Versions Compared

Old Version 8

changes.mady.by.user Guntis G.

Saved on

compared with

New Version 11

changes.mady.by.user Guntis G.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Sub-menu: /ip smb
Packages required: system

SMB 1.0 server provides file sharing access to configured folders of the router.

Note

RouterOS only supports SMB2.1 SMB3.0, SMB3.1.1 dialects (. SMB1 is not supported due to security vulnerabilities).

Server settings

PropertyDescription
comment (string; Default: MikrotikSMB)Set comment for the server
domain (string; Default: MSHOME)Name of Windows Workgroup
enabled (yes | no | auto Default: auto)The default value is 'auto.' This means that the SMB server will automatically be enabled when the first non-disabled SMB share is configured under '/ip smb share'
interface (string; Default: all)List of interfaces on which SMB service will be running. all - SMB will be available on all interfaces.

...

PropertyDescription
comment (string; Default: default share)Set a comment for the share
disabled (yes | no; Default: no)If disabled, the share will not be accessible.

valid-users (list of strings; | Default:)

Specifies which users are allowed to access the Samba share. If it is left empty, all users will be able to access the share, once user or users are defined here, only they will be able to access the share

invalid-users (list of strings; | Default: )

Used to specify users who are explicitly denied access to the Samba share.

require-encryption (yes | no; Default: no)

Enforces the use of encryption for all connections to a particular Samba share
name (string; Default: )Name of the SMB share
directory (string; Default: )Directory on router assigned to SMB share. If left empty value of the name argument will be used from the root folder.

...

  • create user:
Code Block
languageros
/ip smb user /smb/users/add read-only=no name=mtuser password=mtpasswd
  • add a shared folder:
Code Block
languageros
/ip /smb share add /shares/add directory=backup name=backup
  • enable SMB service:
Code Block
languageros
#this step is optional, as the default is "enabled=auto"
/ip /smb /set enabled=yes

Now check for results: 

  • Check general service settings:
Code Block
languageros
[admin@MikroTik] /ip smb> /smb/print 
      enabled: yes
       domain: MSHOME
      comment: MikrotikSMB
 allow-guests: yes
   interfaces: all
  • SMB user settings:
Code Block
languageros
[admin@MikroTik] /ip smb> smb/users /print 
Flags: *X - default,DISABLED; X* - disabledDEFAULT; 
#r - READ-ONLY
Columns: NAME, NAMEPASSWORD
#     NAME    PASSWORD      READ-ONLY
0 X*r  guest                      yes 
1     mtuser       mtpasswd      no
  • And finally SMB shares settings:
Code Block
languageros
[admin@MikroTik] /ip smb> share /smb/shares/print
Flags: X - disabled,DISABLED; I* - DEFAULT
Columns: inactiveNAME, *DIRECTORY, REQUIRE- default ENCRYPTION
#    NAME                   DIRECTORY        MAX-SESSIONS
0  * REQUIRE-ENCRYPTION
;;; default share
0  X*   pub     /pub            no  /pub              10
1    backup                /backup           10no

Now, additional configuration changes can be done, like disabling the default user and share, etc.