vserver cifs share create

Contributors

Create a CIFS share

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The vserver cifs share create command creates a CIFS share.

Parameters

-vserver <vserver name> - Vserver

This parameter specifies the CIFS-enabled Vserver on which you want to create a CIFS share.

-share-name <Share> - Share

This parameter specifies the name of the CIFS share that you want to create. A share name can be up to 256 characters long. If this is a home directory share (designated as such by specifying the homedirectory on the -share-properties parameter), you can include %w (Windows user name), %u (UNIX user name) and %d (Windows domain name) variables in any combination with this parameter to generate shares dynamically, with the resultant share names based on the authenticating user’s Windows user name, UNIX user name, and/or Windows domain name. If the share is used by administrators to connect to other users' home directory (the option is-home-dirs-access-for-admin-enabled is set to true) or by a user to connect to other users' home directory (the option is-home-dirs-access-for-public-enabled is set to true) , the dynamic share pattern must be preceded by a tilde (~).

-path <text> - Path

This parameter specifies the path to the CIFS share. This path must exist in a volume. A directory path name can be up to 256 characters long. If there is a space in the path name, you must enclose the entire string in quotation marks (for example, "/new volume/mount here"). If this is a home directory share as specified by value of home directory on the -share-properties parameter, you can make the path name dynamic by specifying the %w (Windows user name), %u (UNIX user name), or %d (domain name) variables or any of their combination as a part of the value of this parameter.

[-share-properties <share properties>,…​] - Share Properties

This optional parameter specifies a list of properties for the share. The list can include one or more of the following:

  • homedirectory - This property specifies that the share and path names are dynamic. Specify this value for a home directory share. In a home directory share, Data ONTAP can dynamically generate the share’s name and path by substituting %w, %u, and %d variables with the corresponding Windows user name, UNIX user name, and domain, respectively, specified as the value of the -share-name and -path parameters. For instance, if a dynamic share is defined with a name of %d%w_ , a user logged on as barbara from a domain named FIN sees the share as FIN_barbara . Using the homedirectory value specifies that the share and path names are dynamically expanded. This property cannot be added or removed after share creation.

  • oplocks - This property specifies that the share uses opportunistic locks, also known as client-side caching. Oplocks are enabled on shares by default; however, some applications do not work well when oplocks are enabled. In particular, database applications such as Microsoft Access are vulnerable to corruption when oplocks are enabled. An advantage of shares is that a single path can be shared multiple times, with each share having different properties. For instance, if a path named /dept/finance contains both a database and other types of files, you can create two shares to it, one with oplocks disabled for safe database access and one with oplocks enabled for client-side caching.

  • browsable - This property allows Windows clients to browse the share. This is the default initial property for all shares.

  • showsnapshot - This property specifies that Snapshot copies can be viewed and traversed by clients.

  • changenotify - This property specifies that the share supports ChangeNotify requests. For shares on a Vserver with FlexVol volumes, this is a default initial property. For shares on a Vserver with Infinite Volume, the ChangeNotify property is not set by default, and setting it requires the advanced privilege level. When the ChangeNotify property is set for a share on a Vserver with Infinite Volume, change notifications are not sent for changes to file attributes and timestamps. If the path of the share is within a FlexGroup, change notifications are not sent because FlexGroups do not support ChangeNotify.

  • attributecache - This property enables the file attribute caching on the CIFS share in order to provide faster access of attributes over SMB 1.0.

Note For certain workloads, stale file attribute data could be delivered to a client.
  • continuously-available - This property permits SMB clients that support it to open files in a persistent manner. Files opened this way are protected from disruptive events, such as failover and giveback. This option is not supported for FlexGroups, Vservers with Infinite Volume and workgroup CIFS servers.

  • branchcache - This property specifies that the share allows clients to request BranchCache hashes on the files within this share. This option is useful only if you specify per-share as the operating mode in the CIFS BranchCache configuration, and also specify the "oplocks" share property. This option is not supported for Vservers with Infinite Volume.

  • access-based-enumeration - This property specifies that Access Based Enumeration is enabled on this share. ABE-filtered shared folders are visible to a user based on that individual user’s access rights, preventing the display of folders or other shared resources that the user does not have rights to access.

  • namespace-caching - This property specifies that the SMB clients connecting to this share can cache the directory enumeration results returned by the CIFS servers.

  • encrypt-data - This property specifies that SMB encryption must be used when accessing this share. Clients that do not support encryption will not be able to access this share.

  • show-previous-versions - This property specifies that the previous version can be viewed and restored from the client. This property is enabled by default.

[-symlink-properties {enable|hide|read-only|symlinks|symlinks-and-widelinks|disable}] - Symlink Properties

This optional parameter specifies how the storage system presents UNIX symbolic links (symlinks) to CIFS clients. The default value for this parameter is "symlinks". The list can include one or more of the following:

  • enable (DEPRECATED*) - This property enables both local symlinks and wide links for read-write access. DFS advertisements are generated for both local symlinks and wide links even if the CIFS option -is-advertise-dfs-enabled is set to false.

  • hide (DEPRECATED*) - This property hides symlinks. DFS advertisements are generated if the CIFS option -is-advertise-dfs-enabled is set to true.

  • read-only (DEPRECATED*) - This property enables symlinks for read-only access.

  • symlinks - This property enables local symlinks for read-write access. DFS advertisements are not generated even if the CIFS option -is-advertise-dfs-enabled is set to true.

  • symlinks-and-widelinks – This property enables both local symlinks and wide links for read-write access. DFS advertisements are generated for both local symlinks and wide links even if the CIFS option -is-advertise-dfs-enabled is set to false.

  • disable - This property disables symlinks and wide links. DFS advertisements are not generated even if the CIFS option -is-advertise-dfs-enabled is set to true.

  • no-strict-security (OBSOLETE)- This property enables clients to follow symlinks outside share boundaries.

Note * The enable , hide , and read-only parameters are deprecated and may be removed in a future release of Data ONTAP.
Note The no_strict_security setting does not apply to wide links.
[-file-umask <Octal Integer>] - File Mode Creation Mask

This optional parameter specifies the default UNIX umask for new files created on the share.

[-dir-umask <Octal Integer>] - Directory Mode Creation Mask

This optional parameter specifies the default UNIX umask for new directories created on the share.

[-comment <text>] - Share Comment

This optional parameter specifies a text comment for the share that is made available to Windows clients. The comment can be up to 256 characters long. If there is a space in the descriptive remark or the path, you must enclose the entire string in quotation marks (for example, "This is engineering’s share.").

[-attribute-cache-ttl <[<integer>h][<integer>m][<integer>s]>] - File Attribute Cache Lifetime

This optional parameter specifies the lifetime for the attribute cache share property, which you specify as the value of the -share-properties parameter.

Note This value is useful only if you specify attributecache as a share property.
[-offline-files {none|manual|documents|programs}] - Offline Files

This optional parameter allows Windows clients to cache data on this share.The actual caching behavior depends upon the Windows client. The value can be one of the following:

  • none - Disallows Windows clients from caching any files on this share.

  • manual - Allows users on Windows clients to manually select files to be cached.

  • documents - Allows Windows clients to cache user documents that are used by the user for offline access.

  • programs - Allows Windows clients to cache programs that are used by the user for offline access and may use those files in an offline mode even if the share is available.

[-vscan-fileop-profile {no-scan|standard|strict|writes-only}] - Vscan File-Operations Profile

This optional parameter controls which operations trigger virus scans. The value can be one of the following:

  • no-scan: Virus scans are never triggered for this share.

  • standard: Virus scans can be triggered by open, close, and rename operations. This is the default profile.

  • strict: Virus scans can be triggered by open, read, close, and rename operations.

  • writes-only: Virus scans can be triggered only when a file that has been modified is closed.

[-max-connections-per-share <integer>] - Maximum Tree Connections on Share

This optional parameter specifies the maximum number of simultaneous connections on the new share. This limit is at the node level, not the Vserver or cluster level. The default for this parameter is 4294967295. The value 4294967295 indicates no limit. The allowed range for this parameter is (1 through 4294967295).

[-force-group-for-create <text>] - UNIX Group for File Create

This optional parameter specifies that all files that CIFS users create in a specific share belong to the same group (also called the "force-group"). The "force-group" must be a predefined group in the UNIX group database. This setting has no effect unless the security style of the volume is UNIX or mixed security style. If "force-group" has been specified for a share, the following becomes true for the share:

  • Primary GID of the CIFS users who access this share is temporarily changed to the GID of the "force-group".

  • All files in this share that CIFS users create belong to the same "force-group", regardless of the primary GID of the file owner.

Examples

The following example creates a CIFS share named SALES_SHARE on a Vserver named vs1. The path to the share is /sales.

cluster1::> vserver cifs share create -vserver vs1 -share-name SALES_SHARE -path /sales -symlink-properties enable
The following example creates a CIFS share named SALES_SHARE on a Vserver named vs1. The path to the share is /sales and the share uses opportunistic locks (client-side caching), the share can be browsed by Windows clients, and a notification is generated when a change occurs.
cluster1::> vserver cifs share create -vserver vs1 -share-name SALE -share-properties browsable,changenotify,oplocks, show-previous-versions
The following example creates a CIFS share named DOCUMENTS on a Vserver named vs1. The path to the share is /documents and the share uses opportunistic locks (client-side caching), a notification is generated when a change occurs, and the share allows clients to ask for BranchCache hashes for files in the share.
cluster1::> vserver cifs share create -vserver vs1 -share-name DOCUMENTS path /documents -share-properties branchcache,changenotify,oplocks
The following example creates a CIFS share named DOCUMENTS on a Vserver named vs1. The path to the share is /documents and the share uses opportunistic locks (client-side caching), a notification is generated when a change occurs, and the share allows clients to cache (client-side caching) user documents on this share.
cluster1::> vserver cifs share create -vserver vs1 -share-name DOCUMENTS -path /documents -share-properties changenotify,oplocks -offline-files documents

The following example creates a home directory share on a Vserver named vs1. The path to the share has a %d and %w combination.

cluster1::> vserver cifs share create -share-name %d%w -path %d/%w -share-properties homedirectory -vserver vs1

The following example creates a home directory share on a Vserver vs1 to be used with the home directory option s is-home-dirs-access-for-admin-enabled and/or is-home-dirs-access-for-public-enabled . The path to the share has a %d and %w combination.

cluster1::> vserver cifs share create -share-name ~%d~%w -path %d/%w -share-properties homedirectory -vserver vs1