Jump To: Support > KB > NetManager > Shared > CIFS

CIFS file shares

CIFS (a.k.a. SMB) is the file sharing mechanism used by Microsoft Windows. NetManager allows you to share directories to Windows machines just like a Windows Server, but with a little more flexibility:

• Shares can be marked as hidden without having to rename them (in Windows you need to put a $ on the end which breaks any existing access)
• Any file-type can be hidden and thus make inaccessible

By default, every users' home area is shared as their username (e.g. \\netmanager\jsmith). This allows easy access to their personal webpages. Additionally the main intranet webpages served by the NetManager can be accessed using a share called Webpages. Access to this share is granted only to administrators.

If you use Active Directory (AD) on your network, you should join the NetManager to your domain to allow seamless access.

Certain AD users can be mapped to user root on NetManager to give full access. By default, this is just the user called administrator. You can edit this list by going to the Global Options tab on Filesystem > Sharing in webadmin.

Access permissions for the Webpages share.

The root user is the only user given access to the Webpages share by default. As described above, certain AD users can be mapped to root.

If you do not want to grant full root access to users who need to edit webpages (and we recommend that you do not!), you have a couple of options:

• Create a new share called, for example, intranet which gives access to the same area but allows you to specify the users. In fact, you can call it Webpages if you wish - it will automatically replace the standard share if you do so.
• Edit samba_webpages_users in the Central Configuration File to grant other users access. There is no webadmin front-end for this at the time of writing.

Create/Edit a CIFS Shared Area

To create or edit a CIFS shared area, go to Filesystem > Sharing in webadmin. The default Configure Shares tab is the one you need. To create a new share, enter a name in the box and click Add. To edit an existing one, locate the share in the list underneath and click Edit/Rename/Delete/Disable/Enable as appropriate.

There are a number of important settings to consider when setting up a share. On NetManager you will tend to not use file permissions to control access, but rather set the permissions on the share. Settings required:

• Name of share
• Share Description to be shown when browsing (optional)
• Path on NetManager to share
• Browseable? This means whether it is hidden when browsing the network. N.B. unlike Windows you can make a share hidden or unhidden without renaming it
• Writable by: List of users or groups who can write to the share (everyone is also an option)
• Accessible by: List of users or groups who can access (i.e. read from) the share (everyone is also an option)
• Inherit owner - whether new files and directories have the same owner as the parent directory they are created in. In Windows, new files generally inherit permissions, but in Unix (i.e. NetManager) they do not.
• Force access as user - on earlier versions this was known as Force ownership. Controls whether to override the user when access/creating files. If not selected, all access will be done as the user you are logged on as (i.e. the file permissions must allow you access). If selected, then the specified user will be used instead. This may allow wider access to be granted (e.g. root would give access to all files even if they were set to be readable only by the owner). If no user is specified, then the owner of the path being shared will be used instead. When new files or directories are created, then they will be created as this user (unless Inherit owner is enabled). This can cause problems on a share that is written to by multiple users (e.g. a shared resource area).

Worked examples:

Shared Resources accessible by everyone, but writable only by Staff

1. Type Resources into the share name box and click Add
2. The standard file location for generic shares is /usr/shares so type /usr/shares/resources into the Path: field
3. Click Validate Path
4. A warning The path you have entered does not exist. will be displayed. Click on Create Directory.
5. You will be asked to specify the permissions and ownership of the new directory. Type ncadmin as the Owner and leave the permissions tickboxes as they are.
6. Click on Create Directory'. You will be returned to the main edit page
7. Tick the Browseable? box
8. Select Specified Users/Groups in the Writable by: section
9. Enter root in the Users: box (so that administrator has access)
10. Select the groupname staff in the Groups: box below
11. Make sure Everyone is checked alongside Accessible by:
12. Leave the Users: and Groups: sections alone
13. Leave the Inherit ownership box unticked
14. Tick the Force access as user: box
15. Don't enter a username alongside Force access as user:. The user to use will be automatically determined
16. Click on Add Share

Main webpage area writeable and accessible only by a certain list of users

1. Type Intranet into the share name box and click Add
2. Type www into the Path: field. As this is not a full path, it will be taken to mean the home area of this user (the webpages are held in user www's home area)
3. Click Validate Path and the full path (/usr/export/home/www) will be entered. A message The path is valid. will be displayed.
4. Leave the Browseable? box unticked
5. Select Everyone in the Writable by: section
6. Leave the Users: and Groups: sections alone
7. Make sure Specified Users/Groups is checked alongside Accessible by:
8. Enter the list of users separated by spaces in the Users: section
9. Leave all the groups unselected
10. Leave the Inherit ownership box unticked
11. Tick the Force access as user: box
12. Don't enter a username alongside Force access as user:. The user to use will be automatically determined
13. Click on Add Share