Creating a CIFS Share

This section describes how to share namespaces in CIFS mode so that users can access the namespaces.

Precautions

You are not advised to enable the CIFS protocol for a namespace in Case-sensitive mode.

The storage system can only process file names carried in client requests in Case-sensitive mode. In addition, the storage system returns case-sensitive file names in its responses that need to carry file names to the client. If the client cannot correctly identify case-sensitive file names, the following circumstances may occur in some special scenarios:

Run the ren <src> <dest> command in the cmd window. If a file with the same name as the <src> file exists (for example, in Case-insensitive mode, file_A and file_a in the same directory), the client may display a message indicating that a file with the same name exists or no file can be found.
In Explorer, right-click the file file in a folder and choose Delete from the shortcut menu. If a file with the same name (for example, File) exists in the folder, the File file may be wrongly deleted and the file file still remains after the deletion due to the cache eviction policy of the client. In this case, if you access the file file, a message indicating that the file does not exist will be displayed. Then, refresh the page. The File file is restored and the file file disappears.
Run the del <dest> command in the cmd window. If a file with the same name as the <dest> file exists (for example, file_A and file_a), the file deleted may not be the <dest> file you intended to delete. For example, the file deleted after you run the del file_A command may be the file_a file.

If the preceding scenarios have no impact on services or the impact is acceptable, before creating a CIFS share, you are advised to choose the Case-sensitive mode, enable the recycle bin function of the namespace, and set a proper retention period to reduce the probability of data loss caused by abnormal client behaviors.

If you cannot evaluate the impact on services, contact technical support engineers.

Procedure

Choose Resources > Resources > Share > CIFS Share.
Select a desired account from the Account drop-down list in the upper left corner.
Click Create.
The Create CIFS Share page is displayed on the right.

Set basic CIFS share parameters.

Table 1 describes the related parameters.

**Table 1** Basic CIFS share parameters
Parameter	Description
Share Name	Indicates the name of the CIFS share, which is used by users to access shared resources. [Value range] The name must be unique. The name cannot contain characters " / \ [ ] : \| < > + ; , ? * =, and cannot be ipc$, autohome, ~, or print$ reserved by the system. The name contains 1 to 80 characters.
Namespace	Indicates the namespace for which you want to create a CIFS share. NOTE: If the selected namespace is the secondary resource in a remote replication pair, data in the namespace is probably being modified when it is accessed. Before performing this operation, confirm that the application allows possible data inconsistency.
Dtree	Indicates the dtree for which you want to create a CIFS share. If you do not select a dtree, the CIFS share is created for the entire namespace.

Set advanced properties of the CIFS share. Click Advanced.
1. Modify Description of the CIFS share.
  
  The description can be left blank or contain up to 255 characters.
2. Determine whether to add the default ACL. This function creates a default ACL (full control rights to everyone; applied to the current directory, its subdirectories, and files in them) for a shared CIFS root directory if the directory has no ACL. You can change the default ACL in follow-up operations. If you want to retain the UNIX mode bits, disable this function.

Select user or user groups that can access the CIFS share.

In the Permission area, click Add.
The Add User or User Group page is displayed.
Select the type of the users or user groups.
The value can be Everyone, Local Windows authentication user, Local Windows authentication user group, AD domain user, or AD domain user group.
- If you select Local Windows authentication user or Local Windows authentication user group, select the users or user groups to be added from the list.
- If you select AD domain user or AD domain user group, enter the names of the users or user groups in Name.
  - A domain user name is in the format of Domain name\Domain user name and a domain user group name is in the format of Domain name\Domain user group name.
  - A total of 1 to 256 characters are allowed.
  - Multiple names are separated by carriage returns.
  - If you do not have the CIFS share administrator permission, you need to change the permission of the root directory in a namespace or dtree used by a share to 777 before you can create files or directories in the root directory in the namespace or dtree. The CLI command for modifying the permission on the root directory in a namespace is as follows:
    change namespace general name=Namespace name unix_permissions=777
    
    The CLI command for modifying the permission on the root directory in a dtree is as follows:
    change dtree general dtree_name=Dtree name file_system_id=Namespace ID unix_permissions=777

In Permission Level, select the permission granted for the users or user groups.

Table 2 describes the permissions.

**Table 2** CIFS share permissions
Permission	Forbidden	Read-Only	Read/Write	Full Control
Viewing files and subdirectories	X^a	√^b	√	√
Viewing file contents	X	√	√	√
Running executable files	X	√	√	√
Adding files or subdirectories	X	-^c	√	√
Modifying file contents	X	-	√	√
Deleting files and subdirectories	X	-	√	√
Renaming	X	-	√	√
Changing ACL permissions of files or directories	X	-	-	√
a: Users do not have the permission. b: Users have the permission. c: The specified permission is not involved.

Click OK.
The system adds the selected users or user groups to the Permission list.

Click OK.