vserver cifs options show
Display CIFS options
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The vserver cifs options show
command displays the CIFS configuration options for one or more Vservers.
Parameters
- {
[-fields <fieldname>,…]
-
If you specify the
-fields <fieldname>, …
parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify. - |
[-instance ]
} -
If you specify the
-instance
parameter, the command displays detailed information about all fields. [-vserver <vserver name>]
- Vserver-
If you specify this parameter, the command only displays CIFS options for the specified Vserver.
[-default-unix-user <text>]
- Default UNIX User-
If you specify this parameter, the command displays options for CIFS server with the specified UNIX user.
[-read-grants-exec {enabled|disabled}]
- Read Grants Exec for Mode Bits-
If this parameter is set to enabled, the command displays options for CIFS servers that grant execution access when granting read access using mode bits. If set to disabled, the command displays options for CIFS servers that do not grant execution access when granting read access using mode bits.
[-wins-servers <InetAddress>,…]
- Windows Internet Name Service (WINS) Addresses-
If you specify this parameter, the command displays CIFS options only for CIFS servers that use the specified Windows Internet Name Server (WINS) addresses.
[-smb1-enabled {true|false}]
- (DEPRECATED)-Enable SMB1 Protocol (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where SMB 1.0 version of the CIFS protocol is negotiated. If set to false, the command displays options for CIFS servers where SMB 1.0 version of the CIFS protocol is not negotiated.
This parameter is deprecated because the SMB1 protocol is obsolete and considered not secure. It might be removed in a future release. [-smb2-enabled {true|false}]
- Enable all SMB2 Protocols (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where SMB 2 version of the CIFS protocol is negotiated. If set to false, the command displays options for CIFS servers where SMB 2 version of the CIFS protocol is not negotiated.
[-smb3-enabled {true|false}]
- Enable SMB3 Protocol (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where SMB 3 version of the CIFS protocol is negotiated. If set to false, the command displays options for CIFS servers where SMB 3 version of the CIFS protocol is not negotiated.
[-smb31-enabled {true|false}]
- Enable SMB3.1 Protocol (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where SMB 3.1 version of the CIFS protocol is negotiated. If set to false, the command displays options for CIFS servers where SMB 3.1 version of the CIFS protocol is not negotiated.
[-max-mpx <integer>]
- Maximum Simultaneous Operations per TCP Connection (privilege: advanced)-
If you specify this parameter, the command displays options for CIFS server with the specified maximum number of simultaneous operations the CIFS server can process per TCP connection.
[-shadowcopy-dir-depth <integer>]
- Maximum Depth of Directories to Shadow Copy (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured with the specified depth of directories on which to create shadow copies.
[-copy-offload-enabled {true|false}]
- Enable Copy Offload Feature (privilege: advanced)-
If set to true, this command displays options only for CIFS servers where the Copy Offload feature is enabled. If set to false, options are displayed for CIFS servers where the Copy Offload feature is disabled.
[-is-copy-offload-direct-copy-enabled {true|false}]
- Is Direct-copy Copy Offload Mechanism Enabled (privilege: advanced)-
If set to true, this command displays options only for CIFS servers where the direct-copy mechanism for ODX Copy Offload is enabled. If set to false, options are displayed for CIFS servers where the direct- copy offload mechanism is disabled. + The direct-copy mechanism increases the performance of the copy offload operation when Windows clients try to open the source file of a copy in a mode that prevents the file being changed while the copy is in progress. If turned off, regular copy offloading takes place.
[-default-unix-group <text>]
- Default UNIX Group-
If you specify this parameter, the command displays options for CIFS server with the specified default UNIX group.
[-shadowcopy-enabled {true|false}]
- Enable Shadow Copy Feature (VSS) (privilege: advanced)-
If set to true, this command displays options only for CIFS servers where the Shadow Copy (VSS) feature is enabled. If set to false, options are displayed for CIFS servers where the Shadow Copy (VSS) feature is disabled.
[-is-referral-enabled {true|false}]
- Refer Clients to More Optimal LIFs (privilege: advanced)-
If set to true, the command displays options for the CIFS server where the CIFS server automatically refers clients to a data LIF local to the node which hosts the root of the requested share. If set to false, the command displays options for the CIFS server where the mechanism, to automatically refer the clients to data LIF local to the node which hosts the root of the requested share, is disabled.
[-is-local-auth-enabled {true|false}]
- Is Local User Authentication Enabled (privilege: advanced)-
If this parameter is set to true, the command displays CIFS options only for CIFS servers where local user authentication is enabled. If set to false, the command displays options for CIFS servers where local user authentication is disabled.
[-is-local-users-and-groups-enabled {true|false}]
- Is Local Users and Groups Enabled (privilege: advanced)-
If this parameter is set to true, the command displays CIFS options only for CIFS servers where the local users and groups feature is enabled. If set to false, the command displays options for CIFS servers where the local users and groups feature is disabled.
[-is-use-junctions-as-reparse-points-enabled {true|false}]
- Is Reparse Point Support Enabled (privilege: advanced)-
If you specify this parameter, the command only displays CIFS options for Vservers which have the specified reparse point setting.
[-is-exportpolicy-enabled {true|false}]
- Is Export Policies for CIFS Enabled (privilege: advanced)-
If you specify this parameter, the command only displays CIFS options for Vservers which have the specified export policy setting.
[-is-unix-nt-acl-enabled {true|false}]
- Is NT ACLs on UNIX Security-style Volumes Enabled (privilege: advanced)-
If this parameter is set to true, the command only displays CIFS options for Vservers that have the NT ACLs on UNIX security-style volumes enabled. If set to false, the command displays CIFS options for Vservers that have the NT ACLS on UNIX security-style volumes disabled.
[-is-trusted-domain-enum-search-enabled {true|false}]
- Is Enumeration of Trusted Domain and Search Capability Enabled (privilege: advanced)-
If this parameter is set to true, the command displays CIFS options only for CIFS servers that support enumeration of bidirectional trusted domains and that support searching in all bidirectional trusted domains when performing Windows user lookups for UNIX user to Windows user name mapping. If set to false, the command displays options for CIFS servers that do not support enumeration of bidirectional trusted domains.
[-client-session-timeout <integer>]
- Idle Timeout Before CIFS Session Disconnect (secs)-
If you specify this parameter, the command displays options only for CIFS servers that are configured with the specified client session timeout value (in seconds).
[-is-dac-enabled {true|false}]
- Is Dynamic Access Control (DAC) Enabled (privilege: advanced)-
If set to true, this command displays options only for CIFS servers where the Dynamic Access Control (DAC) feature is enabled. If set to false, options are displayed for CIFS servers where the Dynamic Access Control (DAC) feature is disabled.
[-restrict-anonymous {no-restriction|no-enumeration|no-access}]
- Restrictions for Anonymous User (privilege: advanced)-
If you specify this parameter, the command displays CIFS options only for CIFS servers that have the specified permitted value for the anonymous user. Permitted values for this option are:
-
no-restriction - There is no access restriction for anonymous users.
-
no-enumeration - Only enumeration is restricted.
-
no-access - Access is restricted for anonymous users.
-
[-is-read-only-delete-enabled {enabled|disabled}]
- Is Deletion of Read-Only Files Enabled-
If you specify this parameter, the command displays options only for CIFS servers that have the specified is-read-only-delete-enabled setting.
[-file-system-sector-size {512|4096 (in bytes)}]
- Size of File System Sector Reported to SMB Clients (bytes) (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured with the specified file system sector size (in bytes).
[-is-fake-open-enabled {true|false}]
- Is Fake Open Support Enabled (privilege: advanced)-
If you set this parameter to true, the command displays options for CIFS servers where fake open is enabled. If set to false, the command displays options for CIFS servers where fake open is disabled.
[-is-unix-extensions-enabled {true|false}]
- Is UNIX Extensions Enabled (privilege: advanced)-
If set to true, this command displays options only for CIFS servers where the UNIX Extensions feature is enabled. If set to false, options are displayed for CIFS servers where the UNIX Extensions feature is disabled. UNIX Extensions allows POSIX/UNIX style security to be displayed through the CIFS protocol.
[-is-search-short-names-enabled {true|false}]
- Is Search Short Names Support Enabled (privilege: advanced)-
If you set this parameter to true, the command displays options for CIFS servers where search short names is enabled. If set to false, the command displays options for CIFS servers where search short names is disabled.
[-is-advanced-sparse-file-support-enabled {true|false}]
- Is Advanced Sparse File Support Enabled (privilege: advanced)-
If set to true, the command displays options for CIFS servers where the advanced sparse file capabilities for CIFS are enabled. If set to false, options are displayed for CIFS servers where the advanced sparse file capabilities for CIFS are disabled.
[-is-fsctl-file-level-trim-enabled {true|false}]
- Is Fsctl File Level Trim Enabled (privilege: advanced)-
If set to true, the command displays options for all the CIFS servers where trim requests (FSCTL_FILE_LEVEL_TRIM) are supported. If set to false, options are displayed for all the CIFS servers where trim requests (FSCTL_FILE_LEVEL_TRIM) are not supported.
[-guest-unix-user <text>]
- Map the Guest User to Valid UNIX User (privilege: advanced)-
If you specify this parameter, the command displays options for CIFS server with the specified guest UNIX user.
[-smb1-max-buffer-size <integer>]
- Maximum Buffer Size Used for SMB1 Message (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured with the specified maximum buffer size value.
[-max-same-user-sessions-per-connection <integer>]
- Maximum Same User Sessions per TCP Connection (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum same user session per connection.
[-max-same-tree-connect-per-session <integer>]
- Maximum Same Tree Connect per Session (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum same tree connects per session.
[-max-opens-same-file-per-tree <integer>]
- Maximum Opens on Same File per Tree (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum opens on same file per tree.
[-max-watches-set-per-tree <integer>]
- Maximum Watches Set per Tree (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum watches set per tree. Tree here refers to a share connect from a single client.
[-is-admin-users-mapped-to-root-enabled {true|false}]
- Map Administrators to UNIX User 'root' (privilege: advanced)-
If you set this parameter to true, the command displays options for CIFS servers where members of "BUILTIN\Adminstrators" group are mapped to UNIX user 'root'. If set to false, the command displays options for CIFS servers where members of the "BUILTIN\Adminstrators" group are not mapped to UNIX user 'root'.
[-is-advertise-dfs-enabled {true|false}]
- (DEPRECATED)-Enable DFS Referral Advertisement (privilege: advanced)-
If this parameter is set to true, the command displays CIFS options only for CIFS servers where DFS referral advertisement is enabled. If set to false, the command displays options for CIFS servers where DFS referral advertisement is disabled. This option is not applicable to SMB 1.0.
This parameter is deprecated and may be removed in a future release of ONTAP. The functionality provided by this parameter is now controlled by the -symlink-properties
parameter instead. [-is-path-component-cache-enabled {true|false}]
- Is Path Component Cache Enabled (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where the path component cache is enabled. If set to false, the command displays options for CIFS servers where the path component cache is disabled.
[-win-name-for-null-user <TextNoCase>]
- Map Null User to Windows User or Group (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured to add the specified windows user or group into CIFS credentials for null sessions.
[-is-hide-dotfiles-enabled {true|false}]
- Is Hide Dot Files Enabled (privilege: advanced)-
When set to true, this optional parameter enables the Hide Dot Files feature in the CIFS server. If set to false, the Hide Dot Files feature is disabled. The default value for this parameter is false.
[-is-client-version-reporting-enabled {true|false}]
- Is Client Version Reporting Enabled (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where CIFS client version tracking is enabled. If set to false, the command displays options for CIFS servers where CIFS client version tracking is disabled.
[-is-client-dup-detection-enabled {true|false}]
- Is Client Duplicate Session Detection Enabled (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where client duplicate session detection is enabled. If set to false, the command displays options for CIFS servers where client duplicate session detection is not enabled.
[-grant-unix-group-perms-to-others {true|false}]
- Grant UNIX Group Permissions to Others (privilege: advanced)-
If this parameter is set to true, the command displays CIFS options only for CIFS servers where grant unix group permissions to others feature is enabled. If set to false, the command displays options for CIFS servers where grant unix group permissions to others feature is disabled.
[-is-multichannel-enabled {true|false}]
- Is Multichannel Enabled (privilege: advanced)-
If this parameter is set to true, the command displays options for CIFS servers where the multichannel is enabled. If set to false, the command displays options for CIFS servers where the multichannel is disabled.
[-max-connections-per-session <integer>]
- Maximum Connections Allowed Per Multichannel Session (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum connections allowed per multichannel session.
[-max-lifs-per-session <integer>]
- Maximum LIFs Advertised Per Multichannel Session (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS server that are configured with the specified maximum network interfaces advertised per multichannel session.
[-is-large-mtu-enabled {true|false}]
- Is Large MTU Enabled (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured to support the SMB 2.1 "Large MTU" feature.
[-is-netbios-over-tcp-enabled {true|false}]
- Is NetBIOS over TCP (port 139) Enabled (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured to support the NetBIOS over TCP (port 139) feature.
[-is-nbns-enabled {true|false}]
- Is NBNS over UDP (port 137) Enabled (privilege: advanced)-
If you specify this parameter, the command displays CIFS options only for CIFS servers that use the specified setting for the NBNS protocol.
[-widelink-as-reparse-point-versions <CIFS Dialects>,…]
- Protocol Versions for Which Widelink Will Be Reported as Reparse Point (privilege: advanced)-
If you specify this parameter, the command displays CIFS options only for the CIFS servers that matches the specified CIFS protocol versions for which widelinks are reported as reparse points. If a list is entered, entries are returned that matches all the specified versions.
[-max-credits <integer>]
- Maximum Credits to Grant (privilege: advanced)-
If you specify this parameter, the command displays options only for CIFS servers that are configured with the specified maximum credits.
[-is-inherit-modebits-with-nfsv4acl-enabled {true|false}]
- Enable Modebits on CIFS File Inheriting NFSv4 ACLs (privilege: advanced)-
If you specify this parameter, mode bits are set on the files created by the cifs user that inherit nfsv4 acls.
[-is-share-enum-permission-check-enabled {true|false}]
- Check Share Permission for NetShareEnumAll Request (privilege: advanced)-
If this parameter is set to true, the command only displays CIFS options for Vservers that enabled share permission check for NetShareEnumAll request. If set to false, options are displayed for CIFS servers that disabled share permission check for NetShareEnumAll request.
[-is-backup-symlink-enabled {true|false}]
- Preserve UNIX Symlink During Backup through SMB (privilege: advanced)-
If this parameter is specified, the command displays options only for CIFS servers that are configured to support preserving UNIX symlinks during backup through SMB.
Examples
The following example lists CIFS options for a Vserver on the cluster.
cluster1::> vserver cifs options show Vserver: vs1 Client Session Timeout: 900 Default Unix Group: - Default Unix User: pcuser Guest Unix User: guestusers Read Grants Exec: disabled WINS Servers: -
At the advanced level, the output displays the information below.
cluster1::*> vserver cifs options show Vserver: vs1 Client Session Timeout: 900 Copy Offload Enabled: true Default Unix Group: - Default Unix User: pcuser Guest Unix User: - Are Administrators mapped to 'root': true Is Advanced Sparse File Support Enabled: true Direct-Copy Copy Offload Enabled: true Export Policies Enabled: false Grant Unix Group Permissions to Others: true Is Advertise DFS Enabled: true Is Client Duplicate Session Detection Enabled: true Is Client Version Reporting Enabled: true Is DAC Enabled: false Is Fake Open Support Enabled: true Is Hide Dot Files Support Enabled: false Is Large MTU Enabled: true Is Local Auth Enabled: true Is Local Users and Groups Enabled: true Is Multichannel Enabled: false Is NetBIOS over TCP (port 139) Enabled: true Is Referral Enabled: false Is Search Short Names Support Enabled: false Is Trusted Domain Enumeration And Search Enabled: true Is UNIX Extensions Enabled: false Is Use Junction as Reparse Point Enabled: true Max Multiplex Count: 255 Max Connections per Multichannel Session: 32 Max LIFs per Multichannel Session: 256 Max Same User Session Per Connection: 2500 Max Same Tree Connect Per Session: 5000 Max Opens Same File Per Tree: 1000 Max Watches Set Per Tree: 500 NBNS Interfaces : - Is Path Component Cache Enabled: true NT ACLs on UNIX Security Style Volumes Enabled: true Read Grants Exec: disabled Read Only Delete: disabled Reported File System Sector Size: 4096 Restrict Anonymous: no-restriction Shadowcopy Dir Depth: 5 Shadowcopy Enabled: true SMB1 Enabled: true Max Buffer Size for SMB1 Message: 65535 SMB2 Enabled: true SMB3 Enabled: true SMB3.1 Enabled: true Map Null User to Windows User or Group: cifsGroup WINS Servers: - Report Widelink as Reparse Point Versions: SMB1