Fedora 17 Samba Standalone Server With tdbsam Backend

This guide  explains the installation of a Samba fileserver on Fedora 17 and  to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. In the resulting setup, every user has his own home directory accessible via the SMB protocol and all users have a shared directory with read-/write access.

1 Preliminary Note

a Fedora 17 system here with the hostname server1.example.com and the IP address 192.168.0.100

SELinux should be  disabled

Edit /etc/selinux/config and set SELINUX=disabled
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
must reboot the system
reboot

2 Installing Samba

Connect server on the shell and install the Samba packages

yum install cups-libs samba samba-common

Edit the smb.conf file

vi /etc/samba/smb.conf

see the following lines in the [global] section

[...]
# ----------------------- Standalone Server Options ------------------------
#
# security = the mode Samba runs in. This can be set to user, share
# (deprecated), or server (deprecated).
#
# passdb backend = the backend used to store user information in. New
# installations should use either tdbsam or ldapsam. No additional configuration
# is required for tdbsam. The "smbpasswd" utility is available for backwards
# compatibility.
#

        security = user
        passdb backend = tdbsam





[...]
Linux system users to log in to the Samba server
system startup links for Samba and start it
systemctl enable smb.service
 systemctl start smb.service

3 Adding Samba Shares

add a share that is accessible by all users

directory for sharing the files and change the group to the users group

mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/

end of the file /etc/samba/smb.conf add the follows

vi /etc/samba/smb.conf

[...]
[allusers]
  comment = All Users
  path = /home/shares/allusers
  valid users = @users
  force group = users
  create mask = 0660
  directory mask = 0771
  writable = yes
to read and write to their home directories via Samba follow the below codes
[...]
[homes]
   comment = Home Directories
   browseable = no
   valid users = %S
   writable = yes
   create mask = 0700
   directory mask = 0700
restart Samba
systemctl restart smb.service

4 Adding And Managing Users

add a user named tom. You can add as many users as you need in the same way, just replace the username tom with the desired username in the commands

useradd tom -m -G users

password for tom in the Linux system user database. If the user tom should not be able to log into the Linux system, skip this step

passwd tom

password for the new user

add the user to the Samba user database:

smbpasswd -a tom

-> Enter the password for the new user.

Now you should be able to log in from your Windows workstation with the file explorer (address is \\192.168.0.100 or \\192.168.0.100\tom for tom’s home directory) using the username tom and the chosen password and store files on the Linux server either in tom’s home directory or in the public shared directory