NAME

sharesmb —

DESCRIPTION

The following options are supported:

 

 

abe=true|false

Set the access-based enumeration (ABE) policy for the share. When set to true, ABE filtering is enabled on the share and directory entries to which the requesting user has no access will be omitted from directory listings returned to the client. When set to false or not defined, ABE filtering will not be performed on this share. This property is not defined by default.

 

 

ad-container

Specifies the AD container in which to publish shares.

The AD container is specified as a comma-separated list of attribute name-value pairs using the LDAP distinguished name (DN) or relative distinguished name (RDN) format. The DN or RDN must be specified in LDAP format using the cn=, ou=, and dc= prefixes:

cn

represents the common name

ou

represents the organizational unit

dc

represents the domain component

cn=, ou=, and dc= are attribute types. The attribute type used to describe an object's RDN is called the naming attribute, which, for ADS, includes the following object classes:

cn

user object class

ou

organizational unit (OU) object class

dc

domainDns object class

 

 

ca=true|false

Enable "Continuous Availability" (CA) for the share. CA shares may have persistent handles, which can be reclaimed by an SMB client after a server restart or cluster fail-over. The default is ca=false.

 

 

catia=true|false

CATIA V4 uses characters in file names that are considered to be invalid by Windows. CATIA V5 is available on Windows. A CATIA V4 file could be inaccessible to Windows clients if the file name contains any of the characters that are considered illegal in Windows. By default, CATIA character substitution is not performed.

If the catia property is set to true, the following character substitution is applied to file names:

CATIA    CATIA 
V4 UNIX  V5 Windows 
  "      \250   0x00a8  Dieresis 
  *      \244   0x00a4  Currency Sign 
  /      \370   0x00f8  Latin Small Letter O with Stroke 
  :      \367   0x00f7  Division Sign 
  <      \253   0x00ab  Left-Pointing Double Angle Quotation Mark 
  >      \273   0x00bb  Right-Pointing Double Angle Quotation Mark 
  ?      \277   0x00bf  Inverted Question Mark 
  \      \377   0x00ff  Latin Small Letter Y with Dieresis 
  |      \246   0x00a6  Broken Bar
    

 

 

cksum=cksumlist

Set the share to attempt to use end-to-end checksums. The value cksumlist specifies the checksum algorithms that should be used.

 

 

csc=manual|auto|vdo|disabled

Set the client-side caching policy for a share. Client-side caching is a client feature and offline files are managed entirely by the clients.

The following are valid values for the csc property:

 

 

manual

Clients are permitted to cache files from the specified share for offline use as requested by users. However, automatic file-by-file reintegration is not permitted. manual is the default value.

 

 

auto

Clients are permitted to automatically cache files from the specified share for offline use and file-by-file reintegration is permitted.

 

 

vdo

Clients are permitted to automatically cache files from the specified share for offline use, file-by-file reintegration is permitted, and clients are permitted to work from their local cache even while offline.

 

 

disabled

Client-side caching is not permitted for this share.

 

 

fso=true|false

Set the "Force Shared Oplocks" (FSO) policy for the share. By default (when FSO is false) the SMB server may grant either exclusive oplocks (write cache delegations) or shared oplocks (read cache delegations). When the FSO policy is set on some share, the SMB server never grants exclusive oplocks in that share.

 

 

guestok=true|false

Set the guest access policy for the share. When set to true guest access is allowed on this share. When set to false or not defined guest access is not allowed on this share. This property is not defined by default.

An idmap(1M) name-based rule can be used to map guest to any local username, such as guest or nobody. If the local account has a password in /var/smb/smbpasswd the guest connection will be authenticated against that password. Any connection made using an account that maps to the local guest account will be treated as a guest connection.

 

 

encrypt=disabled|enabled|required

Controls SMB3 per-share encryption. This is similar to the global smbd/encrypt option. For requests on a particular share, the server's behavior is controlled by the stricter of this option and smbd/encrypt.

When set to disabled, the server will not ask clients to encrypt requests. When set to enabled, the server will ask clients to encrypt requests, but will not require that they do so. Any message than can be encrypted will be encrypted. When set to required, the server will deny access to or disconnect any client that does not support encryption or fails to encrypt requests that they should.

In other words, the enabled behavior is that any message that CAN be encrypted SHOULD be encrypted, while the required behavior is that any message that CAN be encrypted MUST be encrypted.

This property is not defined by default.

 

 

none=access-list

Access is not allowed to any client that matches the access list. The exception is when the access list is an asterisk (“*”), in which case ro or rw can override none. See shareacl(5) for the description of access-list.

 

 

ro

Sharing is read-only to all clients.

 

 

ro=access-list

Sharing is read-only to the clients listed in access-list; overrides the rw option for the clients specified. See shareacl(5) for the description of access-list.

 

 

rw

Sharing is read-write to all clients.

 

 

rw=access-list

Sharing is read-write to the clients listed in access-list; overrides the ro option for the clients specified. See shareacl(5) for the description of access-list.

SEE ALSO

sharectl(1M), smbadm(1M), zfs(1M), smb(4), shareacl(5)