The NAS server supports the SMB file sharing protocols with the following versions: SMB1, SMB2.0, SMB2.1, SMB3.
Server version | Default max supported SMB version |
---|---|
11.2 and earlier | SMB1 |
11.3 and later | SMB2 |
The maximum supported SMB version advertised by the NAS server can be configured using the smb-max-supported-version CLI command (see below). The maximum supported SMB dialect is not server or cluster-wide - it is set on a per-EVS basis.
The NAS server supports UCS-2 character encoding when using the SMB protocols (the character set is not negotiable when using the SMB2 protocol).
- A valid CIFS license is required in order to enable SMB2 or SMB3 support (CIFS is a dialect of SMB). For more information about license keys, refer to the Server and Cluster Administration Guide.
-
One of the features of SMB is the ability to assign rights to machine (computer) accounts. The feature acts the same way as authentication of a normal user for an SMB session and can be used for authentication using machine accounts (SessionSetup SMB requests), and for management (add, delete, list) of rights for machine accounts. A machine account is generated automatically by the operating system and registered in Active Directory. It can be used for authentication within a domain. Machine account authentication can be only done by an application which has built-in support. For example, Hyper-V server allows storing virtual machines on remote shares. Such shares should allow full access for the machine account of a computer running Hyper-V server. Authenticated connections using machine accounts will show up in "connection" command output as if it was a normal user connection. The man pages for cifs-saa and cacls-add include an example of computer account use.
Specifying the SMB version for use by the EVS
To specify a version of the SMB protocol for use by the EVS, use the following commands:
- smb-max-supported-version - sets or displays the maximum supported version for both the NAS server and the client. The default is SMB2.
- smb-min-supported-version - limits the minimum supported version for both the NAS server and the client. The default is SMB1.
Disabling SMB1
To disable SMB1 on the NAS server, use the following command:
smb-min-supported-version 2
This command sets the minimum SMB version on the NAS server to SMB2, therefore preventing any new clients connecting using SMB1.
- When a client initiates an SMB connection it advertises support for several versions/dialects. The server will choose the maximum version/dialect the client provides that is within its configured maximum/minimum. For example, a client that supports SMB1, SMB2 and SMB2.1 can establish an SMB2 connection if the max-supported version on the server is set to SMB2.
- Some SMB clients cache the connection type they last used with a server. If they last used SMB2/2.1/3, they may not offer SMB1 as an option until they are restarted.
- Existing SMB/SMB2/SMB3 client connections will continue to function after the minimum supported version has been raised.