JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris SMB and Windows Interoperability Administration Guide     Oracle Solaris 11 Express 11/10
search filter icon
search icon

Document Information


1.  Windows Interoperability (Overview)

The Solaris SMB Server

Solaris SMB Server

Solaris SMB Client

Identity Mapping Service

Managing Solaris SMB Configuration Properties

Configuring the Solaris SMB Server - Process Overview

Utilities and Files Associated With the Solaris SMB Server and Client

Solaris SMB Utilities

mount_smbfs Command

sharectl Command

share Command

smbadm Command

smbstat Command

smbutil Command

umount_smbfs Command

unshare Command

zfs Command

Solaris SMB Service Daemon

Solaris SMB Files

/etc/auto_direct File

/etc/dfs/sharetab File

/etc/smbautohome File

$HOME/.nsmbrc File

Authentication, Directory, Naming, and Time Services

SMB Shares

Share Properties

Access Control to Shares

Host-Based Access Control to Shares

Access Control Lists on Shares

Autohome Shares

Autohome Entries

Autohome Map Entry Format

Autohome Map Key Substitution

Wildcard Rule

nsswitch Map

Local SMB Groups

Client-Side Caching for Offline Files

Share Execution Properties

Support for the Distributed File System

2.  Identity Mapping Administration (Tasks)

3.  Solaris SMB Server Administration (Tasks)

4.  Solaris SMB Client Administration (Tasks)



Local SMB Groups

Local SMB groups can be created on the system that runs the Solaris SMB server. These SMB groups apply only to users that are connected through SMB.

The Solaris SMB server supports the following built-in SMB groups:

Local groups use privileges to provide a secure mechanism for assigning task responsibility on a system-wide basis. Each privilege has a well-defined role assigned by the system administrator to a user or a group.

Unlike access rights (which are assigned as permissions on a per-object basis through security descriptors), privileges are independent of objects. Privileges bypass object-based access control lists to allow the holder of the privilege to perform the role assigned. For example, members of the Backup Operators group must be able to bypass normal security checks to back up and restore files they would normally not be able to access.

The following definitions show the difference between an access right and a privilege:

You can assign any of the privileges to any of the local groups. Because you can make any domain user a member of the local groups, you can assign these privileges to any domain user.

The following privileges are supported for local groups:

By default, members of the local Administrators group can take ownership of any file or folder, and members of the Backup Operators group can perform backup and restore operations. Members of the Power Users group do not have default privileges.

For information about managing SMB groups, see Managing SMB Groups (Task Map).