Configuring SMB shares

You can add an SMB (CIFS) share in the NAS Manager.

1. Navigate to Home File Services CIFS Shares.

2. Click add to display the Add Share page.

   

   The following table describes the fields on this page:

   Field/Item	Description
   EVS/File System	Currently selected file system to which the CIFS share will link.
   Cluster Namespace	Currently selected cluster namespace to which the CIFS share will link.
   change / browse (depending on Web browser)	Enables the user to select a different file system or (on a cluster) a different cluster namespace.
   Share Name	Name of the CIFS share.
   Comment	Additional information associated with the CIFS share. This information is often displayed to clients along with the share name.
   Path or CNS Path	The directory to which the CIFS share points. Users accessing the share are able to access this directory, and any directories under it in the directory tree. To find a directory, click change / browse. On a file system only, select the Create path if it does not exist option to create the path if it does not already exist. If the file system is mounted read-only, for example it is an object replication target, it is not possible to create a new directory. Select a path to an existing directory.
   Max Users	The maximum number of users who can be associated with the CIFS share. The default is unlimited.
   Show Snapshots	Show and Allow Access: Displays and allows access to snapshots. Hide and Allow Access: Hides snapshots, but still allows access to the hidden snapshots. Hide and Disable Access: Hides and disallows access to snapshots. Changes to this setting become effective when a CIFS client refreshes its folder view.
   Cache Options	Manual Local Caching for Documents. The Manual mode permits the user to specify individual files required for offline access. This operation guarantees a user can obtain access to the specified files whether online or offline. Automatic Local Caching for Documents. The Automatic mode is applied for all non-executable files on the entire share. When a user accesses any non-executable file in this share, it is made available to the user for offline access. This operation does not guarantee that a user can access all the non-executable files, because only those files that have been used at least once are cached. Automatic can also be defined for programs. Automatic Local Caching for Programs. The Automatic mode is applied for all executable files on the entire share. When a user accesses any executable file in this share, it is made available to the user for offline access. This operation does not guarantee that a user can access all the executable files, because only those executable files that have been used at least once are cached. Automatic can also be defined for documents. Local Caching Disabled. No caching of files or folders occurs. NoteThe server supports Offline Files Access. This allows Windows 2000 and later clients to cache files that are commonly used from a network/file share. To use Offline Files, the client computer must be running Windows 2000 or later.
   Transfer to Object Replication Target	When a file system is recovered from a snapshot, one of the final steps is to import the CIFS shares found in the snapshot representing the selected version of the file system. Only those CIFS shares marked as transferable will be imported. Use the list to specify one of the following: Enable: CIFS shares will be transferred to recovered file systems. Disable: CIFS shares will not be transferred to recovered file systems. Use FS default (the default): When the target file system is brought online, CIFS shares will be transferred if Transfer Access Points During Object Replication is enabled for the file system.
   Access Configuration	IP addresses of the clients who can access the share (up to 5,957 characters allowed in this field). Refer to IP Address Configuration** at the end of this table.
   Follow Symbolic Links	Enables the following of symlinks for this share. Note As of release 12.2 of the NAS Platform, clients using SMB2 or later are able to follow relative symlinks to files on storage without the use of global symlinks, if smb2-client-side-symlink-handling is enabled.
   Follow Global Symbolic Links	Enables CIFS clients to follow global (absolute) symlinks via the Microsoft DFS mechanism for this share.
   Force Filename to be Lowercase	Forces all filenames generated on this share to be lowercase. This is useful for interoperability of UNIX applications.
   Enable ABE	By default, ABE is disabled for shares and on the server/cluster as a whole. Before enabling ABE for a share, you must make sure ABE is enabled for the server/cluster as a whole (the CLI command to enable ABE support is fsm set disable-ABE-support false). When enabled, ABE filters the contents of a CIFS share so that only the files and directories to which a user has read access rights are visible to the user. NoteEnabling ABE can impact CIFS performance.
   Enable Virus Scanning	If virus scanning is enabled and configured for the global context or for the EVS hosting the file system pointed to by the share then, when the share is created, virus scanning is enabled by default. If virus scanning is not enabled for the global context or for the EVS hosting the file system pointed to by the share then, when the share is created, virus scanning is not enabled by default, but you can enable it a per-EVS basis. NoteVirus scanning is set up on a per-EVS basis, or for all EVSs using the global configuration context, but cannot be set up on a per-server or per-cluster basis.
   Ensure Share Continuously Available	Enables persistent file handles and transparent failover on the CIFS share. When enabled, Windows-based clients can continuously access the CIFS share if a network failure or a cluster node failure occurs. For example, if one cluster node fails, the client transparently migrates to another cluster node without any interruption to the client applications. This SMB3 option is available only in a clustered environment of more than one cluster node, and is disabled by default. NoteContinuous Availability can impact CIFS performance and should only be enabled where it is required, such as with Microsoft Hyper-V or Microsoft SQL Server. When this feature is in use, it is also recommended that the Administrator disables DDNS on the server. If the file system is an object replication target, continuous availability is not effective until the file system is promoted.
   Share Permissions
   Share Permissions List	By default, when a CIFS share is created, the group Everyone is added to the share permissions list.
   User Home Directory Mapping
   Mode	Used to specify how per-user home directories are created. The following options are available: Off. Disable the home directory feature for this share. Do not automatically create home directories on this share for users. This is the default. ADS. Create the user home directories based on the home directory information supplied by the Active Directory server for each user. If you select ADS, do not specify a Path. User. Create the user's home directory by converting the user's Windows user name to lower case. (The user's Window's domain name, if any, is ignored.) For example, a user DOMAIN\John Smith would result in a home directory of john_smith. DomainAndUser. Create the user's home directory by creating a directory named for the user's Windows domain name, then converting the user's Windows user name to lower case and creating a sub-directory by that name. For example, a user DOMAIN\John Smith would result in a home directory of domain\john_smith. Unix. Create the user's home directory by converting the user's UNIX user name to lower case.
   Path	Per-user home directories will be created in the specified Path, relative to the share root, which is specified without a leading \. If this field is left blank, user home directories will be created directly in the share root. By default, only one share per file system can be configured with home directories. The cifs-home-directory command can be used to relax this restriction, in which case great care must be taken not to configure conflicting home directories. For example, a share with a path of \home1 and a share with a path of \home2 would not cause a conflict, whatever home directory paths were configured. However, a share with a path of \ and a default home directory path would conflict with a share with a path of \dir and a default home directory path.

3. Click change to change the EVS/File System or Cluster Name Space (CNS) in which the CIFS share will reside.

4. Enter the Share Name. Clients will access the share through this name.

5. Type a comment that is meaningful to you or your users. This comment appears in Windows Explorer on client computers, and it is optional.

6. Type the Path to the directory being shared. Click browse to help find an existing directory (this button only exists if the path being created is the path in a file system, not a name space). To create the path automatically when it does not already exist, select the Create path if it does not exist check box.

   NoteAutomatically created directories will be owned by the root user and group (UID:0 / GID:0) and will be accessible to all users, that is, the permissions are set to rwxrwxrwx. It is recommended that such directories are created via CIFS or NFS or that such directories are given the desired permissions explicitly after being created via this option.

7. To limit the number of users who can access the share simultaneously, enter the number of users in the Max Users field. By default, a share has unlimited access.

   NoteThis only limits the number of users that can concurrently access a share. It does not provide security restrictions.

8. If snapshots are present and you want them to be visible to clients, select the Show snapshots check box. If snapshots are not taken, or if you don't want clients to view snapshots, clear this check box.

9. To allow clients to traverse symbolic links, select the Follow Symbolic Links check box.

10. To enable CIFS clients to follow global (absolute) symlinks via the Microsoft DFS mechanism for this share, select the Follow Global Symbolic Links check box.

11. To force all characters to be lowercase when files and directories are created, select the Force Filenames to be Lowercase check box.

12. To disable Virus Scanning for the share, clear the Enable Virus Scanning check box. The default setting will add this share to the server-wide Virus Scan.

    NoteEnable Virus Scanning is checked by default only if virus scanning is globally enabled.

13. To enable ABE (access based enumeration), select the check box.

    ABE is disabled by default. When enabled, ABE filters the contents of a CIFS share so that only the files and directories to which a user has read access rights are visible to the user.

    NoteEnabling ABE can impact CIFS performance.

14. To enable persistent file handles and transparent failover on the share, select the Ensure Share Continuously Available check box.

    NoteEnabling Continuous Availability can impact CIFS performance.

15. To alter the caching option (Offline Files Access), select the desired new value from the Cache Options list.

16. To import the CIFS shares found in the snapshot representing the selected version of the file system, select the desired new value from the Transfer to Object Replication Target list. Only those CIFS shares marked as transferable will be imported.

17. In the Access Configuration field, specify the IP addresses of the clients who can access the share and the client's permissions for this share. The table outlines what to type in this field.

    What to Type	Means
    Blank or *	All clients can access the export.
    Specific address or name. Examples: 192.0.2.0, client.dept.example.com	Only clients with the specified names or addresses can access the export.
    A range of addresses using Classless Inter-Domain Routing (CIDR) notation. Example: 192.0.2.0/24	Clients with addresses within the range can access the export.
    Partial address or name using wildcards. Examples: 192.0.*.*, *.example.com	Clients with matching names or addresses can access the export.

18. Click OK.

Parent Topic

• Configuring SMB shares

You can view and modify SMB shares details in the NAS Manager.

1. Navigate to Home File Services CIFS Shares.

2. Select the check box for the share to view or modify, and then click details.

   The following table describes the fields on this page:

   Field/Item	Description
   EVS/File System	Currently selected file system to which the CIFS share will link.
   Cluster Namespace	Currently selected cluster namespace to which the CIFS share will link.
   change / browse (depending on Web browser)	Enables the user to select a different file system or (on a cluster) a different cluster namespace.
   Share Name	Name of the CIFS share.
   Comment	Additional information associated with the CIFS share. This information is often displayed to clients along with the share name.
   Path or CNS Path	The directory to which the CIFS share points. Users accessing the share are able to access this directory, and any directories under it in the directory tree. To find a directory, click change / browse. On a file system only, select the Create path if it does not exist option to create the path if it does not already exist. If the file system is mounted read-only, for example it is an object replication target, it is not possible to create a new directory. Select a path to an existing directory.
   Max Users	The maximum number of users who can be associated with the CIFS share. The default is unlimited.
   Show Snapshots	Show and Allow Access: Displays and allows access to snapshots. Hide and Allow Access: Hides snapshots, but still allows access to the hidden snapshots. Hide and Disable Access: Hides and disallows access to snapshots. Changes to this setting become effective when a CIFS client refreshes its folder view.
   Cache Options	Manual Local Caching for Documents. The Manual mode permits the user to specify individual files required for offline access. This operation guarantees a user can obtain access to the specified files whether online or offline. Automatic Local Caching for Documents. The Automatic mode is applied for all non-executable files on the entire share. When a user accesses any non-executable file in this share, it is made available to the user for offline access. This operation does not guarantee that a user can access all the non-executable files, because only those files that have been used at least once are cached. Automatic can also be defined for programs. Automatic Local Caching for Programs. The Automatic mode is applied for all executable files on the entire share. When a user accesses any executable file in this share, it is made available to the user for offline access. This operation does not guarantee that a user can access all the executable files, because only those executable files that have been used at least once are cached. Automatic can also be defined for documents. Local Caching Disabled. No caching of files or folders occurs. NoteThe server supports Offline Files Access. This allows Windows 2000 and later clients to cache files that are commonly used from a network/file share. To use Offline Files, the client computer must be running Windows 2000 or later.
   Transfer to Object Replication Target	When a file system is recovered from a snapshot, one of the final steps is to import the CIFS shares found in the snapshot representing the selected version of the file system. Only those CIFS shares marked as transferable will be imported. Use the list to specify one of the following: Enable: CIFS shares will be transferred to recovered file systems. Disable: CIFS shares will not be transferred to recovered file systems. Use FS default (the default): When the target file system is brought online, CIFS shares will be transferred if Transfer Access Points During Object Replication is enabled for the file system.
   Access Configuration	IP addresses of the clients who can access the share (up to 5,957 characters allowed in this field). Refer to IP Address Configuration** at the end of this table.
   Follow Symbolic Links	Enables the following of symlinks for this share. Note As of release 12.2 of the NAS Platform, clients using SMB2 or later are able to follow relative symlinks to files on storage without the use of global symlinks, if smb2-client-side-symlink-handling is enabled.
   Follow Global Symbolic Links	Enables CIFS clients to follow global (absolute) symlinks via the Microsoft DFS mechanism for this share.
   Force Filename to be Lowercase	Forces all filenames generated on this share to be lowercase. This is useful for interoperability of UNIX applications.
   Enable ABE	By default, ABE is disabled for shares and on the server/cluster as a whole. Before enabling ABE for a share, you must make sure ABE is enabled for the server/cluster as a whole (the CLI command to enable ABE support is fsm set disable-ABE-support false). When enabled, ABE filters the contents of a CIFS share so that only the files and directories to which a user has read access rights are visible to the user. NoteEnabling ABE can impact CIFS performance.
   Enable Virus Scanning	If virus scanning is enabled and configured for the global context or for the EVS hosting the file system pointed to by the share then, when the share is created, virus scanning is enabled by default. If virus scanning is not enabled for the global context or for the EVS hosting the file system pointed to by the share then, when the share is created, virus scanning is not enabled by default, but you can enable it a per-EVS basis. NoteVirus scanning is set up on a per-EVS basis, or for all EVSs using the global configuration context, but cannot be set up on a per-server or per-cluster basis.
   Ensure Share Continuously Available	Enables persistent file handles and transparent failover on the CIFS share. When enabled, Windows-based clients can continuously access the CIFS share if a network failure or a cluster node failure occurs. For example, if one cluster node fails, the client transparently migrates to another cluster node without any interruption to the client applications. This SMB3 option is available only in a clustered environment of more than one cluster node, and is disabled by default. NoteContinuous Availability can impact CIFS performance and should only be enabled where it is required, such as with Microsoft Hyper-V or Microsoft SQL Server. When this feature is in use, it is also recommended that the Administrator disables DDNS on the server. If the file system is an object replication target, continuous availability is not effective until the file system is promoted.
   Share Permissions
   Share Permissions List	By default, when a CIFS share is created, the group Everyone is added to the share permissions list.
   User Home Directory Mapping
   Mode	Used to specify how per-user home directories are created. The following options are available: Off. Disable the home directory feature for this share. Do not automatically create home directories on this share for users. This is the default. ADS. Create the user home directories based on the home directory information supplied by the Active Directory server for each user. If you select ADS, do not specify a Path. User. Create the user's home directory by converting the user's Windows user name to lower case. (The user's Window's domain name, if any, is ignored.) For example, a user DOMAIN\John Smith would result in a home directory of john_smith. DomainAndUser. Create the user's home directory by creating a directory named for the user's Windows domain name, then converting the user's Windows user name to lower case and creating a sub-directory by that name. For example, a user DOMAIN\John Smith would result in a home directory of domain\john_smith. Unix. Create the user's home directory by converting the user's UNIX user name to lower case.
   Path	Per-user home directories will be created in the specified Path, relative to the share root, which is specified without a leading \. If this field is left blank, user home directories will be created directly in the share root. By default, only one share per file system can be configured with home directories. The cifs-home-directory command can be used to relax this restriction, in which case great care must be taken not to configure conflicting home directories. For example, a share with a path of \home1 and a share with a path of \home2 would not cause a conflict, whatever home directory paths were configured. However, a share with a path of \ and a default home directory path would conflict with a share with a path of \dir and a default home directory path.

3. Modify the fields on this page as necessary.

4. Click OK.

Parent Topic

• Configuring SMB shares

Parent Topic

• Configuring SMB shares

Parent Topic

• Configuring SMB shares

You can add or modify SMB (CIFS) share access permissions in the NAS Manager.

1. Navigate to Home File Services CIFS Shares to display the CIFS Shares page.

2. Select the check box next to the share to modify, and then click details.

3. In the Share Permissions area of the CIFS Share Details page, click change.

   The following table describes the fields on this page:

   Field/Item	Description
   New User/Group	Name for the new user or group.
   Type	Displays a standardized identifier for the security group to which the user/ group being added belongs. The value is set automatically, based on the well known security identifier for the user/group being added.
   modify	Saves any modifications made to the user or group settings.

4. To add a new user or group, follow these steps. To change permissions for an existing user or group, see step the next step.

   1. Enter the name for the new user or group in the New User/Group field, and then click add.

   2. Select the new user/group from the list.

   3. Select the Allow or Deny check boxes to set the appropriate permissions. If the Allow check box is selected for full control, the user/group can perform all actions.

5. To change user/group permissions:

   1. Select the user/group for which you want to change permissions.

   2. Select the Allow or Deny check boxes to set the appropriate permissions. If the Allow check box is selected for full control, the user/group can perform all actions.

   3. Save changes by clicking modify.

Parent Topic

• Configuring SMB shares

The Home Directories feature simplifies the management of per-user home directories for larger environments:

• A per-user network directory is automatically generated when the user initiates an SMB connection to the EVS.
• If configured in the AD user profile, a Windows client will automatically map the drive letter from %HOMEDRIVE% to the network share %HOMESHARE% as a user logs in.
• These variables can be set automatically from Active Directory, or by a user login script.

Windows OS can be configured to automatically attach a remote CIFS share as a user’s home directory when the user logs on. To do this, two environment variables are configured:

• %HOMEDRIVE% contains the drive letter to be used for the mapped drive.
• %HOMESHARE% contains the remote CIFS share to map

Parent Topic

• Configuring SMB shares

The home directories feature is compatible with name spaces. However, note that home directories are not supported in a virtual file system.

Creating user home directories in a name space is considered a lazy process. When you first connect to the share in the name space, no home directory is created. If the user then browses or changes directory to the link from the name space to the regular file system, the server uses an SMB DFS referral to redirect them to a hidden share on the regular file system. When the DFS referral completes, and the user connects to the regular file system, their home directory is created.

Name space and file system layout example:

cns: 
			\cnsdir
									\link --> Span0FS: 
													\homes

When the user connects to the cns name space, no home directory is created. However, if the user later moves into cns:\cnsdir\link, their home directory is created, as that is the transition into a regular file system.

Parent Topic

• Configuring SMB shares

The server supports offline files access. This allows network clients to cache files that are commonly used from a network or file share. To use offline files, the client computer must be running Windows 2000 (or later). There are three different share caching modes (supporting all three modes of caching):

• No Caching: No caching of files or folders occurs.
• Manual: Allows user specification of individual files required for offline access. This operation guarantees a user can obtain access to the specified files whether online or offline.
• Automatic: Applies to the entire share. When a user accesses any file in this share, that file becomes available to that user for offline access. This operation does not guarantee a user can obtain access to the specified files, because only files that have been used at least once are cached. The Automatic mode can be defined for documents or programs.

Parent Topic

• Configuring SMB shares

Procedure

1. Navigate to Home File Services CIFS Shares to display the CIFS Shares page.

2. To back up: Click backup. In the browser, specify the name and location of the backup file, and then click OK or Save (the buttons displayed and the method you use to save the backup file depend on the browser you use).

   A backup file name is suggested, but you can customize it. The suggested file name uses the syntax:

   CIFS_SHARES_date_time.txt, where the following example illustrates the appropriate syntax: CIFS_SHARES_Aug_4_2006_11_09_22_AM.txt

3. To restore: Click restore. In the browser, the backup text file (CIFS_SHARES_date_time.txt) for the specific share(s) you want to restore, and then click Open. When the CIFS Export Backup & Restore page displays the name and location of the selected file, click Restore.

Parent Topic

• Configuring SMB shares