En/5.0/Configuring a file server with Zentyal
Once the Domain Controller and File Sharing module is enabled (either as a Domain Controller or as an Additional Domain Controller), your server can act as an SMB/CIFS File server.
By default each LDAP user has a personal /home/<username> directory on the server. If the Users, Computers and File Sharing module is active this directory will be accessible to the specific user (and only to the user) through SMB/CIFS. Furthermore, if a Windows client host is joined to the domain this directory will be automounted as drive H:.
To create a shared directory, use File Sharing, Shares tab and click Add new.
Enabled:Leave it checked if this directory needs to be shared. Disable to stop sharing.
Share name:The name of the shared directory.
Share path:Directory path to be shared. You can create a sub-directory within the Zentyal specific directory /home/samba/shares, or use an existing file system pathway by selecting Filesystem path.
Comment:A more detailed description of the shared directory simplifies management of shared assets.
Guest access:Enabling this option allows a shared directory to be accessible without authentication. Any other access settings will be ignored.
Apply ACLs recursively:Also replaces all permissions on all subfolders of the new share.
Shared directories can be edited using Access control. By clicking on Add new, you can assign read, read/write or administration permissions to a user or group. If a user is a shared directory administrator, he/she can read, write and delete any user files within that directory.
If you want to store deleted files in a special directory called RecycleBin, you can check the Enable recycle bin box using File Sharing, Recycle bin tab. If you do not want to use this for all shared resources, then you can add exceptions using Resources excluded from Recycle Bin. Other default settings for this feature, such as the directory name, can be modified using the file /etc/zentyal/samba.conf.
SMB/CIFS is a really common protocol that can be used natively on any Windows Client, most flavors of Linux (Using the Nautilus file manager, for example), Android™ and iOS.
Furthermore, the File Sharing daemon is tightly integrated with the Kerberos subsytem (See Kerberos Authentication System on the previous chapter), meaning that if your client is joined to the domain or has acquired the Kerberos TGT by other means, the ACL explained above will be honored without any user intervention.