🎶 Samba / CIFS

1[home]
2Workgroup=WORKGROUP (le grp par defaul sur windows)
3Hosts allow = ...
4[shared]
5browseable = yes
6path = /shared
7valid users = user01, @un_group_au_choix
8writable = yes
9passdb backend = tdbsam #passwords are stored in the /var/lib/samba/private/passdb.tdb file.

 1# create an user
 2useradd -s /sbin/nologin user01
 3
 4# Add user with samba client
 5smbpasswd -a user01
 6
 7# Delete user 
 8smbpasswd -x user01
 9
10# Start Samba
11systemctl enable smb nmb 
12systemctl start smb nmb 

1yum install -y setroubleshoot-server
2semanage fcontext -a -t samba_share_t "/shared(/.*)?"
3restorecon -RFv  /shared
4
5# set boolean for smbd_anon_write
6
7# user connexion to get its homedir
8setsebool -P samba_enable_home_dirs=on  

1firewall-cmd --permanent --add-service=samba
2firewall-cmd --reload

1mount -o username=fred credentials=xxx //server/shared  /point/mnt

1mount -o multiuser, sec=ntlmssp, username=fred //server/shared  /point/mnt    
2 |__ premier connexion fait avec le compte root pour un des user samba (celui qui a le moins de droits)
3			|__ cifscreds (-u user) add / update / clear server7  : les autres users peuvent se connecter a ce partage

 1net -s /etc/samba/smb.conf ads join createcomputer='OU=DC-Unix-Servers,OU=Computers,OU=Common Services,DC=net1,DC=example,DC=com' -Uramdomuser
 2Enter ramdomuser's password:
 3Using short domain name -- NET1
 4Joined 'SERVER' to dns domain 'net1.example.com'
 5kerberos_kinit_password SERVER$@NET1.EXAMPLE.COM failed: Client not found in Kerberos database
 6DNS Update for server.example.com failed: ERROR_DNS_GSS_ERROR
 7DNS update failed!
 8
 9net -d5 -s /etc/samba/smb.conf ads join createcomputer='OU=DC-Unix-Servers,OU=Computers,OU=Common Services,DC=net1,DC=example,DC=com' -Uxxxxxxxx
10
11net ads testjoin
12Join is OK