Few days ago we showed students and new users how to create public Samba shares on Ubuntu 17.04 | 17.10 systems. The public share had no restrictions. Everyone and anyone could create, modify and delete content from the share.
In some environments, this setup is not very common. There has to be some level of restrictions to protect some information or so data can’t get deleted mistakenly. This brief tutorial is going to show you how to create private shares so only those with permissions can create, modify or delete content from there.
For those who don’t know, Samba is a opensource implementation of Microsoft SMB/CIFS protocol. It provides fast and secure files and print services for clients using the SMB/CIFS protocol. Simply put, it provides files and printer sharing between clients and servers.
To read our previous post on Samba, please click the link below.:
To get started with creating private shares on Samba, follow the steps below:
To get started with creating a public share that can be fully accessed by everyone, continue with the steps below:
STEP 1: INSTALL SAMBA
The first thing you’ll need to do is install Samba. To install it run the commands below.
sudo apt-get update sudo apt-get install samba
The commands above install Samba and all other dependencies.
STEP 2: CREATE THE PRIVATE FOLDER
First, create the folder you want to share with select group of people. The folder can be anywhere but set its permission so that everyone can access it. For this this tutorial, our share folder will be called Private and created in the /home directory…
Run the commands below to create the folder you wish to share.
sudo mkdir /home/Private
Then set the share permission so that only members of a select group will have access to it…
Step 3: Create a private group
After creating the private share above, you should then create a private group that should have access to the shared folder. Only members in the group will be able to access or delete content.
Run the commands below to create a group called security
sudo groupadd security
Next, grant the group access to the folder.
sudo chgrp security /home/Private sudo chmod -R 0770 /home/Private
STEP 4: CONFIGURE SAMBA
Now that Samba is installed, you must now configure it to provide file and print services to clients. This can be done by editing its default configurations file. First create a backup of the configuration file by running the commands below.
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
Next, run the commands below to open/create a new configuration file.
sudo nano /etc/samba/smb.conf
Then add the content below into the file and save. Our share will be called Private as defined in the settings below [Private]
[global] workgroup = WORKGROUP server string = Samba Server %v netbios name = ubuntu security = user map to guest = bad user name resolve order = bcast host dns proxy = no bind interfaces only = yes # add to the end [Private] path = /home/Private writable = yes guest ok = no read only = no browsable = yes create mode = 0777 directory mode = 0777 valid users = @security
Save the file and exit
Step 5: Add members to group
Now that you’ve created and private group and only want certain users as member, run the commands below for each user you want to add to the group.
sudo usermod -aG security richard
The commands above add the user name richard to the security group.
Then run the commands below for each member of the group to create a Samba password. This is required.
sudo smbpasswd -a richard
When prompted, create and confirm a new password for richard account.
STEP 6: RESTART SAMBA
After configuring the setting above, restart Samba by running the commands below.
sudo systemctl restart smbd
Now go and test the share using richard account.
Type the account name and password to access.
You can also map the network location
Access the mapped drive anytime from Windows
You may also like the post below: