novcifs - A command line utility that communicates with the cifsd daemon. You must be logged in as root to use novcifs.
novcifs [options]
[-sl, --share --list]
[-sln SHARENAME, --share --list --name=SHARENAME]
[-sap PATH -n SHARENAME -c COMMENT, --share --add --path=PATH --name=SHARENAME --comment=COMMENT ]
[-srn SHARENAME, --share --remove --name=SHARENAME]
[-sap PATH -n SHARENAME -c COMMENT -v VIRTUALSERVERFDN, --share --add --path=PATH --name=SHARENAME --comment=COMMENT --vserver=VIRTUALSERVERFDN]
[-srn SHARENAME -v VIRTUALSERVERFDN, --share --remove --name=SHARENAME --vserver=VIRTUALSERVERFDN]
[-s --folder-redirection=yes|no -n <share_name>]
[-b yes|no, --enable-debug=yes|no]
[-f yes|no, --enable-info=yes|no]
[-e yes|no, --guest-login=yes|no]
[-a -D DNSNAME -I IPADDR, --add --dns-name=DNSNAME --ip-addr=IPADDR]
[-r -D DNSNAME -I IPADDR, --remove --dns-name=DNSNAME --ip-addr=IPADDR]
[-g yes|no|optional|force, --enable-smbsigning=yes|no|optional|force]
[-e yes|no, --add --dns-name=DNS_NAME --ip-addr=IP_ADDR]
[-C | --Conn]
[-av VIRTUALSERVERFDN -I VIRTUALSERVERIP, --add --vserver=VIRTUALSERVERFDN --ip-addr=VIRTUALSERVERIP]
[-rv VIRTUALSERVERFDN -I VIRTUALSERVERIP, --remove --vserver=VIRTUALSERVERFDN --ip-addr=VIRTUALSERVERIP]
[-o | --oper-params]
[-g yes|no|optional|force, --enable-smbsigning=yes|no|optional|force]
[-L 0|4|5, --lm=0|4|5]
[-y [yes|no]]
[-k [SDIRCACHE | DIRCACHE | FILECACHE] = value, --set-cache SDIRCACHE | DIRCACHE | FILECACHE = value]]
[-t [yes|no]]
[-S yes|no]
[--enable-range-lock-mask=yes|no]
[--csc= 0|1|2|3]
[-UT TIMEOUT-PERIOD, --block-invalid-users --timeout-period=TIMEOUT-PERIOD]
[-Uan USER-NAME, --block-invalid-users --add --name=USER-NAME]
[-Urn USER-NAME, --block-invalid-users --remove --name=USER-NAME]
[-Ul, --block-invalid-users --list]
[--dynamic-fid-pool=yes|no]
[-d fh, --dump-statistics=fh]
[-d fp, --dump-statistics=fp]
[-d dc, --dump-statistics=dc]
[--info-level-passthru=yes|no]
[--list-servers]
[--share-vols-default=SERVER_NAME --value=yes|no]
[--dialect=SMB | SMB2]
[--user-quota-sync <primary_volume>]
[--user-quota-sync <primary_volume> --percent <percentage>]
[--change-notify yes | no]
[--enum-shares-over-nullsession = yes | no]
[--oplock-break-ack-timeout=<time in seconds>]
[--negotiate-ntstatus= yes | no]
[--dfs-support=yes|no]
[--dns-suffix=DNS-SUFFIX]
[--display-user-addr=yes|no]
[--disable-smbv1-sessions=none | all]
novcifs [-sl | --share --list]
Lists all the available share points.
novcifs [-sln SHARENAME | --share --list --name=SHARENAME]
Displays details of a specific share point.
novcifs [-sap PATH -n SHARENAME -c COMMENT | --share --add --path=PATH --name=SHARENAME --comment=COMMENT]
Adds a new share point.
Example:
novcifs -sap CIFSV:/home/user1 -n user1home -m 0 -c "User1 home directory"
novcifs -sap CIFSV: -n volumeshare -m 0 -c "Volume share"
novcifs [-srn SHARENAME | --share --remove --name=SHARENAME]
Removes an existing share point.
Example:
novcifs -srn user1home
novcifs [-sap PATH -n SHARENAME -c COMMENT -v VIRTUALSERVERFDN | --share --add --path=PATH --name=SHARENAME --comment=COMMENT --vserver=VIRTUALSERVERFDN]
Adds a new share point on a clustered volume.
Example:
Assuming the resource name of the clustered volume SHAREDV is .cn=PROJECT.ou=CL1.ou=Service.o=CT.t=NOVELL
novcifs -sap SHAREDV:/home/user1 -n user1home -m 0 -c User1 home directory -v PROJECTS.CL1.Service.CT.NOVELL
novcifs [-srn SHARENAME -v VIRTUALSERVERFDN | --share --remove --name=SHARENAME --vserver=VIRTUALSERVERFDN]
Removes an existing share point.
Example:
novcifs -srn user1home -v PROJECT.CL1.Service.CT.NOVELL
-s --folder-redirection=yes|no -n <share_name>
Enables or disables the file share to host the redirected folders. By default, this option is disabled.
novcifs [-b yes|no | --enable-debug=yes|no]
Enables or disables the debug log.
novcifs [-f yes|no | --enable-info=yes|no]
Enable this option to log all informative messages from the CIFS server.
novcifs [-e yes|no | --guest-login=yes|no]
Enables or disables guest user login.
novcifs [-a -D DNSNAME -I IPADDR | --add --dns-name=DNSNAME --ip-addr=IPADDR] novcifs [-r -D DNSNAME -I IPADDR | --remove --dns-name=DNSNAME --ip-addr=IPADDR]
This option associates DNS names with cluster resource IP address in the CIFS server. You can assign more than one DNS name to the same cluster resource and access it using the CIFS client.
novcifs [-C | --Conn]
Displays the number of active connections.
novcifs [-av VIRTUALSERVERFDN -I VIRTUALSERVERIP | --add --vserver=VIRTUALSERVERFDN --ip-addr=VIRTUALSERVERIP]
Adds a virtual server to CIFS.
novcifs [-rv VIRTUALSERVERFDN -I VIRTUALSERVERIP | --remove --vserver=VIRTUALSERVERFDN --ip-addr=VIRTUALSERVERIP]
Removes a virtual server from CIFS.
novcifs [-o | --oper-params]
This option displays the current settings of the CIFS server.
novcifs [-g yes|no|optional|force | --enable-smbsigning=yes|no|optional|force]
Enables or disables the SMB signature.
This is an add-on functionality.
novcifs [-L 0|4|5| --lm=0|4|5]
This option sets the LAN Manager authentication level.
novcifs -y [yes|no]
Enables CIFS to search for the user in the entire base context.
novcifs -k [SDIRCACHE | DIRCACHE | FILECACHE] = value | --set-cache SDIRCACHE | DIRCACHE | FILECACHE = value]
Changes the cache value. The following are the default cache values:
novcifs [-t yes|no]
Enables or disables auditing.
IMPORTANT:Ensure that the novell-vigil service is running before you enable this option.
novcifs [-S yes|no | --sync=yes|no]
Enables or disables file synchronization. This parameter ensures that all the data previously written to a CIFS share has been written to the disk.
novcifs [--enable-range-lock-mask=yes|no]
Enables or disables range lock masking behavior.
IMPORTANT:If you enable or disable this parameter, make sure you restart the CIFS server using the rcnovell-cifs restart command in order for the changes to take effect.
By default, range lock masking is enabled.
novcifs [--csc= 0|1|2|3]
Enables or disables client-side caching feature, which can be used to store frequently used information on the client's machine.
By default, client-side caching is disabled.
CIFS is now able to cache the invalid user logins for a specific timeout period. Further authentication requests from the same user name will be ignored based on the configured timeout period.
novcifs [-UT TIMEOUT-PERIOD | --block-invalid-users --timeout-period=TIMEOUT-PERIOD]
Specifies the amount of time a user should be considered as invalid to ignore authentication requests. Specify the timeout period in minutes. The range should be between 0 and 525600.
novcifs [-Uan USER-NAME | --block-invalid-users --add --name=USER-NAME]
Adds the specified user to the list of default invalid users whose authentication requests need to be ignored permanently.
novcifs [-Urn USER-NAME | --block-invalid-users --remove --name=USER-NAME]
Removes the specified user from the list of cached invalid users to start considering authentication requests.
novcifs [-Ul | --block-invalid-users --list]
Lists all the cached invalid users whose authentication requests are currently ignored.
Enables CIFS to increase the file id pool from 65k to 600k. If this option is enabled, 65k files can be opened per user session up to a server level maximum of 600k.By default, this option is disabled.
novcifs [--dynamic-fid-pool=yes|no]
Dumps statistics of Linux file handles opened.
novcifs [-d fh | --dump-statistics=fh]
Dumps statistics of Linux file handles and CIFS protocol file Ids opened.
novcifs [-d fp | --dump-statistics=fp]
Dumps cache statistics used to store file and directory names.
novcifs [-d dc | --dump-statistics=dc]
With the file monitoring options you can view details of open files and close open files within a volume, by connection and file handles associated with a file. For more information, see Section 6.0, CIFS Monitoring and Management.
Enables or disables the pass-through information levels capability on the server.
The option is disabled by default. Enabling this option can cause differences in client behavior. Restart the CIFS server any time you modify this option.
novcifs [--info-level-passthru=yes|no]
How does enabling this option impact the client behavior?
The pass-through information levels capability exposes additional information levels as part of the CIFS protocol.
When the capability is enabled, Windows 7 starts using the new information levels - sends different verbs. No visible end user impact.
When should you enable it?
You want to do a multi-select and copy of large files from Finder on Mac clients to OES servers. The sequence of calls Finder performs for this operation causes problems if the pass through capability is not enabled.
Enabling this option also improves Web download experience to a CIFS Share on Mac Clients.
How do the users see their current quota on the client?
Passthru Info Levels Capability disabled: The Total, Used, and Free spaces displayed by the client will be the total Volume quota. It does not consider User and Directory quotas set.
For example, set 1 TB as Volume quota, 1 GB as User quota, and 100 GB as Directory quota. The disk usage (Total space, Used space, and Free space) visible to the user is 1 TB (Volume quota).
Passthru Info Levels Capability enabled: The Total, Used, and Free spaces displayed by the client is limited to Volume quota and User quota. It does not consider Directory quota set.
For example, set 1 TB as Volume quota, 1 GB as User quota, and 100 GB as Directory quota. The Free space and Total space visible to the user is limited to 1 GB [minimum of User and Volume quotas], and the Used space displayed will be the effective used space, which is less than or equal to 1 GB.
Passthru Info Levels Capability enabled (Mac clients): The Total, Used, and Free spaces displayed by the client will be the total Volume quota. It does not consider User and Directory quotas set.
For example, set 1 TB as Volume quota, 1 GB as User quota, and 100 GB as Directory quota. The disk usage (Total space, Used space, and Free space) visible to the user is 1 TB (Volume Quota).
In releases earlier than OES 2015, all mounted NSS volumes are exported as shares by default when the CIFS service is started. The name of the share is the same as the corresponding volume name. If a user removes a default share using the novcifs command or iManager, it will once again be exported as a share if the CIFS service is restarted.
In OES 2015 (or later), this behavior can be modified by setting the value of the nfapCIFSShareVolsByDefault attribute of the NCP server object to false. This prevents any default shares that were removed from being shared again if the server is restarted or if the resource is migrated. This setting can be modified using the novcifs command.
The setting to control whether volumes are shared by default is specific to each physical and virtual CIFS server. Different physical and virtual servers running on an OES host can behave differently in terms of how they share volumes by default, depending on the value of the setting for each server.
With the new command option introduced in novcifs, the administrator can choose to export all mounted volumes as shares, or export only the specified volumes as shares.
novcifs [--list-servers]
Lists the NetBIOS name and whether all NSS volumes are exported as shares by default for each CIFS server on this system. Returns an entry for each physical and virtual server running on this system.
novcifs [--share-vols-default=SERVER_NAME --value=yes|no]
Enables or disables all volumes being exported as shares by default.
SERVER_NAME: The NetBIOS name of one of the CIFS servers returned by the --list-servers command.
yes: Exports all the volumes belonging to <SERVER_NAME> as CIFS shares.
no: Exports only those shares specified by the CIFS administrator.
This option is enabled by default. When this option is disabled, no new volumes mounted will be shared; however, volumes that are already exported as shares will remain as shares until they are manually removed by the administrator. When this option is enabled, any new volume mounted will be exported, and after the CIFS service is restarted all mounted volumes will be exported as shares.
Limitation: This feature does not work for virtual servers in a cluster environment where non OES 2015 (or later) nodes exist.
Examples:
Viewing the list of physical and virtual CIFS servers and the "Share volumes by default" option for each server.
novcifs --list-servers List of CIFS servers: --------------------- LINUX-100-1_W - "Share volumes by default" attribute is enabled R1-CLUSPOOL1-W - "Share volumes by default" attribute is disabled
Disabling the "Share volumes by default" option.
novcifs --share-vols-default=LINUX-100-1_W --value=no Updating the Share Volumes By Default setting of the server completed successfully.
Enabling the "Share volumes by default" option.
novcifs --share-vols-default=R1-CLUSPOOL1-W --value=yes Updating the Share Volumes By Default setting of the server completed successfully.
Sets the dialect for the CIFS server to communicate with the clients. Toggling between the dialects may cause difference in server behavior. Restart the CIFS service any time you modify this option.
novcifs --dialect=SMB | SMB2
SMB Sets the dialect to NT LM 0.12 (SMBv1)
SMB2 Sets the dialect to SMB 2.002 (SMB v2)
By default, SMB2 option is enabled.
Synchronizes the users quotas from the primary volume to the secondary volume of a DST shadow volume pair.
--user-quota-sync <primary_volume>
Duplicates all of the user quotas that are set currently on the specified primary volume to the secondary volume.
--user-quota-sync <primary_volume> --percent <percentage>
Duplicates all of the user quotas that are set currently on the specified primary volume as a specified percentage to the secondary volume. The percentage value must also be specified after the volume name.
A percent value of 100 is a one-to-one quota assignment. A percent value of 50 assigns a quota that is one-half the size of the quota set on the primary volume. A percent value of 200 assigns a quota that is twice the size of the quota set on the primary volume.
--change-notify yes | no
When enabled, the client gets notifications about the changes happening on the directory which is currently being browsed or used through the Windows Explorer or Mac finder. These notifications enable the client to automatically refresh the Windows Explorer or Mac finder. The users need not press F5 to get the updated view as they will always be viewing the actual contents of the file system.
The client will be notified when one or more of the following events occur: A file or a folder is created, deleted, renamed, or moved, and metadata is changed.
Impact of enabling file system change notifications: Along with responding to the client's requests, the file server will also have to notify about every change happening on the directory to the client even if the change was done by the same client. It does increase the load on server.
Performance can be sluggish particularly when multiple users accessing or operating on the same directory.
Impact of disabling file system change notifications: Certain applications like Windows Explorer (Windows), Mac Finder, etc., expect change notifications feature to be supported or enabled. Else they end up in continuously querying the server about changes with humongous number of requests per second. The client tries to pull changes from the server and this might impact the performance of the server.
However, you can also add or modify the following Windows registry keys on the Windows client side so as to not let the client continuously query about the changes on the server.
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Key 1: NoRemoteChangeNotify (DWORD type with value set to 1)
Key 2: NoRemoteRecursiveEvents (DWORD type with value set to 1)
NOTE:By doing so, users are be forced to press F5 to get the updated view or changes on the file system. In addition, the same registry settings have to be applied on all the client machines.
IMPORTANT:The SMB client on SLED machines does not support the Change Notifications feature. Therefore, the changes on the OES file system will not be automatically reflected in the file browsers such as Nautilus.
Similarly, all client platforms do not request the server to send change notifications if the users browse using the command line.
--enum-shares-over-nullsession = yes | no
Enables or disables enumeration of shares over a null session. By default enumeration of shares over a null session is enabled. If GUEST access is enabled, enumeration of shares over a null session is still allowed even if enum-shares-over-nullsession is disabled.
--oplock-break-ack-timeout=<time in seconds>
Specifies the amount of time in seconds the CIFS server waits for the client's response after sending a request to the client to release oplock on a file.
Default: 30 seconds. Minimum: 5 seconds. Maximum: 30 seconds.
--negotiate-ntstatus= yes | no
Enables or disables negotiating NTSTATUS capability of the CIFS server.
If this option is enabled, server will set NTSTATUS capability bit in Negotiate Protocol response. This is required for certain SMBv1 clients to proceed with the session setup especially when extended security mechanisms are used. By default, this option is disabled. It is recommended to enable this option only when the client fails to connect to OES because of NTSTATUS capability.
If this option is enabled, CIFS server will set NTSTATUS capability bit during the negotiation phase. This is required for certain type of clients like printers to connect to the CIFS server using SMBv1 as the dialect. By default, this option is disabled. It is recommended to enable this option only when certain type of clients like printers fail to connect to the CIFS server.
--dfs-support=yes|no
Enables or disables DFS support for the CIFS server. By default, this option is disabled.
--dns-suffix=DNS-SUFFIX
Sets DNS suffix to be used in DFS referral target node server name. By default, target node server name is only the NetBIOS name without any DNS suffix. To clear the DNS suffix configuration, set an empty string.
--display-user-addr=yes|no
Enables or disables updation of client IP address details for the logged in user in the eDirectory user object. Before enabling this option, the common proxy user must be given write permission on the Network Address attribute at the user level or at the parent container level. By default, this option is disabled.
--disable-smbv1-sessions=none | all
Disables the SMB v1 session from the specified clients.
none does not disable SMB v1 sessions from any of the clients.
all disables SMB v1 session from all clients.
Displays the help information for CIFS commands, syntax, and exits.
Displays the usage information for the commands and exits.
CIFS configuration file.
CIFS context file.
Encrypted CIFS proxy user file.
Initialization script for CIFS. You should use this script to start and stop CIFS, rather than running it directly.
CIFS server log file.
/etc/init.d/novell-cifs start runs this program in the standard way.
/usr/sbin/novcifs runs the client interface program directly.
VOL1:dir1 or VOL1:/dir1 is a volume-based path.