Follow

For native SMB protocol support, NAS commands manage local SMB users and groups, as well as the InfiniBox machine account membership in the Active Directory (AD) used for authenticating SMB users


config.nas.active_directory.join 

ROLE: Admin 

Description

Add a connection from the InfiniBox to the Active Directory.

After this command is run, InfiniBox uses its AD account to authenticate SMB users. 

Syntaxconfig.nas.active_directory.join domain=STR username=STR preferred_controllers=PREFERREDCONTROLLERS[,PREFERREDCONTROLLERS,...] [password=STR]
Argumentsdomain FQDN of the AD domain
usernameName of InfiniBox's administrator account in the AD domain
preferred_controllersIP addresses of each domain controller to be used for InfiniBox communication to the AD, separated by commas
passwordPassword of InfiniBox's administrator account in the AD domain
Exampleconfig.nas.active_directory.join domain=ad2k8r2.local username=admin preferred_controllers=172.20.84.246 password=123456



config.nas.active_directory.leave 

ROLE: Admin 

Description

Leave the Active Directory domain.

After this command is run, InfiniBox can no longer use its AD account to authenticate SMB users. 

Syntaxconfig.nas.active_directory.leave username=STR [password=STR]
ArgumentsusernameName of InfiniBox's administrator account in the AD domain
passwordPassword of InfiniBox's administrator account in the AD domain
Exampleconfig.nas.active_directory.leave username=admin

Please enter a password for user admin:

******
Leaving Active Directory domain ad2k8r2.local means further access of domain users will be denied.
Are you sure? [y/n]
y



config.nas.active_directory.query 

ROLE: All Roles

Description

Show Active Directory domain details.

Syntaxconfig.nas.active_directory.query
Exampleconfig.nas.active_directory.query

Domain                   ad2k8r2.local
Preferred Controllers    172.20.84.246



config.nas.active_directory.set_preferred_controllers 

ROLE: Admin 

Description

Set which domain controllers can be used for communication with Active Directory.

Syntaxconfig.nas.active_directory.set_preferred_controllers preferred_controllers=PREFERREDCONTROLLERS[,PREFERREDCONTROLLERS,...]
Argumentspreferred_controllersIP addresses of each domain controller to be used for InfiniBox communication to the AD, separated by commas
Example
config.nas.active_directory.set_preferred_controllers preferred_controllers=172.20.84.244,172.20.84.245



config.nas.smb_groups.create

ROLE: Admin, Pool Admin

Description

Create a local group for SMB.

  • Local groups can contain both local users and domain users and groups.
  • Local groups can be used to control access to files and user privileges.
Syntaxconfig.nas.smb_groups.create name=SMBGROUPNAME [privilege={SECHANGENOTIFYPRIVILEGE|...}[,{SECHANGENOTIFYPRIVILEGE|...},...]] [domain_members=STR[,STR,...]]
Argumentsname

Up to 255 Latin characters, numbers, spaces, and the following symbols: ^&'$!-#%.~_
Cannot end with a period. Leading and trailing whitespace characters are stripped.

privilege

Any combination of SECHANGENOTIFYPRIVILEGE, SETAKEOWNERSHIPPRIVILEGE, SEBACKUPPRIVILEGE, or SERESTOREPRIVILEGE, separated by commas.

domain_members

The security identifiers (SIDs), separated by commas, of one or more other groups to add as domain members of this parent group.

Exampleconfig.nas.smb_groups.create name=SMBgroup1
Smb group "SMBgroup1" created



config.nas.smb_groups.query

ROLE: All Roles 

Description

List the local SMB groups.

Syntaxconfig.nas.smb_groups.query [group=SMBGROUP]
ArgumentsgroupName of an existing SMB group.
Example
config.nas.smb_groups.query

GROUP            PRIVILEGES                                                  DOMAIN MEMBERS
Administrators   SECHANGENOTIFYPRIVILEGE, SETAKEOWNERSHIPPRIVILEGE           S-1-5-21-2233157454-221004845-2210441420-8160
Auditing Team    -                                                           -
Backup Operators SECHANGENOTIFYPRIVILEGE, SEBACKUPPRIVILEGE, SERESTOREPRIVILEGE -
GroupX           SECHANGENOTIFYPRIVILEGE                                     S-1-5-32-544
Guests           -                                                           -
Power Users      SECHANGENOTIFYPRIVILEGE                                     -
SMBgroup1        SECHANGENOTIFYPRIVILEGE                                     -
Users            SECHANGENOTIFYPRIVILEGE                                     s-1-5-21-2233902094-2262936353-2275936968-513



config.nas.smb_groups.delete

ROLE: Admin, Pool Admin 

Description

Delete a local SMB group.

Members of the SMB group will no longer have the group's privilege levels.

Syntaxconfig.nas.smb_groups.delete group=SMBGROUP
ArgumentsgroupName of an existing SMB group.
Example
config.nas.smb_groups.delete group=SMBgroup1

Are you sure you want to delete SMB Group 'SMBgroup1'?
Are you sure? [y/n]

y
Smb group "SMBgroup1" deleted



config.nas.smb_groups.set_domain_members

ROLE: Admin, Pool Admin 

Description

Change the AD domain members of a local SMB group.

Local groups can contain both local users and domain users and groups.

Syntaxconfig.nas.smb_groups.set_domain_members group=SMBGROUP domain_members=STR[,STR,...]
ArgumentsgroupName of an existing SMB group.
domain_members

The security identifiers (SIDs), separated by commas, of one or more other groups to be the domain members of this parent group.

Exampleconfig.nas.smb_groups.set_domain_members group=SMBgroup1 domain_members=S-1-20-22



config.nas.smb_groups.set_privileges

ROLE: Admin, Pool Admin

Description

Change the privileges of a local SMB group.

Syntaxconfig.nas.smb_groups.set_privileges group=SMBGROUP privileges={SECHANGENOTIFYPRIVILEGE|...}[,{SECHANGENOTIFYPRIVILEGE|...},...]
ArgumentsgroupName of an existing SMB group.
privileges

Any combination of SECHANGENOTIFYPRIVILEGE, SETAKEOWNERSHIPPRIVILEGE, SEBACKUPPRIVILEGE, or SERESTOREPRIVILEGE, separated by commas.

Exampleconfig.nas.smb_groups.set_domain_members group=SMBgroup1 privilege=SECHANGENOTIFYPRIVILEGE



config.nas.smb_users.create

ROLE: Admin, Pool Admin  

Description

Create a local user for SMB.

Syntaxconfig.nas.smb_users.create name=SMBUSERNAME [password=STR] [enabled=YES|NO|Y|N] [primary_group=SMBGROUP] [groups=SMBGROUP[,SMBGROUP,...]] [privileges={SECHANGENOTIFYPRIVILEGE|...}[,{SECHANGENOTIFYPRIVILEGE|...},...]]
Argumentsname Up to 20 Latin characters, numbers, spaces, and the following symbols: ^&'$!-#%.~_
Cannot end with a period. Leading and trailing whitespace characters are stripped.
password
  • Must be between 6 and 255 characters
  • Must not contain the user name
  • Must include characters from at least three of the following four categories:
    • English uppercase characters:  A to Z
    • English lowercase characters:  a to z
    • Digits:  0 to 9
    • Special characters:  - ~ ! @ # $ ^ & * _ - + = ` \ | ( ) [ ] : ; " ' < > , . ? /
enabledEither yes or no.
primary_groupName of an existing local SMB group that will be the user's primary group.
groupsName of other existing SMB groups that the user will be a member of, separated by commas.
privilegesAny combination of SECHANGENOTIFYPRIVILEGE, SETAKEOWNERSHIPPRIVILEGE, SEBACKUPPRIVILEGE, or SERESTOREPRIVILEGE, separated by commas.
Exampleconfig.nas.smb_users.create name="Sam Doe"
Please enter a password for user Sam Doe:
********
Smb user "Sam Doe" created



config.nas.smb_users.query

ROLE: All Roles

Description

List existing local SMB users.

Syntaxconfig.nas.smb_users.query [user=SMBUSERS] [enabled=YES|NO|Y|N] [primary_group=SMBGROUP]
ArgumentsuserName of an existing SMB user.
enable

Either yes or no.

primary_group

Name of an existing SMB group.

Exampleconfig.nas.smb_users.query

USER          SID                                             ENABLED  PRIMARY GROUP    GROUPS   PRIVILEGES
Administrator S-1-5-21-2283658775-3225215364-2948064376-500   yes      Administrators   -        -
gn            S-1-5-21-2283658775-3225215364-2948064376-1006  yes      Users            GroupX   SECHANGENOTIFYPRIVILEGE
Guest         S-1-5-21-2283658775-3225215364-2948064376-501   yes      Guests           -        -
Jane Doe      S-1-5-21-2283658775-3225215364-2948064376-1004  no       Users            -        SETAKEOWNERSHIPPRIVILEGE
John Doe      S-1-5-21-2283658775-3225215364-2948064376-1001  yes      Power Users      Users    SECHANGENOTIFYPRIVILEGE
NewAdmin      S-1-5-21-2283658775-3225215364-2948064376-1005  yes      Power Users      -        -



config.nas.smb_users.delete

ROLE: Admin, Pool Admin 

Description

Delete a local SMB user.

Syntaxconfig.nas.smb_users.delete user=SMBUSERS
ArgumentsuserName of an existing SMB user.
Example
config.nas.smb_users.delete user="Sam Doe"

Deleting an SMB user permanently removes their access privileges.
Are you sure? [y/n]

y
Smb user "Sam Doe" deleted



config.nas.smb_users.disable

ROLE: Admin, Pool Admin  

Description

Disable a local SMB user.

Syntaxconfig.nas.smb_users.disable user=SMBUSERS
ArgumentsuserName of an existing SMB user.
Example
config.nas.smb_users.disable user="Sam Doe"

Disabling an SMB user revokes their access privileges for as long as they remain disabled.
Are you sure? [y/n]

y
Smb user "Sam Doe" disabled



config.nas.smb_users.enable

ROLE: Admin, Pool Admin  

Description

Enable a local SMB user.

Syntaxconfig.nas.smb_users.enable user=SMBUSERS
ArgumentsuserName of an existing SMB user.
Example
config.nas.smb_users.enable user="Sam Doe"
Smb user "Sam Doe" enabled



config.nas.smb_users.set_primary_group

ROLE: Admin, Pool Admin  

Description

Change the primary group for a local SMB user.

Local groups can contain both local users and domain users and groups.

Syntaxconfig.nas.smb_users.set_primary_group user=SMBUSERS primary_group=SMBGROUP
ArgumentsuserName of an existing SMB user.
primary_group

Name of an existing SMB group.

Exampleconfig.nas.smb_users.set_primary_group user="Sam Doe" primary_group=Guests
Smb user "Sam Doe" updated



config.nas.smb_users.add_group

ROLE: Admin, Pool Admin  

Description

Add a local SMB user as a member in a group.

Syntaxconfig.nas.smb_users.add_group user=SMBUSERS group=SMBGROUP
ArgumentsuserName of an existing SMB user.
group

Name of an existing SMB group.

Exampleconfig.nas.smb_users.add_group user="Sam Doe" group="Power Users"
Smb user "Sam Doe" updated



config.nas.smb_users.remove_group

ROLE: Admin, Pool Admin 

Description

Remove a local SMB user from a group to which it belongs.

You cannot remove a user from its primary group.

Syntaxconfig.nas.smb_users.remove_group user=SMBUSERS group=SMBGROUP
ArgumentsuserName of an existing SMB user.
group

Name of an existing SMB group.

Exampleconfig.nas.smb_users.remove_group user="Sam Doe" group="Power Users"
Smb user "Sam Doe" updated



config.nas.smb_users.set_privileges

ROLE: Admin, Pool Admin 

Description

Change the privileges of a local SMB user.

Syntaxconfig.nas.smb_users.set_privileges user=SMBUSERS privileges={SECHANGENOTIFYPRIVILEGE|...}[,{SECHANGENOTIFYPRIVILEGE|...},...]
ArgumentsuserName of an existing SMB user.
privileges

Any combination of SECHANGENOTIFYPRIVILEGE, SETAKEOWNERSHIPPRIVILEGE, SEBACKUPPRIVILEGE, or SERESTOREPRIVILEGE, separated by commas.

Exampleconfig.nas.smb_users.set_privileges user="Sam Doe" privileges=SECHANGENOTIFYPRIVILEGE
Smb user "Sam Doe" updated



config.nas.smb_users.change_password

ROLE: Admin, Pool Admin 

Description

Change the password of a local SMB user.

Syntaxconfig.nas.smb_users.change_password user=SMBUSERS password=STR
ArgumentsnameName of an existing SMB user.
password

Any sequence of characters that meet InfiniBox' password requirements.

Exampleconfig.nas.smb_users.set_change_password user="Sam Doe" password=123abcABC
Re-enter new password:
*********
Smb user "Sam Doe" password changed



Was this article helpful?
0 out of 0 found this helpful

0 out of 0 found this helpful

Last edited: 2022-08-06 08:35:33 UTC

Comments