JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: SMB and Windows Interoperability     Oracle Solaris 11 Information Library
search filter icon
search icon

Document Information


1.  Windows Interoperability (Overview)

The SMB Server

SMB Server

SMB Client

Identity Mapping Service

Managing SMB Configuration Properties

Configuring the SMB Server - Process Overview

Utilities and Files Associated With the SMB Server and Client

SMB Utilities

mount_smbfs Command

sharectl Command

share Command

smbadm Command

smbstat Command

umount_smbfs Command

unshare Command

zfs Command

SMB Service Daemon

SMB Files

/etc/auto_direct File

/etc/dfs/sharetab File

/etc/smbautohome File

Authentication, Directory, Naming, and Time Services

SMB Shares

Share Properties

Access Control to Shares

Host-Based Access Control to Shares

Access Control Lists on Shares

Autohome Shares

Autohome Entries

Autohome Map Entry Format

Autohome Map Key Substitution

Wildcard Rule

nsswitch Map

Local SMB Groups

Client-Side Caching for Offline Files

Share Execution Properties

Support for the Distributed File System

Support for SMB Printing

2.  Identity Mapping Administration (Tasks)

3.  SMB Server Administration (Tasks)

4.  SMB Client Administration (Tasks)

A.  SMB DTrace Provider



Local SMB Groups

Local SMB groups can be created on the system that runs the SMB server. These SMB groups apply only to users that are connected through SMB.

The SMB server supports the following built-in SMB groups:

Local groups use privileges to provide a secure mechanism for assigning task responsibility on a system-wide basis. Each privilege has a well-defined role assigned by the system administrator to a user or a group.

Unlike access rights (which are assigned as permissions on a per-object basis through security descriptors), privileges are independent of objects. Privileges bypass object-based access control lists to allow the holder of the privilege to perform the role assigned. For example, members of the Backup Operators group must be able to bypass normal security checks to back up and restore files they would normally not be able to access.

The following definitions show the difference between an access right and a privilege:

You can assign any of the privileges to any of the local groups. Because you can make any domain user a member of the local groups, you can assign these privileges to any domain user.

The following privileges are supported for local groups:

By default, members of the local Administrators group can take ownership of any file or folder, and members of the Backup Operators group can perform backup and restore operations. Members of the Power Users group do not have default privileges.

For information about managing SMB groups, see Managing SMB Groups (Task Map).