Having problems setting up a Samba file share
Hi, I am having issues setting up a samba file share. The server is redhat 7.4. I am also testing on a 7.2 server and having the same problems.
I am trying to set up file shares that can be accessed from Windows PC's.
I connected the server to our work domain using realmd. So it can be logged into using domain credentials.
I have tried setting up the shares to be accessible but just keep being prompted for a username and password when trying to browse to the mapped drive. I have tried it both using the a domain group and even just a local user on the server. Have done the same on the 7.2 server.
No matter what I try I just keep getting prompted for a username and password and no passwords work.
Is this a common thing to happen? Been through too many "how to" guides now and nothing works.
Responses
What's in your current /etc/samba/smb.conf file? Will the testparm command display any errors?
testparm -sv > /tmp/all-samba-settings.txt can be used to dump a full listing of Samba configuration settings, including those that are at factory defaults.
What versions of Windows are used in the client PCs?
RHEL 7.x has SELinux enabled by default. If you haven't disabled it, have you set an appropriate SELinux filesystem labels for the share? For a quick test, you can tell SELinux to allow sharing everything by Samba by this command:
setsebool -P samba_export_all_rw 1
Replace 1 with 0 to return to default settings.
See "man smbd_selinux" for more details (run yum install selinux-policy-devel to get the SELinux man pages.)
Are the filesystem-level permissions set correctly to allow access to /smbdemo and /filesharetest/testfolder for the respective users? Since you said you can login to the system with domain credentials, you probably can do chgrp "server administrators@domain.net" /filesharetest/testfolder.
validusers is not a documented keyword in smb.conf - it should be valid users.
Note that when you're connecting to a Samba share using a server-local account, you'll need to specify the username in the Windows client as servername\sambauser, because that's how the SMB protocol wants it. The servername\ part is necessary to allow the system to understand that you mean the local user and not domain\sambauser aka sambauser@domain.net. If you don't specify a domain, the Windows client will "helpfully" fill in the client's default domain for you.
The share section [filesharetest/testfolder] is problematic, as it would map to a share named \\servername\filesharetest/testfolder\ when expressed in Windows/Samba native way. The name of the section [within the brackets] will be the name of the share, and a forward slash is not an allowed character in Windows filenames. The path = defines the actual filesystem path of the shared directory: it does not have to have anything to do with the share name.
(Just like on Windows it's possible to share D:\foo as \\servername\bar if you want.)
The "not allowing multiple connections" bit was probably because you had made many attempts and were trying to, as far as Samba was concerned, trying to establish connections from the same client to the same server and/or share as two different users at the same time, without fully disconnecting the previous attempt first. That's more of a SMB protocol limitation: if you try it with a Windows server, you'll find it will give you an error message about that too.
The workgroup = setting is mostly relevant with obsolete Windows NT-style domain connections and peer-to-peer style Windows networking only. You should be able to log in to a server that has a totally unrelated workgroup = setting, as long as you specify the appropriate Windows domain name (or server name with server-local accounts) along with your username. I think it's more likely that restarting Samba after changing smb.conf terminated all your previous connection attempts, and your next attempt was successful because of that.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.