Create a CIFS server
Suggest changes
PDFs
POST /protocols/cifs/services
Creates a CIFS server. Each SVM can have one CIFS server.
Important notes
-
The CIFS server name might or might not be the same as the SVM name.
-
The CIFS server name can contain up to 15 characters.
-
The CIFS server name does not support the following characters: @ # * ( ) = + [ ] \| ; : " , < > / ?
Required properties
-
svm.uuidorsvm.name- Existing SVM in which to create the CIFS server. -
name- Name of the CIFS server. -
ad_domain.fqdn- Fully qualified domain name of the Windows Active Directory to which this CIFS server belongs. -
ad_domain.user- User account with the access to add the CIFS server to the Active Directory. -
ad_domain.password- Account password used to add this CIFS server to the Active Directory.
Recommended optional properties
-
comment- Add a text comment of up to 48 characters about the CIFS server. -
netbios.aliases- Add a comma-delimited list of one or more NetBIOS aliases for the CIFS server. -
netbios.wins_servers- Add a list of Windows Internet Name Server (WINS) addresses that manage and map the NetBIOS name of the CIFS server to their network IP addresses. The IP addresses must be IPv4 addresses.
Default property values
If not specified in POST, the following default property values are assigned:
-
ad_domain.organizational_unit- CN=Computers -
enabled- true -
restrict_anonymous- no_enumeration -
smb_signing- false -
smb_encryption- false -
kdc_encryption- false -
default_unix_user- pcuser -
netbios_enabled- false However, if either "netbios.wins-server" or "netbios.aliases" is set during POST and ifnetbios_enabledis not specified thennetbios_enabledis set to true.
Related ONTAP commands
-
vserver cifs server create -
vserver cifs server options modify -
vserver cifs security modify -
vserver cifs server add-netbios-aliases
Learn more
Request Body
| Name | Type | Description |
|---|---|---|
_links |
||
ad_domain |
||
comment |
string |
A descriptive text comment for the CIFS server. SMB clients can see the CIFS server comment when browsing servers on the network. If there is a space in the comment, you must enclose the entire string in quotation marks. |
default_unix_user |
string |
Specifies the UNIX user to which any authenticated CIFS user is mapped to, if the normal user mapping rules fails. |
enabled |
boolean |
Specifies if the CIFS service is administratively enabled. |
name |
string |
The name of the CIFS server. |
netbios |
||
security |
||
svm |
SVM, applies only to SVM-scoped objects. |
Example request
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"ad_domain": {
"fqdn": "example.com",
"organizational_unit": "string",
"password": "string",
"user": "string"
},
"comment": "This CIFS Server Belongs to CS Department",
"default_unix_user": "string",
"name": "CIFS1",
"netbios": {
"aliases": [
"ALIAS_1",
"ALIAS_2",
"ALIAS_3"
],
"wins_servers": [
"10.224.65.20",
"10.224.65.21"
]
},
"security": {
"restrict_anonymous": "string"
},
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}Response
Status: 202, Accepted| Name | Type | Description |
|---|---|---|
job |
Example response
{
"job": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"uuid": "string"
}
}Error
Status: Default, Error| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
ad_domain
| Name | Type | Description |
|---|---|---|
fqdn |
string |
The fully qualified domain name of the Windows Active Directory to which this CIFS server belongs. A CIFS server appears as a member of Windows server object in the Active Directory store. POST and PATCH only. |
organizational_unit |
string |
Specifies the organizational unit within the Active Directory domain to associate with the CIFS server. POST and PATCH only. |
password |
string |
The account password used to add this CIFS server to the Active Directory. This is not audited. |
user |
string |
The user account used to add this CIFS server to the Active Directory. POST and DELETE only. |
cifs_netbios
| Name | Type | Description |
|---|---|---|
aliases |
array[string] |
|
enabled |
boolean |
Specifies whether NetBios name service (NBNS) is enabled for the CIFS. If this service is enabled, the CIFS server will start sending the broadcast for name registration. |
wins_servers |
array[string] |
cifs_service_security
| Name | Type | Description |
|---|---|---|
kdc_encryption |
boolean |
Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC. To take advantage of the strongest security with Kerberos-based communication, AES-256 and AES-128 encryption can be enabled on the CIFS server. Kerberos-related communication for CIFS is used during CIFS server creation on the SVM, as well as during the SMB session setup phase. The CIFS server supports the following encryption types for Kerberos communication:
|
restrict_anonymous |
string |
Specifies what level of access an anonymous user is granted. An anonymous user (also known as a "null user") can list or enumerate certain types of system information from Windows hosts on the network, including user names and details, account policies, and share names. Access for the anonymous user can be controlled by specifying one of three access restriction settings. The available values are:
|
smb_encryption |
boolean |
Specifies whether encryption is required for incoming CIFS traffic. |
smb_signing |
boolean |
Specifies whether signing is required for incoming CIFS traffic. SMB signing helps to ensure that network traffic between the CIFS server and the client is not compromised. |
svm
SVM, applies only to SVM-scoped objects.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
cifs_service
| Name | Type | Description |
|---|---|---|
_links |
||
ad_domain |
||
comment |
string |
A descriptive text comment for the CIFS server. SMB clients can see the CIFS server comment when browsing servers on the network. If there is a space in the comment, you must enclose the entire string in quotation marks. |
default_unix_user |
string |
Specifies the UNIX user to which any authenticated CIFS user is mapped to, if the normal user mapping rules fails. |
enabled |
boolean |
Specifies if the CIFS service is administratively enabled. |
name |
string |
The name of the CIFS server. |
netbios |
||
security |
||
svm |
SVM, applies only to SVM-scoped objects. |
job_link
| Name | Type | Description |
|---|---|---|
_links |
||
uuid |
string |
The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |