Veritas™ Access 7.2.1

To share a file system over CIFS protocol, indicate the following:

Before the clients can access the NFS share, the NFS service must be running on the Veritas Access cluster.

Table: Access types

Access Type

Description

Read Only (Default)

Grants read-only permission to the exported share. Files cannot be created or modified.

Read Write

Grants read and write permission to the exported share.

Table: Export options

Export Option

Description

Hide Unreadable

Prevents clients from seeing the existence of files and directories that are not readable to them.

Guest

Allows restricted access to the share when no user name or password is provided.

Oplocks

Supports opportunistic locks on the files in this share.

Full ACL

Allows All Windows Access Control Lists (ACLs). Note: All Windows Access Control Lists (ACLs) are supported except in the case when you attempt using the Windows Explorer folder Properties > Security GUI to inherit down to a non-empty directory hierarchy while denying all access to yourself.

Veto System Files

Hides system files (lost+found, quotas, quotas.grp) from displaying when using a CIFS normal share. The default is to display the system files.

Owner

Specifies the owner for the root directory of the exported share. By default, Veritas Access root owns the root directory. CIFS clients can create folders and files in the share. However, there are some operations that require owner privileges. For example, changing the owner itself, and changing permissions of the top-level folder (that is, the root directory). Set the owner to enable the specified user to perform the privileged operations.

Group

Specifies the primary group owner of the root directory of the exported share. By default, Veritas Access root is the primary group owner. CIFS clients can create folders and files in the share. However, there are some operations that require group privileges. For example, changing the group itself, and changing permissions of the top-level folder (that is, the root directory). Set the group to enable the specified group to perform the privileged operations.

Create Mask

When a file is created under a file system exported by CIFS, the necessary permissions are calculated by mapping DOS modes to UNIX permission. The resulting UNIX mode is then bit-wise 'AND'ed with this parameter. Any bit not set here is removed from the modes set on a file when it is created. The default is: Create Mask = 0744.

Dir Mask

When a directory is created under a file system exported by CIFS, the necessary permissions are calculated by mapping DOS modes to UNIX permissions. The resulting UNIX mode is then bit-wise 'AND'ed with this parameter. Any bit not set here is removed from the modes set on a directory when it is created. The default is: Dir Mask = 0755.

File System Mode

When a file system is exported by CIFS, its mode is set to an fs_mode value. It is the UNIX access control set on a file system, and CIFS options like rw/ro do not take precedence over it. This value is reset to 0755 when the CIFS share is deleted. The default is: FS Mode = 1777.

Virtual IP

Veritas Access lets you specify a virtual IP address. This address must be part of the Veritas Access cluster, and is used by the system to serve the share internally.

Allow User and User Groups

Specifies the CIFS local users, local groups, AD users, or AD groups to allow to access the share.

Deny User and User Groups

Specifies the CIFS local users, local groups, AD users, or AD groups users or groups to deny access to the share. For example, use the Deny User and User Groups option to exclude a particular user that is a member of an allowed group.

More Information

Adding a share

About file sharing protocols

Managing permissions for CIFS shares

Getting Started
Overview of Veritas Access, dashboard
Manage Storage
Provision and manage disks and storage pools
Manage File Sharing Services
File sharing services: NFS, CIFS, and S3
Monitor and Troubleshoot
View alerts, events, usage, and reports
Provision and Manage File Systems
Create and manage file systems
Provision and Manage Shares
Create and manage NFS shares, CIFS shares, and S3 shares
Manage Policies
Manage policies for storage provisioning
Manage Settings
Configure cloud services, replication, events, NetBackup, and licensing
Veritas™ Access 7.2.1

To share a file system over CIFS protocol, indicate the following:

Before the clients can access the NFS share, the NFS service must be running on the Veritas Access cluster.

Table: Access types

Access Type

Description

Read Only (Default)

Grants read-only permission to the exported share. Files cannot be created or modified.

Read Write

Grants read and write permission to the exported share.

Table: Export options

Export Option

Description

Hide Unreadable

Prevents clients from seeing the existence of files and directories that are not readable to them.

Guest

Allows restricted access to the share when no user name or password is provided.

Oplocks

Supports opportunistic locks on the files in this share.

Full ACL

Allows All Windows Access Control Lists (ACLs). Note: All Windows Access Control Lists (ACLs) are supported except in the case when you attempt using the Windows Explorer folder Properties > Security GUI to inherit down to a non-empty directory hierarchy while denying all access to yourself.

Veto System Files

Hides system files (lost+found, quotas, quotas.grp) from displaying when using a CIFS normal share. The default is to display the system files.

Owner

Specifies the owner for the root directory of the exported share. By default, Veritas Access root owns the root directory. CIFS clients can create folders and files in the share. However, there are some operations that require owner privileges. For example, changing the owner itself, and changing permissions of the top-level folder (that is, the root directory). Set the owner to enable the specified user to perform the privileged operations.

Group

Specifies the primary group owner of the root directory of the exported share. By default, Veritas Access root is the primary group owner. CIFS clients can create folders and files in the share. However, there are some operations that require group privileges. For example, changing the group itself, and changing permissions of the top-level folder (that is, the root directory). Set the group to enable the specified group to perform the privileged operations.

Create Mask

When a file is created under a file system exported by CIFS, the necessary permissions are calculated by mapping DOS modes to UNIX permission. The resulting UNIX mode is then bit-wise 'AND'ed with this parameter. Any bit not set here is removed from the modes set on a file when it is created. The default is: Create Mask = 0744.

Dir Mask

When a directory is created under a file system exported by CIFS, the necessary permissions are calculated by mapping DOS modes to UNIX permissions. The resulting UNIX mode is then bit-wise 'AND'ed with this parameter. Any bit not set here is removed from the modes set on a directory when it is created. The default is: Dir Mask = 0755.

File System Mode

When a file system is exported by CIFS, its mode is set to an fs_mode value. It is the UNIX access control set on a file system, and CIFS options like rw/ro do not take precedence over it. This value is reset to 0755 when the CIFS share is deleted. The default is: FS Mode = 1777.

Virtual IP

Veritas Access lets you specify a virtual IP address. This address must be part of the Veritas Access cluster, and is used by the system to serve the share internally.

Allow User and User Groups

Specifies the CIFS local users, local groups, AD users, or AD groups to allow to access the share.

Deny User and User Groups

Specifies the CIFS local users, local groups, AD users, or AD groups users or groups to deny access to the share. For example, use the Deny User and User Groups option to exclude a particular user that is a member of an allowed group.

More Information

Adding a share

About file sharing protocols

Managing permissions for CIFS shares