SMB security settings

You can view and configure the security settings of an SMB share.

Note Image

Changes that are made directly to an SMB share override the default settings that are configured from the Default Share Settings tab.

Setting
Setting value
Create Permission
Sets the default source permissions to apply when a file or directory is created. The default value is Default acl.
Directory Create Mask
Specifies UNIX mode bits that are removed when a directory is created, restricting permissions. Mask bits are applied before mode bits are applied. The default value is that the user has Read, Write, and Execute permissions.
Directory Create Mode
Specifies UNIX mode bits that are added when a directory is created, enabling permissions. Mode bits are applied after mask bits are applied. The default value is None.
File Create Mask
Specifies UNIX mode bits that are removed when a file is created, restricting permissions. Mask bits are applied before mode bits are applied. The default value is that the user has Read, Write, and Execute permissions.
File Create Mode
Specifies UNIX mode bits that are added when a file is created, enabling permissions. Mode bits are applied after mask bits are applied. The default value is that the user has Execute permissions.
Impersonate Guest
Determines guest access to a share. The default value is Never.
Impersonate User
Allows all file access to be performed as a specific user. This must be a fully qualified user name. The default value is No value.
NTFS ACL
Allows ACLs to be stored and edited from SMB clients. The default value is Yes.
Access Based Enumeration
Allows access based enumeration only on the files and folders that the requesting user can access. The default value is No.
HOST ACL
The ACL that defines host access. The default value is No value.