test

Solaris CIFS Administration Guide

ProcedureHow to Configure the Solaris CIFS Service in Workgroup Mode

After you join a workgroup, you can access CIFS shares. To create CIFS shares, see How to Create a CIFS Share (zfs) and How to Create a CIFS Share (sharemgr).

If you change from workgroup mode to domain mode, or from domain mode to workgroup mode, you must restart the Solaris CIFS service. To restart the service, run the svcadm restart smb/server command.

Before You Begin

If the Samba service is running on the Solaris system, you must disable it. See How to Disable the Samba Service.

  1. Become superuser, assume an equivalent role, obtain the solaris.smf.value.smb and solaris.smf.manage.smb RBAC authorizations, or use the “SMB Management” RBAC profile, which is part of the “File System Management” profile.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services. To configure a role with the Primary Administrator profile, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Enable the Solaris CIFS service.


    # svcadm enable -r smb/server

    This command enables the Solaris CIFS service and any service on which it depends, such as the idmap service.

  3. (Optional) Change the Solaris CIFS service to operate in a different workgroup.

    By default, the Solaris CIFS service operates in a workgroup called WORKGROUP.


    # smbadm join -w workgroup-name

  4. Edit the /etc/pam.conf file to support creation of an encrypted version of the user's password for CIFS.

    Add the following line to the end of the file:


    other	password required	pam_smb_passwd.so.1	nowarn

    See the pam_smb_passwd(5) man page.

  5. Specify the password for existing local users.

    The Solaris CIFS service cannot use the Solaris encrypted version of the local user's password for authentication. Therefore, you must generate an encrypted version of the local user's password for the Solaris CIFS service to use. When the SMB PAM module is installed, the passwd command generates such an encrypted version of the password.


    # passwd username
Example 3–2 Configuring the Solaris CIFS Service in Workgroup Mode

This example shows how to configure the Solaris CIFS service in workgroup mode. The name of the workgroup being joined is myworkgroup.


# svcadm enable -r smb/server
# smbadm join -w myworkgroup

Then, use the sharesmb property to configure CIFS sharing for an existing ZFS dataset called ztank/myfs.


# zfs set sharesmb=on ztank/myfs

Finally, install the PAM module and generate the password for user cal.


# passwd cal

Now, you are ready to have CIFS clients access the CIFS shares on your Solaris CIFS service.