Follow

Recommended CIFS settings for Windows clients

Subject:

Details for the CIFS settings we recommend for a new Network Share to enable the best Windows client feature compatibility.

Note: Details on the values that have no settings or are not needed have not been listed here.

 

Detail:

The only options that may need to be different from the below for a combined UNIX/LINUX NFS access and Windows CIFS client access would be to change the "acl_xattr:ignore" system acls CIFS option to 'no'

This will reduce the features available for WIndows clients, from an extended attributes/ACL perspective but will allow for the POSIX ACL's on the filesystem to map 1:1 for NFSv4 clients and CIFS client User, Group and Other permissions.

 

cifs-options syntax:

--cifs-options="create mask=0770,directory mask=0770,public=no,writeable=yes,acl_xattr:ignore system acls=yes,ea support=yes,map acl inherit=yes,vfs objects=acl_xattr"

cifs-options detail:

Setting: browseable
Description: Defines if the share is Browseable by clients.
Recommended Value: yes (Default)

Setting: create mask
Description: The user group and other UNIX style permissions to be used when creating files.
Recommended Value: 0770

Setting: directory mask
Description: The user group and other UNIX style permissions to be used when creating directories.
Recommended Value: 0770

Setting: hide unreadable
Description: Defines if unreadable files should be hidden.
Recommended Value: no (Default)

Setting: hide unwriteable files
Description: Defines if unwritable files should be hidden.
Recommended Value: no (Default)

Setting: public
Description: Defines if the share should be presented with public guest user access. Recommended the be set to 'no' for Active Directory Environments.
Recommended Value: no

Setting: writable
Description: Defines if the share should allow write access. If this is set to no, the share will be configured as read-only mode.
Recommended Value: yes

Setting: acl_xattr:ignore system acls
Description: When set to 'yes', ACL's are defined and used alongside Extended attributes to provide best Windows client compatibility and advnaced windows share functionality. When set to 'no' ACL's can be shared between Windows and NFS clients for cross-compatibility for ACL's/permissions between the two client access methods.
Recommended Value: yes

Setting: ea support
Description: Enables Extended attribute support for CIFS clients. Should be enabled with 'map acl inherit=yes' and 'vfs_objects=acl_xattr' attributes.
Recommended Value: yes

Setting: map acl inherit
Description: Enables mapping of Windows Extended ACL's to use Extended Attributes for some settings. Should be enabled with 'ea support=yes' and 'vfs_objects=acl_xattr' attributes.
Recommended Value: yes

Setting: vfs objects
Description: Enabled Windows Extened Attribute Samba Module. Should be enabled with 'ea support=yes' and 'map acl inherit=yes' attributes.
Recommended Value: acl_xattr

 

Additional information on using CIFS can be found here:

QuantaStor_Administrators_Guide#CIFS_Configuration

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk