Adding SMB share permissions via CLI

Thanks for your reply.  Can you give me a CLI example of how to add an AD user to a share?

Hello Prashant,

You can refer to examples below.

The following commands create a directory at /ifs/data/share1 and then create

a share named share1 using that path:

mkdir /ifs/data/share1

isi smb shares create --name=share1 --path=/ifs/data/share1 \

--browsable=true --description="Example Share 1"

The following command creates a directory at /ifs/data/share2 and converts it to an SMB share:

isi smb shares create share2 --inheritable-path=/ifs/data/share2 \ --create-path --browsable=true --description="Example Share 2"

The following command creates a directory at /ifs/data/share3 and converts it to an SMB share. The command also applies an ACL to the share:

isi smb shares create share3 --inheritable-path=/ifs/data/share3 \ --create-path --browsable=true --description="Example Share 3" \ --inheritable-path-acl=true --create-permissions="default acl"

The following command creates the directory /ifs/data/share4 and converts it to

a non-browsable SMB share. The command also configures the use of mode bits for

permissions control:

isi smb shares create --name=share4 --path=/ifs/data/share4 \ --create-path --browsable=false --description="Example Share 4" \ --inheritable-path-acl=true --create-permissions="use create mask\ and mode"

2. Run the isi smb shares permission modify command to enable access to the share. The following command allows the well-known user Everyone full permissions to the HOMEDIR share:

isi smb shares permission modify HOMEDIR --wellknown Everyone \ --permission-type allow --permission full

For Onefs 7.0.x

isi smb shares permission create { | --uid

| --group | --gid | --sid | --wellknown }

{--permission-type {allow | deny}

--permission {full | change | read} | --run-as-root}

[--zone ]

[--verbose]

To modify permissions

isi smb shares permission modify

{ | --group | --gid | --uid | --sid

| --wellknown }

[{--permission-type {allow | deny} --permission {full | change |

read} | --run-as-root}]

[--zone ]

[--verbose]

Yup!  You have to be careful because Windows uses a backslash which is the escape character in UNIX.  If you used two \\ that would have worked as well.  Quoting it is just easier in most cases.

Hello Prashant,

Which version of onefs ?

you can check by  typing uname -a.

It's 7.1.1.1.

Thanks!  That worked.  I didn't have the quotes around it before and it was giving a persona error.

How do you then delete an account from an existing SMB share? I am currently on OneFS 6.5.5.29.

Rafael,

The syntax is different in 7.x from 6.5.5.x, and keep in mind 6.5 goes EOSL in 2 months, so please plan an upgrade accordingly.

That said, on 6.5.5, the syntax is in the format:

isi smb permission delete sharename --user domain
username

In 7.x and above it’s

isi smb shares permission delete sharename --user domain
user

There is a really handly CLI reference guide between the versions (tells you what changes) available here:

https://support.emc.com/docu56264_OneFS-CLI-Mappings.pdf?language=en_US

Look to page 7 for this particular syntax.

Chris Klosterman, ICSP, ICIE, CCNA, VCP

Email: chris.klosterman@emc.com

Senior Solution Architect

Offer and Enablement Team

EMC²| Isilon Storage Division

unfortunately this command is not work in oneFs 8.x /or Powerscale, if you have any idea please share.

thanks

Share(s) do(es) not exist: No such file or directory

Usage:
isi smb shares permission view { | --group | --gid | --uid | --sid
| --wellknown }
[--zone ]
[{--help | -h}]

Hello Ahmed-,

Here are a few links to some KB’s that maybe of assistance.

https://dell.to/3j7bRe5

https://dell.to/2V5jEBi

https://dell.to/3lcaAVZ