Modify Shared Folder

Overview

This function changes the shared folder settings.

Set the write privileges, Oplocks, hosts which are allowed or denied access, and CIFS access permissions to each shared folder.

This function can also change the home directory settings.

This function is used in a Unified Storage environment.

Caution
  • An error occurs when the total number of input characters exceeds the maximum (5120 characters). Confirm the used characters when this error occurs even if the total of input characters does not exceed the maximum. Note that a double quotation (0x22) and a single quotation (0x27) are regarded as being two characters.

  • If the shared folder modification has not been completed successfully, wait for the storage system status to return to normal and then try again.

  • If the settings for shared folders in the NAS user volume where a meta cache redistribution is being performed are changed, the process may be delayed for a maximum of two minutes.

  • The CIFS access permission is enabled from the next CIFS access session that is established after the permission is set. Note that if the CIFS access session is established before the CIFS access permission is set, the session operates with authority when this function is started.

User Privileges

Availability of Executions in the Default Role

Default role Availability of executions
Monitor  
Admin
StorageAdmin
AccountAdmin  
SecurityAdmin  
Maintainer

Refer to "User Roles and Policies" for details on the policies and roles.

Settings

Shared Folder Settings

Item Description Setting values

Usage

The shared folder usage is displayed.

File Sharing

Home Directory

Shared Folder Name

The shared folder name is displayed.

For the home directory, "homes" is displayed for this item.

Protocol

The protocol is displayed.

CIFS

NFS

CIFS/NFS

Writable

To set the write permission for the shared folder, select "Yes". To not set a write permission, select "No".

If "Usage" is "File Sharing", the write permission can be selected.

If "Usage" is "Home Directory", "Yes" is displayed for this item.

Yes

No

IP Address

Enter the IP address to access the shared folder (IPv4 address, or a global or unique local IPv6 address).

  • For IPv4 address

    • xxx.xxx.xxx.xxx

      xxx: 1 - 255 for the top field (decimal)

      xxx: 0 - 255 for other fields (decimal)

    • Class must be A, B, or C.

  • For IPv6 address

    xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

    xxxx: 0 - ffff (FFFF) (hexadecimal, alphanumeric characters)

    Refer to "IPv6 Address Notation" for details.

Oplocks

To use the Opportunistic locking (Oplocks) function to avoid conflicts between files by locking the files in the shared folder, select "Enable". To stop use of this function, select "Disable".

Caution
  • This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". Note that enabling the Oplocks function is not recommended when "CIFS/NFS" is selected.

Enable

Disable

Owner

Input the owner of the shared folder.

Enter the user name for the domain to which the storage system belongs.

If "Usage" is "Home Directory", the "Owner" setting is used when the following functions are executed.

  • Backup

  • Restoration

The user specified as the owner can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories.

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

Note that the following symbols and characters cannot be used.

  • Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D),

    colon (0x3A), semicolon (0x3B), vertical line (0x7C),

    equal (0x3D), comma (0x2C), plus (0x2B),

    asterisk (0x2A), question mark (0x3F), less-than sign (0x3C),

    greater-than sign (0x3E), double quotation (0x22), and at sign (0x40))

  • The following reserved words

    "root", "bin", "daemon",

    "adm", "lp", "sync",

    "shutdown", "halt", "mail",

    "operator", "games", "ftp",

    "nobody", "systemd-network",

    "dbus", "polkitd", "sshd",

    "rpc", "gluster", "ntp",

    "nscd", "tss", "nslcd",

    "rpcuser", "nfsnobody", "tcpdump",

    and "oprofile"

Up to 255 characters

Group

Input the group of the shared folder.

Enter the group name for the domain to which the storage system belongs.

If "Usage" is "Home Directory", the "Group" setting is used when the following functions are executed.

  • Backup

  • Restoration

The specified group can access shared folders ("$homes" or "homes$bak") that are available when restoring or mounting backups that include home directories.

Note that BUILTIN groups cannot be specified.

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

Note that the following symbols and characters cannot be used.

  • Symbols (slash (0x2F), left square bracket (0x5B), right square bracket (0x5D),

    colon (0x3A), semicolon (0x3B), vertical line (0x7C),

    equal (0x3D), comma (0x2C), plus (0x2B),

    asterisk (0x2A), question mark (0x3F), less-than sign (0x3C),

    greater-than sign (0x3E), double quotation (0x22),

    and at sign (0x40))

  • The following reserved words

    "adm", "audio", "audit",

    "bin", "cdrom", "daemon",

    "dbus", "dialout", "disk",

    "dump", "floppy", "ftp",

    "games", "gluster", "input",

    "kmem", "ldap", "lock",

    "lp", "mail", "man",

    "mem", "nasconf-ct-group", "nfsnobody",

    "nobody", "nscd", "ntp",

    "oprofile", "polkitd", "root",

    "rpc", "rpcuser", "ssh_keys",

    "sshd", "sys", "systemd-journal",

    "systemd-network", "tape", "tcpdump",

    "tss", "tty", "users",

    "utempter", "utmp", "video",

    and "wheel"

Up to 255 characters

SMB Encryption of Data Access

When performing SMB encryption for data while accessing the shared folder, select "Enable". When not encrypting, select "Disable".

This item can be set when "Protocol" is "CIFS" or "CIFS/NFS".

Caution
  • If a client does not support SMB3.0 or SMB3.1, accessing a shared folder where "Enable" is selected for "SMB Encryption of Data Access" is not available.

  • Note that the system performance may be reduced when "Enable" is selected for this item.

  • If this setting is changed for existing shared folders, sessions that have access to relevant shared folders are temporarily disconnected. However, if sessions that have already been accessing shared folders exist, the storage system waits for these sessions to complete.

Enable

Disable

Access Based Enumeration

To hide the shared folders and directories that cannot be accessed according to the access control list (ACL function), select "Enable". To display inaccessible shared folders and directories, select "Disable".

This item can be set when "Protocol" is "CIFS" or "CIFS/NFS". However, if "Usage" is "Home Directory", "Disable" is displayed for this item.

Caution
  • If this setting is changed for existing shared folders, sessions that have access to relevant shared folders are temporarily disconnected.

Enable

Disable

CIFS Allowed Hosts

Input all of the hosts that are allowed access to the shared folder by using the CIFS protocol.

When this parameter is omitted, access from all hosts are allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "Protocol" is "CIFS" or "CIFS/NFS".

Caution
  • Specify all the hosts that have already been allowed access, and hosts that will be allowed access.

  • If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed.

  • If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

CIFS Denied Hosts

Input all of the hosts that are denied access to the shared folder by using the CIFS protocol.

To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "Protocol" is "CIFS" or "CIFS/NFS".

Caution
  • Specify all the hosts that have already been denied access, and hosts that will be denied access.

  • If both "CIFS Allowed Hosts" and "CIFS Denied Hosts" are omitted, access from all hosts is allowed.

  • If the same host is specified for both "CIFS Allowed Hosts" and "CIFS Denied Hosts", access from the relevant host is allowed because the "CIFS Allowed Hosts" setting has priority.

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

NFS Allowed Hosts

Input all of the hosts that are allowed access to the shared folder by using the NFS protocol.

When this parameter is omitted, access from all hosts is allowed. To specify multiple hosts, separate each input value with a comma (0x2C). Refer to "Method for Inputting Hosts" for details.

This item can be set when "Protocol" is "NFS" or "CIFS/NFS" and "Usage" is "File Sharing".

Caution
  • Specify all the hosts that have already been allowed access, and hosts that will be allowed access.

IP address (IPv4 address, or a global or unique local IPv6 address), FQDN, or host name

Alphanumeric characters and symbols (0x20 - 0x7E in the US-ASCII format)

(except the question mark (0x3F) and the backslash (0x5C))

Up to 1023 characters (note that any commas (0x2C) that are used to separate the values are also included in the number of characters)

Method for Inputting Hosts

Specify CIFS Allowed Hosts, CIFS Denied Hosts, or NFS Allowed Hosts by using one of the following formats.

If a value other than an IP address is specified, the value is regarded as being an FQDN.

  • Specifying a single host

    (Example 1) 192.0.2.1

  • Specifying multiple hosts

    Separate each input value with a comma (0x2C).

    • Specify the hosts by using IP addresses.

      (Example 2) 192.0.2.1, 192.0.2.2, 192.0.2.3

    • Specify the IP address and the subnet mask.

      (Example 3) 203.0.113.0/255.255.255.0

      (Example 4) 203.0.113.0/24

CIFS Permissions

The list of CIFS access permissions that are set for the selected shared folder is displayed.

This item is displayed when "Protocol" is "CIFS" or "CIFS/NFS" and "Usage" is "File Sharing".

Item Description

Checkbox to permit CIFS access

Select the checkbox for the CIFS access permissions that are to be deleted (multiple selections can be made).

Type

The type of the CIFS access permission is displayed.

If "Everyone" is displayed, all "User" and "Group" are selected as setting targets.

User

Group

Everyone

Name

The CIFS access permission target user name or group name is displayed.

This item is available when "User" or "Group" is selected for the CIFS access permission type.

Authority

The CIFS access permissions for reading from or writing to the shared folders are displayed.

Read Write

Read Only

Function Button

The function buttons are available when "CIFS" or "CIFS/NFS" is selected as the protocol.

Button Description

[Add]

Adds "CIFS Permissions".

Click this item to display the [Add CIFS Permission] screen.

[Delete]

Deletes "CIFS Permissions" that is specified with selected checkboxes to permit CIFS access.

If no deletion target items are selected, the [Delete] button cannot be clicked.

Target Volume

The NAS user volume where the selected shared folder belongs to is displayed.

Item Description

No.

The NAS user volume number is displayed.

Name

The NAS user volume name is displayed.

Total Capacity

The total capacity [GB/TB] of the NAS user volume is displayed.

[Add CIFS Permission] Screen

In this screen, add the CIFS access permissions.

Item Description Setting values

Type

Select the type for setting the CIFS access permissions.

To select all users and groups, select "Everyone".

Note
  • User and group are user information that is managed in the Active Directory authentication server.

User

Group

Everyone

Name

Enter the CIFS access permission target user name or group name. (Entered letters are not case-sensitive.)

This item can only be set when "User" or "Group" is selected for the CIFS access permission type.

Caution
  • "Everyone" cannot be entered as the name. (Entered letters are not case-sensitive.)

  • The user names and group names which have already been used cannot be entered.

Alphanumeric characters and symbols (in the US-ASCII format)

Note that the following symbols and characters cannot be used.

Symbols (slash (0x2F), colon (0x3A), asterisk (0x2A), question mark (0x3F),

double quotation (0x22), less-than sign (0x3C), greater-than sign (0x3E), vertical line (0x7C), equal (0x3D), comma (0x2C),

semicolon (0x3B), left square bracket (0x5B), right square bracket (0x5D), plus (0x2B), and at sign (0x40))

Up to 2048 characters

Authority

Select the CIFS access permissions for shared folders.

  • To allow reading and writing to, select "Read/Write".

  • To allow reading only, select "Read Only".

The setting conditions for each CIFS access permission type are as follows.

  • If "User" or "Group" is selected for the CIFS access permission type, the CIFS access permission is set only for the specified users or groups. Note that other users and groups cannot access the relevant shared folder.

  • If "Everyone" is selected for the CIFS access permission type, the CIFS access permission is set for all users and groups.

Caution
  • Both "Read/Write" and "Read Only" cannot be set to a single user at the same time.

  • Both "Read/Write" and "Read Only" cannot be set to a single group at the same time.

Note
  • "Read/Write" is given priority over "Read Only".
    • If "Read Only" is specified for UserA and "Read/Write" is specified for GroupA in which UserA is a part of, "Read/Write" is set for all users in GroupA including UserA.

    • If "Read/Write" is specified for UserA and "Read Only" is specified for GroupA in which UserA is a part of, "Read/Write" is set for UserA and "Read Only" is set for all other users in GroupA excluding UserA.

    • If "Everyone" is selected for the CIFS access permission type, the authority is set with the same conditions as when "Read/Write" or "Read Only" is set to all groups in the storage system.

Read/Write

Read Only

Operating Procedures

When the Protocol of the Shared Folder That Is to Be Modified Is "CIFS" or "CIFS/NFS"

  1. Select the shared folder that is to be changed and click [Modify Shared Folder] in [Action].

  2. Change the parameters. When adding a CIFS access permission, click the [Add] button in the "CIFS Permissions" field.

    → The [Add CIFS Permission] screen appears.

    Caution
    • If this function is used, all the existing "CIFS Permissions" settings are overwritten. Do not delete the "CIFS Permissions" settings that are to be used.

    Note
    • When deleting a CIFS access permission, select "CIFS Permissions" that is to be deleted and click the [Delete] button. Proceed to Step 4.

    • If no CIFS access permissions are added, proceed to Step 4.

    • If no CIFS access permissions are changed, proceed to Step 4.

  3. Enter each item of the CIFS access permissions and then click the [OK] button.

    → The display returns to the initial screen.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

    Note
    • To change CIFS access permissions, delete the relevant "CIFS Permissions" and then add it again using this function.

  4. After confirming the settings, click the [Modify] button.

    → A confirmation screen appears.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

  5. Click the [OK] button.

    → Modification of shared folder setting starts.

  6. Click the [Done] button to return to the [NAS] screen.

When the Protocol of the Shared Folder That Is to Be Modified Is "NFS"

  1. Select the shared folder that is to be changed and click [Modify Shared Folder] in [Action].

  2. Change the parameters, and click the [Modify] button.

    → A confirmation screen appears.

    Caution
    • If the entered parameters do not satisfy the input conditions, an error screen appears.

  3. Click the [OK] button.

    → Modification of shared folder setting starts.

  4. Click the [Done] button to return to the [NAS] screen.