Managing SMB Mounts in the Global Environment (Task Map)

The following table points to the tasks that superuser can perform to manage SMB mounts.

Task	Description	For Instructions
Mount a share on a public mount point, such as one in the root file system, so that many users can access the share.	Some shares include files and directories that many people on a system might want to access, such as a global set of files or programs. In such cases, instead of each user mounting the share in his own directory, the system administrator can mount the share in a public place so that all users can access the share from the same location.	How to Mount a Multiuser SMB Share
Customize the SMB environment by setting SMB properties.	Use the `sharectl` command to set SMB properties.	How to Customize the SMB Environment in Oracle Solaris
View the SMB property values.	Use the `sharectl` command to view SMB property values.	How to View the SMB Environment Property Values
Add an SMB share to an automounter map.	Use this procedure if you want an SMB share to be automatically mounted at boot time.	How to Add an Automounter Entry for an SMB Share

How to Mount a Multiuser SMB Share

If you want to make a share available to one or more users on a system, you can mount the share on a mount point anywhere on the system. When you mount a share as superuser, you do not need to own the mount point.

Become an administrator.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Verify that the network/smb/client service is enabled.
```
# svcs network/smb/client
STATE          STIME    FMRI
online         19:24:36 svc:/network/smb/client:default
```
This service is enabled by default, so the usual state for the service is online. To enable the service, type the following command:
```
# svcadm enable -r network/smb/client
```

Find the share that you want to mount from a server.

# smbadm show-shares [-A | -u username] [-t] server

Specify the password at the prompt.
Determine the mount point that you want to use.
For example, you decide to mount shares on the /sales-tools mount point.
Perform the mount.
```
$ mount -F smbfs [-o user=username,domain=domain-name,...] //server/share mount-point
```
For example, to mount the tmp share from the solarsystem server on the /sales-tools mount point, type:
```
# mount -F smbfs -o uid=terry,gid=staff,fileperms=0644 //solarsystem/tmp /sales-tools
```
In this example, the mount options enable users other than root to access the share. User terry and users who are members of the staff group can access the share with mode 0644.
When you mount a share, you can set the uid and gid mount options to specify the user and group owner of the share.

The values specified by these mount options are used to do the following:
- Specify the user and group to be used for local access checks. These checks are only used to determine which local users are permitted through the mount point. All other access checks are handled by the server.
- Determine the UID and GID that appear in file listings when the mounted share does not support “per-file security.” Such shares might be shared CD-ROMs or Windows FAT volumes. Most shares support “per-file security,” so the UID and GID that are shown in directory listings are derived from the file security properties.

How to Customize the SMB Environment in Oracle Solaris

You can customize the SMB environment by using the sharectl(1M) command.

Become an administrator or use the SMBFS Management RBAC profile, which is part of the File System Management profile.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Determine which properties you want to set.
For a description of the properties, see the smb(4) man page.
Set a property value for the global SMB environment.
```
# sharectl set [-h] [-p property=value] ... smb
```
For example, to specify that client signing is required, type:
```
# sharectl set -p client_signing_required=true smb
```

How to View the SMB Environment Property Values

You can view the SMB environment property values by using the sharectl(1M) command.

Determine which properties you want to view.
For a description of the properties, see the smb(4) man page.
- To view the value for a specific property, type:
```
$ sharectl get [-p property] ... smb
```
  For example, to view the values for the client_signing_required property, type:
```
$ sharectl get -p client_signing_required smb
```
- To view all of the property values, type:
```
$ sharectl get smb
```

How to Add an Automounter Entry for an SMB Share

You can add an SMB share to an automount map, such as the /etc/auto_direct file, so that the share will be automatically mounted when a user accesses the mount point. You cannot add these automount entries to the /etc/auto_master file.

To successfully use the automount feature without the need to specify a password, you must store a persistent password to mount the share. See How to Store an SMB Persistent Password.

Caution - When a user mounts a remote SMB share by using smbfs, all accesses through that mount, even by other users, are as the user who established the mount.

For shares that will only be used by the owner, you should restrict access to the share by using the dirperms mount option to ensure that only the owner can access the share.

Become an administrator.
For more information, see How to Obtain Administrative Rights in Oracle Solaris Administration: Security Services.
Edit the /etc/auto_master file to refer to the automount map.
For example, to add automount entries to the /etc/auto_direct file, add the following line to the /etc/auto_master file:
```
/-    auto_direct
```
Edit the automount map to add the mapping.
The following examples show the changes to the automount map, in this example the /etc/auto_direct file, to configure automount maps.
- To configure a private automount (a share that will only be accessed by the owner) of the //solarsystem/test share on the /sam-test mount point, create the following entry in the /etc/auto_direct file:
```
/sam-test -fstype=smbfs,dirperms=0700,uid=sam //solarsystem/test
```
  The dirperms=0700 mount option ensures that only the owner can access the share. The uid=sam mount option ensures that the share root and everything in the share is owned by user sam.
- To configure a public automount of the //solarsystem/public share on the /PUBLIC mount point, create the following entry in the /etc/auto_direct file:
```
/PUBLIC -fstype=smbfs,dirperms=0555 //solarsystem/public
```
  The dirperms=0555 mount option ensures that everyone has read and execute access to the share.
- To configure a public automount of a share that can be accessed anonymously, which does not require a password, specify the noprompt option:
```
/PUBLIC -noprompt,fstype=smbfs,dirperms=0555 //solarsystem/public
```
  The noprompt mount option suppresses the prompting for a password when mounting the share. The dirperms=0555 mount option ensures that everyone has read and execute access to the share.
Run the automount command to read the /etc/auto_master file.
```
# automount
```
Access the automounted share.
The share is automounted when a user accesses the mounted share, such as by using the ls or cd command.
```
$ ls /PUBLIC
bin docs
```
After the SMB share is mounted, a user can use regular Oracle Solaris commands to access the files. Automounted shares are automatically unmounted after a period of inactivity.

Skip Navigation Links
Exit Print View
	Oracle Solaris Administration: SMB and Windows Interoperability Oracle Solaris 11 Information Library