All Products
Search

This Product

    Cloud Storage Gateway:Manage SMB shares

    Document Center

    Cloud Storage Gateway:Manage SMB shares

    Last Updated:Jan 08, 2026

    Learn how to manage Server Message Block (SMB) shares in the on-premises file gateway console, including creating, deleting, disabling, and modifying shares, configuring Active Directory (AD), and adding SMB users.

    Prerequisites

    1. You have added a cache. For more information, see Add a cache.

    2. You have bound cloud resources. For more information, see Manage cloud resources.

    Overview

    SMB is a network file sharing protocol that enables communication between clients and servers. It operates on a client/server model.

    Cloud Storage Gateway (CSG) functions as an SMB server, providing standard file sharing services. This allows Windows clients to access the gateway as if it were a local network share.

    To use the CSG SMB service, you first need to create an SMB share and configure its users and access permissions.

    Create an SMB share

    1. In a browser, enter https://<IP address of the file gateway> to access the on-premises file gateway console.

    2. Enter your username and password and click OK.

    3. Select SMB and click Create.

    4. In the Create SMB dialog box, configure the settings for the share.

      Parameter

      Description

      Share Name

      The name of the SMB share.

      Read-only Users

      The list of users who are granted read-only access to the SMB share.

      Read/write Users

      The list of users who are granted read/write access to the SMB share.

      Enabled

      Enables or disables the SMB share.

      To temporarily disable the share, select No.

      Discoverable

      Determines if the share is visible in Network Neighborhood.

      Mode

      Available modes include Cache Mode and Replication Mode.

      • Replication Mode: All data is stored in two copies: one in the local cache and one in Object Storage Service (OSS).

      • Cache Mode: The local cache stores all metadata and frequently accessed user data, while all data is stored in OSS.

      Remote Sync

      Synchronizes metadata from OSS back to the local gateway. This is useful for disaster recovery, data recovery, and data sharing scenarios.

      Note

      Remote Sync scans all objects in the bucket. Buckets with many objects may incur OSS API request fees. For more information, see the API Operation Calling Fees section in OSS pricing.

      Bucket Name

      Select an existing bucket.

      Subdirectory

      Enter a subdirectory within the bucket.

      The subdirectory can contain only English letters and numbers.

      Note

      For enhanced access isolation, gateway versions 1.0.38 and later support mapping a share's root to a specific subdirectory within an OSS bucket.

      The subdirectory can be an existing or a new path in the bucket. After the share is created, this subdirectory acts as the root directory. All subsequent files and directories are created under it.

      Use Metadata Disk

      Separates the data disk from the metadata disk. The metadata disk stores the metadata of the share.

      • If you select Yes, you need to specify a Metadata Disk and a Data Disk.

      • If you select No, you need to specify a Cache Path.

      Note

      This feature is available only to allowlisted users.

      Ignore Deletions

      Prevents file deletion operations from being synchronized to OSS. This helps avoid accidental data loss. All data is retained in OSS.

      Sync Delay

      The delay before a closed file is uploaded. This prevents frequent local modifications from causing OSS fragmentation. The default value is 5s, and the maximum is 120s.

      Max Write Speed

      The maximum write speed is 1280 MB/s. The default value of 0 means no limit.

      Max Upload Speed

      The maximum upload speed is 1280 MB/s. The default value of 0 means no limit.

      Note

      If a speed limit is set, the Max Upload Speed cannot be less than the Max Write Speed.

      Fragmentation Optimization

      Improves performance for applications with frequent, random, small I/O read and write operations. Use this option with caution based on your specific use case.

      Upload Optimization

      Enables real-time cache reclamation. This is suitable for data backup-only scenarios.

    About AD

    AD is a standard application protocol for accessing and modifying directory service data over Internet Protocol (IP) networks.

    • You need to configure a DNS server before joining an AD domain.

    • Only AD domain users or local users can be active at one time. When you join or leave an AD domain, the system automatically deletes the configured user permissions for the SMB share.

    • The AD feature supports only these 64-bit server versions: Windows Server 2016 Datacenter and Windows Server 2012 R2 Datacenter.

    Configure AD

    1. Set the DNS server.

      1. In the on-premises gateway console, click About.

      2. In the Network Configuration section, click Switch DNS Server.

      3. In the Switch DNS Server dialog box, add the DNS server and click Confirm.

        In the DNS Server field, enter the IP address of your AD server to resolve the AD domain name.

    2. Join the AD domain.

      1. Navigate to SMB > AD.

      2. In the Windows Active Directory (AD) section, click Join AD.

      3. In the Join Windows Active Directory (AD) dialog box, complete the following settings and click Confirm.

        • Server IP Address: Enter the IP address of the AD server.

        • Username: Enter the username of the administrator.

        • Password: Enter the password of the administrator.

        After the connection is established, the Connected parameter in the Windows Active Directory (AD) section changes to Yes.

        Note

        • After you join the AD domain, the local user permissions configured for the SMB share are removed.

        • CSG does not support multiple AD domains for a gateway. For example, a gateway can be configured for a parent domain or a child domain, but not for both concurrently.

    Add SMB users

    When the gateway is not connected to an AD domain, local SMB users can be created to access the CSG. If the gateway is connected to an AD domain, the SMB Users page will be empty and serves only to query domain user information from the AD server.

    1. In the on-premises gateway console, navigate to SMB > SMB Users.

    2. Click Create.

    3. In the Add SMB User dialog box, configure the username and password.

    4. Click Confirm.

    More operations

    Operation

    Description

    Disable an SMB share

    On the SMB page, click the switch in the upper-left corner to disable all SMB shares.

    To disable a single SMB share:

    On the SMB List tab, find the SMB share, click Settings, and set the Enable option to No.

    Delete an SMB share

    On the SMB List tab, find the SMB share and click Delete.

    Warning

    • After an SMB share is deleted, its corresponding Windows mount point or mapped network drive immediately becomes invalid.

    • Deleting a share interrupts your services and data synchronization. Proceed with caution.

    Modify an SMB share

    On the SMB List tab, find the SMB share and click Settings or Advanced Settings to modify the share.

    Refresh cache

    On the SMB List tab, find the SMB share and click Refresh Cache.

    Delete an SMB user

    On the SMB Users tab, find the user and click Delete.

    Disconnect

    On the AD tab, click Disconnect to close the AD connection.

    Next step

    Access an SMB share