PowerScaleOneFS CLI Command Reference

Syntax

isi smb settings shares modify
  [--access-based-enumeration {yes | no}]
  [--revert-access-based-enumeration]
  [--access-based-enumeration-root-only {yes | no}]
  [--revert-access-based-enumeration-root-only]
  [--allow-delete-readonly {yes | no}]
  [--revert-allow-delete-readonly]
  [--allow-execute-always {yes | no}]
  [--revert-allow-execute-always]
  [--ca-timeout <integer>]
  [--revert-ca-timeout]
  [--strict-ca-lockout {yes | no}]
  [--revert-strict-ca-lockout]
  [--ca-write-integrity {none | write-read-coherent | full}]
  [--revert-ca-write-integrity]
  [--change-notify {all | norecurse | none}]
  [--revert-change-notify]
  [--create-permissions {"default acl" | "inherit mode bits" | "use create mask and mode"}]
  [--revert-create-permissions]
  [--directory-create-mask <integer>]
  [--revert-directory-create-mask]
  [--directory-create-mode <integer>]
  [--revert-directory-create-mode]
  [--file-create-mask <integer>]
  [--revert-file-create-mask]
  [--file-create-mode <integer>]
  [--revert-file-create-mode]
  [--file-filtering-enabled {yes | no}]
  [--revert-file-filtering-enabled]
  [--file-filter-extensions <string>]
  [--clear-file-filter-extensions]
  [--add-file-filter-extensions <string>]
  [--remove-file-filter-extensions <string>]
  [--revert-file-filter-extensions]
  [--file-filter-type {deny | allow}
  [--revert-file-filter-type]
  [--hide-dot-files {yes | no}]
  [--revert-hide-dot-files]
  [--host-acl <host-acl>]
  [--revert-host-acl]
  [--clear-host-acl]
  [--add-host-acl <string>]
  [--remove-host-acl <string>]
  [--impersonate-guest {always | "bad user" | never}]
  [--revert-impersonate-guest]
  [--impersonate-user <string>]
  [--revert-impersonate-user]
  [--mangle-byte-start <integer>]
  [--revert-mangle-byte-start]
  [--mangle-map <mangle-map>]
  [--revert-mangle-map]
  [--clear-mangle-map]
  [--add-mangle-map <string>]
  [--remove-mangle-map <string>]
  [--ntfs-acl-support {yes | no}]
  [--revert-ntfs-acl-support]
  [--oplocks {yes | no}]\
  [--revert-oplocks]
  [--smb3-encryption-enabled {yes | no}]
  [--revert-smb3-encryption-enabled]
  [--strict-flush {yes | no}]
  [--revert-strict-flush]
  [--strict-locking {yes | no}]
  [--revert-strict-locking]
  [--zone <string>]

Options

--access-based-enumeration {yes | no}

Specifies whether access-based enumeration is enabled.

--revert-access-based-enumeration

Sets the value to the system default for --access-based-enumeration.

--access-based-enumeration-root-only {yes | no}

Specifies whether access-based enumeration is only enabled on the root directory of the share.

--revert-access-based-enumeration-root-only

Sets the value to the system default for --access-based-enumeration-root-only.

--allow-delete-readonly {yes | no}

Specifies whether read-only files can be deleted.

--revert-allow-delete-readonly

Sets the value to the system default for --allow-delete-readonly.

--allow-execute-always {yes | no}

Specifies whether a user with read access to a file can also execute the file.

--revert-allow-execute-always

Sets the value to the system default for --allow-execute-always.

--ca-timeout <integer>

The amount of time, in seconds, a persistent handle is retained after a client is disconnected or a server fails. The default is 120 seconds.

--revert-ca-timeout

Sets the value to the system default for --ca-timeout.

--strict-ca-lockout {yes | no}

If set to yes, prevents another client from opening a file if a client has an open but disconnected persistent handle for that file. If set to no, OneFS issues persistent handles, but discards them if any client other than the original opener attempts to open the file. This option is only relevant if --continuously-available was set to yes when the share was created. The default is yes.

--revert-strict-ca-lockout

Sets the value to the system default for --strict-ca-lockout.

--ca-write-integrity {none | write-read-coherent | full}

Specifies the level of write integrity on continuously available shares:

none

Continuously available writes are not handled differently than other writes to the cluster. If you specify none and a node fails, you may experience data loss without notification. Therefore, we do not recommend this option.

write-read-coherent

Ensures that writes to the share are moved to persistent storage before a success message is returned to the SMB client that sent the data. This is the default setting.

full

Ensures that writes to the share are moved to persistent storage before a success message is returned to the SMB client that sent the data, and prevents OneFS from granting SMB clients write-caching and handle-caching leases.

--revert-ca-write-integrity

Sets the value to the system default for --ca-write-integrity.

--change-notify {norecurse | all | none}

Defines the change notify setting. The acceptable values are norecurse, all, and none.

--revert-change-notify

Sets the value to the system default for --change-notify.

--create-permissions {"default acl" | "inherit mode bits" | "use create mask and mode"}

Sets the default permissions to apply when a file or directory is created.

--revert-create-permissions

Sets the value to the system default for --create-permissions.

--directory-create-mask <integer>

Defines which mask bits are applied when a directory is created.

--revert-directory-create-mask

Sets the value to the system default for --directory-create-mask.

--directory-create-mode <integer>

Defines which mode bits are applied when a directory is created.

--revert-directory-create-mode

Sets the value to the system default for --directory-create-mode.

--file-create-mask <integer>

Defines which mask bits are applied when a file is created.

--revert-file-create-mask

Sets the value to the system default for --file-create-mask.

--file-create-mode <integer>

Defines which mode bits are applied when a file is created.

--revert-file-create-mode

Sets the value to the system default for --file-create-mode.

--file-filtering-enabled {yes | no}

If set to yes, enables file filtering at the share level. The default setting is no.

--revert-file-filtering-enabled

Sets the value for the system default of --file-filtering-enabled.

--file-filter-type {deny | allow}

If set to allow, allows the specified file types to be written to the share. The default setting is deny.

--revert-file-filter-type

Sets the value for the system default of --file-filter-type.

--file-filter-extensions <string>

Specifies the list of file types to deny or allow writes to the share, depending on the setting of --file-filter-type. File types may be specified in a list of comma separated values.

--clear-file-filter-extensions

Clears the list of file filtering extensions for the share.

--add-file-filter-extensions <string>

Adds entries to the list of file filter extensions. Repeat for each file extension to add.

--remove-file-filter-extensions <string>

Removes entries to the list of file filter extensions. Repeat for each file extension to remove.

--revert-file-filter-extensions

Sets the value for the system default of --file-filter-extensions.

--hide-dot-files {yes | no}

Specifies whether to hide files that begin with a period—for example, UNIX configuration files.

--revert-hide-dot-files

Sets the value to the system default for --hide-dot-files.

--host-acl <string>

Specifies which hosts are allowed access. Specify --host-acl for each additional host ACL clause. This will replace any existing ACL.

--revert-host-acl

Sets the value to the system default for --host-acl.

--clear-host-acl <string>

Clears the value for an ACL expressing which hosts are allowed access.

--add-host-acl <string>

Adds an ACE to the already-existing host ACL. Specify --add-host-acl for each additional host ACL clause to be added.

--remove-host-acl <string>

Removes an ACE from the already-existing host ACL. Specify --remove-host-acl for each additional host ACL clause to be removed.

--impersonate-guest {always | "bad user" | never}

Allows guest access to the share. The acceptable values are always, "bad user", and never.

--revert-impersonate-guest

Sets the value to the system default for --impersonate-guest.

--impersonate-user <string>

Allows all file access to be performed as a specific user. This must be a fully qualified user name.

--revert-impersonate-user

Sets the value to the system default for --impersonate-user.

--mangle-byte-start <string>

Specifies the wchar_t starting point for automatic invalid byte mangling.

--revert-mangle-byte-start

Sets the value to the system default for --mangle-byte-start.

--mangle-map <string>

Maps characters that are valid in OneFS but are not valid in SMB names.

--revert-mangle-map

Sets the value to the system default for --mangle-map.

--clear-mangle-map <string>

Clears the values for character mangle map.

--add-mangle-map <string>

Adds a character mangle map. Specify --add-mangle-map for each additional Add character mangle map.

--remove-mangle-map <string>

Removes a character mangle map. Specify --remove-mangle-map for each additional Remove character mangle map.

--ntfs-acl-support {yes | no}

Specifies whether ACLs can be stored and edited from SMB clients.

--revert-ntfs-acl-support

Sets the value to the system default for --ntfs-acl-support.

--oplocks {yes | no}

Specifies whether to allow oplock requests.

--revert-oplocks

Sets the value to the system default for --oplocks.

--smb3-encryption-enabled {yes | no}

Enables SMBv3 encryption on the share. The default setting is no.

--revert-smb3-encryption-enabled

Sets the value to the system default for --smb3-encryption-enabled.

--strict-flush {yes | no}

Specifies whether to always honor flush requests.

--revert-strict-flush

Sets the value to the system default for --strict-flush.

--strict-locking {yes | no}

Specifies whether the server will check for and enforce file locks.

--revert-strict-locking

Sets the value to the system default for --strict-locking.

--zone <string>

Specifies the name of the access zone.