5

I have setup a Samba server running on CentOS. I am able to connect to it when typing \\ip-address\share into the address bar of Windows Explorer but it doesn't appear in the network list and if I try to connect to it using the hostname it tells me Windows cannot access \\hostname\share.

I also cannot ping the hostname but can ping the IP. I can ping the hostname from the CentOS

The Samba server has DHCP enabled (using NetworkManager) and the hostname is configured on the router via a static IP rule. hostname is also set via hostnamectl.

I have winbind is enabled and running, but have no idea if it is configured properly.

Firewall-cmd is active and running, and it has samba services open in the public zone.

I have updated seLinux with sudo setsebool -P samba_enable_home_dirs on

Here is a partial dump of the smb.conf file;

[global]
    workgroup = WORKGROUP
    netbios name = *hidden*
    wins support = Yes
    encrypt passwords = true
    security = user

    passdb backend = tdbsam

    printing = cups
    printcap name = cups
    load printers = yes
    cups options = raw

[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    browseable = Yes
    read only = No
    inherit acls = Yes

[printers]
    comment = All Printers
    path = /var/tmp
    printable = Yes
    create mask = 0600
    browseable = Yes

[print$]
    comment = Printer Drivers
    path = /var/lib/samba/drivers
    write list = @printadmin root
    force group = @printadmin
    create mask = 0664
    directory mask = 0775

How do I make it so windows is able to access the share via hostname?

EDIT: adding nmcli dump

connection.id:                          MyEth
connection.uuid:                        4b4c8ef6-def8-3c7f-9c1c-e3bdd39d2ed4
connection.stable-id:                   --
connection.type:                        802-3-ethernet
connection.interface-name:              --
connection.autoconnect:                 yes
connection.autoconnect-priority:        -999
connection.autoconnect-retries:         -1 (default)
connection.auth-retries:                -1
connection.timestamp:                   1565104013
connection.read-only:                   no
connection.permissions:                 --
connection.zone:                        --
connection.master:                      --
connection.slave-type:                  --
connection.autoconnect-slaves:          -1 (default)
connection.secondaries:                 --
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        default
connection.mdns:                        -1 (default)
-------------------------------------------------------------------------------
802-3-ethernet.port:                    --
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  --
802-3-ethernet.auto-negotiate:          no
802-3-ethernet.mac-address:             B8:27:EB:FF:F8:7D
802-3-ethernet.cloned-mac-address:      --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist:   --
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:        --
802-3-ethernet.s390-nettype:            --
802-3-ethernet.s390-options:            --
802-3-ethernet.wake-on-lan:             default
802-3-ethernet.wake-on-lan-password:    --
-------------------------------------------------------------------------------
ipv4.method:                            auto
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       ""
ipv4.dns-priority:                      0
ipv4.addresses:                         --
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
-------------------------------------------------------------------------------
ipv6.method:                            auto
ipv6.dns:                               --
ipv6.dns-search:                        --
ipv6.dns-options:                       ""
ipv6.dns-priority:                      0
ipv6.addresses:                         --
ipv6.gateway:                           --
ipv6.routes:                            --
ipv6.route-metric:                      -1
ipv6.route-table:                       0 (unspec)
ipv6.ignore-auto-routes:                no
ipv6.ignore-auto-dns:                   no
ipv6.never-default:                     no
ipv6.may-fail:                          yes
ipv6.ip6-privacy:                       -1 (unknown)
ipv6.addr-gen-mode:                     stable-privacy
ipv6.dhcp-duid:                         --
ipv6.dhcp-send-hostname:                yes
ipv6.dhcp-hostname:                     --
ipv6.token:                             --
-------------------------------------------------------------------------------
proxy.method:                           none
proxy.browser-only:                     no
proxy.pac-url:                          --
proxy.pac-script:                       --
-------------------------------------------------------------------------------

firewall config:

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources:
  services: ssh dhcpv6-client http samba https
  ports: 22/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
Improve this question
15
  • I disabled SMB1 and enabled SMB direct. lost a bunch of shares that were working fine before. I undid the change they came back, im not going to do that. This implys that those devices are running SMB1, which proves SMB1 is working fine.
    – glend
    Commented Aug 2, 2019 at 13:39
  • Since you mentioned you're not able to ping the hostname but can ping the IP, I'd say there's no DNS entry for this server on your DNS Server. Test editing the hosts file on your Windows 10 just to find it out. The file path is C:\Windows\System32\drivers\etc\hosts. If it works afterward, your solution should be add a real DNS entry for the host on the DNS Server.
    – Ronaldo
    Commented Aug 2, 2019 at 14:06
  • @Ronaldo The DNS Server is a linksys router, I have followed all of the steps to create a DNS entry, I even deleted it and remade it. no sucess. Additionally, I have other linux and mac machines on the network, all of them are able to ping the hostname just fine. I think the DNS entry is fine, but with limited access to the configuration of the router (ie i am only able to access the web-gui) I don't think there is much I can do to confirm.
    – glend
    Commented Aug 2, 2019 at 15:18
  • @JW0914 I am willing to take that risk. I don't have the time to reconfigure 90% of the devices on my network to drop SMB1.
    – glend
    Commented Aug 2, 2019 at 15:19
  • @glend Your DNS settings on your router are not the issue
    – JW0914
    Commented Aug 2, 2019 at 17:12

2 Answers 2

Reset to default
2

Your issue is local DNS related and breaks down in the following way:

  • A more in-depth discussion in the FreeNAS Forum thread: SMB shares not showing in network browsing
    1. Local Domain must be set in the Router and echoed across all LAN devices (#23)
      • In Windows, this would be the WorkGroup name
    2. Static IP and Hostname must be set in the Router for the Samba Server (#30)
    3. Windows' hosts file must have an entry in it for the Samba Server (#27)
      • Format (see #6 below): IP Hostname Hostname.LocalDomain
    4. Traffic must be allowed on the correct TCP & UDP ports (#27)

To Resolve:

  1. Ensure the Windows device, Samba Server, and Router serving local DNS are set to the same Local Domain
    1. Router: Local Domain will be the name set under Domain in its WebAdmin UI
    2. Samba Server: Will depend on the OS
    3. Windows: Local Domain is the Workgroup name:
      1. Control Panel\All Control Panel Items\System > Computer name, domain, and workgroup settings
      2. Change settings > Change... > Workgroup > OK
        • Depending on the OS configuration, it may need to be rebooted

  2. Ensure traffic between Windows and the Samba Server is allowed on the following ports:
    1. TCP: 139, 445
    2. UDP: 137, 138, 139

  3. Ensure Samba Server has been assigned a static IP on the Router

      IP      '192.168.1.2'
  mac     'AA:BB:CC:DD:EE:FF'
  name    'Server'
    • Without a static IP, which is where you set the client hostname & client MAC, configured in your Router, the Router has no idea on how to route traffic to the local DNS hostname.
    • Reboot Router once changed to allow for new DHCP pull by Server

  4. Windows 10 v1709 or greater, ensure SMB Direct is enabled and SMB v1.0 is disabled
    1. Control Panel\Programs\Programs and Features > Turn Windows features on or off
    2. Uncheck: SMB 1.0/CIFS File Sharing Support
      • SMB 1.0 is not secure and has been actively exploited for >2yrs on devices with SMB v1.0 enabled
      • There is no reason to utilize SMB1, as all devices support at least SMB2
    3. Check: SMB Direct
    4. OK (Follow on-screen instructions and Reboot)

  5. Ensure Samba Server's smb.conf contains the following:

    [global]
    server min protocol  = SMB2
    server max protocol  = SMB3_11
    netbios name         = <Samba Server Hostname>
    workgroup            = <Local Domain>
    • Ensure workgroup Local Domain matches what was set in 1.3.2 (above)
    • Ensure server max protocol is the max of what your Samba Server build supports
    • Restart Samba to apply changes

  6. Add Samba Server to Windows' hosts file

    • C:\Windows\System32\drivers\etc\hosts

      #

         ##::[[---  Windows Host Config  ---]]::##

#===========================================================
                    ##----- LAN -----##
#===========================================================

  # OpenWrt:
    192.168.1.1        OpenWrt   OpenWrt.Wrt
    192.168.1.2        Server    Server.Wrt
    192.168.1.3        Win10     Win10.Wrt
      • 1st Column: Static IP of host
      • 2nd Column: Hostname of host
      • 3rd Column: Hostname and Local Domain address, where Wrt is the Local Domain

  7. Open This PC, navigating to the share in the Address Bar: \\ServerHostname\ShareName

Troubleshooting:

If this does not resolve your issue:

  1. Power-off the Windows device, Samba Server, and Router
    • Simplest way to ensure DHCP is cleared
  2. Power-on Router and wait for it to fully boot up (if OEM firmware: wait 120s || all others: 60s)
  3. Power-on Samba Server and Windows device

Please post a comment if this doesn't work, allowing the answer to be tweaked, or added to, ensuring it works for all with this issue.

Improve this answer
13
  • Samba ports are open on both machines as they can communicate with each other, just not by hostname. static ip's have been assigned. they are in the same workgroup. windows is able to address other machines on the network using SMB1 only. editing the host file is not a solution, as the problem will persist on other clients.
    – glend
    Commented Aug 6, 2019 at 13:37
  • @glend What steps did you not perform? Might I suggest actually performing the steps required before deciding to simply dismiss them? There are no other ways to solve the local DNS domain issue you're having with Windows 10, so it's up to you whether you want to actually fix your issue or stick with hubris. Best of luck to you =]
    – JW0914
    Commented Aug 6, 2019 at 14:21
  • I did 1,2,3 before posting my question. 4 breaks other devices on my network, because i tried it. 6 just isn't a reasonable solution.
    – glend
    Commented Aug 6, 2019 at 15:06
  • @glend Turning off SMB1 on Windows 10 should not break other clients, unless you have shares on Win10 those clients are trying to access. In that case, consult Microsoft Docs for how to correctly set up those clients for SMB2. I cannot stress enough how enormous the security risk is of leaving SMB1 enabled, of which can only remain enabled after v1709 if the user goes in and manually re-enables it, as Microsoft auto disabled it in either v1709 or v1803. You're essentially running an unsupported share configuration... please take the time to fix the configuration & your issue will be resolved.
    – JW0914
    Commented Aug 6, 2019 at 16:27
  • I’m confused by steps 3 and 6 here. When setting up a network with entirely Windows machines, you don’t need to mess with router settings, given anything a static IP address, or mess with a Windows hosts file. Why are these steps necessary here; isnʼt that what netbios is for?
    – Daniel H
    Commented Aug 17, 2023 at 14:46
0

I had the same issue, and found that the nmb service is the solution.

https://www.samba.org/samba/docs/current/man-html/nmbd.8.html

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .