1 SHARESMB(5) Standards, Environments, and Macros SHARESMB(5)
2
3 NAME
4 sharesmb - SMB share options
5
6 DESCRIPTION
7 The following options are supported:
8
9 abe=true|false
10 Set the access-based enumeration (ABE) policy for the share.
11 When set to true, ABE filtering is enabled on the share and
12 directory entries to which the requesting user has no access will
13 be omitted from directory listings returned to the client. When
14 set to false or not defined, ABE filtering will not be performed
15 on this share. This property is not defined by default.
16
17 ad-container
18 Specifies the AD container in which to publish shares.
19
20 The AD container is specified as a comma-separated list of
21 attribute name-value pairs using the LDAP distinguished name (DN)
22 or relative distinguished name (RDN) format. The DN or RDN must
23 be specified in LDAP format using the cn=, ou=, and dc= prefixes:
24 cn represents the common name
25 ou represents the organizational unit
26 dc represents the domain component
27
28 cn=, ou=, and dc= are attribute types. The attribute type used
29 to describe an object's RDN is called the naming attribute,
30 which, for ADS, includes the following object classes:
31 cn user object class
32 ou organizational unit (OU) object class
33 dc domainDns object class
34
35 ca=true|false
36 Enable "Continuous Availability" (CA) for the share. CA shares
37 may have persistent handles, which can be reclaimed by an SMB
38 client after a server restart or cluster fail-over. The default
39 is ca=false.
40
41 catia=true|false
42 CATIA V4 uses characters in file names that are considered to be
43 invalid by Windows. CATIA V5 is available on Windows. A CATIA
44 V4 file could be inaccessible to Windows clients if the file name
45 contains any of the characters that are considered illegal in
46 Windows. By default, CATIA character substitution is not
47 performed.
48
49 If the catia property is set to true, the following character
50 substitution is applied to file names:
51
52 CATIA CATIA
53 V4 UNIX V5 Windows
54 " \250 0x00a8 Dieresis
55 * \244 0x00a4 Currency Sign
56 / \370 0x00f8 Latin Small Letter O with Stroke
57 : \367 0x00f7 Division Sign
58 < \253 0x00ab Left-Pointing Double Angle Quotation Mark
59 > \273 0x00bb Right-Pointing Double Angle Quotation Mark
60 ? \277 0x00bf Inverted Question Mark
61 \ \377 0x00ff Latin Small Letter Y with Dieresis
62 | \246 0x00a6 Broken Bar
63
64 cksum=cksumlist
65 Set the share to attempt to use end-to-end checksums. The value
66 cksumlist specifies the checksum algorithms that should be used.
67
68 csc=manual|auto|vdo|disabled
69 Set the client-side caching policy for a share. Client-side
70 caching is a client feature and offline files are managed
71 entirely by the clients.
72
73 The following are valid values for the csc property:
74
75 manual Clients are permitted to cache files from the specified
76 share for offline use as requested by users. However,
77 automatic file-by-file reintegration is not permitted.
78 manual is the default value.
79
80 auto Clients are permitted to automatically cache files from
81 the specified share for offline use and file-by-file
82 reintegration is permitted.
83
84 vdo Clients are permitted to automatically cache files from
85 the specified share for offline use, file-by-file
86 reintegration is permitted, and clients are permitted
87 to work from their local cache even while offline.
88
89 disabled Client-side caching is not permitted for this share.
90
91 fso=true|false
92 Set the "Force Shared Oplocks" (FSO) policy for the share. By
93 default (when FSO is false) the SMB server may grant either
94 exclusive oplocks (write cache delegations) or shared oplocks
95 (read cache delegations). When the FSO policy is set on some
96 share, the SMB server never grants exclusive oplocks in that
97 share.
98
99 guestok=true|false
100 Set the guest access policy for the share. When set to true
101 guest access is allowed on this share. When set to false or not
102 defined guest access is not allowed on this share. This property
103 is not defined by default.
104
105 An idmap(1M) name-based rule can be used to map guest to any
106 local username, such as guest or nobody. If the local account
107 has a password in /var/smb/smbpasswd the guest connection will be
108 authenticated against that password. Any connection made using
109 an account that maps to the local guest account will be treated
110 as a guest connection.
111
112 encrypt=disabled|enabled|required
113 Controls SMB3 per-share encryption. This is similar to the
114 global smbd/encrypt option. For requests on a particular share,
115 the server's behavior is controlled by the stricter of this
116 option and smbd/encrypt.
117
118 When set to disabled, the server will not ask clients to encrypt
119 requests. When set to enabled, the server will ask clients to
120 encrypt requests, but will not require that they do so. Any
121 message than can be encrypted will be encrypted. When set to
122 required, the server will deny access to or disconnect any client
123 that does not support encryption or fails to encrypt requests
124 that they should.
125
126 In other words, the enabled behavior is that any message that CAN
127 be encrypted SHOULD be encrypted, while the required behavior is
128 that any message that CAN be encrypted MUST be encrypted.
129
130 This property is not defined by default.
131
132 none=access-list
133 Access is not allowed to any client that matches the access list.
134 The exception is when the access list is an asterisk ("*"), in
135 which case ro or rw can override none. See shareacl(5) for the
136 description of access-list.
137
138 ro Sharing is read-only to all clients.
139
140 ro=access-list
141 Sharing is read-only to the clients listed in access-list;
142 overrides the rw option for the clients specified. See
143 shareacl(5) for the description of access-list.
144
145 rw Sharing is read-write to all clients.
146
147 rw=access-list
148 Sharing is read-write to the clients listed in access-list;
149 overrides the ro option for the clients specified. See
150 shareacl(5) for the description of access-list.
151
152 SEE ALSO
153 sharectl(1M), smbadm(1M), zfs(1M), smb(4), shareacl(5)
154
155 illumos November 22, 2017 illumos