How to Setup Samba Server in RHEL, Rocky Linux and AlmaLinux

Sharing files is an essential part of server administration. It allows sharing of resources across the network which are needed by users to carry out their tasks. One of the widely used file-sharing software is Samba.

Samba, a re-implementation of the popular SMB (server message block) protocol, is a stable and free application that allows sharing of files and print services across a network. The software is installed on a central Linux server from which shared files can be accessed from both Linux and Windows systems.

In this guide, we will walk you through the installation of the Samba Server on RHEL-based distributions such as CentOS Stream, Rocky Linux, and AlmaLinux.

Step 1: Install Samba on Linux

To get started out with Samba, install the Samba core packages including the client package:

$ sudo dnf install samba samba-common samba-client 

The command installs the packages specified along with the dependencies as displayed on the output. After the installation is complete, you will get a summary of all the packages that have been installed.

Step 2: Create and Configure Samba Shares

Once all the samba packages have been installed, the next step is to configure the samba shares. A samba share is simply a directory that is going to be shared across client systems in the network.

Here, we are going to create a samba share called /data in the /srv/tecmint/ directory path.

$ sudo mkdir -p /srv/tecmint/data

Next, we will assign permissions and ownership as follows.

$ sudo chmod -R 755 /srv/tecmint/data
$ sudo chown -R  nobody:nobody /srv/tecmint/data
$ sudo chcon -t samba_share_t /srv/tecmint/data

Next, we are going to make some configurations in the smb.conf configuration file which is Samba’s main configuration file. But before we do so, we will back up the file by renaming it with a different file extension.

$ sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak

Next, we are going to create a new configuration file.

$ sudo vim /etc/samba/smb.conf

We will define policies on who can access the samba share by adding the lines shown in the configuration file.

[global]
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = rocky-8
security = user
map to guest = bad user
dns proxy = no
ntlm auth = true



[Public]
path =  /srv/tecmint/data
browsable =yes
writable = yes
guest ok = yes
read only = no

Save and exit the configuration file.

To verify the configurations made, run the command:

$ sudo testparm

Next, start and enable Samba daemons as shown.

$ sudo systemctl start smb
$ sudo systemctl enable smb
$ sudo systemctl start nmb
$ sudo systemctl enable nmb

Be sure to confirm that both the smb and nmb daemons are running.

$ sudo systemctl status smb
$ sudo systemctl status nmb

To enable access to samba share from remote Windows systems, you need to open the samba protocol on the firewall.

$ sudo firewall-cmd --permanent --add-service=samba
$ sudo firewall-cmd --reload
$ sudo firewall-cmd --list-services

Step 3: Accessing Samba Share from Windows

Thus far, we have installed samba and configured our samba share. We are now ready to access it remotely. To do this on a Windows client, press the Windows logo key + R to launch the Run dialog.

In the textfield provided, enter the samba server’s IP address as shown:

\\server-ip

The following window labeled ‘Public’ will pop up. Remember, this is the directory that points to our samba share in the /srv/tecmint/data directory.

Currently, our directory is empty as we have not created any files. So, we will head back to our terminal and create a few files in the samba share directory.

$ cd /srv/tecmint/data
$ sudo touch file{1..3}.txt

Now, we will navigate to the ‘Public‘ folder where the files we created earlier will be displayed.

Perfect. We have successfully managed to access our samba share. However, our directory is accessible to anyone and everybody can edit and delete files at will, which is not recommended especially if you plan to host sensitive files.

In the next step, we will demonstrate how you can create and configure a secure samba share directory.

Step 4: Secure Samba Share Directory

First, we will create a new samba user.

$ sudo useradd smbuser

Next, we will configure a password for the samba user. This is the password that will be used during authentication.

$ sudo smbpasswd -a smbuser

Next, we will create a new group for our secure samba share and add the new samba user.

$ sudo groupadd smb_group
$ sudo usermod -g smb_group smbuser

Thereafter, create yet another samba share which will be securely accessed. In our case, we have created another directory in the same path as the

$ sudo mkdir -p  /srv/tecmint/private

Then configure the file permissions for the samba share

$ sudo chmod -R 770 /srv/tecmint/private
$ sudo chcon -t samba_share_t /srv/tecmint/private
$ sudo chown -R root:smb_group /srv/tecmint/private

Once again, access the Samba configuration file.

$ sudo vim /etc/samba/smb.conf

Add these lines to define to secure samba share.

[Private]
path = /srv/tecmint/private
valid users = @smb_group
guest ok = no
writable = no
browsable = yes

Save the changes and exit.

Finally, restart all the samba daemons as shown.

$ sudo systemctl restart smb
$ sudo systemctl restart nmb

When you access your server this time around, you will notice an additional ‘Private‘ folder. To access the folder, you will be required to authenticate with the Samba user’s credentials. Provide the username and password of the user you created in the previous step and click ‘OK’.

Step 5: Accessing Samba Share from Linux Client

To access the share from a Linux client, first, ensure that the Samba client package is installed.

$ sudo dnf install samba-client 

Then use the smbclient command as follows

# smbclient ‘\2.168.43.121\private’ -U smbuser

And this concludes this guide on setting up Samba on RHEL, CentOS Stream, Rocky Linux, and AlmaLinux. Your feedback on this guide will be highly appreciated.