Create a Shared Directory on Samba AD DC and Map to Windows_Linux Clients

In this tutorial, we will be setting up a shared directory on a Samba Active Directory Domain Controller (AD DC) and mapping it to Windows and Linux clients. This will allow users to access and share files between their computers easily and securely. Samba is an open-source software suite that provides file and print services on various operating systems, including Windows and Linux. Active Directory (AD) is a directory service developed by Microsoft, which is used to manage and authenticate network resources. Combining Samba and AD creates a powerful and flexible file-sharing solution for organizations of all sizes.

Prerequisites

Before we get started, make sure you have the following

• A Linux server with Samba and Active Directory installed and configured.

• One or more Windows and Linux clients that are joined to the AD domain.

• Administrative privileges on the Samba AD DC server.

• Network connectivity between the server and client machines.

Creating a Shared Directory

To create a shared directory, we will need to create a directory on the Samba AD DC server and set the appropriate permissions. We will also need to configure Samba to share the directory with clients on the network.

Step 1: Create a Directory

First, create a directory for the shared files. For example, we will create a directory called shared in the root directory

sudo mkdir /shared

Step 2: Set Permissions

Next, we need to set the appropriate permissions for the directory. We will create a new group called sambausers and add the necessary users to this group. Then we will set the group ownership of the shared directory to sambausers and give the group read-write-execute permissions.

sudo groupadd sambausers
sudo usermod -aG sambausers username1
sudo usermod -aG sambausers username2
sudo chown -R :sambausers /shared
sudo chmod -R 770 /shared

Replace username1 and username2 with the actual usernames of the users who need access to the shared directory.

Step 3: Configure Samba

Next, we need to configure Samba to share the shared directory with clients on the network. Open the Samba configuration file for editing

sudo nano /etc/samba/smb.conf

Add the following configuration at the end of the file

[shared]
comment = Shared directory
path = /shared
read only = no
valid users = @sambausers
browseable = yes
writable = yes
create mask = 0660
directory mask = 0770

Save and close the file. The additional parameters ensure proper file permissions and visibility.

Step 4: Restart Samba

Restart the Samba service for the changes to take effect

sudo systemctl restart smbd
sudo systemctl restart nmbd

Mapping the Shared Directory to Windows Clients

Now that we have set up the shared directory on the Samba AD DC server, we can map it to Windows clients.

Step 1: Open File Explorer

Open File Explorer on the Windows client machine.

Step 2: Map the Network Drive

Click on This PC in the left-hand navigation pane, then click on Map network drive in the ribbon menu.

Step 3: Specify the Network Location

In the Map Network Drive dialog box, specify the network location of the shared directory. For example, if the Samba AD DC server has the IP address 192.168.1.10, the network location would be

\192.168.1.10\shared

Alternatively, you can use the server's hostname instead of the IP address.

Step 4: Specify Credentials

Check the Connect using different credentials checkbox and enter the username and password of a user account that belongs to the sambausers group with permission to access the shared directory.

Step 5: Complete the Mapping

Click Finish to complete the process. You should now see the shared directory as a mapped network drive in Windows Explorer with an assigned drive letter.

Mapping to Linux Clients

To map the shared directory to Linux clients, you can use the mount command. The mount command is used to mount file systems, including network file systems, in the Linux operating system.

Step 1: Install CIFS Utilities

First, you need to install the cifs-utils package, which provides support for mounting CIFS/SMB file systems in Linux

sudo apt-get install cifs-utils

For Red Hat-based systems, use

sudo yum install cifs-utils

Step 2: Create a Mount Point

Next, create a directory to use as the mount point for the shared directory

sudo mkdir /mnt/shared

Step 3: Mount the Shared Directory

Use the mount command to mount the shared directory

sudo mount -t cifs //192.168.1.10/shared /mnt/shared -o username=username,password=password,domain=ad_domain,uid=1000,gid=1000

Replace 192.168.1.10 with the IP address of the Samba AD DC server, username with a valid domain user, password with the user's password, and ad_domain with the name of the Active Directory domain.

Step 4: Verify the Mount

Use the df command to verify that the shared directory is mounted

df -h | grep shared

You should see the shared directory listed as a mounted file system.

Persistent Mounting on Linux

To automatically mount the shared directory on system boot, add an entry to the /etc/fstab file

//192.168.1.10/shared /mnt/shared cifs username=username,password=password,domain=ad_domain,uid=1000,gid=1000 0 0

For security reasons, consider storing credentials in a separate file with restricted permissions instead of including them directly in fstab.

Troubleshooting Common Issues

• Access denied errors Verify that the user account is in the sambausers group and has proper permissions.

• Mount failures on Linux Check that cifs-utils is installed and the server is reachable.

• Windows mapping issues Ensure the Windows client is properly joined to the AD domain.

Conclusion

By following these steps, you can easily create a shared directory on a Samba AD DC server and map it to Windows and Linux clients. This provides a centralized location for users to store and share files, improving collaboration and productivity in your organization. The integration of Samba with Active Directory ensures seamless authentication and access control across mixed-platform environments.