Managing the CIFS Service

This section describes parameters related to the CIFS service.

Prerequisites

The file service has been enabled.

Context

By setting CIFS service parameters on the Configuration page, all CIFS shares under the tenant take effect.

Procedure

  1. Choose Settings > Share Settings > CIFS Service.
  2. Select a desired account from the Account drop-down list in the upper left corner.
  3. Click Modify in the upper right corner of the page.

  4. Set basic parameters for the CIFS service.

    Table 1 describes related parameters.

    Table 1 Basic parameters of the CIFS service

    Parameter

    Description

    SMB3 Encryption

    Determine whether to enable SMB3 encryption. After this function is enabled, the system encrypts the share to ensure data security, but performance deteriorates.

    [Default value]

    Disabled

    NOTICE:
    • Enabling this function affects SMB3 service performance. Check whether this function needs to be enabled.
    • After SMB3 encryption is enabled, only SMB3 clients can access shares by default.

    Unencrypted Client Access

    After this function is enabled, clients that do not have encryption capabilities can access the share.

    [Default value]

    Disabled

    NOTICE:
    • After this function is enabled, clients of earlier versions (for example, Windows 7) are allowed to access shares where SMB3 encryption is enabled in plaintext. Check whether this function needs to be enabled.
    • This function takes effect only after the SMB3 encryption function is enabled.

    Notify

    After this function is enabled, a client's operations on a directory, such as adding a directory, adding a file, modifying the directory, and modifying a file, can be detected by other clients that are accessing this directory or the parent directory of this directory. Results of the modification operations are displayed after the page is automatically refreshed.

    [Default value]

    Enabled

    Oplock

    Opportunistic locking (oplock) is a mechanism used to improve client access efficiency and locally buffer files before they are sent to shared storage. This function is not recommended in the following scenarios:

    • Scenarios that have high requirements for data integrity. If oplock is enabled in such scenarios, the local cache of the client may be lost due to network interruption or client faults. If the upper-layer service software does not have a mechanism to ensure data integrity, recovery, or retry, data loss may occur.
    • Scenarios where multiple clients access the same file. If oplock is enabled in such scenarios, system performance will be adversely affected.

    [Default value]

    Enabled

    NOTE:

    Oplock for a share takes effect only when both oplock for the account and oplock for the share are enabled.

    ABSE

    After access based share enumeration (ABSE) has been enabled, when users view the CIFS share information, the system displays only the CIFS shares that the users have permissions to access.

    [Default value]

    Disabled

    NOTE:
    • It takes 10 to 20 minutes to load the CIFS share permission information after the storage system is powered on. During this period, the function does not take effect.
    • You are advised to enable this function. If this function is disabled, users can find all shares (including the shares for which the users do not have access permission), which may cause security threats to other shares.

    Symbolic Link

    After this function is enabled, CIFS clients can access symbolic links created on UNIX clients (for example, symbolic links created through NFS clients). However, performance may deteriorate after this function is enabled.

    [Default value]

    Enabled

  5. Click Save.
Parent topic: Managing Share Settings