Table of Contents
cifs_shares – configure and display CIFS shares information
cifs shares [
sharename ]
cifs shares -add sharename path
[ -f ]
[ -comment description ]
[ -maxusers userlimit ]
[ -forcegroup groupname ]
[ -nosymlink_strict_security ]
[ -widelink ]
[ -umask mask ]
[ -dir_umask mask ]
[ -file_umask mask ]
[ -nobrowse ]
[ -novscan ]
[ -novscanread ]
[ -no_caching | -auto_document_caching -auto_program_caching ]
[ -accessbasedenum ]
cifs shares -change sharename
{ -comment description | -nocomment } { -maxusers userlimit | -nomaxusers } { -forcegroup groupname | -noforcegroup } { -nosymlink_strict_security | -symlink_strict_security }
{ -widelink | -nowidelink }
{ -umask mask | -noumask }
{ -dir_umask mask | -nodir_umask } { -file_umask mask | -nofile_umask } { -nobrowse | -browse }
{ -novscan | -vscan }
{ -novscanread | -vscanread }
{ -no_caching | -manual_caching
-auto_document_caching | -auto_program_caching } { -accessbasedenum | -noaccessbasedenum }
cifs shares -delete [ -f ] sharename
cifs shares -t
cifs shares displays one or more shares, edits one or more shares, creates a share, deletes a share, or displays a total summary of the shares.
Listing shares
To list the shares and their access control lists, use the command cifs shares followed by the name of the share to display. If the name contains the wildcard characters * or ? , then all the shares matching the specified name are displayed.
To list all shares and their access control lists, use the command cifs shares with no arguments or cifs shares *
toaster> cifs shares
Name Mount Point Description —- ———– ———– HOME /vol/vol0/home Default Share everyone / Full Control C$ /vol/vol0 Remote Administration BUILTIN\Administrators / Full Control ENGR /vol/vol0/engr Engineering Machine Account access disabled DOMAIN\Engineering / Full Control ENGRSW /vol/vol0/engr-sw Software Engineering Machine Account access disabled DOMAIN\Engineering / Full Control ENGRHW /vol/vol0/engr-hw Hardware Engineering Machine Account access disabled DOMAIN\Engineering / Full Control NEWS /vol/vol0/news News DOMAIN\Guests / No Access everyone / Read
toaster> cifs shares news
Name Mount Point Description —- ———– ———– NEWS /vol/vol0/news News DOMAIN\Guests / No Access everyone / Read
toaster> cifs shares eng*
ENGR /vol/vol0/engr Engineering Machine Account access disabled DOMAIN\Engineering / Full Control ENGRSW /vol/vol0/engr-sw Software Engineering Machine Account access disabled DOMAIN\Engineering / Full Control ENGRHW /vol/vol0/engr-hw Hardware Engineering Machine Account access disabled DOMAIN\Engineering / Full Control
toaster> cifs shares engr??
ENGRSW /vol/vol0/engr-sw Software Engineering Machine Account access disabled DOMAIN\Engineering / Full Control ENGRHW /vol/vol0/engr-hw Hardware Engineering Machine Account access disabled DOMAIN\Engineering / Full Control
Creating new shares
To create a new share, use the -add option:
cifs shares -add sharename path
[ -f ]
[ -comment description ]
[ -maxusers userlimit ]
[ -forcegroup groupname ]
[ -nosymlink_strict_security ] [ -widelink ]
[ -umask mask ]
[ -dir_umask mask ]
[ -file_umask mask ]
[ -nobrowse ]
[ -novscan ]
[ -novscanread ]
[ -no_caching | -auto_document_caching -auto_program_caching ]
[ -accessbasedenum ]
sharename name of the new share; clients use this name to access the share. The share name cannot exceed 256 characters. Note that the following 15 characters are invalid characters for a share name: " / \ [ ] : | < > + ; , ? * =
- path
- full path name of the directory on the filer that corresponds to the root of the new share.
- -f
- Suppress confirmation dialogs, if any. This option will be deprecated in future releases. A warning will be issued when share-names exceed 8 characters.
- -comment description
- description of the new share. CIFS clients see this description when browsing the filer’s shares. If the description includes spaces, it must be enclosed in double quotatation marks. If you do not specify a description, the description is blank.
- -maxusers userlimit
- maximum number of simultaneous connections to the new share. userlimit must be a positive integer. If you do not specify a number, the filer does not impose a limit on the number of connections to the share.
- -forcegroup groupname
- name of the group to which files to be created in the share belong. The groupname is the name of a group in the UNIX group database.
- -nosymlink_strict_security
- allow clients to follow symbolic links to destinations on this filer but outside of the current share. Do not check that the client is authenticated to the symbolic link’s destination.
- -widelink
- allow clients to follow absolute symbolic links outside of this share, subject to NT security. This feature requires an entry in the /etc/symlink.translations file and it requires that the client supports Microsoft’s Distributed File System (Dfs).
- -umask mask set
- file mode creation mask for shares in qtrees with Unix or mixed security styles. The mask is an octal value which restricts the initial permissions setting of a newly created file or directory. This mask may be overridden by dir_umask or file_umask.
- -dir_umask mask
- set file mode creation mask for shares in qtrees with Unix or mixed security styles. The mask is an octal value which restricts the initial permissions setting of a newly created directory.
- -file_umask mask
- set file mode creation mask for shares in qtrees with Unix or mixed security styles. The mask is an octal value which restricts the initial permissions setting of a newly created file.
- -nobrowse
- disable enumeration of this share by browsing tools such as Server Manager or Active Directory Users and Computers.
- -novscan
- do not perform a virus scan when clients open files on this share.
- -novscanread
- do not perform a virus scan when clients open files on this share for read access.
- -no_caching disallow
- Windows clients from caching any files on this share.
- -auto_document_caching
- allow Windows clients to cache user documents on this share. The actual caching behavior depends upon the Windows client.
- -auto_program_caching
- allow Windows clients to cache programs on this share. The actual caching behavior depends upon the Windows client.
- -accessbasedenum
- enable the ability to hide the folders and files underneath this share when the user has no permissions to read them.
By default, machine accounts have access to a newly created share.
Deleting existing shares
To delete a share, use the -delete option:
cifs shares -delete sharename
sharename is the name of the share to be deleted. A share cannot be deleted if it is in use unless the
-f option is used, in which case all current opens of the share are immediately forced closed first.
Changing the settings of existing shares
To change the settings of an existing share, use the -change option:
cifs shares -change sharename
{ -comment description | -nocomment } { -maxusers userlimit | -nomaxusers } { -forcegroup groupname | -noforcegroup } { -nosymlink_strict_security | -symlink_strict_security }
{ -widelink | -nowidelink } { -umask mask | -noumask } { -dir_umask mask | -nodir_umask } { -file_umask mask | -nofile_umask } { -nobrowse | -browse }
{ -novscan | -vscan }
{ -novscanread | -vscanread } { -no_caching | -manual_caching
- -auto_document_caching
- | -auto_program_caching } { -accessbasedenum | -noaccessbasedenum }
The settings of a share can be changed at any time, even if the share is in use.
sharename , if fully specified, is the name of the existing share that is to be changed. If the name contains the wildcard characters * or ? , then all the shares matching the specified name are to be changed.
- -comment description
- changes the description of the share. For more information about the share description setting, see the Creating new shares section, above.
- -nocomment
- changes the description of the share to an empty string.
- -maxusers userlimit
- changes the user limit on the share. For more information about the user limit setting, see the Creating new shares section, above.
- -nomaxusers removes the user limit on the share.
-
- -forcegroup groupname
- changes the forcegroup setting. For more information about the forcegroup setting, see the Creating new shares section, above.
- -noforcegroup
- specifies that files to be created in the share do not belong to a particular UNIX group. That is, each file belongs to the same group as the owner of the file.
- -nosymlink_strict_security
- disables the symlink_strict_security setting. For more information about the symlink_strict_security setting, see the Creating new shares section, above.
- -symlink_strict_security
- enables the symlink_strict_security setting for this share.
- -widelink
- changes the widelink setting. For more information about the widelink setting, see the Creating new shares section, above.
- -nowidelink disables the widelink setting for this
- share.
- -umask mask changes
- the umask setting. For more information about the umask setting, see the Creating new shares section, above.
- -noumask
- resets the umask value to 0.
- -dir_umask mask
- changes the dir_umask setting. For more information about the dir_umask setting, see the Creating new shares section, above.
- -nodir_umask
- removes the dir_umask.
- -file_umask mask
- changes the file_umask setting. For more information about the file_umask setting, see the Creating new shares section, above.
- -nofile_umask
- removes the file_umask.
- -nobrowse
- disables enumeration of this share by browsers. For more information about the browse setting, see the Creating new shares section, above.
- -browse
- enables enumeration of this share by browsers.
- -novscan
- changes the share’s virus scan setting. For more information about the vscan setting, see the Creating new shares section, above.
- -vscan
- enables virus scanning for this share.
- -novscanread
- changes the virus scan setting on this share for read access. For more information about the novscanread setting, see the Creating new shares section, above.
- -vscanread
- specifies that files opened on this share for read access should be scanned for viruses.
- -no_caching disallow
- Windows clients from caching any files on this share.
- -manual_caching
- allow users on Windows clients to manually select files to be cached.
- -auto_document_caching
- allow Windows clients to cache user documents on this share. The actual caching behavior depends upon the Windows client.
- -auto_program_caching
- allow Windows clients to cache programs on this share. The actual caching behavior depends upon the Windows client.
- -accessbasedenum
- enable the ability to hide the folders and files underneath this share when the user has no permissions to read them.
- -noaccessbasedenum
- disable the ability to hide the folders and files underneath this share when the user has no permissions to read them.
CIFS Home Directories It is possible for some share settings to be applied to users’ CIFS home directories. The share setting will apply to all user home directories. It is not possible to specify per user settings. Similarly, if the filer has multiple CIFS homedir paths, it is not possible to specify a setting that is per CIFS homedir path. To apply a share setting to all CIFS home directories use the share name
cifs.homedir when entering a command. For example, to disable virus scanning for all CIFS access to home directories, a sysadmin would use the command:
filer> cifs shares -change CIFS.HOMEDIR -novscan
To display the settings on CIFS home directories use the command:
filer> cifs shares CIFS.HOMEDIR
The following share settings can be applied to CIFS home directories:
- -widelink
-
- -nowidelink
-
- -symlink_strict_security
-
- -nosymlink_strict_security
-
- -browse
-
- -nobrowse
-
- -vscan
-
- -novscan
-
- -vscanread
-
- -novscanread
-
- -umask
-
- -noumask
-
- -dir_umask
-
- -nodir_umask
-
- -file_umask
-
- -nofile_umask
-
- -no_caching
-
- -manual_caching
-
- -auto_document_caching
-
- -auto_program_caching
-
- -accessbasedenum
-
- -noaccessbasedenum
-
Total Summary for shares To display the summary for all the shares use the
-t option
cifs shares -t
Any changes take effect immediately
Changes are persistent across system reboots.
cifs_access
Table of Contents
Read more... (1876 words, estimated 7:30 mins reading time)
