Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
cloudappliance/cifs [2020_06_18 02:38] stevencloudappliance/cifs [2020_08_24 11:54] dan
Line 1: Line 1:
 # CIFS/SMB Connector (Multi User) # CIFS/SMB Connector (Multi User)
-== Last updated on June 15, 2020 ==+== Last updated on August 24, 2020 ==
 //(New in 1906.07 - Appliance Only)// //(New in 1906.07 - Appliance Only)//
 +
 +<WRAP center round important 100%>
 +We recommend using this connector with v1906.08 or higher of the File Fabric.  If you are planning to use it with v1906.07 please contact Support.
 +</WRAP>
 +
  
 For the single-user CIFS/SMB connector [[cloudappliance:cifs-single|click here]]. For the single-user CIFS/SMB connector [[cloudappliance:cifs-single|click here]].
Line 7: Line 12:
 ===== Overview ===== ===== Overview =====
  
-The CIFS/SMB connector provides end-users with access to their data stored within the CIFS/SMB shares via the Enterprise File Fabric and its' multiple channels of access, including web, desktop, and mobile. +The CIFS/SMB connector provides end-users with access to their data stored within the CIFS/SMB shares via the Enterprise File Fabric and its' multiple channels of access, including web, desktop, and mobile. This can be CIFS shared that are on-premises, for example NAS, SAN or Windows Filers, and access is required out of the office or for for remote working and/or it can be for access to hosted SMB shares such as Azure Files or Amazon FSx.
  
 The connector binds Identity and Access Management from the Enterprise File Fabric (integrated via Active Directory / LDAP integration) with the permissions of the underlying file shares to provide users with secure access into the SMB storage, whilst ensuring that users only see and access data that they have permissions to from the underlying shares.  The connector binds Identity and Access Management from the Enterprise File Fabric (integrated via Active Directory / LDAP integration) with the permissions of the underlying file shares to provide users with secure access into the SMB storage, whilst ensuring that users only see and access data that they have permissions to from the underlying shares. 
Line 41: Line 46:
   / /londoncifs/sharename   / /londoncifs/sharename
  
-  * **Protocol version** - This is used to control the SMB protocol version that is used. As of writing, **3.0** is the most secure and most recommended version to use.+  * **Protocol version** - This is used to control the SMB protocol version that is used. As of writing, **3.0** is the most secure and most recommended version to use.   <WRAP center round important 100%> 
 +It appears that some implementations of SMB 3.0 with ABE don't work as expected.  If you experience difficulties with mounts when using v3.0, please try SMB v2.1. 
 +</WRAP> 
  
   * **Use SMBClient for Listing** - Using the smbclient can have performance benefits and is recommended.   * **Use SMBClient for Listing** - Using the smbclient can have performance benefits and is recommended.
Line 75: Line 83:
 var $cifsldapcachetime = 300; var $cifsldapcachetime = 300;
 ``` ```
 +
 +<WRAP center round help 100%>
 +For guidance in adding, modifying, or deleting configuration parameters, [[appliance/editing-config|please follow our guide here]].</WRAP>
 +
   * The EFF will automatically manage specific mount points on the EFF host machine. Operations performed by users, such as opening, editing and sharing are performed on the individual user's mounts. This underpins the security of the connector.   * The EFF will automatically manage specific mount points on the EFF host machine. Operations performed by users, such as opening, editing and sharing are performed on the individual user's mounts. This underpins the security of the connector.
   * It is recommended to have the following configuration option enabled:    * It is recommended to have the following configuration option enabled: 
Line 82: Line 94:
 ``` ```
   * If a user receives the message "Password not found for user. Please re-login", they are advised to log-out and re-login again. This occurs when shares are added after users have begun authenticating.   * If a user receives the message "Password not found for user. Please re-login", they are advised to log-out and re-login again. This occurs when shares are added after users have begun authenticating.
-  * It is recommended on the first setup to add this connector using your Organization Admin account, and not a 'delegated admin' account. 
  
-For guidance in addingmodifyingor deleting configuration parameters[[appliance/editing-config|please follow our guide here]].+* The baseDN that you specify for LDAP searches must be high enough in the tree to encompass both all of your users and all of your shares.  Use the domain name as the baseDN orif you are using another entry at the baseDNensure that all  groups for your shares are within the baseDN that you select. 
 + 
 +* If the password of a user who is using the File Fabric's desktop tools to access storage via this connector changesshe must log in via the web to cause the password to be refreshed, preventing mount errors. 
 + 
 +* Share names configured in the File Fabric must match the corresponding names on the storage exactly, including case. If the cases differ then you will experience errors when adding the provider.
  
 +* When a folder is being configured as the root of a share, the full folder path configured in the File Fabric must match the path on the storage exactly, including case.  If there are differences in case then the File Fabric will not be able to fetch and use the storage's access control information.
  
  
© Copyright 2024 Nasuni.