The SMB server integrates seamlessly into the existing domain and simplifies access control by performing all authentications against the existing domain user accounts.
When accessing a share, the SMB server checks the appropriate permissions. If access is granted at this level, standard file and directory access permissions apply.
The SMB server operates on a specific domain and can, optionally, join an Active Directory. It interacts with a domain controller (DC) in its domain to validate user credentials. The server supports Kerberos-based authentication to an Active Directory, as well as NTLM authentication. In addition to users belonging to its domain, the server allows connections from members of trusted domains.
The SMB server automatically grants administrator privileges to domain administrators who have been authenticated by the DC. In addition, local administration privileges can be assigned, including backup operator privileges to selected groups (or users).