The Common Internet File System (CIFS) is a network protocol that offers file services for (typically) Windows computers. Unix-like systems that provide a CIFS client can also connect to CIFS shares. Before configuring this service, you should first create your CIFS shares in Sharing → Windows (CIFS) Shares → Add Windows (CIFS) Share. After configuring this service, go to Services → Control Services to start the service. The CIFS shares will not be available on the network if this service is not running.
NOTE: after starting the CIFS service, it may take several minutes for the master browser election to occur and for the FreeNAS® system to become available in Windows Explorer.
Starting this service will open the following ports on the FreeNAS® system:
- TCP 139 (smbd)
- TCP 445 (smbd)
- UDP 137 (nmbd)
- UDP 138 (nmbd)
Figure 8.3a shows the configuration options which are described in Table 8.3a. This configuration screen is really a front-end to smb.conf(5).
Figure 8.3a: Configuring CIFS
Table 8.3a: CIFS Configuration Options
|Authentication Model||drop-down menu||choices are Anonymous or Local User; this setting is ignored if the Active Directory or LDAP service is running|
|NetBIOS Name||string||must be lowercase and is automatically populated with the hostname of the FreeNAS® system; it must be different from the Workgroup name|
|Workgroup||string||must match Windows workgroup name; this setting is ignored if the Active Directory or LDAP service is running|
|DOS Charset||drop-down menu||the character set Samba uses when communicating with DOS and Windows 9x/ME clients; default is CP437|
|UNIX Charset||drop-down menu||default is UTF-8 which supports all characters in all languages|
|Log Level||drop-down menu||choices are Minimum, Normal, Full, or Debug|
|Local Master||checkbox||determines whether or not the FreeNAS® system participates in a browser election; should be disabled when network contains an AD or LDAP server and is not necessary if Vista or Windows 7 machines are present|
|Time Server for Domain||checkbox||determines whether or not the FreeNAS® system advertises itself as a time server to Windows clients; should be disabled when network contains an AD or LDAP server|
|Guest Account||drop-down menu||account to be used for guest access; that account must have permission to access the shared volume/dataset|
|File mask||integer||overrides default file creation mask of 0666 which creates files with read and write access for everybody|
|Directory mask||integer||overrides default directory creation mask of 0777 which grants directory read, write and execute access for everybody|
|EA Support||checkbox||enables extended attributes|
|Support DOS File Attributes||checkbox||allows a user who has write access to a file to modify the permissions, even if not the owner of the file|
|Allow Empty Password||checkbox||if checked, users can just press enter when prompted for a password; requires that the username/password be the same for the FreeNAS® user account and the Windows user account|
|Auxiliary parameters||string||smb.conf options not covered elsewhere in this screen; see the Samba Guide for additional settings|
|Enable home directories||checkbox||if checked, a folder with the same name as the user account will be created for each user|
|Enable home directories browsing||checkbox||users can browse (but not write to) other users' home directories|
|Home directories||browse button||select volume/dataset where the home directories will be created|
|Homes auxiliary parameters||string||options specific to the [homes] section of smb.conf; for example, hide dot files = yes
hides files beginning with a dot in home directories
|Unix Extensions||checkbox||allows non-Windows CIFS clients to access symbolic links and hard links, has no affect on Windows clients|
|Zeroconf share discovery||checkbox||enable if Mac clients will be connecting to the CIFS share|
|Hostnames lookups||checkbox||allows you to specify hostnames rather than IP addresses in the Hosts Allow or Hosts Deny fields of a CIFS share; uncheck if you only use IP addresses as it saves the time of a host lookup|
|Server minimum protocol||Dropdown||The minimum protocol version the server will support. Valid options are ----- (automatic negotiation), CORE, COREPLUS, LANMAN1, LANMAN2, NT1, SMB2, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3, SMB3_00. See table below for description|
|Server maximum protocol||Dropdown||The maximum protocol version the server will support. Valid options are CORE, COREPLUS, LANMAN1, LANMAN2, NT1, SMB2, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3, SMB3_00. See table below for description|
Table 8.b: Description of SMB Protocol Versions
|CORE||Earliest version. No concept of user names.|
|COREPLUS||Slight improvements on CORE for efficiency.|
|LANMAN1||First modern version of the protocol. Long filename support.|
|LANMAN2||Updates to Lanman1 protocol.|
|NT1||Current up to date version of the protocol. Used by Windows NT. Known as CIFS.|
|SMB2||Re-implementation of the SMB protocol. Used by Windows Vista and later versions of Windows. SMB2 has sub protocols available.|
|SMB2_02||The earliest SMB2 version.|
|SMB2_10||Windows 7 SMB2 version. By default SMB2 selects the SMB2_10 variant.|
|SMB2_22||Early Windows 8 SMB2 version.|
|SMB2_24||Windows 8 beta SMB2 version.|
|SMB3||The same as SMB2. Used by Windows 8. SMB3 has sub protocols available.|
|SMB3_00||Windows 8 SMB3 version. (mostly the same as SMB2_24)|
Beginning with FreeNAS® 8.0.3-RELEASE, changes to CIFS settings and CIFS shares take effect immediately. For previous versions, changes will not take effect until you manually stop and start the CIFS service.
NOTE: do not set the directory name cache size as an auxiliary parameter. Due to differences in how Linux and BSD handle file descriptors, directory name caching is disabled on BSD systems in order to improve performance.
Samba is single threaded, so CPU speed makes a big difference in CIFS performance. Your typical 2.5Ghz Intel quad core or greater should be capable to handle speeds in excess of Gb LAN while low power CPUs such as Intel Atoms and AMD C-30s\E-350\E-450 will not be able to achieve more than about 30-40MB/sec typically. Remember that other loading such as ZFS loading will also require CPU resources and may cause Samba performance to be less than optimal.
Samba's "write cache" parameter has been reported to improve write performance in some configurations and can be added to the Auxiliary Parameters field. Use an integer value which is a multiple of _SC_PAGESIZE (typically 4096) to avoid memory fragmentation. This will increase Samba's memory requirements and should not be used on systems with limited RAM.
If you wish to increase network performance, read the Samba section on socket options. It indicates which options are available and recommends that you experiment to see which are supported by your clients and improve your network's performance.
Windows automatically caches file sharing information. If you make changes to a CIFS share or to the permissions of a volume/dataset being shared by CIFS and users are no longer able to access the share, instruct the users to log out and back into their Windows systems. Alternately, users can type net use /delete * from the command line to clear their SMB sessions.
Windows also automatically caches login information. If you wish users to be prompted to login every time access is required, reduce the cache settings on the client computers.
Where possible, avoid using a mix of case in filenames as this may cause confusion for Windows users. Representing and resolving filenames with Samba explains this in more detail.
If permissions work for Windows users but not for OS X users, try disabling Unix Extensions and restarting the CIFS service.
If the CIFS service will not start, run this command from Shell to see if there is an error in the configuration:
The Common Errors section of the Samba documentation contains additional troubleshooting tips.