SMB Share Options

You can include SMB share options with the share add, share change, and share create commands.

Note: For a list of all the Appliance Controller commands, see the Command Index.

Option Conventions

When entering options, use the following conventions:

Example Command: Specify a write list and admin users for myshare:

> share add smb myshare /stornext/snfs1/myshare write list=james doris, admin users = sysadmin

Default Options

If you do not provide case sensitive, writable, or public options for SMB shares, default values are set to the following:

  • case sensitive = auto
  • writable = yes
  • public = no

Caution

StorNext NAS supports only a subset of SMB options, as listed in the following table:

admin users

force group

 read list

browsable

force user

read only

browseable

 full audit (see Full Audit Option)

short preserve case
case sensitive (see Case Sensitive Option)

guest ok

smb encrypt

comment

hide dot files

snfs:allow retrieve

create mask

hide files

 strict allocate (see Why can I preallocate more space than I have access to?)

create mode

hide unreadable

user

default case

hide unwriteable files

username

delete readonly

hosts allow

users

delete veto files

inherit permissions

 valid users (see Valid Users Option)

directory

invalid users

veto files

directory mask

mangled names

writable

directory mode

max connections

write list

force create mode

preserve case

write ok

force directory mode

public

writeable

For descriptions of the accepted options, along with how best to use them for your environment, see the smb.conf man page for your specific operating system.

If you need to set options in the global section of the smb.conf file, use the share smb global set command. In addition to any valid SMB option that can be applied to a share, the following options can be set in the global section:

access based share enum

map to guest

server multi channel

aio max thread

max smbd processes

server signing

aio read size

 named streams (see Named Streams Option)

socket options

aio write size

ntlm auth

unix extensions

guest account

restrict anonymous

winbind refresh tickets

interfaces

server max protocol

windbind request timeout

log level

 server min protocol (see Why Can't My Client Mount an SMB Share Using SMB1?)

windbind:ignore domains

Use the following command to set a global SMB option:

share smb global set option[,option ...]

Example:

> share smb global set winbind request timeout = 60

Broadcasting share config-sync to NAS cluster ...

Waiting for nascluster_share_config_sync to complete on node 10.65.158.249

Global smb option(s) successfully changed

Use the following command to reset a global SMB option:

share smb global reset option[,option ...]

Example:

> share smb global reset winbind request timeout

Broadcasting share config-sync to NAS cluster ...

Waiting for nascluster_share_config_sync to complete on node 10.65.158.249

Global smb option(s) successfully changed

Use the following command to display global SMB options:

share smb global show

Example:

> share smb global show

Multi Protocol File Locking Support: Enabled

SMB global options:

named streams = true

client signing = mandatory

winbind request timeout = 60

server multi channel support = no

server min protocol = SMB2_02

Unix file systems are traditionally case sensitive, meaning that a directory can contain unique files that have the same name but different cases.

Example:

Files xyz, XYZ, and XyZ are all unique files

Windows and Mac systems traditionally support case insensitive file systems, meaning that a directory will not support unique files with the same name but different cases.

Example:

A file named XYZ is the same file as a file named xyz or as a file named XyZ.

The following sections explain how StorNext NAS uses case sensitivity with the StorNext file system.

You can configure the StorNext file system to be globally case insensitive (caseInsensitive=true) or globally case sensitive (caseInsensitive=false).

In addition, you can use the caseinsensitive=yes mount option to configure Linux clients as case insensitive. Remember that Windows and Mac clients are traditionally case insensitive but Linux clients are not. When you set the caseinsensitive=yes mount option for a Linux client, it can access files that match on the identical spelling of a file name, but it can disregard case.

Example:

  1. Client X creates file abc.
  2. Linux client Y is configured as caseinsensitive=yes. It requests file ABC.
  3. Even though ABC does not match the case of file abc, the Linux client can still access the file created by client X (abc) as ABC.

For additional information about StorNext case insensitive settings, see the StorNext 7 Man Pages Reference Guide.

By default, SMB shares are configured to be case sensitive = auto with the global SMB share case sensitive option. With this setting,StorNext NAS detects the StorNext case insensitivity settings and resets the SMB share's case sensitive option, as follows:

Global Case Insensitivity Setting

Mount Option Case Insensitivity Setting

SMB Share Case Sensitivity Reset Action

caseInsensitive=true

caseinsensitive=yes

case sensitive = yes

caseInsensitive=true

caseinsensitive=no/unset

case sensitive = yes

caseInsensitive=false

caseinsensitive=yes

case sensitive = yes

caseInsensitive=false

caseinsensitive=no/unset

case sensitive = auto

You can configure each SMB share to override the default global SMB share case sensitive option as follows:

  • Configure the SMB share to access any file that matches identically on file name spelling but ignore case.

    share change <share_type> (<share_name> | smb global) case sensitive = no

    Example

    If a client requests file abc, the SMB share can access any file that is spelled identically, regardless of case, such as abc or ABC.

  • Configure the SMB share to access the file that matches identically on both file name spelling and case.

    share change <share_type> (<share_name> | smb global) case sensitive = yes

    Example

    If a client requests file ABC, the SMB share can only access the file that matches exactly on spelling and case — ABC.

Additional Requirements

  • If a StorNext Linux client is configured as caseinsensitive=yes, you must configure all other clients within the StorNext cluster to use the same caseinsensitive=yes mount option.

    In such circumstances, we recommend configuring all NAS shares to case sensitive = auto.

  • NFS shares must be served from a case sensitive file system.

For the valid users option, use the following syntax if the argument has a space within the name:

valid users = \"option name\"

Example:

> share change smb myshare valid users = \"@domain users\"

Verification

You can confirm any value of the valid users option that contains a space is enclosed in double quotes.

Use the following command to display the SMB share and its options:

> share show [share_name] [share_type] [paged]

Example:

> share show smb myshare

1 shares:

1: myshare | smb | /stornext/snfs/myshare | public = no,writable = yes,valid users = "@domain users"

Note: When you configure the valid users option, you must escape double quotes using a backslash (\); the backslash should not appear when you execute the share show command.

Note: The named streams option applies to macOS 10.11 and later.

macOS environments store metadata, including resource forks, Finder metadata, and extended attributes, for many files. In a native implementation, this metadata is referred to as Named Streams, and it is stored as a property of each file by the file system. In a non-Named Streams implementation, this metadata is stored in a secondary file — referred to as the AppleDouble file — that is paired with each primary file.

Without Named Streams, when a macOS client accesses a file system as a Samba client, the macOS client must access both the primary file and the AppleDouble file. The macOS client must then create, maintain, and enumerate the AppleDouble file in addition to the primary file. In these types of metadata-intensive applications, Named Streams can potentially improve the performance of the application.

By enabling the named streams option, the SMB server notifies the client that native streams are supported. The client will then stop looking for AppleDouble and directly send the streams attribute to the server. The server will in turn store those attributes in an AppleDouble or directly in a StorNext Named streams file depending on the StorNext file system configuration.

By default, the named streams option is not enabled. You can enable the option globally for all SMB shares.

Example - Enable named streams for all SMB shares

> share change smb global named streams = yes

  • If StorNext named streams is disabled: the Appliance Controller mimics the use of named streams for SMB mac clients to maintain Apple double file compatibility with Xsan clients. This was the only behavior available prior to Appliance Controller 3.0.

  • If StorNext named streams is enabled: SMB named streams uses the native Xsan named streams and stores the attributes directly in the inode. Because of this, there are no Apple double files, and the performance on both Xsan and mac SMB clients is greatly improved.

    Note: If named streams is enabled in the smb.conf file, then you cannot write or view a file that begins with the "._" prefix on the file system from an SMB macOS or Windows client. This type of file might exist on the file system, but only viewable to a CVFS client, such as a Linux CVFS SAN/DLC client. If you have a dot file present, then run the macOS dot_clean(1) utility to merge Apple Double files into StorNext metadata.

After you enable the full audit option, the VFS operation (open unlink mkdir rmdir rename chmod) is tracked and recorded in /var/log/samba/samba_audit.log.

Note: If you enable the full audit option, your system might experience a performance impact in a large scale configuration.

Note the following about SMB multichannel:

Example (Change to enable multi channel support for the smb global server):

> share change smb global server multi channel support = yes