All Products
Search

This Product

    Cloud Storage Gateway:Add Active Directory domain users and groups to an SMB share

    Document Center

    Cloud Storage Gateway:Add Active Directory domain users and groups to an SMB share

    Last Updated:Jan 22, 2024

    This topic describes how to add Active Directory (AD) domain users and AD groups to an SMB share of a file gateway.

    Prerequisites

    1. An SMB share is created for the file gateway. For more information, see Manage shares.

    2. The file gateway is added to an AD domain. For more information, see How do I add a file gateway to an Active Directory domain?

    3. The file gateway must be V1.9.3 or later. If the gateway is earlier than V1.9.3, update the gateway. For more information, see Update gateways.

    Add AD domain users

    After the gateway is added to an AD domain, you can allow existing users in the domain to access the SMB share for user-authenticated access to the SMB share.

    Procedure

    1. Log on to the Cloud Storage Gateway (CSG) console.

    2. Select the region where the file gateway resides.

    3. In the left-side navigation pane, click Gateways. On the page that appears, click the ID of the file gateway.

    4. On the Share page, find the share that you want to allow access to and click Settings in the Actions column.

    5. In the SMB Share Settings dialog box, add AD domain users to which you want to grant read/write permissions on the share and AD domain users to which you want to grant the read-only permission on the share.

      Note

      When you add AD domain users, use the <Domain username>@<domain> format.

      Parameter

      Example

      Description

      Read/Write Users

      user1@xxx.com

      The users that you want to allow read/write access to the SMB share.

      Read-only Users

      user2@xxx.com

      The users that you want to allow read-only access to the SMB share.

      Note

      If you grant both the read-only and read/write permissions to a user, only the read-only permission takes effect for the user.

    6. Click OK. You can view the users that are allowed access to the SMB share on the Share page of the gateway in the CSG console.3AA38D72-DB71-40f3-956B-77A03F903147.png

    Add Active Directory groups

    After the gateway is added to an AD domain, you can allow existing groups in the domain to access the SMB share for group-authenticated access to the SMB share.

    Procedure

    1. Log on to the CSG console.

    2. Select the region where the file gateway resides.

    3. In the left-side navigation pane, click Gateways. On the page that appears, click the ID of the file gateway.

    4. On the Share page, find the share that you want to allow access to and click Settings in the Actions column.

    5. In the SMB Share Settings dialog box, add AD groups to which you want to grant read/write permissions on the share and AD groups to which you want to grant the read-only permission on the share.

      Note

      When you add AD groups, use the <Domain>\<Group> format.

      Parameter

      Example

      Description

      Read/Write Users

      xxx\group1

      The users that you want to allow read/write access to the SMB share.

      Read-only Users

      xxx\group2

      The users that you want to allow read-only access to the SMB share.

      Note

      If you grant both the read-only and read/write permissions to a group of users, only the read-only permission takes effect for the group.

    6. Click OK. You can view the users that are allowed access to the SMB share on the Share page of the gateway in the CSG console.E8A94AC4-1F01-430a-AE9C-216B942EE55C.png

    Share access

    You access an SMB share from a Windows client. For more information, see Access an SMB share.