...
Sub-menu: /ip smb
Packages required: system
SMB 1.0 server provides file sharing access to configured folders of the router.
Note |
---|
RouterOS only supports SMB2.1 SMB3.0, SMB3.1.1 dialects (. SMB1 is not supported due to security vulnerabilities). |
Server settings
Property | Description |
---|
comment (string; Default: MikrotikSMB) | Set comment for the server |
domain (string; Default: MSHOME) | Name of Windows Workgroup |
enabled (yes | no | auto Default: auto) | The default value is 'auto.' This means that the SMB server will automatically be enabled when the first non-disabled SMB share is configured under '/ip smb share' |
interface (string; Default: all) | List of interfaces on which SMB service will be running. all - SMB will be available on all interfaces. |
...
Property | Description |
---|
comment (string; Default: default share) | Set a comment for the share |
disabled (yes | no; Default: no) | If disabled, the share will not be accessible. |
valid-users (list of strings; | Default:) | Specifies which users are allowed to access the Samba share. If it is left empty, all users will be able to access the share, once user or users are defined here, only they will be able to access the share |
invalid-users (list of strings; | Default: ) | Used to specify users who are explicitly denied access to the Samba share. |
require-encryption (yes | no; Default: no) | Enforces the use of encryption for all connections to a particular Samba share |
name (string; Default: ) | Name of the SMB share |
directory (string; Default: ) | Directory on router assigned to SMB share. If left empty value of the name argument will be used from the root folder. |
...
Code Block |
---|
|
/ip smb user /smb/users/add read-only=no name=mtuser password=mtpasswd |
Code Block |
---|
|
/ip /smb share add /shares/add directory=backup name=backup |
Code Block |
---|
|
#this step is optional, as the default is "enabled=auto"
/ip /smb /set enabled=yes |
Now check for results:
- Check general service settings:
Code Block |
---|
|
[admin@MikroTik] /ip smb> /smb/print
enabled: yes
domain: MSHOME
comment: MikrotikSMB
allow-guests: yes
interfaces: all |
Code Block |
---|
|
[admin@MikroTik] /ip smb> smb/users /print
Flags: *X - default,DISABLED; X* - disabledDEFAULT;
#r - READ-ONLY
Columns: NAME, NAMEPASSWORD
# NAME PASSWORD READ-ONLY
0 X*r guest yes
1 mtuser mtpasswd no |
- And finally SMB shares settings:
Code Block |
---|
|
[admin@MikroTik] /ip smb> share /smb/shares/print
Flags: X - disabled,DISABLED; I* - DEFAULT
Columns: inactiveNAME, *DIRECTORY, REQUIRE- default ENCRYPTION
# NAME DIRECTORY MAX-SESSIONS
0 * REQUIRE-ENCRYPTION
;;; default share
0 X* pub /pub no /pub 10
1 backup /backup 10no |
Now, additional configuration changes can be done, like disabling the default user and share, etc.