Geek Rewind

How to Create a Private Samba Share on Ubuntu 24.04

Richard

ยท

This article details installing and configuring a private Samba share on Ubuntu 24.04, allowing secure file sharing among designated users. It guides users through installing Samba, setting up permissions, and mapping shares on Windows, emphasizing configuration and group management for enhanced security and accessibility in a network environment.

This article explains how to install and create a Samba private share where access is granted to members only on Ubuntu 24.04.

Samba is an open-source software suite allowing for file and print sharing between computers running Linux/Unix and Windows. It uses the SMB/CIFS protocol, a network file-sharing protocol used by Windows to provide shared access to files and printers across a network.

Samba supports user accounts and password protection, allowing you to manage users and set permissions based on roles and needs. Creating a private Samba share can enhance security and simplify file management in a networked environment.

You can create public shares with Samba, but it’s not recommended in a secure environment.

Install Samba

To use Samba on Ubuntu, you must install its packages. It is not available on Ubuntu by default.

Run the command below to install Samba.

sudo apt update
sudo apt install samba

Create a share folder

After installing Samba, create the folder you want to share with members only. If you have an existing folder, then skip this section.

The folder (private) below will be visible and accessible to members only requiring authentication.

But before that, create a Samba member group. This group will contain all the users who should have access to the private folder.

sudo groupadd smbgroup

Then, create the private share and adjust the permission so only group members have access.

sudo mkdir /home/private
sudo chgrp smbgroup /home/private
sudo chmod 770 /home/private

Configure Samba

Now that Samba is installed and a share has been created, continue configuring Samba below.

Samba default configuration file is at [/etc/samba/smb.conf].

First, create a backup before editing it.

sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak

Then edit the file and adjust the highlighted settings below.

sudo nano /etc/samba/smb.conf

Adjust the settings below.

#======================= Global Settings =======================

[global]

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP

# server string is the equivalent of the NT Description field
   server string = %h server (Samba, Ubuntu)

#### Networking ####

# Uncomment and add your interface name
   
  interfaces = 127.0.0.0/8 ens33

# Uncomment this to bind to the named interfaces and/or networks

  bind interfaces only = yes


#======================= Share Definitions =======================
#
# Under share definitions, create your share with the folder above.

[Private]
   # require authentication
   security = user
   # specify shared directory
   path = /home/private
   # allow all to write
   writable = yes
   # deny guest user (nobody)
   guest ok = no
   # allow only smbgroup members
   valid users = @smbgroup
   # smbgroup will inherit new files/directories
   force group = smbgroup
   # set all new files to members only
   force create mode = 770
   # set all new folers to members only
   force directory mode = 770
   # inherit permissions from parent folder
   inherit permissions = yes

Save and exit the file.

Restart Samba.

sudo systemctl restart smbd

Create Samba users

Now that Samba is configured, follow the steps below to create accounts. These accounts are used to authenticate against Samba resources.

If you have an existing account, create a smbpasswd for the account.

sudo adduser sambauser
sudo smbpasswd -a sambauser

Type and configure a new password for the account.

Finally, add the user account to the Samba group account created above.

sudo usermod -aG smbgroup sambauser

Samba share is created. Users on the same network should be able to browse and locate the shared folder.

Map Samba shares on Windows

Windows users can map the shares using the ‘Map network drives‘ wizard.

Right-click the Network folder in File Explorer and select “Map network drives.”

Map network drives Windows 11

Enter the server name followed by the share name.

\\srv1.example.comshare
Map network drives Windows 11 shares

When prompted, enter the Samba account created above.

Samba user access prompt

After that, the share should be mapped to your Windows machine.

Map network drives Windows 11 complete

That should do it!

Conclusion:

  • Samba provides an effective way to share files and printers between Linux/Unix and Windows systems.
  • Creating a private Samba share enhances security by restricting access to authorized users only.
  • The installation and configuration of Samba on Ubuntu 24.04 ensures that only members of a specified group can access the shared resources.
  • Users can easily map the Samba share on Windows, facilitating seamless access to shared files.
  • Regular management of user accounts and permissions is crucial to maintaining the integrity and security of the shared environment.
,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *