Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support
TrueNAS.com Software Systems Company Community Security iX Portal Download
TrueNAS CORE TrueNAS Enterprise TrueNAS SCALE Compare Editions TrueCommand Software Status FreeNAS
Compare Systems F-Series M-Series X-Series R-Series Mini Series
About iXsystems Our Clients Reviews Careers Awards iX Blog & News iX Website Contact Us
Community Forum Discord TrueNAS GitHub TrueNAS Merch Store
Application Analytics Backup and Archival Cloud Data Mobility File Sharing iX Storj Media Creation Video Surveillance Virtualization
Industry Automotive Education Gaming Government Healthcare MSP Manufacturing Research & AI Media & Entertainment
Download TrueNAS CORE Download TrueNAS SCALE Get TrueNAS Enterprise Compare TrueNAS Editions Where to Buy
  1. Documentation Hub
  2. /
  3. TrueNAS CORE
  4. /
  5. UI Reference Guide
  6. /
  7. Sharing
  8. /
  9. SMB Share Screen
Edit page
TrueNAS CORETrueNAS CORE Nightly Development Documentation
This content follows experimental early release software. Use the Product and Version selectors above to view content specific to a stable software release.

SMB Share Screen

  8 minute read.

Last Modified 2023-11-30 10:15 EST

Server Message Block (SMB) is a file sharing protocol. Windows and other operating systems use SMB.

Go to Sharing > Windows Shares (SMB) to display the SMB screen and setup SMB shares on your TrueNAS.

SharingSMBScreen

Click Columns to change the information displayed in the table. Options are Unselect All, Path, Description, Enabled and Reset to Defaults.

Click Add to display the BASIC Options settings screen.

Basic Options

SharingSMBBasicOptions

NameDescription
PathUse the file browser or click the /mnt to select the pool, dataset or directory to share.
NameEnter a name for the SMB share.
PurposeSelect a preset purpose configuration. This locks in predetermined values for the share. This includes Advanced Options, as well as the Path Suffix. Select from the dropdown list. Options are:
No presets
Default share parameters
Multi-user time machine
Multi-protocol (AFP/SMB) shares
Multi-protocol (NFSv3/SMB) shares
Private SMB Datasets and Shares
SMB WORM. Files become readonly via SMB after 5 minutes. Note: The SMB WORM preset only impacts writes over the SMB protocol. Prior to deploying this option in a production environment the user needs to determine whether the feature meets his / her requirements.
See “What do all the presets do?” for more information on presets.
DescriptionOptional. Explains the purpose of the share.
EnabledSelect to enable this SMB share. Clear checkbox to disable the share without deleting the configuration.
What do all the presets do?

The following table shows the preset options for the different Purposes and if those options are locked. An [x] indicates the option is enabled, [ ] means the option is disabled, and [text] indicates a specific value:

Default share parametersMulti-user time machineMulti-protocol (AFP/SMB) sharesMulti-protocol (NFSv3/SMB) sharesPrivate SMB Datasets and SharesFiles become readonly of SMB after 5 minutes
[x] Enable ACL (locked)[x] Enable ACL (unlocked)[x] Enable ACL (locked)[ ] Enable ACL (locked)[ ] Enable ACL (unlocked)[ ] Enable ACL (unlocked)
[ ] Export Read Only (locked)[ ] Export Read Only (unlocked)[ ] Export Read Only (unlocked)[ ] Export Read Only (unlocked)[ ] Export Read Only (unlocked)[ ] Export Read Only (unlocked)
[x] Browsable to Network Clients (locked)[x] Browsable to Network Clients (unlocked)[x] Browsable to Network Clients (unlocked)[x] Browsable to Network Clients (unlocked)[x] Browsable to Network Clients (unlocked)[x] Browsable to Network Clients (unlocked)
[ ] Allow Guest Access (unlocked)[ ] Allow Guest Access (unlocked)[ ] Allow Guest Access (unlocked)[ ] Allow Guest Access (unlocked)[ ] Allow Guest Access (unlocked)[ ] Allow Guest Access (unlocked)
[ ] Access Based Share Enumeration (locked)[ ] Access Based Share Enumeration (unlocked)[ ] Access Based Share Enumeration (unlocked)[ ] Access Based Share Enumeration (unlocked)[ ] Access Based Share Enumeration (unlocked)[ ] Access Based Share Enumeration (unlocked)
[ ] Hosts Allow (locked)[ ] Hosts Allow (unlocked)[ ] Hosts Allow (unlocked)[ ] Hosts Allow (unlocked)[ ] Hosts Allow (unlocked)[ ] Hosts Allow (unlocked)
[ ] Hosts Deny (locked)[ ] Hosts Deny (unlocked)[ ] Hosts Deny (unlocked)[ ] Hosts Deny (unlocked)[ ] Hosts Deny (unlocked)[ ] Hosts Deny (unlocked)
[ ] Use as Home Share (locked)[ ] Use as Home Share (unlocked)[ ] Use as Home Share (unlocked)[ ] Use as Home Share (unlocked)[ ] Use as Home Share (unlocked)[ ] Use as Home Share (unlocked)
[ ] Time Machine (locked)[ ] Time Machine (unlocked)[ ] Time Machine (unlocked)[ ] Time Machine (unlocked)[ ] Time Machine (unlocked)[ ] Time Machine (unlocked)
[x] Enable Shadow Copies (locked)[x] Enable Shadow Copies (unlocked)[x] Enable Shadow Copies (unlocked)[x] Enable Shadow Copies (unlocked)[x] Enable Shadow Copies (unlocked)[x] Enable Shadow Copies (unlocked)
[ ] Export Recycle Bin (locked)[ ] Export Recycle Bin (unlocked)[ ] Export Recycle Bin (unlocked)[ ] Export Recycle Bin (unlocked)[ ] Export Recycle Bin (unlocked)[ ] Export Recycle Bin (unlocked)
[ ] Use Apple-style Character Encoding (locked)[ ] Use Apple-style Character Encoding (unlocked)[x] Use Apple-style Character Encoding (locked)[x] Use Apple-style Character Encoding (unlocked)[x] Use Apple-style Character Encoding (unlocked)[x] Use Apple-style Character Encoding (unlocked)
[x] Enable Alternate Data Streams (locked)[x] Enable Alternate Data Streams (unlocked)[x] Enable Alternate Data Streams (locked)[ ] Enable Alternate Data Streams (locked)[ ] Enable Alternate Data Streams (unlocked)[ ] Enable Alternate Data Streams (unlocked)
[x] Enable SMB2/3 Durable Handles (locked)[x] Enable SMB2/3 Durable Handles (unlocked)[ ] Enable SMB2/3 Durable Handles (locked)[ ] Enable SMB2/3 Durable Handles (locked)[ ] Enable SMB2/3 Durable Handles (unlocked)[ ] Enable SMB2/3 Durable Handles (unlocked)
[ ] Enable FSRVP (locked)[ ] Enable FSRVP (unlocked)[ ] Enable FSRVP (locked)[ ] Enable FSRVP (unlocked)[ ] Enable FSRVP (unlocked)[ ] Enable FSRVP (unlocked)
[ ] Path Suffix (locked)[%U] Path Suffix (locked)[%U] Path Suffix (unlocked)[%U] Path Suffix (unlocked)[%U] Path Suffix (locked)[ ] Path Suffix (locked)
[ ] Auxiliary Parameters (unlocked)[ ] Auxiliary Parameters (unlocked)[ ] Auxiliary Parameters (unlocked)[ ] Auxiliary Parameters (unlocked)[ ] Auxiliary Parameters (unlocked)[ ] Auxiliary Parameters (unlocked)

Advanced Options

SharingSMBAdvancedOptions

Access and Other Options are the two options groups. Access settings allow systems or users to access or change the shared data.

NameDescription
Enable ACLSelect to add Access Control List (ACL) support to the share. Leave checkbox clear to disable ACL support and delete any existing ACL for the share.
Export Read OnlySelect to prohibit writes to the share. Leave checkbox clear to allow writes to the share.
Browsable to Network ClientsSelect to include this share name when browsing shares. Home shares are only visible to the owner regardless of this setting.
Allow Guest AccessSelect to make privileges the same as the guest account. Windows 10 version 1709 and Windows Server version 1903 have disabled guest access. Guest access for these clients requires extra client-side configuration.

MacOS clients: Trying to connect as a user that does not exist in TrueNAS does not default to the guest account. The Connect As: Guest option must be specifically chosen in MacOS to log in as the guest account. See the Apple documentation for more details.
Access Based Share EnumerationSelect to restrict share visibility to users with read or write access to the share. See the smb.conf manual page.
Hosts AllowEnter a list of allowed host names or IP addresses. Separate entries by pressing Enter. A more detailed description with examples see here.
Hosts DenyEnter a list of denied host names or IP addresses. Separate entries by pressing Enter.
Host Allow and Hosts Deny Fields

The Hosts Allow and Hosts Deny fields set up different access scenarios:

  • If neither Hosts Allow or Hosts Deny contain an entry, then allow SMB share access for any host.
  • If there is an entry in Hosts Allow list but none in Hosts Deny list, then only allow hosts on the Hosts Allow list.
  • If there is an entry in Hosts Deny list but none in Hosts Allow list, then allow all hosts that are not on the Hosts Deny list.
  • If there are both an entry in Hosts Allow and Hosts Deny list, then allow all hosts that are on the Hosts Allow list. If there is a host not on the Hosts Allow and not on the Hosts Deny list, then allow it.

The Other Options have settings for improving Apple software compatibility. There are also ZFS snapshot features, and other advanced features.

NameDescription
Use as Home ShareSelect to allow the share to host user home directories. Gives each user a personal home directory when connecting to the share. This personal home directory is not accessible by other users. This allows for a personal, dynamic share. It is only possible to use one share as the home share. See the configuring Home Share article for detailed instructions.
Time MachineSelect to enable Apple Time Machine backups on this share.
Enable Shadow CopiesSelect to allow export ZFS snapshots as Shadow Copies for Microsoft Volume Shadow Copy Service (VSS) clients.
Export Recycle BinWhen selected, moves files deleted from the same dataset to a recycle bin located in that dataset. These files do not take any extra space.
Use Apple-style Character EncodingSelect to convert NTFS illegal characters in the same manner as MacOS SMB clients. By default, Samba uses a hashing algorithm for NTFS illegal characters.
Enable Alternate Data StreamsSelect to allow multiple NTFS data streams. Disabling this option causes MacOS to write streams to files on the file system.
Enable SMB2/3 Durable HandlesSelect to allow using open file handles that can withstand short disconnections. Support for POSIX byte-range locks in Samba is also disabled. This option is not recommended when configuring multi-protocol or local access to files.
Enable FSRVPSelect to enable support for the File Server Remote VSS Protocol (FSVRP). This protocol allows Remote Procedure Call (RPC) clients to manage snapshots for a specific SMB share. The share path must be a dataset mountpoint. Snapshots have the prefix fss- followed by a snapshot creation timestamp. A snapshot must have this prefix for an RPC user to delete it.
Path SuffixAppends a suffix to the share connection path. This provides unique shares on a per-user, per-computer, or per-IP address basis. Suffixes can contain a macro. See the smb.conf manual page for a list of supported macros. The connectpath must be preset before a client connects.
Auxiliary ParametersAdditional smb.conf settings.

Click Submit to save setings. This creates the share and adds it to the Sharing > Windows Shares (SMB) list.

Click CANCEL to exit without saving and return to the main SMB screen.

Related Content

CORE UI Reference
CORE Tutorials
General Reference

Have more questions?

For further discussion or assistance, see these resources:

Found content that needs an update?  You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).