Create Shared Folder

Overview

This function creates shared folders.

Specify the access protocols, hosts which are allowed or denied access, and CIFS access permissions to each shared folder.

This function also creates home directories. The home directory is a type of shared folder.

This function is used in a Unified Storage environment.

Number of Shared Folders That Can Be Registered

Protocol Number of shared folders (*1)
Windows CIFS 256
UNIX NFS 256
Total number of Windows CIFS and UNIX NFS 256
*1  :  The maximum number of shared folders may be less in some operating environments.
Caution
  • The following settings must be performed before creating shared folders.
    • Create the TPPs that are to be used in the Unified Storage environment. Refer to the [Create Thin Provisioning Pool] function for details.

    • This function creates NAS user volumes. Refer to the [Create Volume] function for details.

  • Confirm that the authentication server setup is complete in advance. To set the authentication server, use the [Set Authentication Server] function.

  • An error occurs when the total number of input characters exceeds the maximum (5120 characters). Confirm the used characters when this error occurs even if the total of input characters does not exceed the maximum. Note that a double quotation (0x22) and a single quotation (0x27) are regarded as being two characters.

  • If the shared folder creation has not been completed successfully, wait for the storage system status to return to normal and then try again.

  • If shared folders are created in the NAS user volume where a meta cache redistribution is being performed, the process may be delayed for a maximum of two minutes.

  • The CIFS access permission is enabled from the next CIFS access session that is established after the permission is set.

Note
  • When a new shared folder is created, the following setup items are automatically specified for the created shared folder.
    • "Yes (Writable)" is specified for "Writable"

    • "Disable (Not use)" is specified for "Oplocks"

    Note that the "Writable" and the "Oplocks" settings can be changed. Refer to the [Modify Shared Folder] function for details.
  • "Home directory" is created for each user and is used as a dedicated shared folder that can be used freely by the user. Users use the home directory with a CIFS connection. Home directories can be used by users that are authenticated by the Active Directory authentication server or the local user authentication.

User Privileges

Availability of Executions in the Default Role

Default role Availability of executions
Monitor  
Admin
StorageAdmin
AccountAdmin  
SecurityAdmin  
Maintainer

Refer to "User Roles and Policies" for details on the policies and roles.

Settings

Shared Folder Settings

Item Description Setting values

Usage

Select the usage of the shared folder.

  • To create a regular shared folder, select "File Sharing".

  • To create a home directory, select "Home Directory".

File Sharing

Home Directory

Shared Folder Name

If "File Sharing" is selected for "Usage", enter the shared folder name.

An existing shared folder name cannot be specified.

If "Home Directory" is selected for "Usage", "homes" is displayed for this item.

  • If "File Sharing" is selected for "Usage"

    Alphanumeric characters and symbols (in the US-ASCII format)

    Note that the following symbols and characters cannot be used.

    • Symbols (backslash (0x5C), slash (0x2F),

      colon (0x3A), asterisk (0x2A), question mark (0x3F),

      double quotation (0x22), less-than sign (0x3C), greater-than sign (0x3E),

      vertical line (0x7C), equal (0x3D), comma (0x2C),

      semicolon (0x3B), left square bracket (0x5B), right square bracket (0x5D),

      plus (0x2B), and percent (0x25))

    • Spaces (0x20)

    • Reserved words (".", "..", ".snap",

      "global", "homes", "printers",

      and "IPC$")

      (Entered letters are not case-sensitive.)

    • "$bak" and strings ending with "$bak"

    • "@GMT" and strings starting with "@GMT" (Entered letters are not case-sensitive.)

    Up to 76 characters

  • If "Home Directory" is selected for "Usage"

    homes

Protocol

If "File Sharing" is selected for "Usage", select a protocol that is used by the file system.

  • When the Windows CIFS protocol is used, select "CIFS"

  • When the UNIX NFS protocol is used, select "NFS"

  • When the Windows CIFS or UNIX NFS protocol is used, "CIFS/NFS" is displayed

Caution
  • If "Home Directory" is selected for "Usage", "CIFS" is displayed for this item.

CIFS

NFS

CIFS/NFS

IP Address

Enter the IP address to access the shared folder (IPv4 address, or a global or unique local IPv6 address).

  • For IPv4 address

    • xxx.xxx.xxx.xxx

      xxx: 1 - 255 for the top field (decimal)

      xxx: 0 - 255 for other fields (decimal)

    • Class must be A, B, or C.

  • For IPv6 address

    xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

    xxxx: 0 - ffff (FFFF) (hexadecimal, alphanumeric characters)

    Refer to "IPv6 Address Notation" for details.

Owner

Input the owner of the shared folder.

Enter the user name for the domain to which the storage system belongs.

If "Home Directory" is selected for "Usage", the "Owner" setting is used when the following functions are executed.

  • Backup

  • Restoration

The user specified as the owner can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories.

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

Note that the following symbols and characters cannot be used.

  • Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D),

    colon (0x3A), semicolon (0x3B), vertical line (0x7C),

    equal (0x3D), comma (0x2C), plus (0x2B),

    asterisk (0x2A), question mark (0x3F), less-than sign (0x3C),

    greater-than sign (0x3E), double quotation (0x22),

    and at sign (0x40))

  • The following reserved words

    "root", "bin", "daemon",

    "adm", "lp", "sync",

    "shutdown", "halt", "mail",

    "operator", "games", "ftp",

    "nobody", "systemd-network",

    "dbus", "polkitd", "sshd",

    "rpc", "gluster", "ntp",

    "nscd", "tss", "nslcd",

    "rpcuser", "nfsnobody", "tcpdump",

    and "oprofile"

Up to 255 characters

root

Group

Input the group of the shared folder.

Enter the group name for the domain to which the storage system belongs.

If "Home Directory" is selected for "Usage", the "Group" setting is used when the following functions are executed.

  • Backup

  • Restoration

The specified group can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories.

Note that BUILTIN groups cannot be specified.

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

Note that the following symbols and characters cannot be used.

  • Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D),

    colon (0x3A), semicolon (0x3B), vertical line (0x7C), equal (0x3D),

    comma (0x2C), plus (0x2B), asterisk (0x2A), question mark (0x3F),

    less-than sign (0x3C), greater-than sign (0x3E), double quotation (0x22),

    and at sign (0x40))

  • The following reserved words

    "adm", "audio", "audit",

    "bin", "cdrom", "daemon",

    "dbus", "dialout", "disk",

    "dump", "floppy", "ftp",

    "games", "gluster", "input",

    "kmem", "ldap", "lock",

    "lp", "mail", "man",

    "mem", "nasconf-ct-group",

    "nfsnobody", "nobody", "nscd",

    "ntp", "oprofile", "polkitd",

    "root", "rpc", "rpcuser",

    "ssh_keys", "sshd", "sys",

    "systemd-journal", "systemd-network", "tape",

    "tcpdump", "tss", "tty",

    "users", "utempter", "utmp",

    "video", and "wheel"

Up to 255 characters

root

SMB Encryption of Data Access

When performing SMB encryption for data while accessing the shared folder, select "Enable". When not encrypting, select "Disable".

This item can be set when "CIFS" or "CIFS/NFS" is selected for "Protocol".

Caution
  • If a client does not support SMB3.0 or SMB3.1, accessing a shared folder where "Enable" is selected for "SMB Encryption of Data Access" is not available.

  • Note that the system performance may be reduced when "Enable" is selected for this item.

Enable

Disable

Access Based Enumeration

To hide the shared folders and directories that cannot be accessed according to the access control list (ACL function), select "Enable". To display inaccessible shared folders and directories, select "Disable".

This item can be set when "CIFS" or "CIFS/NFS" is selected for "Protocol".

Caution
  • If "Home Directory" is selected for "Usage", "Disable" is displayed for this item.

Enable

Disable

CIFS Allowed Hosts

Input all of the hosts that are allowed access to the shared folder by using the CIFS protocol.

When this parameter is omitted, access from all hosts is allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "CIFS" or "CIFS/NFS" is selected for "Protocol".

Caution
  • If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed.

  • If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

CIFS Denied Hosts

Input all of the hosts that are denied access to the shared folder by using the CIFS protocol.

To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "CIFS" or "CIFS/NFS" is selected for "Protocol".

Caution
  • If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed.

  • If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

NFS Allowed Hosts

Input all of the hosts that are allowed access to the shared folder by using the NFS protocol.

When this parameter is omitted, access from all hosts is allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "NFS" or "CIFS/NFS" is selected for "Protocol" and "File Sharing" is selected for "Usage".

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

Method for Inputting Hosts

Specify CIFS Allowed Hosts, CIFS Denied Hosts, or NFS Allowed Hosts by using one of the following formats.

If a value other than an IP address is specified, the value is regarded as being an FQDN.

  • Specifying a single host

    (Example 1) 192.0.2.1

  • Specifying multiple hosts

    Separate each input value with a comma (0x2C).

    • Specify the hosts by using IP addresses.

      (Example 2) 192.0.2.1, 192.0.2.2, 192.0.2.3

    • Specify the IP address and the subnet mask.

      (Example 3) 203.0.113.0/255.255.255.0

      (Example 4) 203.0.113.0/24

CIFS Permissions

The list of CIFS access permissions that are set for the shared folders is displayed.

This item is displayed when "CIFS" or "CIFS/NFS" is selected for "Protocol" and "File Sharing" is selected for "Usage".

Item Description

Checkbox to permit CIFS access

Select the checkbox for the CIFS access permissions that are to be deleted (multiple selections can be made).

Type

The type of the CIFS access permission is displayed.

If "Everyone" is displayed, all "User" and "Group" are selected as setting targets.

User

Group

Everyone

Name

The CIFS access permission target user name or group name is displayed.

This item is available when "User" or "Group" is selected for the CIFS access permission type.

Authority

The CIFS access permissions for reading from or writing to the shared folders are displayed.

Read Write

Read Only

Function Button

The function buttons are available when "CIFS" or "CIFS/NFS" is selected as the protocol.

Button Description

[Add]

Adds "CIFS Permissions".

Click this item to display the [Add CIFS Permission] screen.

[Delete]

Deletes "CIFS Permissions" that is specified with selected checkboxes to permit CIFS access.

If no deletion target items are selected, the [Delete] button cannot be clicked.

Select Volume

The NAS user volumes registered in the storage system are displayed.

Item Description Setting values

Radio buttons to select a volume

Select a NAS user volume to assign the shared folder by using the radio button.

When only one NAS user volume exists:

The checkbox for the relevant volume is selected

When multiple NAS user volumes exist:

All the checkboxes are cleared

No.

The NAS user volume number is displayed.

 

Name

The NAS user volume name is displayed.

 

Total Capacity

The total capacity [GB/TB] of the NAS user volume is displayed.

 

[Add CIFS Permission] Screen

In this screen, add the CIFS access permissions.

Item Description Setting values

Type

Select the type for setting the CIFS access permissions.

To select all users and groups, select "Everyone".

Note
  • User and group are user information that is managed in the Active Directory authentication server.

User

Group

Everyone

Name

Enter the CIFS access permission target user name or group name. (Entered letters are not case-sensitive.)

This item can only be set when "User" or "Group" is selected for the CIFS access permission type.

Caution
  • "Everyone" cannot be entered as the name. (Entered letters are not case-sensitive.)

  • The user names and group names which have already been used cannot be entered.

Alphanumeric characters and symbols (in the US-ASCII format)

Note that the following symbols and characters cannot be used.

Symbols (slash (0x2F),

colon (0x3A), asterisk (0x2A), question mark (0x3F),

double quotation (0x22), less-than sign (0x3C), greater-than sign (0x3E),

vertical line (0x7C), equal (0x3D), comma (0x2C),

semicolon (0x3B), left square bracket (0x5B), right square bracket (0x5D),

plus (0x2B), and at sign (0x40))

Up to 2048 characters

Authority

Select the CIFS access permissions for shared folders.

  • To allow reading and writing to, select "Read/Write".

  • To allow reading only, select "Read Only".

The setting conditions for each CIFS access permission type are as follows.

  • If "User" or "Group" is selected for the CIFS access permission type, the CIFS access permission is set only for the specified users or groups. Note that other users and groups cannot access the relevant shared folder.

  • If "Everyone" is selected for the CIFS access permission type, the CIFS access permission is set for all users and groups.

Caution
  • Both "Read/Write" and "Read Only" cannot be set to a single user at the same time.

  • Both "Read/Write" and "Read Only" cannot be set to a single group at the same time.

Note
  • "Read/Write" is given priority over "Read Only".
    • If "Read Only" is specified for UserA and "Read/Write" is specified for GroupA in which UserA is a part of, "Read/Write" is set for all users in GroupA including UserA.

    • If "Read/Write" is specified for UserA and "Read Only" is specified for GroupA in which UserA is a part of, "Read/Write" is set for UserA and "Read Only" is set for all other users in GroupA excluding UserA.

    • If "Everyone" is selected for the CIFS access permission type, the authority is set with the same conditions as when "Read/Write" or "Read Only" is set to all groups in the storage system.

Read/Write

Read Only

Operating Procedures

When "CIFS" or "CIFS/NFS" Is Selected As the Protocol

  1. Click [Create Shared Folder] in [Action].

  2. Specify parameters. When adding a CIFS access permission, click the [Add] button in the "CIFS Permissions" field.

    → The [Add CIFS Permission] screen appears.

    Note
    • If no CIFS access permissions are added, proceed to Step 4.

  3. Enter each item of the CIFS access permissions and then click the [OK] button.

    → The display returns to the initial screen.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

    Note
    • To change CIFS access permissions, delete the relevant "CIFS Permissions" and then add it again using this function.

  4. After confirming the settings, click the [Create] button.

    → A confirmation screen appears.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

  5. Click the [OK] button.

    → Shared folder creation starts.

  6. Click the [Done] button to return to the [NAS] screen.

When "NFS" Is Selected As the Protocol

  1. Click [Create Shared Folder] in [Action].

  2. Specify parameters, and click the [Create] button.

    → A confirmation screen appears.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

  3. Click the [OK] button.

    → Shared folder creation starts.

  4. Click the [Done] button to return to the [NAS] screen.