There is a new version of this tutorial available for CentOS 8.

Samba Server Installation and Configuration on CentOS 7

This tutorial exists for these OS versions

On this page

  1. 1 Preliminary Note
  2. 2 Anonymous Samba sharing
  3. 3. Secured samba server

This tutorial explains how to configure a Samba server on CentOS 7 with anonymous & secured samba shares. Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients like Windows. Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.

1 Preliminary Note

I have a fresh installed CentOS 7 server, on which I am going to install the samba server. Off-course you need to have one windows machine to check the samba server that must be reachable with the CentOS 7 server. My Centos 7 server have hostname & IP as


  • The Windows machine must be on same workgroup. To check the value in windows machine run the command at cmd prompt
net config workstation

It will be like this:

Windows logon domain name

Your windows machine must be at same Workstation domain as in CentOS 7.0 server, i.e. WORKGROUP in my case.

  • To make the Windows machine reachable in Windows proceed like this. In the run terminal & add  the entry of your server IP address:
notepad C:\Windows\System32\drivers\etc\hosts

In my case it was like this, just save the values.

[...] centos

2 Anonymous Samba sharing

First I will explain the methodology to install Samba with an anonymous share. To install the Samba software, run:

yum install samba samba-client samba-common

It will install the current Samba version from the CentOS software repository.

Now to configure samba, edit the file /etc/samba/smb.conf. Before making changes, I will make the backup of original file as  /etc/samba/smb.conf.bak

cp -pf /etc/samba/smb.conf /etc/samba/smb.conf.bak

As I want to start with an empty file, I'll use the cat command to empty smb.conf. That's faster than deleting all the lines in vi.

cat /dev/null > /etc/samba/smb.conf

Further, give the entries like this

vi /etc/samba/smb.conf
workgroup = WORKGROUP
server string = Samba Server %v
netbios name = centos
security = user
map to guest = bad user
dns proxy = no
#============================ Share Definitions ============================== 
path = /samba/anonymous
browsable =yes
writable = yes
guest ok = yes
read only = no


mkdir -p /samba/anonymous
systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

Further CentOS 7 Firewall-cmd will block the samba access, to get rid of that we will run:

firewall-cmd --permanent --zone=public --add-service=samba
[[email protected] ~]# firewall-cmd --permanent --zone=public --add-service=samba
[[email protected] ~]#

 Finally, reload the firewall to apply the changes.

firewall-cmd --reload
[[email protected] ~]# firewall-cmd --reload
[[email protected] ~]#

Now you can access the Centos 7 share in Windows as follows. Go to the Run prompt and type \\centos:


Open Samba Share in Windows

From a Windows machine, just browse the folder and try to create a text file, but you will get an error of permission denied.

Browse folder shared with Samba on Windows

Test anonymous access to Samba share

Check the permission of the shared folder.

ls -l

drwxr-xr-x. 2 root root 6 Jul 17 13:41 anonymous
[[email protected] samba]#

To allow access by the anonymous user, set the permissions as follows:

cd /samba
chmod -R 0755 anonymous/
chown -R nobody:nobody anonymous/
ls -l anonymous/
total 0
drwxr-xr-x. 2 nobody nobody 6 Jul 17 13:41 anonymous
[[email protected] samba]#

Further, we need to allow the SELinux for the samba configuration as follows:

chcon -t samba_share_t anonymous/

Now the anonymous user can browse & create the folder contents.

Folder access by anonymous user

You can cross check the content at the server also.

ls -l anonymous/
total 0
-rwxr--r--. 1 nobody nobody 0 Jul 17 16:05 anonymous.txt
[[email protected] samba]#

3. Secured samba server

Therefore, I will create a group smbgrp & user srijan to access the samba server with proper authentication.

groupadd smbgrp
useradd srijan -G smbgrp
smbpasswd -a srijan
[[email protected] samba]# smbpasswd -a srijan
New SMB password:<--yoursambapassword
Retype new SMB password:<--yoursambapassword
Added user srijan.
[[email protected] samba]# 

Now create a folder with the name secured in the /samba folder and give permissions like this:

mkdir -p /samba/secured

Again we will have to allow to listen through SELinux:

cd /samba
chmod -R 0777 secured/
chcon -t samba_share_t secured/

Again edit the configuration file as :

vi /etc/samba/smb.conf

[secured] path = /samba/secured valid users = @smbgrp guest ok = no writable = yes browsable = yes
systemctl restart smb.service
systemctl restart nmb.service

Further, check the settings as follows:

[[email protected] samba]# testparm 
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Anonymous]"
Processing section "[secured]"
Loaded services file OK.
Press enter to see a dump of your service definitions <--ENTER

	netbios name = CENTOS
	server string = Samba Server %v
	map to guest = Bad User
	dns proxy = No
	idmap config * : backend = tdb

	path = /samba/anonymous
	read only = No
	guest ok = Yes

	path = /samba/secured
	valid users = @smbgrp
	read only = No
[[email protected] samba]# 

Now at windows machine check the folder now with the proper credentials

Secured Samba access by password

You will again face the issue of permissions to give write permission to the user srijan do:

cd /samba
chown -R srijan:smbgrp secured/

Now samba users have the permissions to write into the folder. Cheers, you have done with samba server in CentOS 7 :)

Folder Listing from Samba share on Windows

Share this page:

83 Comment(s)

Add comment

Please register in our forum first to comment.


By: Paul

This got me up and running, thank you so much!

By: Anonymous

shouldn't "mv /etc/samba/smb.conf /etc/samba/smb.conf.bak" actually be cp instead of mv?

By: Keijo

"mv" will move the file to a backup and let us start clean when issuing 'vi /etc/samba/smb.conf'

I find it really convenient this way, so we don't get distracted with the ZILLION comments out there in the default conf.

By: Chilling

Good job , thanks. where did you get the global option map to guest = bad user ?


Best manual I found when using Windows 7 clients. Thanks Srijan Kishore

By: fbys294

Should be on Google top list for Samba centos setup. 

 Thank You

By: SambaJama

Very good article Srijan, very clear information. The best guide I have seen. Others are either too long winded or miss some steps.

By: Alze

Thank you !! It's perfect !

By: Ricardo Red

I tried to find something related to Centos 7 + Samba 4 as PDC in the forums but couldn't find any post!

Anyone did the setup sucessfully and could share the way it was done?

Thank you,

By: Sam

I think this was recently added and well written

By: bouzeghoub


configure Samba on Rhel/CentOS 7 with Active dirctory

By: RoosterRoo

A truly excellent guide. Worked like a charm. Thankyou!!!

By: MichaelBeck

My dir had files, so I had to use the

"chcon -t samba_share_t anonymous/"

with "-R":

chcon -t samba_share_t -R anonymous/

to get it working.

By: Vakov

That did the trick!


By: Steve1234

When will RHEL 7 and CentOS 7 update Samba from 4.1.1 to the current version? I really want to use this distribution without having to manually build the soure. I need at least 4.1.12 as shipped in Fedora 21 as it fixes this bug.


By: Eric

Thanks a lot for the tutorial

Don't forget "-R" for chcon if some folders are already present in the samba folder

By: al mello

Just one thing: When doing this for an existing user, make sure the user is added to the group used - smbgrp in this tutorial. In my case I was getting an error and didn't realize that the error was affecting also the user to be added to the group and couldn't authenticate.

Only after edited the group and added the user to it I was able to authelticate.

No changes in windows 7 required. This tutorial works like a charm and I'd like to thanks Srijan for it!

By: josebash

I think he meant the other way around. 777 for public and 755 for secured.

chmod -R 0755 anonymous/                ->  chmod -R 0777 anonymous/chown -R nobody:nobody anonymous/

if leave it like this user won't be able to create files because it doesn't below to nobody group.


chmod -R 0777 secured/             -> chmod -R 0755 secured/chcon -t samba_share_t secured/

you don't need 777 permission when you have a group of valid users.

By: Erik

Yes, it's right!

By: Alvaro Caceres

Thank you so much!!

By: PJ

I followed the procedure and I get a not accessible for the secured folder. What seems to be the problem here?

By: Technocluse

@PJ I had this same issue - anonymous folder worked fine, but secured folder was giving not accessible error - until I joined my Windows client to the same workgroup that was named in the samba config file.

By: Aleksandar

I have same problem but I can not join win computer to same workgroup, like Samba, because my win is AD domain member.

What shoud I do?

By: Bruno Horta

Very NICE :)

By: Abdalrahman

Best manual for this app thanks alot 

By: Fredrik

I can't get the secured part working. I have followed the instructions carefully but i can't authenticate with username and password from my Windows 7 professional. Anonymous works great but when i try using username and password i get service unavailable. You may not have permission to use this network resource.

Can anyone tell me what to do?

By: Francesco

I get (from Kubuntu to CentOS) :

Could not connect to host for smb://

By: Pateto

Thanks for your tutorial! I've made it several times.

I suggest adding -R to the SELinux configuration:

chcon -R -t samba_share_t anonymous/

for a shared folder with subdirectories.

By: Tudor

Don't use chcon. After a SELinux relabel your settings will be wiped. Use semanage fcontext and restorecon -R 

By: York

Very good article , very clear, the best guide I have seen. 

By: wdac

Werry good :D

tho i have a problem, i can access my home folder from Windows 10, but i cant access my Raid Array folders. i get the Error Code: 0x80070035, have done everything on the windows side but still i cant figure out what i need to change in my samba config.

i have the path to my Raid Array under mnt folder, i have the grp named SAN that my user are member of on my CentOS 7 server and so on, folders and subfolders have user:SAN and i used chmod -R 777. 

turned off SELinux, and firewalld. disabled...

iam a bit lost atm :(

By: Rosay

Don't forget to add -R to the chcon command when the shared folder already contains files or folders, otherwise you won't be able to acces to them :)...

By: metafaniel

I also followed these steps perfectly but I can' authenticat yet. My Windows client is also in the same workgroup as in the config file, I've changed the ownership and group for the folder, I've added the firewall exception, I've configured SeLinux as stated above, I've restarted the services... I even disabled the firewall and SeLinux temporarily but still no luck. I wonder what's going on...

By: Daniel Arap Moi

thanks !

I'd been trying to get this working for hours and your guide took minutes. 

By: JB

Thank you very much for this helpful tuorial.

I only had one Problem: I've created an anonymous and a secured share. After I've created the secured share I couldn't write in the anonymous share anymore. The Windows share simply said 'Permission denied' on the attempt to create folder or similar. (The funny thing is, that the permission worked before I've added the secured share)

Anyways, the solution to the problem is to add the property ' guest only = yes ' to the anonymous share.


By: geek

I got samba up in centos 7 and can see folder in win 7 but I try to copy docs in folder in centos 7 to pass to win7 but I can not see it in win7 but if I create file in win7 in share folder then i can see it in centos7.

It samba only one way file transer- in my case win7 to centos7.

I dont think that should be the case. I must be missing something or not ?

By: skawt

I tried the secure samba config but it doesn't ask me for username and password when I tried to mount it on Windows. Any help?

By: sahtimonni

same here

By: alex

Did you create an SMB User ?

smbpasswd -a alex

Replace alex with the account you would like to grant access SMB Access to.

By: Ofer

Thank you! Thank you! Thank you! Thank you! 

Only this allowed me the access.

By: alex

Try mapping the share from Command Prompt using;

net use * \\servernameorIP\sharename /user:SMBUser 'Password'

This will force the share to be mapped by authenticating the user account you created using smbpasswd

By: alex

Awesome job! This helped us

By: Ganguenon M.E

IT'S TOTALLY WRONG TO USE ("mv" command to make the backup because you will loose all the content from the original file "/etc/samba/smb.conf" that going to move completely in the new file" /etc/samba/smb.conf.bak")  IT'S BETTER TO USE "cp"=COPY command for the BACKUP FROM THE ORIGINAL FILE!!!


By: till

Sorry to say that, but you are completely wrong here. The goal is to make a backup of the file AND to start with a new and empty file as you should paste the whole content of the file that is shown there and not edit any old content, so using mv here is the right command.

The alternative to use mv would be:

cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
cat /dev/null > /etc/samba/smb.conf

So you would have to use 2 commands to have a renamed copy and start with an empty file then instead of using just the one mv command.

By: Gary


You changed the owner of the secured directory to the How about the owner of its parent (i.e. /samba/). Does it matter?

By: till

The parent directory should be readable for the user and group, so if it has 755 permissions, then it's ok. If you use stricter permissions for it, then you would have to chown it to the same user and group then the secured directory.

By: mat

I had trouble connecting from some Windows clients. Sometimes connection was really slow. I ran into nt_status_io_timeout when connecting with smbclient. Adding my hostname in /etc/hosts and setting my hostname in /etc/hostname solved the problem. Thanks for this great tutorial.

By: Ken

Thia tutorial is great, but I still am unable to access the secured folder from my windows 10 computer. It keeps saying it's not accessible and I don't have permissions to use this network resource. I follwed this step by step. Any ideas on how to correct this?

By: Erik

Yes, it should be definitely. By typing 'mv' you will just rename it but you will not create same file with .bak at the end. Nice hint.

By: Izzy

The anonymous share works just fine, but the secured share does not work no matter what I try.  I followed the instructions, restored my server from a backup and started the tutorial over 4 times.

I can't authenticate with my samba user.  The samba user can access the directory through SSH just fine.

login as: [email protected]'s password:[[email protected] ~]$ cd /samba[[email protected] samba]$ ls -lahtotal 4.0Kdrwxr-xr-x.  4 root   root     36 Jun 17 12:14 .dr-xr-xr-x. 18 root   root   4.0K Jun 17 11:04 ..drwxr-xr-x.  2 nobody nobody    6 Jun 17 12:13 anonymousdrwxrwxrwx.  2 srijan smbgrp    6 Jun 17 12:14 secured[[email protected] samba]$ cd secured/[[email protected] secured]$ ls -lahtotal 0drwxrwxrwx. 2 srijan smbgrp  6 Jun 17 12:14 .drwxr-xr-x. 4 root   root   36 Jun 17 12:14 ..[[email protected] secured]$ touch testing.txt[[email protected] secured]$ ls -lahtotal 0drwxrwxrwx. 2 srijan smbgrp 24 Jun 17 12:32 .drwxr-xr-x. 4 root   root   36 Jun 17 12:14 ..-rw-rw-r--. 1 srijan srijan  0 Jun 17 12:32 testing.txt[[email protected] secured]$ ls -Zlahtotal 0drwxrwx---. 2 unconfined_u:object_r:samba_share_t:s0 srijan smbgrp 24 Jun 17 12:32 .drwxr-xr-x. 4 unconfined_u:object_r:default_t:s0 root   root   36 Jun 17 12:14 ..-rw-rw-r--. 1 unconfined_u:object_r:samba_share_t:s0 srijan srijan  0 Jun 17 12:32 testing.txt



By: Liong

I couldn't access the secured file which require the username and also the password. I've completely followed the steps above which create a group, add a user, create a smbpasswd for the user and also grant permission with the last command "chown -R user:sambagrp secured/" at the windows side, I attempted to access the secured file and inserted the username of user and smbpasswd of the user that I had mentioned just now, it still can't access the folder! please help !

By: Eric Nord

When doing smbpasswd -a usernametry setting it to the actual user's password on the window's box. 

By: elis

i cant to this i trayed everythng still nothing help needed pls 


By: Jhon Castañeda

This guide is excellent, I would complement it with this since I lost a lot of time trying to solve this. There is a problem with file ownership when more than one user works on the secured folder. I create two users in the same group (user1-user2), but the created files of each user are with the same user (Equivalent to a chown user1: user1). The solution to this I found in the forum You must apply the following ... [root @ server] # chgrp smbgrp secured / && chmod g + s secured /

Very, very tks for this tutorial.

By: r3lentless

I have been struggeling to get a samba server running for awhile now. This was very well written and worked perfectly!! 

Thank you very much!

By: Marcos Morinigo

Amaizing! Thnx you so much partner, my samba service is up right now!!

By: os_linux

Thank you!

By: Edward

I followed your tutorial to setup a samba service on CentOS 7, however it produces two same shared folder in windows, do you know how to avoid that? I created a question with more details here -

Thank you!

By: shanmugavelu


I have done as per above steps.

i am unable to login under enter network credential  in windows security.

request soluation?.


By: LelaD

Thanks for this! It helped me get up and going quickly and it was easy to understand, even if i fumbled around for a little bit. Great tutorial !

By: David Quigley

Great tutorial the only thing I'd change is instead of using chcon -t you should use semanage fcontext  to make the labeling survive a system relabel.

By: Marcelo

Good job!!! thank you so much!

By: jbrant

The steps for enabling anonymous authentication do not work.

By: Mr T

Thanks SO much! I had been going round in circles until your fine guide got me up and running.

Easy, clear, quick...


By: Adriano

Finally. A good samba tutorial. tks.

By: David

Thanks ever so much.  With all the confusion around Windows 10 no longer working on SMB1 this worked a treat

By: Mangocats

Thanks for the tutorial.  When I try to: systemctl enable smb.service

I get XFCE PolicyKit Agent, followed with Failed to execute operation: Access denied

with user root, or sudo systemctl enable smb.service it gives the Failed to execute operation: Access denied immediately.

Any clues?


By: Charles

Can a CentOS 6 PDC using tdbsam backend migrate to Centos 7? Migrating CentOS 5 PDCs to CentOS 6 was straightforward but I'm afraid the CentOS 6 to 7 is not going to be that easy. The CentOS 5 to 6 migration was based on a single shell script that copied all the necessary configuration files and settings. I also used the script to replicate PDCs after system failures in single server environments.


By: Sivakumar

Thanks for the writeup. If you get "network password is not correct" error in Windows 7, then follow the instructions here: In my case adding ntlm auth = yes to my smb.conf worked.

By: Victor

Your tutorial really helped me, thank you!!!!

By: Calvin

I followed the steps for setting up the anonymous share, but it still wont connect, i set the firewall exception, as well as the selinux parameters, but it still wont connect.

My share folder is located on a pair of mirrored drives on my server.


By: Pablo Silva

Hello, I also had problems accessing the secured folder, using my machine that has windows 10 got the famous error 1219 that does not allow multiple user connections from windows. To solve this problem I deleted the connection from my windows using this command


net use / delete \\ centos \ Anonymous


Please read:

By: Rackay

Thank you so much

By: jb_sailor

A workaround for large user communities, and groups is to run mount -t cifs with the windows userid's, which is a nice thing to have (join centos to the AD domain with realm join -U adminuser, enable the services as presented, and use sudo to allow the mounts and unmounts.  couple that with zenity in /etc/profile.d/ with a script to load up the login names and password dialogue boxes. 

this is a great doc!

By: Mauricio

Thanks a lot for clear simple and well explained procedure. Best of internet in that sense.

By: Roy


no faltaria habilitar el usuario samba  ? smbpasswd -e usuario

By: ridie

All is running. thanks you for the tutorial, is so good. but the last operation don't work on my client machine. after login my user, she gives me this message " my folder is not accessible... you might not have permissions to use this network ressource... 

By: Loudahi


Please, how do I can denied deleting?

By: Vlad

Great explanation, its worked for me.

By: Jacob

Thank you very much! Great job!

By: beohu

How writable value work?. I tried set writable both yes or no but result is same, I always can create or modify the content of a file.  

By: Thomas

If I want to access the secured folder from my domain I have to write the username as follows servername\user (centos\srijan)

By: Sandeep

smb.service not running