What is SMB on a NAS, do I need to enable it?

What is SMB on a NAS, do I need to enable it?

SMB

The SMB (Server Message Block) protocol allows Windows, Mac, and Linux clients with SMB/CIFS support to access data stored on the Synology NAS. If you would like to browse files on the Synology NAS via Windows Explorer or mount shared folders as network drives, please enable this option at Control Panel > File Services > SMB/AFP/NFS.

To enable SMB protocol:

  1. Tick Enable SMB service.
  2. Click Apply.

Note:

  • After enabling the SMB protocol, you can mount fully indexed folders to your Mac computer via SMB, and use Finder to search for the files contents within the mounted folders (not applicable to NVR216 or VS360HD).

Workgroup

This option allows you to designate the system as a member of a specific workgroup for network management purposes.

Note:

  • The name of a workgroup can include 1 to 15 characters. The name cannot include the following characters: [ ] ; : ” < > * + = \ / | ? ,
  • If you are using a Mac running OS X 10.9 and your Synology NAS has joined a Windows domain, you can log in by adding localhost\ before your Synology NAS local username to access files stored on the Synology NAS via the SMB protocol.

Disallow access to Previous Versions

In Windows Explorer, users can access the snapshots of folders or files by clicking the Previous Versions tab within a shared folder, allowing restoring or copying data without the help from an administrator. If you choose to Disallow access to Previous Versions, the “Previous Versions” Page will not display any information.

Note:

  • This feature is supported only by VDSM and models with the following package architectures: Apollo Lake, Avoton, Braswell, Broadwell, Bromolow, Cedarview, and Grantley. To see which package architecture your model supports, please refer to this article.
  • Users are allowed to access a previous version only if, at the time when the snapshot corresponded to by the previous version is taken, their user accounts have been created and they have been granted the permission to read the shared folder of which the corresponded snapshot is taken.

Enable Transfer Logging

Tick the Enable Transfer Log checkbox to enable the logging of file operations performed over the CIFS/SMB protocol. By default, the Transfer Log will only monitor the deleting of a file or folder; however, you can also go to Log Settings to select other file operation events⁠—creating, moving, renaming, reading, writing⁠—for the system to log. Please note the more file operation events you select, the more likely it is for the system performance to be affected.

Advanced Settings

Click the Advanced Settings button to see the below options.

    • WINS Server: Microsoft Windows Internet Name Service (WINS) is a NetBIOS name-to-IP-address mapping service. Window users will locate the system more easily on TCP/IP networks if the system has been configured to register with a WINS server.
    • Maximum SMB protocol: Depending on your network configuration, set the latest SMB protocol that will be supported by your Synology NAS.
      • SMB1: SMB1 (also called CIFS) has been supported since Windows NT.
      • SMB2: SMB2 has been supported since Windows Vista and is the enhanced version of SMB. SMB2 adds the ability to compound multiple SMB actions into a single request to reduce the number of network packets and enhance performance.
      • SMB2 and Large MTU: Maximum transmission unit (MTU) refers to the largest data unit that can be passed over a communications protocol. In order to take advantage of faster network interfaces, such as 1- or 10-gigabit Ethernet, Large MTU increases the maximum transmission unit to 1 megabyte (MB). Enabling Large MTU improves the speed and efficiency of large file transfers, while reducing the number of packets that need to be processed.
      • SMB3: SMB3 has been supported since Windows 8 and Windows Server 2012. It is the enhanced version of SMB2. SMB3 supports AES-based file encryption transmission, thus improving the security of peer-to-peer file transfers.

      Note:

      • SMB2 is supported on Windows Vista, Windows Server 2008 R2, Windows 7, and later.
      • Large MTU is supported on Windows Server 2008 R2, Windows 7, and later.
      • In order to make large MTU effective with your Windows computer, you will need to modify your computer’s registry settings. For more details, please refer to Microsoft technical support (such as this article).
    • Minimum SMB protocol: Depending on your network configuration, set the earliest SMB protocol that will be supported by your Synology NAS.
    • Transport encryption mode: When SMB3 is enabled, the SMB protocol will add transport encryption to strengthen file transmission security.
      • Disable: No transport encryption will be applied.
      • Auto: Transport encryption will only be applied to clients supporting this feature.
      • Force: Transport encryption will always be applied. This will cause clients that do not support transport encryption to be unable to use the SMB protocol.

Note:

  • Transport encryption is supported on Windows 8, Windows Server 2012, and later.
  • Anonymous logon for the SMB protocol is not supported when transport encryption is enabled.
  • When transport encryption is enabled, please keep Enable Opportunistic Locking checked to avoid application timeouts.
    • Enable Opportunistic Locking: Select to enable “Opportunistic Locking” of CIFS, so that the client can better cache file contents and avoid small read/write overhead. When this option is deselected, database applications will perform better in accessing database files stored on the Synology NAS via network.
      • Enable SMB2 lease: Enabling this option allows more SMB2-related settings to fine-tune the client caching mechanism provided by Opportunistic Locking.
    • Enable Local Master Browser: When multiple Windows computers exist within the same subnet, they will negotiate and elect one computer as a “local master browser.” The local master browser maintains lists of the other computers within the subnet and their shared resources, and shares these lists with the other computers. This option allows the Synology NAS to assume the role of local master browser.

Note:

  • Enabling this function disables hard disk hibernation and activates the guest account without a password.
    • Enable DirSort VFS module: Sorts folder names and lists them alphabetically. Enabling this option affects system performance.
    • Veto files: Hides files according to specified criteria. Criteria can include wildcards (*), and multiple entries should be separated by a slash (/). For example: /abc*/*.txt/*.conf/. Enabling this option affects system performance.
    • Allow symbolic links within shared folders: Select to allow symbolic links to point to files or folders within the same shared folder. Symbolic links can be created using DSM terminal.
      • Allow symbolic links across shared folders: Select to allow symbolic links to point to files or folders in different shared folders. Symbolic links can be created using DSM terminal. However, unprivileged users may be able to access the target shared folders of symbolic links.
    • Enable VFS module to convert Mac special characters: Select to convert SMB-reserved characters (e.g. < > ” * ?) in filenames to Basic Latin during file creation. Such files will be recognizable via AFP.
    • Enable MSDFS VFS module: Allows symbolic links to point to files or folders located on other SMB servers. With older versions of Windows, such as Windows XP, the client and Synology NAS need to join a Windows domain before enabling this option. To learn more about creating MSDFS links, please see here. Please note that the cache of the client device should be cleared after disabling this option (restarting the client device is also recommended), otherwise normal performance and behavior might be affected.
    • Disable multiple connections from the same IP address: When this option is enabled, the Synology NAS only allows one connection per IP address from clients using the SMB protocol. When multiple clients with same IP address use the SMB protocol, the Synology NAS will keep the latest one and drop any older connections. In a NAT environment, the client might be using a single IP address, in which case enabling this option might affect the normal performance.
    • Collect debug logs: When this option is enabled, detailed logs will be stored for debugging purposes. Enabling this option affects system performance.
    • Apply default UNIX permissions: Enable this option to apply the default UNIX permissions when uploading or creating files and folders. The UNIX permission will be 744 for files and 755 for folders. When this option is disabled, UNIX permission is 777 for files and folders.

Note:

  • For Windows ACL enabled shared folders (all shares excluding “photo” and shares on external drives), please run the chmod command on your Linux or FTP client to change folder and file permission types from Windows ACL to UNIX (not applicable to EDS14).
  • Enabling this option might cause inconsistent permission issues between different protocols. To avoid inconsistencies, we suggest leaving this option disabled.
  • Do not reserve disk space when creating files: Enable this option to disallow disk space from being reserved when creating files on your Synology NAS.
  • Enable wildcard search cache: Enable this option to improve search performance if clients send repeated wildcard search requests.
  • Enable SMB durable handles (Cross-protocol file locking will be disabled): Enabling this option allows users to restore lost SMB2 connection to this Synology NAS after temporary disconnection; opened files will remain available during network outage. Yet, cross-protocol file locking will be disabled so that users can access or modify a locked file via non-SMB2 protocols (e.g. AFP).
  • Clear SMB cache: Click this button to delete the following SMB cache files for troubleshooting purposes:
    • /var/cache/samba/netsamlogon_cache.tdb
    • /var/lib/samba/winbindd_cache.tdb
    • /var/lib/samba/share_info.tdb
    • /var/lib/samba/registry.tdb
    • /run/samba/connections.tdb
    • /run/samba/gencacche.tdb
    • /run/samba/gencache_notran.tdb
Posted in Uncategorized

Leave a Reply