Basic background:
First HDD contains the OS. A second HDD is mapped for the data on /storage0/data.
So first step is to move the home drive location to the data partition:
# Change home directory location
HOME_DIR="/storage0/data"
mkdir -p ${HOME_DIR}
chcon -R -t samba_share_t ${HOME_DIR}
sed -i "s#^\(HOME\s*=\s*\).*\$#\1${HOME_DIR}#" /etc/default/useradd
setsebool -P samba_enable_home_dirs 1
# Next, install and configure Samba
yum install -y samba samba-client samba-common
systemctl enable smb.service
systemctl enable nmb.service
mkdir -p /storage0/data
chcon -R -t samba_share_t /storage0/data
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
cp /etc/samba/smb.conf /etc/samba/smb.conf.orig
vi /etc/samba/smb.conf
#Find “security = user” line and add “map to guest” line like below.
#security = user
#map to guest = Bad User
# comment out homes and printers
# Anonymous share
mkdir -p /storage0/data/anonymous
chown -R nobody:nobody /storage0/data/anonymous
RW user
[Anonymous] (Name anonymous)
path = /shares/anonymous
guest ok = yes
browsable =yes
writable = yes
RO user (Name anonymous)
[Anonymous]
path = /shares/anonymous
browsable = yes
read only = Yes
guest only = Yes
systemctl reload smb.service
Home Directory share
# Re-anable if disabled
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
setsebool -P samba_enable_home_dirs 1
mkdir /shares/google
groupadd smbgg
Step 2 » Change ownership and permission for the directory.
chown -R root:smbgg /shares/google
chmod -R 0770 /shares/google
useradd larry -s /usr/sbin/nologin -G smbgg # Create user larry by adding to the group smbgg in a single command .
smbpasswd -a larry # Create samba password using the below command .
[Google]
comment = Google Share
path = /shares/google
valid users = @smbgg
guest ok = no
writable = yes
browsable = yes
force group = smbgg
#### Below lines are to allow user to edit files created by another user
create mask = 0660
force create mode = 0660
directory mask = 0770
force directory mode = 0770
systemctl reload smb.service
Now test if you can see your initial shares and everything should work.
Next step is the integration to an Active Directory Domain.
yum install realmd samba samba-common oddjob oddjob-mkhomedir sssd ntpdate ntp
$ systemctl enable ntpd.service $ ntpdate dc1.mydomain.local $ systemctl start ntpd.service