Add CIFS access to an existing SVM

Contributors NetAppZacharyWambold

Adding CIFS/SMB access to an existing SVM involves creating a data LIF, configuring a CIFS server, provisioning a volume, sharing the volume, and configuring the share permissions.

Before you begin
  • You must know which of the following networking components the SVM will use:

    • The node and the specific port on that node where the data logical interface (LIF) will be created

    • The subnet from which the data LIF’s IP address will be provisioned, or optionally the specific IP address you want to assign to the data LIF

    • The Active Directory (AD) domain that this SVM will join, along with the credentials required to add the SVM to it

  • Any external firewalls must be appropriately configured to allow access to network services.

  • The CIFS protocol must be allowed on the SVM.

    This is the case if you did not created the SVM following the procedure in this content to configure a SAN protocol.

Steps
  1. Navigate to the area where you can configure the protocols of the SVM:

    1. Select the SVM that you want to configure.

    2. In the Details pane, next to Protocols, click CIFS.

      This image is explained by the surrounding text.
  2. In the Data LIF Configuration section of the Configure CIFS protocol dialog box, create a data LIF for the SVM:

    1. Assign an IP address to the LIF automatically from a subnet you specify or manually enter the address.

    2. Click Browse and select a node and port that will be associated with the LIF.

      This graphic is described by the surrounding text.
  3. In the CIFS Server Configuration section, define the CIFS server and configure it to access the AD domain:

    1. Specify a name for the CIFS server that is unique in the AD domain.

    2. Specify the FQDN of the AD domain that the CIFS server can join.

    3. If you want to associate an organizational unit (OU) within the AD domain other than CN=Computers, enter the OU.

    4. Specify the name and password of an administrative account that has sufficient privileges to add the CIFS server to the OU.

    5. If you want to avoid unauthorized access to all the shares on this SVM, select the option to encrypt data using SMB 3.0.

    This graphic is described by the surrounding text.
  4. Create a volume for CIFS/SMB access and provision a share on it:

    1. Name the share that CIFS/SMB clients will use to access the volume.

      The name you enter for the share will also be used as the volume name.

    2. Specify a size for the volume.

      Screenshot of the area where you configure the CIFS share

    You do not have to specify the aggregate for the volume because it is automatically located on the aggregate with the most available space.

  5. Restrict access to the share by modifying the share ACL:

    1. In the Permission field, click Change.

    2. Select the Everyone group, and click Remove.

    3. Click Add, and enter the name of an administrator group defined in the Windows Active Directory domain that includes the SVM.

    4. Select the new administrator group, and then select Full Control.

    5. Click Save and Close.

  6. Click Submit & Close, and then click OK.