7. Tap or click Next, and then set basic permissions for the share. You’ll find helpful pointers in “Managing share permissions” later in the chapter. The available options are as follows:
■ All Users Have Read-Only Access Gives users access to view files and read data. They can’t create, modify, or delete files and folders.
■ Administrators Have Full Access; Other Users Have Read-Only Access Gives administrators complete control over the share. Full access allows administrators to create, modify, and delete files and folders. On an NTFS volume or partition, it also gives administrators the right to change permissions and to take ownership of files and folders. Other users can view files and read data; however, they can’t create, modify, or delete files and folders.
■ Administrators Have Full Access; Other Users Have No Access Gives administrators complete control over the share, but prevents other users from accessing the share.
■ Customize Permissions Allows you to configure access for specific users and groups, which is usually the best technique to use. Setting share permissions is discussed fully in “Managing share permissions.”
8. When you tap or click Finish, the wizard creates the share and displays a status report, which should state “Sharing Was Successful.” If an error is displayed instead, note the error and take corrective action as appropriate before repeating this procedure to create the share. Tap or click Finish.
Individual folders can have multiple shares. Each share can have a different name and a different set of access permissions. To create additional shares on an existing share, just follow the preceding steps for creating a share with these changes:
In step 4, when you name the share, make sure that you use a different name.
In step 5, when you add a description for the share, use a description that explains what the share is used for and how it’s different from the other shares for the same folder.
Creating shared folders in Server Manager
In Server Manager, you share a folder by following these steps:
1. The Shares subnode of the File And Storage Services node shows existing shares for file servers that have been added for management. In the Shares pane, tap or click Tasks, and then tap or click New Share to start the New Share Wizard.
2. Choose one of the available file share profiles, and then tap or click Next. The New Share Wizard has the following file share profiles:
■ SMB Share-Quick A basic profile for creating SMB file shares that allows you to configure the settings and permissions of the shares.
■ SMB Share-Advanced An advanced profile for creating SMB file shares that allows you to configure the settings, permissions, management properties, and NTFS quota profile (if applicable) of the shares.
■ SMB Share-Applications A custom profile for creating SMB file shares with settings appropriate for Hyper-V, certain databases, and other server applications. It’s essentially the same as the quick profile, but it doesn’t allow you to enable access-based enumeration or offline caching.
NOTE If you are using the Server For NFS role service, options are available for creating NFS shares as well.
REAL WORLD SMB 3.0 includes enhancements for server-based applications. These enhancements improve performance for small random reads and writes, which are common with server-based applications, such as Microsoft SQL Server OLTP. With SMB 3.0, packets use large Maximum Transmission Units (MTUs) as well, which enhance performance for large, sequential data transfers, such as those used for deploying and copying virtual hard disks (VHDs) over the network, database backup and restore over the network, and SQL Server data warehouse transactions over the network.
3. On the Select The Server And Path For This Share page, select the server and volume on which you want the share to be created. Only file servers you’ve added for management are available. When you are ready to continue, tap or click Next.
By default, Server Manager creates the file share as a new folder in the \Shares directory on the selected volume. To override this, choose the Type A Custom Path option, and then either enter the share path, such as C: \Data, or click Browse to use the Select Folder dialog box to select the share path.
4. On the Specify Share Name page, enter a name for the share, as shown in Figure 3–5. This is the name of the folder to which users will connect. Share names must be unique for each system.
FIGURE 3–5 Set the name and description for the share.
5. If you want to, enter a description of the share in the Description text box. When you view shares on a particular computer, the description is displayed in Computer Management.
6. Note the local and remote paths to the share. These paths are set based on the share location and share name you specified. When you are ready to continue, tap or click Next.
7. On the Configure Share Settings page, use the following options to configure
the way the share is used:
■ Enable Access-Based Enumeration Configures permissions so that when users browse the folder, only files and folders a user has been granted at least Read access to are displayed. If a user doesn’t have at least Read (or equivalent) permission for a file or folder within the shared folder, that file or folder is hidden from view. (This option is dimmed if you are creating an SMB share optimized for applications.)
■ Allow Caching Of Share Configures the share to cache only the files and programs that users specify for offline use. Although you can later edit the share properties and change the offline files’ availability settings, you typically want to select this option because it allows users to take advantage of the new Always Offline feature. Optionally, if the BranchCache For Network Files role service is installed on the file server, select Enable BranchCache to enable computers in a branch office to cache files that are downloaded from the shared folder and then securely share the files to other computers in the branch office. (This option is dimmed if you are creating an SMB share optimized for applications.)
■ Encrypt Data Access Configures the share to use SMB encryption, which protects file data from eavesdropping while being transferred over the network. This option is useful on untrusted networks.
8. On the Specify Permissions To Control Access page, the default permissions assigned to the share are listed. By default, the special group Everyone is granted the Full Control share permission and the underlying folder permissions are as listed. To change share, folder, or both permissions, tap or click Customize Permissions, and then use the Advanced Security Settings dialog box to configure the required permissions. Setting share permissions is discussed fully in “Managing share permissions” later in this chapter. Setting folder permissions is discussed fully in “Understanding file and folder permissions” in Chapter 4 “Data security and auditing.”