How to mount Windows share via cifs in RHEL system and allow write permission to users ?
Environment
- Red Hat Enterprise Linux
Issue
- How to mount Windows share via cifs in RHEL system and allow write permission to users ?
Resolution
- Create a test and test1 user:
$ cat /etc/passwd | grep "test\|test1"
test:x:500:500::/home/test:/bin/bash
test1:x:501:501::/home/test1:/bin/bash
- Create a group group1 and add test and test1 in this group:
# groupadd group1
# usermod -G group1 test
# usermod -G group1 test1
# cat /etc/group | grep group1
group1:x:502:test,test1
- Mount windows share using below command:
# mount -t cifs //192.168.0.1/test /media/ -o gid=502,dir_mode=0775,file_mode=0664,username=administrator,pass=redhat
# ll /media/ -d
drwxrwxr-x. 1 root group1 0 Apr 26 03:02 /media/
-
Now the /media directory is writeable by group1 members.
-
Login via test and test1 user and try to write file:
test:
$ id
uid=500(test) gid=500(test) groups=500(test),502(group1) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test@rhel6-server ~]$ cd /media/
[test@rhel6-server media]$ touch file
[test@rhel6-server media]$ ll file
-rw-rw-r--. 1 root group1 0 Apr 26 03:25 file
test1:
$ id
uid=501(test1) gid=501(test1) groups=501(test1),502(group1) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test1@rhel6-server ~]$ cd /media/
[test1@rhel6-server media]$ touch file1
[test1@rhel6-server media]$ ll file1
-rw-rw-r--. 1 root group1 0 Apr 26 03:25 file1
- Now login via some other user who is not member of group1:
$ id
uid=502(test2) gid=503(test2) groups=503(test2) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test2@rhel6-server ~]$ cd /media/
[test2@rhel6-server media]$ touch file2
touch: cannot touch `file2': Permission denied
Diagnostic Steps
$ smbclient -A smbclient_authentication.txt \\<server IP>\\sharedrive -c "put program_file"
session setup failed: NT_STATUS_LOGON_FAILURE
- Tcpdump output:
019 31.266667 192.168.0.1 -> 192.168.0.2 TCP 66 38509 > microsoft-ds [ACK] Seq=195 Ack=195 Win=15744 Len=0 TSval=2518873651 TSecr=4164380
8020 31.266903 192.168.0.1 -> 192.168.0.2 SMB 232 Session Setup AndX Request, NTLMSSP_NEGOTIATE
8021 31.270391 192.168.0.2 -> 192.168.0.1 SMB 536 Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED
8022 31.270613 192.168.0.1 -> 192.168.0.2 SMB 332 Session Setup AndX Request, NTLMSSP_AUTH, User: MYGROUP\3dlab
8027 31.277091 192.168.0.2 -> 192.168.0.1 SMB 105 Session Setup AndX Response, Error: STATUS_LOGON_FAILURE
- "smbclient -L 170.166.XX.XX -U 3dlab" command is taking User as "MYGROUP\3dlab" as per tcpdump output. After that windows server is replying LOGON failure that means credential is not proper. Specify workgroup in 'smbclient' command:
$ smbclient -L <Windows IP address> -U 3dlab -W <workgroup>
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments