Modify Shared Folder

Overview
User Privileges
Settings
Operating Procedures

Overview

This function changes the shared folder settings.

Set the write privileges, Oplocks, hosts which are allowed or denied access, and CIFS access permissions to each shared folder.

This function can also change the home directory settings.

This function is used in a Unified Storage environment.

Caution

An error occurs when the total number of input characters exceeds the maximum (5120 characters). Confirm the used characters when this error occurs even if the total of input characters does not exceed the maximum. Note that a double quotation (0x22) and a single quotation (0x27) are regarded as being two characters.
If the shared folder modification has not been completed successfully, wait for the storage system status to return to normal and then try again.
If the settings for shared folders in the NAS user volume where a meta cache redistribution is being performed are changed, the process may be delayed for a maximum of two minutes.
The CIFS access permission is enabled from the next CIFS access session that is established after the permission is set. Note that if the CIFS access session is established before the CIFS access permission is set, the session operates with authority when this function is started.

User Privileges

Availability of Executions in the Default Role

Default role	Availability of executions
Monitor
Admin
StorageAdmin
AccountAdmin
SecurityAdmin
Maintainer

Refer to "User Roles and Policies" for details on the policies and roles.

Settings

Shared Folder Settings

Item	Description	Setting values
Usage	The shared folder usage is displayed. File Sharing Home Directory
Shared Folder Name	The shared folder name is displayed. For the home directory, "homes" is displayed for this item.
Protocol	The protocol is displayed. CIFS NFS CIFS/NFS
Writable	To set the write permission for the shared folder, select "Yes". To not set a write permission, select "No". If "Usage" is "File Sharing", the write permission can be selected. If "Usage" is "Home Directory", "Yes" is displayed for this item.	Yes No
IP Address	Enter the IP address to access the shared folder (IPv4 address, or a global or unique local IPv6 address).	For IPv4 address xxx.xxx.xxx.xxx xxx: 1 - 255 for the top field (decimal) xxx: 0 - 255 for other fields (decimal) Class must be A, B, or C. For IPv6 address xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx xxxx: 0 - ffff (FFFF) (hexadecimal, alphanumeric characters) Refer to "IPv6 Address Notation" for details.
Oplocks	To use the Opportunistic locking (Oplocks) function to avoid conflicts between files by locking the files in the shared folder, select "Enable". To stop use of this function, select "Disable". Caution This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". Note that enabling the Oplocks function is not recommended when "CIFS/NFS" is selected.	Enable Disable
Owner	Input the owner of the shared folder. Enter the user name for the domain to which the storage system belongs. If "Usage" is "Home Directory", the "Owner" setting is used when the following functions are executed. Backup Restoration The user specified as the owner can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories.	Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format) Note that the following symbols and characters cannot be used. Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D), colon (0x3A), semicolon (0x3B), vertical line (0x7C), equal (0x3D), comma (0x2C), plus (0x2B), asterisk (0x2A), question mark (0x3F), less-than sign (0x3C), greater-than sign (0x3E), double quotation (0x22), and at sign (0x40)) The following reserved words "root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "games", "ftp", "nobody", "systemd-network", "dbus", "polkitd", "sshd", "rpc", "gluster", "ntp", "nscd", "tss", "nslcd", "rpcuser", "nfsnobody", "tcpdump", and "oprofile" Up to 255 characters
Group	Input the group of the shared folder. Enter the group name for the domain to which the storage system belongs. If "Usage" is "Home Directory", the "Group" setting is used when the following functions are executed. Backup Restoration The specified group can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories. Note that BUILTIN groups cannot be specified.	Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format) Note that the following symbols and characters cannot be used. Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D), colon (0x3A), semicolon (0x3B), vertical line (0x7C), equal (0x3D), comma (0x2C), plus (0x2B), asterisk (0x2A), question mark (0x3F), less-than sign (0x3C), greater-than sign (0x3E), double quotation (0x22), and at sign (0x40)) The following reserved words "adm", "audio", "audit", "bin", "cdrom", "daemon", "dbus", "dialout", "disk", "dump", "floppy", "ftp", "games", "gluster", "input", "kmem", "ldap", "lock", "lp", "mail", "man", "mem", "nasconf-ct-group", "nfsnobody", "nobody", "nscd", "ntp", "oprofile", "polkitd", "root", "rpc", "rpcuser", "ssh_keys", "sshd", "sys", "systemd-journal", "systemd-network", "tape", "tcpdump", "tss", "tty", "users", "utempter", "utmp", "video", and "wheel" Up to 255 characters
SMB Encryption of Data Access	When performing SMB encryption for data while accessing the shared folder, select "Enable". When not encrypting, select "Disable". This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". Caution If a client does not support SMB3.0 or SMB3.1, accessing a shared folder where "Enable" is selected for "SMB Encryption of Data Access" is not available. Note that the system performance may be reduced when "Enable" is selected for this item. If this setting is changed for existing shared folders, sessions that have access to relevant shared folders are temporarily disconnected. However, if sessions that have already been accessing shared folders exist, the storage system waits for these sessions to complete.	Enable Disable
Access Based Enumeration	To hide the shared folders and directories that cannot be accessed according to the access control list (ACL function), select "Enable". To display inaccessible shared folders and directories, select "Disable". This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". However, if "Usage" is "Home Directory", "Disable" is displayed for this item. Caution If this setting is changed for existing shared folders, sessions that have access to relevant shared folders are temporarily disconnected.	Enable Disable
CIFS Allowed Hosts	Input all of the hosts that are allowed access to the shared folder by using the CIFS protocol. When this parameter is omitted, access from all hosts are allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details. This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". Caution Specify all the hosts that have already been allowed access, and hosts that will be allowed access. If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed. If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.	IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format) (except the question mark (0x3F) and the backslash (0x5C)) Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)
CIFS Denied Hosts	Input all of the hosts that are denied access to the shared folder by using the CIFS protocol. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details. This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". Caution Specify all the hosts that have already been denied access, and hosts that will be denied access. If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed. If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.	IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format) (except the question mark (0x3F) and the backslash (0x5C)) Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)
NFS Allowed Hosts	Input all of the hosts that are allowed access to the shared folder by using the NFS protocol. When this parameter is omitted, access from all hosts is allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details. This item can be set when "Protocol" is "NFS" or "CIFS/NFS" and "Usage" is "File Sharing". Caution Specify all the hosts that have already been allowed access, and hosts that will be allowed access.	IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format) (except the question mark (0x3F) and the backslash (0x5C)) Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

Method for Inputting Hosts
Specify CIFS Allowed Hosts, CIFS Denied Hosts, or NFS Allowed Hosts by using one of the following formats. If a value other than an IP address is specified, the value is regarded as being an FQDN. Specifying a single host (Example 1) 192.0.2.1 Specifying multiple hosts Separate each input value with a comma (0x2C). Specify the hosts by using IP addresses. (Example 2) 192.0.2.1, 192.0.2.2, 192.0.2.3 Specify the IP address and the subnet mask. (Example 3) 203.0.113.0/255.255.255.0 (Example 4) 203.0.113.0/24

Method for Inputting Hosts

Specify CIFS Allowed Hosts, CIFS Denied Hosts, or NFS Allowed Hosts by using one of the following formats.

If a value other than an IP address is specified, the value is regarded as being an FQDN.

Specifying a single host

(Example 1) 192.0.2.1
Specifying multiple hosts
Separate each input value with a comma (0x2C).
- Specify the hosts by using IP addresses.
  
  (Example 2) 192.0.2.1, 192.0.2.2, 192.0.2.3
- Specify the IP address and the subnet mask.
  
  (Example 3) 203.0.113.0/255.255.255.0
  
  (Example 4) 203.0.113.0/24

CIFS Permissions

The list of CIFS access permissions that are set for the selected shared folder is displayed.

This item is displayed when "Protocol" is "CIFS" or "CIFS/NFS" and "Usage" is "File Sharing".

Item	Description
Checkbox to permit CIFS access	Select the checkbox for the CIFS access permissions that are to be deleted (multiple selections can be made).
Type	The type of the CIFS access permission is displayed. If "Everyone" is displayed, all "User" and "Group" are selected as setting targets. User Group Everyone
Name	The CIFS access permission target user name or group name is displayed. This item is available when "User" or "Group" is selected for the CIFS access permission type.
Authority	The CIFS access permissions for reading from or writing to the shared folders are displayed. Read Write Read Only

Function Button

The function buttons are available when "CIFS" or "CIFS/NFS" is selected as the protocol.

Button	Description
[Add]	Adds "CIFS Permissions". Click this item to display the [Add CIFS Permission] screen.
[Delete]	Deletes "CIFS Permissions" that is specified with selected checkboxes to permit CIFS access. If no deletion target items are selected, the [Delete] button cannot be clicked.

Button

Description

[Add]

Adds "CIFS Permissions".

Click this item to display the [Add CIFS Permission] screen.

[Delete]

Deletes "CIFS Permissions" that is specified with selected checkboxes to permit CIFS access.

If no deletion target items are selected, the [Delete] button cannot be clicked.

Target Volume

The NAS user volume where the selected shared folder belongs to is displayed.

Item	Description
No.	The NAS user volume number is displayed.
Name	The NAS user volume name is displayed.
Total Capacity	The total capacity [GB/TB] of the NAS user volume is displayed.

[Add CIFS Permission] Screen

In this screen, add the CIFS access permissions.

Item	Description	Setting values
Type	Select the type for setting the CIFS access permissions. To select all users and groups, select "Everyone". Note User and group are user information that is managed in the Active Directory authentication server.	User Group Everyone
Name	Enter the CIFS access permission target user name or group name. (Entered letters are not case-sensitive.) This item can only be set when "User" or "Group" is selected for the CIFS access permission type. Caution "Everyone" cannot be entered as the name. (Entered letters are not case-sensitive.) The user names and group names which have already been used cannot be entered.	Alphanumeric characters and symbols (in the US-ASCII format) Note that the following symbols and characters cannot be used. Symbols (slash (0x2F), colon (0x3A), asterisk (0x2A), question mark (0x3F), double quotation (0x22), less-than sign (0x3C), greater-than sign (0x3E), vertical line (0x7C), equal (0x3D), comma (0x2C), semicolon (0x3B), left square bracket (0x5B), right square bracket (0x5D), plus (0x2B), and at sign (0x40)) Up to 2048 characters
Authority	Select the CIFS access permissions for shared folders. To allow reading and writing to, select "Read/Write". To allow reading only, select "Read Only". The setting conditions for each CIFS access permission type are as follows. If "User" or "Group" is selected for the CIFS access permission type, the CIFS access permission is set only for the specified users or groups. Note that other users and groups cannot access the relevant shared folder. If "Everyone" is selected for the CIFS access permission type, the CIFS access permission is set for all users and groups. Caution Both "Read/Write" and "Read Only" cannot be set to a single user at the same time. Both "Read/Write" and "Read Only" cannot be set to a single group at the same time. Note "Read/Write" is given priority over "Read Only". If "Read Only" is specified for UserA and "Read/Write" is specified for GroupA in which UserA is a part of, "Read/Write" is set for all users in GroupA including UserA. If "Read/Write" is specified for UserA and "Read Only" is specified for GroupA in which UserA is a part of, "Read/Write" is set for UserA and "Read Only" is set for all other users in GroupA excluding UserA. If "Everyone" is selected for the CIFS access permission type, the authority is set with the same conditions as when "Read/Write" or "Read Only" is set to all groups in the storage system.	Read/Write Read Only

Item

Description

Setting values

Type

Select the type for setting the CIFS access permissions.

To select all users and groups, select "Everyone".

Note

User and group are user information that is managed in the Active Directory authentication server.

User

Group

Everyone

Name

Enter the CIFS access permission target user name or group name. (Entered letters are not case-sensitive.)

This item can only be set when "User" or "Group" is selected for the CIFS access permission type.

Caution

"Everyone" cannot be entered as the name. (Entered letters are not case-sensitive.)
The user names and group names which have already been used cannot be entered.

Alphanumeric characters and symbols (in the US-ASCII format)

Note that the following symbols and characters cannot be used.

Symbols (slash (0x2F), colon (0x3A), asterisk (0x2A), question mark (0x3F),

double quotation (0x22), less-than sign (0x3C), greater-than sign (0x3E), vertical line (0x7C), equal (0x3D), comma (0x2C),

semicolon (0x3B), left square bracket (0x5B), right square bracket (0x5D), plus (0x2B), and at sign (0x40))

Up to 2048 characters

Authority

Select the CIFS access permissions for shared folders.

To allow reading and writing to, select "Read/Write".
To allow reading only, select "Read Only".

The setting conditions for each CIFS access permission type are as follows.

If "User" or "Group" is selected for the CIFS access permission type, the CIFS access permission is set only for the specified users or groups. Note that other users and groups cannot access the relevant shared folder.
If "Everyone" is selected for the CIFS access permission type, the CIFS access permission is set for all users and groups.

Caution

Both "Read/Write" and "Read Only" cannot be set to a single user at the same time.
Both "Read/Write" and "Read Only" cannot be set to a single group at the same time.

Note

"Read/Write" is given priority over "Read Only".
- If "Read Only" is specified for UserA and "Read/Write" is specified for GroupA in which UserA is a part of, "Read/Write" is set for all users in GroupA including UserA.
- If "Read/Write" is specified for UserA and "Read Only" is specified for GroupA in which UserA is a part of, "Read/Write" is set for UserA and "Read Only" is set for all other users in GroupA excluding UserA.
- If "Everyone" is selected for the CIFS access permission type, the authority is set with the same conditions as when "Read/Write" or "Read Only" is set to all groups in the storage system.

Read/Write

Read Only

Operating Procedures

When the Protocol of the Shared Folder That Is to Be Modified Is "CIFS" or "CIFS/NFS"

Select the shared folder that is to be changed and click [Modify Shared Folder] in [Action].
Change the parameters. When adding a CIFS access permission, click the [Add] button in the "CIFS Permissions" field.
→ The [Add CIFS Permission] screen appears.
Caution
- If this function is used, all the existing "CIFS Permissions" settings are overwritten. Do not delete the "CIFS Permissions" settings that are to be used.
Note
- When deleting a CIFS access permission, select "CIFS Permissions" that is to be deleted and click the [Delete] button. Proceed to Step 4.
- If no CIFS access permissions are added, proceed to Step 4.
- If no CIFS access permissions are changed, proceed to Step 4.
Enter each item of the CIFS access permissions and then click the [OK] button.
→ The display returns to the initial screen.
Caution
- If the entered parameters do not satisfy the input conditions, an error screen appears.
Note
- To change CIFS access permissions, delete the relevant "CIFS Permissions" and then add it again using this function.
After confirming the settings, click the [Modify] button.
→ A confirmation screen appears.
Caution
- If the entered parameters do not satisfy the input conditions, an error screen appears.
Click the [OK] button.

→ Modification of shared folder setting starts.
Click the [Done] button to return to the [NAS] screen.

When the Protocol of the Shared Folder That Is to Be Modified Is "NFS"

Select the shared folder that is to be changed and click [Modify Shared Folder] in [Action].
Change the parameters, and click the [Modify] button.
→ A confirmation screen appears.
Caution
- If the entered parameters do not satisfy the input conditions, an error screen appears.
Click the [OK] button.

→ Modification of shared folder setting starts.
Click the [Done] button to return to the [NAS] screen.