_093001_1467163.bak Fri Aug 10 11:30:27 2018