CIFS is intended to provide an open crossplatform

CIFS is intended to provide an open cross-platform mechanism for client systems to request file services from server systems over a network. It is based on the standard Server Message Block(SMB) protocol widely in use by personal computers and workstations running a wide variety of operating systems. In the world of NAS, there are 2 main protocols used: CIFS & NFS. As where NFS is used for serving data to Unix based clients, CIFS is intended to be used for serving data to Windows clients.

In computer networking, Server Message Block (SMB), also known as Common Internet File System (CIFS) operates as an application-layer network protocol mainly used for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. SMB works through a client-server approach, where a client makes specific requests and the server responds accordingly. One section of the SMB protocol specifically deals with access to filesystems, such that clients may make requests to a file server.

Supported Windows clients and domain controllers Storage systems running Data ONTAP can provide services to a specific set of Windows clients and domain controllers. Supported Windows clients: Windows Windows Windows 7 Server Vista Server XP 2000 NT 98 95 2008 R 2 2008 2003 R 2 2003 Supported domain controllers: Windows Windows Server 2000 NT 2008 R 2 2008 2003 R 2 2003

Setting up your system initially When a valid CIFS license is present, Data ONTAP automatically invokes the cifs setup command during the initial setup of your storage system. The cifs setup command prompts you for information such as authentication type, lookup services to be used, and so forth. Changing the storage system domain If you have already configured your storage system for Windows Domain authentication and you want to move the storage system to a different domain, you need to run the cifs setup command. Steps 1. If CIFS is currently running, enter the following command: cifs terminate 2. Run the cifs setup command: cifs setup The following prompt appears: Do you want to delete the existing filer account information? [no] 3. To delete your existing account information, enter the following: Yes After deleting your account information, you are given the opportunity to rename the storage system: The default name of this filer will be 'filer 1'. Do you want to modify this name? [no]:

Cont…. . ! 4. To keep the current storage system name, press Enter; otherwise, enter yes and enter a new storage system name. Data ONTAP displays a list of authentication methods: Data ONTAP CIFS services support four styles of user authentication. Choose the one from the list below that best suits your situation. (1) Active Directory domain authentication (Active Directory domains only) (2) Windows NT 4 domain authentication (Windows NT or Active Directory domains) (3) Windows Workgroup authentication using the filer's local user accounts (4) /etc/passwd and/or NIS/LDAP authentication Selection (1 -4)? [1]: 5. To accept the default method for domain authentication (Active Directory), press Enter. Otherwise, choose a new authentication method 6. Respond to the remainder of the cifs setup prompts. To accept a default value, press Enter. Upon exiting, the cifs setup utility starts CIFS 7. To confirm your changes, enter the following command: cifs domaininfo

Creating a CIFS share from the Data ONTAP command line You can create a CIFS share from the Data ONTAP command line by using the cifs shares -add command. Step To create a CIFS share, enter the following command: cifs shares -add sharename path [ -f ] [ -comment description ] [ -maxusers userlimit ] [ -forcegroupname ] [ -nosymlink_strict_security ] [ -widelink ] [ -umask ] [ -dir_umask ] [ -file_umask ] [ -nobrowse ] [ -novscanread ] [ -no_caching | -auto_document_caching -auto_program_caching ] [ -accessbasedenum ]

Cont…. . ! -f Suppress confirmation dialogs, if any. This option will be deprecated in future releases. A warning will be issued when share-names exceed 8 characters. -comment description of the new share. -maxusers userlimit maximum number of simultaneous connections to the new share. userlimit must be a positive integer. If you do not specify a number, the filer does not impose a limit on the number of connections to the share. -forcegroupname of the group to which files to be created in the share belong. -novscan do not perform a virus scan when clients open files on this share. -novscanread do not perform a virus scan when clients open files on this share for read access. -no_caching disallow Windows clients from caching any files on this share. Example cifs shares -add webpages /vol 1/companyinfo -comment "Product Information“ -maxusers 100

Displaying the properties of a share You can display the properties of a share from the Data ONTAP command line by using the cifs shares command. Step Enter the following command: cifs sharename is the name of a single share. If you omit sharename, the properties of all shares are displayed. ata ONTAP displays the share name, the path name of the directory that is shared, the share description, and the share-level ACL.

Changing the properties of a share You can change the properties of a share from the Data ONTAP command line by using the cifs shares command. cifs shares -change sharename { -comment description | -nocomment } { -maxusers userlimit | nomaxusers } { -forcegroupname | -noforcegroup } { nosymlink_strict_security | -symlink_strict_security } { -widelink | -nowidelink } { -umask | -noumask } { -dir_umask | -nodir_umask } { -file_umask | -nofile_umask } { -nobrowse | -browse } { -novscan | -vscan } { -novscanread | -vscanread } { -no_caching | -manual_caching -auto_document_caching | -auto_program_caching } { -accessbasedenum | -noaccessbasedenum }

Deleting a share You can use the cifs shares command to delete a share from the Data ONTAP command line. Step Enter the following command: cifs shares -delete [-f] sharename -f option forces all files closed on a share without prompting. This is useful when using the command in scripts. sharename specifies the name of the share you want to delete.

Changing a share-level ACL You can change a share-level ACL from the Data ONTAP command line by using the cifs access command. Step Enter the following command: cifs access share [-g] user rights share is the name of the share (you can use the * and ? wildcards). user is the name of the user or group (UNIX or Windows). If user is a local group, specify the storage system name as the domain name (for example, toasterwriters). rights are the access rights. For Windows users, you specify one of these choices of access rights: No Access, Read, Change, Full Control. For UNIX users, you specify one of these choices of access rights: r (read), w (write), x (execute). Use the -g option to specify that user is the name of a group Examples cifs access releases ENGINEERINGmary Read

Removing a user or group from a sharelevel ACL You can remove a user or group from an ACL using the Data ONTAP command line. Step Enter the following command: cifs access -delete share [-g] user share is the name of the share (you can use the * and ? wildcards). user is the name of the user or group (UNIX or Windows). If user is a local group, specify the storage system name as the domain name (for example, toasterwriters). Use the -g option to specify that user is the name of a UNIX group (that is, that user is not a UNIX user, Windows user, or Windows group). Example: cifs access -delete releases ENGINEERINGmary

CIFS Commands cifs cifs cifs domaininfo prefdc audit resetdc stat restart terminate sessions testdc lookup