How to configure Samba Server share on Ubuntu 20.04 Focal Fossa Linux - LinuxConfig.org

The objective of this tutorial is to configure a basic Samba server to share user home directories as well as provide read-write anonymous access to selected directory. There are myriads of possible other Samba configurations, however the aim of this guide is to get you started with some basics which can be later expanded to implement more features to suit your needs.

---

This is a companion discussion topic for the original entry at https://linuxconfig.org/how-to-configure-samba-server-share-on-ubuntu-20-04-focal-fossa-linux

Hi

I am following the guide but at this point:

smbpasswd -a linuxconfig

I enter the password but then get the following:

Failed to add entry for user linuxconfig.

Any assistance would me much appreciated

Hi MorphZan,

Welcome to our forums.

While the tutorial uses the “linuxconfig” user as an example, it also states that it must be an existing user on your system. Did you create the user as described at the beginning of step 3 of the tutorial before running smbpasswd against it?

Awesome and easy to follow. i had issues on ubuntu 18 but this worked first go. Cheers!

Hi. Thanks for nice explanation. MY host machine is Windows 10 and I am using Ubuntu 20.04 on my virtual machine. My user name for VM & Samba server is same but password is different. I was able to follow and do the steps till Step 9 , but I struck at Step 10 on wards. I am not clear on what details need to be entered while mapping the network drive and what credentials to be used. I tried all possible combinations but unable to get it work. I am not clear on how to get the details for “Samba server IP address or hostname followed by the name of the user’s home directory.” Please help me in understanding the step clearly.

Hi,
I am unable to access my ubuntu files or folder from windows 10.
Please help me and how to fix it.

Here are configuration I did on the smb.conf file.

[homes]
comment = Home Directories
browseable = yes
read only = no
create mask = 0700
directory mask = 0700
valid users = %S
[public]
comment = public anonymous access
path = /home/shamir/SMB
browsable =yes
create mask = 0660
directory mask = 0771
writable = yes
guest ok = yes

I fixed this issue by following.

sudo useradd testsuer
then
sudo smbpasswd -a testuser

@Lubos Hello; so how to “share” a folder within the Host PC on Ubuntu? I do have a Folder within another hard drive /media/userx/Main_Media_4/Cloud_Folders_1/ and when I look under Properties > Permissions > Ownership > Groups, it is under userx, yet there is another option for “sambashare”. I would not like to change the owndership since there are other sync programs are already syncing to the hard drive (assumingly under userx Group) Thanx

…and in an idle moment I entered

sudo tasksel uninstall samba-server

and this removed the bulk of my Linux installation. (Focal Fossa Live Desktop).

I want to use this Ubuntu machine and Samba for file storage, and add a whole bunch of hard drives to this machine for network storage and local SMB streaming to KODI. Unfortunately I am not able to find any plain english step by step instructions for how to setup Samba Sharing to work with other drives. The only folders and files that will share are the ones located on the primary hard drive. I even have the permissions on that other hard drive set to allow read and write access. I was able to do that through Nautilus opening the root drive folder as administrator. Older articles online point to a [Media01] in the SMB.CONFIG file, but there is no such entry in the current SMB.CONFIG. I need step by step instructions. If you tell me to enter something, but don’t tell me where to enter it, you are not helping me, and this has been the problem I’ve been running in to with much of the how-to information I’ve found on this subject. I appreciate any help you can offer.

Hi B.L_Hobbs,

Welcome to our forums.

How are the additional hard drives mounted on your system?

I am using Linux Mint 20 and cannot access a print share of a Brother printer connected to a Windows 7 computer in the network.

I saw the tutorial, but cannot find any thing that can help because I am not trying to share the printer on my Mint computer.

I hear that Linux Mint has dropped all 32-bit libraries at 20, and cannot use the Brother printer drivers because those drivers only support 32-bit.

I did download and run the driver downloader from Brother’s site, but to no avail. The printer wizard acknowledges the print share name, but it does not print.

I hope I am not overstaying my welcome; I’m just looking for some information on how to use the Brother printer.

Thank you in advance for your help.

Hi Robert_Yu,

Welcome to our forums.

I did some search about your case, but only found stuff that goes with installing the printer’s driver, and that you already tried. So you see the print share, but can’t send any work to print, or you can also send stuff to print, but the printer does not process it?

That’s right.

i just found out that the printer does not have compatible drivers for the OS, and there is nothing I can do.

Thanks anyways.

The command:

sudo smbpasswd -a `whoami`

…causes the shell to (1) take note of what your username is in your Linux system, and then (2) use such username to create a new Samba user/account whose username is exactly the same.

This is achieved because the command whoami causes the Linux shell to output on the screen the username of the user/account (i.e. you) currently connected to such shell. So when you put such command between backticks (AKA grave accents, AKA backquotes) in another command (like e.g. smbpasswd) you end up causing the Linux shell to replace whoami with your username.

If e.g. your username in your Linux system is morphzan, then the command whoami will print morphzan on the shell screen, thus causing the command:

sudo smbpasswd -a `whoami`

…to become this, when you run it:

sudo smbpasswd -a morphzan

…which in turn is going to cause the smbpasswd program to (1) create a Samba user/account whose username is going to be morphzan and then (2) ask you to type a password for the Samba user/account morphzan.

Thank you for letting us know. After reading your comment, I decided to run:

sudo apt purge tasksel -y

…just in case.

I don’t use Windows, but I noticed some issues in your smb.conf configuration code:

1. You need to replace writable with writeable.
2. Delete the line where it reads read only, because the writeable parameter already defines if the share is going to be read-only or not.
3. Add write list = %s so the connected users will be allowed to write on the shared folder.
4. Add available = yes so the shared folder becomes accessible.
5. Add invalid users = root admin wheel @wheel in your [global] section, in order to improve the server’s protection against privilege escalation attacks.

After performing these adjustments, save your smb.conf file and then either run:

sudo systemctl restart smbd.service

or

sudo service smbd restart

…in order to restart your Linux Samba server daemon.

In case you’re still unable to access your shares from Windows, check your firewall configuration: maybe the culprit is your firewall blocking Samba’s ports. A typical firewall configuration for your Linux Samba server would be this:

1. Allow incoming traffic from all networking interfaces, from any IP (v4 and v6) source and any port to any IP (v4 and v6) destination on UDP ports 137 and 138; and
2. Allow incoming traffic from all networking interfaces, from any IP (v4 and v6) source and any port to any IP (v4 and v6) destination on TCP ports 139 and 445.

In case you’re using the UFW firewall and its GUFW frontend (on Ubuntu and other Debian-based distros, you can usually install them by issuing the command sudo apt-get install ufw gufw -y), you can add a Samba UDP rule and a Samba TCP rule.

Sample GUFW rule for Samba UDP access:

Name of the rule: Samba-UDP
Insert rule number: 0
Policy type: Allow
Direction of traffic: Incoming
Network interfaces affected: All
Type of logging: Log
Leave everything else empty except that in the Port field at the To: line you must add 137,138/udp and then click Add

Sample GUFW rule for Samba TCP access:

Name of the rule: Samba-TCP
Insert rule number: 0
Policy type: Allow
Direction of traffic: Incoming
Network interfaces affected: All
Type of logging: Log
Leave everything else empty except that in the Port field at the To: line you must add 139,445/tcp and then click Add

Make sure that GUFW’s main window shows its Status as “active” (“on”, i.e. the slidding button is located at the right side of the slider), Incoming is set as Deny and Outgoing is set as Allow.

I appreciate this guide and have had some success with it. I am able to access the public share, but not the home share. I set up my smb.conf in the same manner as yours, but the home share is not even there when I connect to the server from another Linux computer. Only the public one is there. Any ideas?

@electroman Here are the contents of a sample smb.conf file based on the (functional) one currently on my system (64-bit XUbuntu 20.04):

[global]
#Samba server
available = yes
server string = Samba %v
workgroup = homegroup
username map = /etc/samba/smbusers
invalid users = root admin wheel @wheel

#Connection
socket options = SO_KEEPALIVE SO_BROADCAST TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

#Samba Client lookups
hostname lookups = yes
name resolve order = host lmhosts wins bcast

#Allow guest account
guest ok = no
guest account = nobody

#Interfaces
interfaces = wlp3s0 enp0s10 127.0.0.1/255.0.0.0 192.168.50.1/254.255.255.0
bind interfaces only = yes

#Adding/removing users/groups/machines:
add user script = /usr/sbin/useradd -d /dev/null -c ‘Samba User Account’ -s /dev/null ‘%u’
delete user script = /usr/sbin/userdel ‘%u’
add group script = /usr/sbin/groupadd ‘%g’
delete group script = /usr/sbin/groupdel ‘%g’
add user to group script = /usr/sbin/useradd -d /dev/null -c ‘Samba User Account’ -s /dev/null -g ‘%g’ ‘%u’
delete user from group script = /usr/sbin/userdel ‘%u’ ‘%g’

#Passwords for user accounts (use EITHER pam OR tdbsam)
passwd program = /usr/bin/passwd ‘%u’
unix password sync = yes
passwd chat = Newpassword* %n\n ReTypenewpassword %n\n passwdchanged*\n
passwd chat timeout = 120
passdb backend = tdbsam
encrypt passwords = yes
obey pam restrictions = no
pam password change = no
client plaintext auth = no

#Machines
add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c ‘Samba Machine Account’ -s /dev/null -M ‘%u’
machine password timeout = 120
hosts allow = 127. 192.168.50.

#Shares
browseable = yes

#File name handling
mangled names = no
dos charset = CP850
unix charset = UTF-8
case sensitive = yes
follow symlinks = yes

#Logging
log file = /var/log/samba/samba.log
max log size = 1000

#Printing
load printers = yes
printcap name = cups
printing = cups
cups options = “raw”
printer = Deskjet_2500

#Browsing
local master = yes
domain master = auto
preferred master = auto
os level = 33

#Defaults (recommended when no Winblows system is in the workgroup)
security = user
dns proxy = yes
wins support = no
wins proxy = no
remote announce =
remote browse sync =
domain logons = no
client signing = auto
client schannel = auto
server signing = disabled
server schannel = auto
time server = no
disable netbios = yes
disable spoolss = yes

#Restrict access to only the smbd workgroup “homegroup”
allow trusted domains = no

##########
# The following parameters are currently invalid:
; update encrypted = yes
##########
# These parameters are unecessary when no host is running Winblows:
; template shell = /dev/null
; winbind use default domain = yes
; winbind separator = @
; winbind cache time = 360
; winbind trusted domains only = yes
; winbind nested groups = no
; winbind nss info = no
; winbind refresh tickets = no
; winbind offline logon = no
; winbind use default domain = yes
; logon drive = m:
; logon home = \%L\homes%u
; logon path = \%L\profiles%u
; logon script = %G.bat
; client use spnego = yes
; nt pipe support = yes
; nt status support = yes
; netbios name = hostname
##########
# These parameters are deprecated:
; idmap uid = 16777216-33554431
; idmap gid = 16777216-33554431
; winbind trusted domains only = yes
; username level = 0
; password level = 0
; display charset = UTF-8
##########

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
writeable = yes
available = no
browseable = no
printable = no
locking = yes
strict locking = no
valid users = electroman

[profiles]
comment = User Profiles
path = /var/lib/samba/profiles
writeable = yes
available = yes
browseable = no
printable = no
create mode = 0600
directory mask = 0700
locking = yes
strict locking = no
valid users = electroman

[pdf-documents]
path = /var/lib/samba/pdf-documents
comment = Converted PDF Documents
admin users = %U
available = yes
browseable = no
writeable = yes
guest ok = no
locking = yes
strict locking = no

[data]
path = /data
comment = data
valid users = electroman
write list = electroman
guest ok = no
writeable = yes
available = yes
browseable = yes
printable = no
locking = yes
strict locking = no

[desktop]
path = /home/electroman/Desktop
comment = desktop
valid users = electroman
write list = electroman
guest ok = no
writeable = yes
available = yes
browseable = yes
printable = no
locking = yes
strict locking = no

[downloads]
path = /home/electroman/Downloads
comment = downloads
valid users = electroman
write list = electroman
guest ok = no
writeable = yes
available = yes
browseable = yes
printable = no
locking = yes
strict locking = no

[temp]
path = /tmp
comment = temporary
valid users = electroman
write list = electroman
guest ok = no
writeable = no
available = yes
browseable = yes
printable = no
locking = yes
strict locking = no

Thank you! I will give it a good look and see if I can find the problem. I appreciate the help.