Configuring Samba Shares

ubuntuFile sharing with Ubuntu 14.04 LTS can be facilitated with Samba file server software selection.  This article describes how to configure Samba so that you can start sharing files.


If you are using Windows Authentication, you'll need to edit the smb.conf to allow the winbind daemon to translate AD authentication into linux authentication.

$ sudo vi /etc/samba/smb.conf
workgroup = yourdomain
security = domain
idmap uid = 10000-20000
idmap gid = 10000-20000


Samba Passwords

Samba uses a different password, to the Ubuntu user account.  To set the Samba password type the following...

$ sudo smbpasswd -a <username>


Create a Directory

We will create a share called Projects.  All members of the projects group will have read/write access to this share.  We will start by creating the directory and then set group ownership, followed by allowing the group full access and denying all other users.

$ sudo mkdir /home/shares/projects
$ sudo chown root:<groupname> /home/shares/projects
$ sudo chmod 770 /home/shares/projects


To share this directory using Samba, you need to edit the smb.conf file and add the following lines at the end of the file.

$ sudo vi /etc/samba/smb.conf

[projects] path = /home/shares/projects available = yes valid users = <username1>,<username2> read only = no browseable = yes public = yes writable = yes
force create mode = 664
force directory mode = 775


You will need to restart the Samba service.

$ sudo smbd restart

It's also good practice to test your Samba configuration for any syntax errors.

$ testparm


Prevent Anonymous Browsing

You may want to eliminate browsing by 'guest' user accounts.  Start by opening the smb.conf file for editing.

$ sudo vi /etc/samba/smb.conf

Add the following line to the [Global] section of the smb.conf file.

restrict anonymous = 2


Home Directories

You may want to allow Samba users access to their home directory.  Open the smb.conf file for editing and un-comment the following lines.  Warning:  un-commenting the valid users entry, may cause issues if you are using external authentication.

comment = Home Directories
browseable = no
read only = no
create mask = 0700
directory mask = 0700

valid users = %S


Thanks for visiting.