LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How to check SMB/CIFS mounts and permissions? (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-check-smb-cifs-mounts-and-permissions-4175662390/)

itsallgood 10-11-2019 11:07 AM
How to check SMB/CIFS mounts and permissions?
 
Good day,

I just got put in charge of a Linux server (coming from a jr. Windows sysadmin background so I admit it. I'm lost)

One of the users has requested a SMB/CIFS mount for a directory on the Linux server on his Windows desktop.

The previous admin HAD set up a file share on the Linux server in the past and created a Windows batch file to mount it on the user's computer (I tested this on my workstation and it mounted). I did go to /etc/exports and the mounts I need are set up and listed there. The thing I am confused about however, is how I find the "local" account and password that the previous admin set up for the user to give access to those mounts, and how do I look at the permissions? The previous admin in his notes said that there is a local SMB/CIFS username and password that he set up for the users on the server (and SSH is authenticated via FreeIPA) so that is why there is a local username and password for these purposes apparently (does this sound right?)

To complicate things, this person has moved and is now working offsite (permanently) with VPN so I need to be sure he can access the mount while he has an IP address in the VPN pool. I think the previous administrator had locked it down by IP (is this something I will have to change in access.conf and iptables?)

I am very grateful for any advice you can send my way. Thank you!

tyler2016 10-11-2019 12:23 PM
/etc/exports is for NFS not SMB/CIFS. The Samba configuration file is going to be something like /etc/samba/smb.conf. Mapping Samba users and permissions to UNIX permissions can be done in several ways. I suggest posting your samba configuration file. As far as locking down by IP is concerned, that can be done in more than one way was well. There are TCP Wrappers, netfilter/nftables, and even through the samba configuration. I highly doubt you will have to touch access.conf.

If he setup local users, he PROBABLY, but I can't say for certain without seeing your config, used TDB to store the users. Read the man page for smbpasswd for instructions on how to use it. He could have also made it an AD member and used ID mapping, a map file, or map script.

Samba can be complicated...


All times are GMT -5. The time now is 09:28 PM.