You must create an SMB share before you can share data on a CIFS server with SMB clients. When you create a share, you can customize the share by configuring optional settings, such as specifying how symlinks are presented to clients. You can also set share properties when creating the share.
If the UNC path (\\servername\sharename\filepath) of the share contains more than 256 characters (excluding the initial "\\" in the UNC path), then the Security tab in the Windows Properties box is unavailable. This is a Windows client issue rather than a Data ONTAP issue. To avoid this issue, do not create shares with UNC paths with more than 256 characters.
-share-name share_name specifies the name of the new SMB share.
The share name can additionally contain the %d (domain name) dynamic variable (for example, %d/%w) or a static portion in the share name (for example, home1_%w).
-path path specifies the directory path to the SMB share.
-share-properties share_properties specifies an optional list of properties for the share.
However, if you do specify share properties when you create the share, the defaults are not used. If you use the -share-properties parameter when you create a share, you must specify all the share properties that you want to apply to the share using a comma-delimited list.
The list of share properties can include one or more of the following:
Specifies that this is a home directory share. The CIFS home directory feature enables you to configure a share that maps to different directories based on the user that connects to it and a set of variables. Instead of having to create separate shares for each user, you can configure a single share with a few home directory parameters to define a user's relationship between an entry point (the share) and their home directory (a directory on the SVM).
Specifies that the share uses opportunistic locks, also known as client-side caching. Oplocks are enabled on shares by default; however, some applications do not work well when oplocks are enabled. In particular, database applications such as Microsoft Access are vulnerable to corruption when oplocks are enabled.
An advantage of shares is that a single path can be shared multiple times, with each share having different properties. For instance, if a path named /dept/finance contains both a database and other types of files, you can create two shares to it, one with oplocks disabled for safe database access and one with oplocks enabled for client-side caching.
Specifies that the share can be browsed by Windows clients.
Specifies that Snapshot copies can be viewed and traversed by clients.
Specifies that the share supports Change Notify requests. For shares on SVMs with FlexVol volumes, this is a default initial property.
For shares on SVMs with Infinite Volume, the changenotify property is not set by default, and setting it requires the advanced privilege level. When the changenotify property is set for a share on SVMs with Infinite Volume, change notifications are not sent for changes to file attributes and time stamps.
Specifies that file attribute caching on the SMB share is enabled to provide faster access of attributes. The default is to disable attribute caching. This property should be enabled only if there are clients connecting to shares over SMB 1.0. This share property is not applicable if clients are connecting to shares over SMB 2.x or SMB 3.0.
Specifies that SMB 3.0 and later clients that support it are permitted to open files in a persistent manner. Files opened this way are protected from disruptive events, such as failover and giveback. This option is not supported for SVMs with Infinite Volume.
Specifies that the share allows clients to request BranchCache hashes on the files within this share. This option is effective only if you specify per-share as the operating mode in the CIFS BranchCache configuration. This option is not supported for SVMs with Infinite Volume.
Specifies that Access Based Enumeration is enabled on this share. ABE-filtered shared folders are visible to a user based on that individual user's access rights, preventing the display of folders or other shared resources that the user does not have rights to access.
Specifies that the SMB clients connecting to this share can cache the directory enumeration results returned by the CIFS servers, which can provide better performance. By default, SMB 1.0 clients do not cache directory enumeration results. Because SMB 2.0 and SMB 3.0 clients cache directory enumeration results by default, specifying this share property provides performance benefits only to SMB 1.0 client connections.
This property specifies that SMB encryption must be used when accessing this share. SMB clients that do not support encryption when accessing SMB data will not be able to access this share.
Specifies that symlinks are enabled for read-write access.
Specifies that symlinks are enabled for read-only access. This setting does not apply to widelinks. Widelink access is always read-write.
Specifies that SMB clients are prevented from seeing symlinks.
-file-umask octal_integer specifies the default UNIX umask for new files created on the share. If not specified, the umask defaults to 022.
-comment text specifies a text description of the share. The description can be up to 255 characters long. If there is a space in the description, the entire string must be quoted (for example, "This is engineering's share.").
-attribute-cache-ttl time_interval specifies the lifetime for the attribute cache share property. Specifying this option is useful only if you specify attributecache as a value of the -share-properties parameter.
-offline-files specifies the caching behavior of Windows clients when accessing data from the share. The value can be one of following:
This disallows Windows clients from caching any files on this share.
This allows users on Windows clients to manually select files to be cached.
This allows Windows clients to cache user documents that are used by the user for offline access.
This allows Windows clients to cache programs that are used by the user for offline access. A user can use those files in an offline mode even if the share is available.
-vscan-filop-profile specifies which operations trigger virus scans. The value can be one of following:
Specifies that virus scans are never triggered for this share.
Specifies that virus scans are triggered by open, close, and rename operations. This is the default profile.
Specifies that virus scans are triggered by open, read, close, and rename operations.
Specifies that virus scans are triggered only when a file that has been modified is closed.
For information about configuring an antivirus solution, see the Clustered Data ONTAP Antivirus Configuration Guide.
-max-connections-per-share specifies the maximum number of simultaneous connections on a share.
-force-group-for-create specifies that all files that SMB users create in a specific share belong to the same group, also called the force group. The force group must exist in the UNIX group database (files, NIS, or LDAP). This setting has no effect unless the security style of the volume is UNIX or mixed security style. If this setting is specified, the following becomes true for the share:
The following command creates an SMB share named "SHARE1" on Storage Virtual Machine (SVM, formerly known as Vserver) "vs1". Its directory path is /u/eng. Oplocks and browsability are specified on the share, and the UNIX umask is explicitly set as 022 on files and 000 on directories.
cluster1::> vserver cifs share create -vserver vs1 -share-name SHARE1 -path /u/eng -share-properties browsable,oplocks -file-umask 022 -dir-umask 000
The following command creates an SMB share named "DOCUMENTS" on the SVM "vs1". The path to the share is /documents. The share uses opportunistic locks (client-side caching), a notification is generated when a change occurs, and the share allows clients to cache user documents on this share.
cluster1::> vserver cifs share create -vserver vs1 -share-name DOCUMENTS -path /documents -share-properties changenotify,oplocks -offline-files documents