Samba Installation and User Authorization on Ubuntu 24.04

Samba Installation and User Authorization on Ubuntu 24.04

This document provides a step-by-step guide for installing and configuring the Samba service on an Ubuntu 24.04 server, including granting a user access to a specific shared directory (e.g., for storing 5651 logs).

1. System Update and Required Packages

sudo apt update && sudo apt upgrade -y
sudo apt install samba -y

2. Create the Shared Directory

sudo mkdir -p /srv/samba/share5651
sudo chown root:root /srv/samba/share5651
sudo chmod 755 /srv/samba/share5651

3. Create the Samba User

sudo adduser berqlog
sudo smbpasswd -a berqlog

Note: Ensure the password is set for both the system and Samba.

4. Edit Samba Configuration File

Edit /etc/samba/smb.conf with the following content:

[global]
    workgroup = WORKGROUP
    netbios name = COMPANY_SMB
    server string = Company Log Server
    security = user
    map to guest = Bad User
    dns proxy = no
    server min protocol = NT1
    ntlm auth = yes
    log file = /var/log/samba/log.%m
    max log size = 1000
    logging = file
    panic action = /usr/share/samba/panic-action %d
    server role = standalone server
    obey pam restrictions = yes
    unix password sync = yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    pam password change = yes
    usershare allow guests = no
    idmap config * : backend = tdb

[share5651]
    path = /srv/samba/share5651
    read only = no
    valid users = berqlog
    create mask = 0644
    directory mask = 0755
    browseable = yes
    guest ok = no

5. Test the Configuration

testparm

Make sure there are no syntax errors.

6. Restart Samba Service

sudo systemctl restart smbd
sudo systemctl enable smbd

7. Firewall Configuration (If Enabled)

sudo ufw allow 'Samba'

8. Access the Share

From a Windows machine:

\\<ubuntu_ip_address>\share5651

Username: berqlog, Password: the one set during setup.

9. Logs and Troubleshooting

Samba logs are located at:

/var/log/samba/log.smbd
/var/log/samba/log.nmbd
/var/log/samba/log.<client_ip_or_name>

Additional Notes:

• The ntlm auth = yes setting allows compatibility with legacy Windows clients.
• The server min protocol = NT1 is for compatibility with old systems. For better security, consider using SMB2 or higher.

This setup covers basic file sharing and user authorization. For advanced needs, consider configuring ACLs, audit modules, or integrating with a domain.