Samba Server Installation and Configuration on CentOS 7

This guide explains how to configure samba server in CentOS 7 with anonymous & secured samba servers. Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.

1 Preliminary Note

I have a fresh installed CentOS 7.0 server, on which I am going to install the samba server. Off-course you need to have one windows machine to check the  samba server that must be reachable with the CentOS 7.0 server. My Centos 7.0 server have hostname & IP as


  • The Windows machine must be on same workgroup. To check the value in windows machine run the command at cmd prompt

net config workstation

It will be like this

Your windows machine must be at same Workstation domain as in CentOS 7.0 server, i.e. WORKGROUP in my case.

  • To make the windows machine reachable in windows proceed like this. In the run terminal & add  the entry of your server IP address

notepad C:\Windows\System32\drivers\etc\hosts

In my case it was like this, just save the values.

[...] centos

2 Anonymous samba sharing

First I will explain the methodology to install the samba with the anonymous sharing. To install samba run,

yum install samba samba-client samba-common

It will install samba with Version 4.1.1.

Now to configure samba edit the file /etc/samba/smb.conf before making changes I will make the backup of original file as  /etc/samba/smb.conf.bak

mv /etc/samba/smb.conf /etc/samba/smb.conf.bak

Further give the entries like this

vi /etc/samba/smb.conf

workgroup = WORKGROUP
server string = Samba Server %v
netbios name = centos
security = user
map to guest = bad user
dns proxy = no
#============================ Share Definitions ============================== 
path = /samba/anonymous
browsable =yes
writable = yes
guest ok = yes
read only = no


mkdir -p /samba/anonymous
systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

Further CentOS 7.0 Firewall-cmd will block the samba access, to get rid of that we will run:

firewall-cmd --permanent --zone=public --add-service=samba

[root@server1 ~]# firewall-cmd --permanent --zone=public --add-service=samba
[root@server1 ~]#


firewall-cmd --reload

[root@server1 ~]# firewall-cmd --reload
[root@server1 ~]#

Now you can access the Centos 7.0 sharing in windows as follows, go to the Run prompt and type \\centos:


From a windows machine just browse the folder and try to create a text file, but you will get an error of permission denied.


Check the permission for the shared folder.

ls -l

drwxr-xr-x. 2 root root 6 Jul 17 13:41 anonymous
[root@server1 samba]#

To allow anonymous user give the permissions as follows:

cd /samba

chmod -R 0755 anonymous/
chown -R nobody:nobody anonymous/

ls -l anonymous/

total 0
drwxr-xr-x. 2 nobody nobody 6 Jul 17 13:41 anonymous
[root@server1 samba]#

Further, we need to allow the SELinux for the samba configuration as follows:

chcon -t samba_share_t anonymous/

Now anonymous user can browse & create the folder contents.


You can cross check the content at server also.

ls -l anonymous/

total 0
-rwxr--r--. 1 nobody nobody 0 Jul 17 16:05 anonymous.txt
[root@server1 samba]#

3. Secured samba server

Therefore, I will create a group smbgrp & user srijan to access the samba server with proper authentication.

groupadd smbgrp

useradd srijan -G smbgrp

smbpasswd -a srijan

[root@server1 samba]# smbpasswd -a srijan
New SMB password:<--yoursambapassword
Retype new SMB password:<--yoursambapassword
Added user srijan.
[root@server1 samba]# 

Now create the folder with the name secured in the /samba folder and give permissions like this:

mkdir -p /samba/secured

Again we will have to allow to listen through SELinux:

cd /samba
chmod -R 0777 secured/
chcon -t samba_share_t secured/

Again edit the configuration file as :

vi /etc/samba/smb.conf

[secured] path = /samba/secured valid users = @smbgrp guest ok = no writable = yes browsable = yes

systemctl restart smb.service

systemctl restart nmb.service

Further check the settings as follows


[root@server1 samba]# testparm 
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Anonymous]"
Processing section "[secured]"
Loaded services file OK.
Press enter to see a dump of your service definitions <--ENTER

	netbios name = CENTOS
	server string = Samba Server %v
	map to guest = Bad User
	dns proxy = No
	idmap config * : backend = tdb

	path = /samba/anonymous
	read only = No
	guest ok = Yes

	path = /samba/secured
	valid users = @smbgrp
	read only = No
[root@server1 samba]# 

Now at windows machine check the folder now with the proper credentials

You will again face the issue of permissions to give write permission to the user srijan do:

cd /samba
chown -R srijan:smbgrp secured/

Now samba users have the permissions to write into the folder. Cheers, you have done with samba server in CentOS 7.0 :)

Share this page:

30 Comment(s)

Add comment


From: Paul

This got me up and running, thank you so much!

From: Anonymous

shouldn't "mv /etc/samba/smb.conf /etc/samba/smb.conf.bak" actually be cp instead of mv?

From: Chilling

Good job , thanks. where did you get the global option map to guest = bad user ?


Best manual I found when using Windows 7 clients. Thanks Srijan Kishore

From: fbys294

Should be on Google top list for Samba centos setup. 

 Thank You

From: SambaJama

Very good article Srijan, very clear information. The best guide I have seen. Others are either too long winded or miss some steps.

From: Alze

Thank you !! It's perfect !

From: Ricardo Red

I tried to find something related to Centos 7 + Samba 4 as PDC in the forums but couldn't find any post!

Anyone did the setup sucessfully and could share the way it was done?

Thank you,

From: bouzeghoub


configure Samba on Rhel/CentOS 7 with Active dirctory

From: RoosterRoo

A truly excellent guide. Worked like a charm. Thankyou!!!

From: MichaelBeck

My dir had files, so I had to use the

"chcon -t samba_share_t anonymous/"

with "-R":

chcon -t samba_share_t -R anonymous/

to get it working.

From: Vakov

That did the trick!


From: Steve1234

When will RHEL 7 and CentOS 7 update Samba from 4.1.1 to the current version? I really want to use this distribution without having to manually build the soure. I need at least 4.1.12 as shipped in Fedora 21 as it fixes this bug.


From: Eric

Thanks a lot for the tutorial

Don't forget "-R" for chcon if some folders are already present in the samba folder

From: al mello

Just one thing: When doing this for an existing user, make sure the user is added to the group used - smbgrp in this tutorial. In my case I was getting an error and didn't realize that the error was affecting also the user to be added to the group and couldn't authenticate.

Only after edited the group and added the user to it I was able to authelticate.

No changes in windows 7 required. This tutorial works like a charm and I'd like to thanks Srijan for it!

From: josebash

I think he meant the other way around. 777 for public and 755 for secured.

chmod -R 0755 anonymous/                ->  chmod -R 0777 anonymous/chown -R nobody:nobody anonymous/

if leave it like this user won't be able to create files because it doesn't below to nobody group.


chmod -R 0777 secured/             -> chmod -R 0755 secured/chcon -t samba_share_t secured/

you don't need 777 permission when you have a group of valid users.

From: Alvaro Caceres

Thank you so much!!

From: PJ

I followed the procedure and I get a not accessible for the secured folder. What seems to be the problem here?

From: Technocluse

@PJ I had this same issue - anonymous folder worked fine, but secured folder was giving not accessible error - until I joined my Windows client to the same workgroup that was named in the samba config file.

From: Bruno Horta

Very NICE :)

From: Abdalrahman

Best manual for this app thanks alot 

From: Fredrik

I can't get the secured part working. I have followed the instructions carefully but i can't authenticate with username and password from my Windows 7 professional. Anonymous works great but when i try using username and password i get service unavailable. You may not have permission to use this network resource.

Can anyone tell me what to do?

From: Francesco

I get (from Kubuntu to CentOS) :

Could not connect to host for smb://

From: Pateto

Thanks for your tutorial! I've made it several times.

I suggest adding -R to the SELinux configuration:

chcon -R -t samba_share_t anonymous/

for a shared folder with subdirectories.

From: York

Very good article , very clear, the best guide I have seen. 

From: wdac

Werry good :D

tho i have a problem, i can access my home folder from Windows 10, but i cant access my Raid Array folders. i get the Error Code: 0x80070035, have done everything on the windows side but still i cant figure out what i need to change in my samba config.

i have the path to my Raid Array under mnt folder, i have the grp named SAN that my user are member of on my CentOS 7 server and so on, folders and subfolders have user:SAN and i used chmod -R 777. 

turned off SELinux, and firewalld. disabled...

iam a bit lost atm :(

From: Rosay

Don't forget to add -R to the chcon command when the shared folder already contains files or folders, otherwise you won't be able to acces to them :)...

From: metafaniel

I also followed these steps perfectly but I can' authenticat yet. My Windows client is also in the same workgroup as in the config file, I've changed the ownership and group for the folder, I've added the firewall exception, I've configured SeLinux as stated above, I've restarted the services... I even disabled the firewall and SeLinux temporarily but still no luck. I wonder what's going on...

From: Daniel Arap Moi

thanks !

I'd been trying to get this working for hours and your guide took minutes. 

From: JB

Thank you very much for this helpful tuorial.

I only had one Problem: I've created an anonymous and a secured share. After I've created the secured share I couldn't write in the anonymous share anymore. The Windows share simply said 'Permission denied' on the attempt to create folder or similar. (The funny thing is, that the permission worked before I've added the secured share)

Anyways, the solution to the problem is to add the property ' guest only = yes ' to the anonymous share.