windows_smb
Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x
- Puppet >= 5.5.0 < 9.0.0
Start using this module
Add this module to your Puppetfile:
mod 'rychannel-windows_smb', '1.0.3'
Learn more about managing modules with a PuppetfileDocumentation
windows_smb
Module for puppet that can be used to create and manage windows SMB shares, and set various configuration options for SMB server / client settings on a windows system.
Very unrestricted limits on settings, I tried to find absolute min/max values for the settings for windows_smb::manage_smb_server_config
and window_smb::manage_smb_client_config
.
Stayed away from settings like forcing digital signing etc. as these tend to be managed via group policy.
That's kind of a thing in puppet on windows, you find yourself moving towards replacing things done with GPO. If people want it, I'll add it. It is good to reduce infrastructure config to state declaration code. However, we need to make that transition smooth for admins and not be invasive.
N.B.: not making resources depend upon a PowerShell version check - this has been tested OK with version 4 and 5. Upgrade your Windows Management Framework to 4.0 or higher if you run into bother on old OS.
tested on: server 2012R2 OK (PS 4), win 10 enterprise OK (PS 5)
Module Usage
Only supports windows OS - windows_smb::manage_smb_share
only supports windows feature 'FS-BranchCache' where it exists but does NOT restrict attempted auto-install of 'FS-BranchCache feature' - module resources will fail due to dependency if for some reason the windows feature is unavailable for install or the system does not support ps commandlet 'add-windowsfeature'.
Example Use
node 'my_file_server.corp.blah.moo' {
include 'my_smb_file_shares'
}
class my_smb_file_shares {
#module will NOT ensure share target directory on file system exists, make sure it does and require it in windows_smb::manage_smb_share resource instance
file { 'c:\temp1': ensure => directory, }
windows_smb::manage_smb_share { 'testshare':
smb_share_directory => 'c:\temp1',
ensure => present,
smb_share_comments => 'puppet generated smb share test',
smb_share_concurrent_user_limit => 0,
smb_share_cache => 'None',
smb_share_encrypt_data => false,
smb_share_folder_enum_mode => 'AccessBased',
smb_share_temporary => true,
smb_share_access_full => ['corp.blah.moo\user0', 'local_admin','user1@corp.blah.moo'],
smb_share_access_change => ['corp\domain admins'],
smb_share_access_read => [],
smb_share_access_deny => [],
smb_share_autoinstall_branchcache => false,
require => File['c:\temp1'],
}
#with defaults - note ensure is assumed => 'present'
windows_smb::manage_smb_share { 'testshare1':
smb_share_directory => 'c:\temp1',
smb_share_access_full => ['Everyone'],
require => File['c:\temp1'],
}
#server smb config settings example - note the 'title' / resource name isn't used in class
#note that cannot set ensure to 'absent' as many of these settings REQUIRED for os to function properly - set ensrue => 'default' to reset to defaults
windows_smb::manage_smb_server_config{$::clientcert:
ensure => present,
smb_server_asynchronous_credits => 1024,
smb_server_smb2_credits_min => 1024,
smb_server_smb2_credits_max => 16384,
smb_server_max_threads_per_queue => 64,
smb_server_treat_host_as_stable_storage => true,
smb_server_max_channel_per_session => 32,
smb_server_additional_critical_worker_threads => 20,
smb_server_additional_delayed_worker_threads => 20,
smb_server_ntfs_8dot3_name_creation => 'disabled',
smb_server_ntfs_disable_last_access_update => true,
}
# reset server config settings to defaults
# windows_smb::manage_smb_server_config{$::clientcert: ensure => default,}
windows_smb::manage_smb_client_config{$::clientcert:
ensure => 'present',
smb_client_connection_count_per_interface => 16,
smb_client_connection_count_per_rss_interface => 16,
smb_client_connection_count_per_rdma_interface => 16,
smb_client_connection_count_per_server_max => 64,
smb_client_dormant_Directory_timeout_seconds => 500,
smb_client_directory_cache_lifetime_seconds => 15,
smb_client_dormant_file_limit => 4096,
smb_client_directory_cache_entry_size_max_bytes => 65580,
smb_client_file_not_found_cache_lifetime_seconds => 5,
smb_client_file_not_found_cache_entries_max => 2048,
smb_client_file_info_cache_lifetime_seconds => 5,
smb_client_file_info_cache_entries_max => 1024,
smb_client_enable_bandwidth_throttling => false,
smb_client_enable_large_mtu => false,
smb_client_enable_byte_range_locking_read_only_files => false,
smb_client_enable_multichannel => false,
smb_client_extended_session_timeout_seconds => 999,
smb_client_keep_connection_seconds => 555,
smb_client_max_commands => 8192,
smb_client_oplocks_disabled => true,
smb_client_session_timeout_seconds => 45,
smb_client_use_opportunistic_locking => false,
smb_client_window_size_threshold => 16
}
# reset client config settings to defaults
# windows_smb::manage_smb_client_config{$::clientcert: ensure => default,}
}
#windows_smb::manage_smb_share
THIS MODULE DOES NOT SUPPORT CLUSTERED SHARES UNDER CAFS
##windows_smb::manage_smb_share
parameters
####ensure
Set the ensure state of the smb share. string.
- 'present': will ensure the share exists and is set as desired
- 'absent','purge': 'absent' / 'purge' will remove the share by share name on the system applying windows_smb::manage_smb_share
default value: 'present'
####smb_share_directory
Set this to the fully qualified path to share as string. Note that this class will NOT ensure that the target file system path for share assurance is present. Doing so would be invasive coding.
Create a File resource for the directory to be shared and make the windows_smb::manage_smb_share
instance dependent upon it. this is shown in the example above.
####smb_share_comments
Set string to put as comments on the share (description)
default value: 'puppet generated smb share'
####smb_share_concurrent_user_limit
Set the Uint32 desired concurrent user limit on the share being managed.
valid integer range: 0 - 4294967295 --- Setting 0 will result in there not being a share enforced restriction on concurrent user limit.
default value: 0
####smb_share_cache
Set to one of the valid string options 'None', 'Manual', 'Programs', 'Documents', 'BrancheCache'.
- None: Prevents users from storing documents and programs offline.
- Manual: Allows users to identify the documents and programs that they want to store offline.
- Programs: Automatically stores documents and programs offline.
- Documents: Automatically stores documents offline.
- BranchCache: Enables BranchCache and manual caching of documents on the shared folder.
default value: 'None'
###smb_share_encrypt_data
Set bool to indicate if the share utilizes encrytion.
default value: false
###smb_share_folder_enum_mode
Set string to specify which files and folders in the SMB share will be visible to the users.
- 'AccessBased': SMB will not the display the files and folders for a share to a user unless that user has rights to access the files and folders. Via PowerShell, access-based enumeration is disabled by default for new SMB shares. This is NOT true for this module.
- 'Unrestricted': SMB will display files and folders to a user even when the user does not have permission to access those items.
default value: 'AccessBased'
###smb_share_temporary
Set bool to indicate whether share will persist past system reboot:
- true: share will NOT persist past system reboot. The share is temporary.
- false: share is permanent and will persist past system reboot.
default value: false
##share permissions params
N.B. Module does NOT support share creation with no permissions whatsoever. If all permissions params are []
(empty array) will cause catalog failure due to resource where that implementation exists.
N.B. CANNOT set permissions entries for user to multiple permission types on a share - i.e. user1 may not have both 'full' and 'change' assignments. It is not like ACEs at the file system level. Can only be in one place. Puppet DSL logic will attempt to reject a configuration made in this way and if somehow slips through the resource create would fail. if resource exists permissions check would also fail as change in permissions results in share removal and recreate.
N.B. UPN limitation in that it much match the user domain - so user@corp.moo would not work if user domain was user@corp.blah.moo
N.B. permissions return with powershell 'GetSmbAccess' returns object array with UNQUALIFIED domain name as string - cannot accurately resolve scenarion where assigning permissions over trust - e.g. assign permissions for user0@corp.blah.moo AND user0@corp.foo.toyou UNTESTED and may not work
- can use local account unqualified, domain\username or user UPN
###smb_share_access_full
string array of users / groups to grant 'full' access permissions to at the smb share level (THIS IS NOT FILE PERMISSIONS ON DISK).
- e.g. ['domain\user0', 'local_admin','user1_upn@domain.blah.moo']
default value: [] <<<< EMPTY (STRING) ARRAY
###smb_share_access_change
string array of users / groups to grant 'change' access permissions to at the smb share level (THIS IS NOT FILE PERMISSIONS ON DISK)
- e.g. ['domain\user1', 'local_admin_0','user2_upn@domain.blah.moo']
default value: [] <<<< EMPTY (STRING) ARRAY
###smb_share_access_read
string array of users / groups to grant 'read' access permissions to at the smb share level (THIS IS NOT FILE PERMISSIONS ON DISK)
- e.g. ['domain\user2', 'local_admin_1','user3_upn@domain.blah.moo']
default value: [] <<<< EMPTY (STRING) ARRAY
###smb_share_access_deny
string array of users / groups to set 'deny' access permissions to at the smb share level (THIS IS NOT FILE PERMISSIONS ON DISK)
- e.g. ['domain\user3', 'local_admin_2','user4_upn@domain.blah.moo']
default value: [] <<<< EMPTY (STRING) ARRAY
###smb_share_autoinstall_branchcache
set boolean true to attempt to auto-install windows feature 'FS-BranchCache' if available to system via PowerShell 'Add-WindowsFeature'. Does not ensure state of windows feature via another resource type - it is an exec based get / set. So safe to use if ensure 'FS-BranchCache' as windows feature elsewhere in catalog.
Share creation made dependent on this exec resource if this param 'true' to ensure proper fail if not available for install and cannot install.
N.B. use in conjunction with smb_share_cache => 'BranchCache'
if set to true, otherwise not relevant and will not execute.
N.B. can use smb_share_cache => 'BranchCache'
WITHOUT using smb_share_autoinstall_branchcache' => true
- it just won't consider windows feature 'FS-BranchCache' presence - caller in this case responsible for it being there
default value: false
#windows_smb::manage_smb_server_config
##windows_smb::manage_smb_server_config
parameters
Sensible caps on resource params are not implemented. You may tweak up to the maximum allowed value and it is assumed you will research impact on system performance / viability to serve. Good luck, have fun!
###Resource 'Name' / 'Title' is irrelivent - suggest set to $::fqdn
or $::clientcert
as in example
Settings are global for the Windows machine the resource is applied against. For sanity, suggest naming resource $::fqdn
or $::clientcert
####ensure
Set the ensure state of the smb share. string.
- 'present': will ensure the smb server config exists and is set as desired
- 'default': 'default' will reset node values to sensible OS defaults. These may or may not be the most optimal for node use case.
default value: 'present'
###smb_server_asynchronous_credits
Limits the number of concurrent asynchronous SMB commands that are allowed on a single connection. Some cases (such as when there is a front-end server with a back-end IIS server) require a large amount of concurrency (for file change notification requests, in particular). The value of this entry can be increased to support these cases.
default value: false
###smb_server_smb2_credits_min
Uint32. Allow the server to throttle client operation concurrency dynamically within the specified boundaries. Some clients might achieve increased throughput with higher concurrency limits, for example, copying files over high-bandwidth, high-latency links.
valid integer range: 1 - smb_server_smb2_credits_max
(theoretical max 4294967295)
default value: 512 << value may not be higher than smb_server_smb2_credits_max
tweaking notes: You can monitor SMB Client Shares\Credit Stalls /Sec to see if there are any issues with credits.
###smb_server_smb2_credits_max
Uint32. Allow the server to throttle client operation concurrency dynamically within the specified boundaries. Some clients might achieve increased throughput with higher concurrency limits, for example, copying files over high-bandwidth, high-latency links.
valid integer range: smb_server_smb2_credits_max
(theoretical min 1) - 4294967295
default value: 8192 << value may not be lower than smb_server_smb2_credits_min
tweaking notes: You can monitor SMB Client Shares\Credit Stalls /Sec to see if there are any issues with credits.
###smb_server_max_threads_per_queue
Uint32. Increasing this value raises the number of threads that the file server can use to service concurrent requests. When a large number of active connections need to be serviced, and hardware resources, such as storage bandwidth, are sufficient, increasing the value can improve server scalability, performance, and response times.
valid integer range: 1 - 4294967295
default value: 20
###smb_server_treat_host_as_stable_storage
bool. Set true to disables processing write flush commands from clients. If the value of this param is true, the server performance and client latency for power-protected servers can improve. Workloads that resemble the NetBench file server benchmark benefit from this behavior.
default value: false
tweaking notes: Note that if you have a clustered file server, it is possible that you may experience data loss if the server fails with this setting enabled. Therefore, evaluate it carefully prior to applying it. THIS MODULE DOES NOT SUPPORT CLUSTERED SHARES UNDER CAFS
###smb_server_max_channel_per_session
Uint32. Specifies the maximum channels per session.
valid integer range: 1 - 4294967295
default value: 32
tweaking notes: 64 / 128 didn't seem to explode a file server under load, seems a good starting point
###smb_server_max_session_per_connection
Uint32. Specifies the maximum sessions per connection.
valid integer range: 1 - 4294967295
default value: 16384
##Additional work threads At system startup, Windows creates several server threads that operate as part of the System process. These are called system worker threads. They exist with the sole purpose of performing work on the behalf of other threads generated by the kernel, system device drivers, the system executive and other components. When one of these components puts a work item in a queue, a thread is assigned to process it. The number of system worker threads should ideally be high enough to accept work tasks as soon as they become assigned. The trade off, of course, is that worker threads sitting idle consume system resources unnecessarily.
###smb_server_additional_critical_worker_threads
Uint32. The AdditionalCriticalWorkerThreads value increases the number of critical worker threads created for a specified work queue. Critical worker threads process time-critical work items and have their stack present in physical memory at all times. An insufficient number of threads will reduce the rate at which time-critical work items are serviced; a value that is too high will consume system resources unnecessarily.
The default is 0, which means that no additional critical kernel worker threads are added. This value affects the number of threads that the file system cache uses for read-ahead and write-behind requests. Raising this value can allow for more queued I/O in the storage subsystem, and it can improve I/O performance, particularly on systems with many logical processors and powerful storage hardware.
valid integer range: 0 - 4294967295
default value: 0
tweaking notes: The value may need to be increased if the amount of cache manager dirty data (performance counter Cache\Dirty Pages) is growing to consume a large portion (over ~25%) of memory or if the system is doing lots of synchronous read I/Os.
###smb_server_additional_delayed_worker_threads
Uint32. The AdditionalDelayedWorkerThreads value increases the number of delayed worker threads created for the specified work queue.
valid integer range: 0 - 4294967295
default value: 0
tweaking notes: Delayed worker threads process work items that are not considered time-critical and can have their memory stack paged out while waiting for work items. An insufficient number of threads will reduce the rate at which work items are serviced; a value that is too high will consume system resources unnecessarily.
###smb_server_ntfs_8dot3_name_creation
String equating to enum. When a long file name is created using the Windows NTFS file system, the default behavior may be (OS version dependent) to generate a corresponding short file name in the older 8.3 DOS file name convention for compatibility with older operating systems. This functionality can be disabled.
value values: [string] - numerics correspond to the raw registry value controlling this setting, which equate to an enum in practice
- '0' , 'enabled': 8.3 name creation is enabled
- '1' , 'disabled': 8.3 name creation is disabled
- '2' , 'per_volume': 8.3 name creation can be configured on a per volume basis
###smb_server_ntfs_disable_last_access_update
The default is 1 in newer Windows versions. In versions of Windows earlier than Windows Vista and Windows Server 2008, the default is 0.
default value: undef <<< don't know what OS is being run.
N.B.: ensure => 'default'
will set value to 1 - this will DISABLE last access timestamp updates.
valid values:
- true: DISABLE last access timestamp updates
- false: ENABLE last access timestamp updates
tweaking notes: A value of 0 can reduce performance because the system performs additional storage I/O when files and directories are accessed to update date and time information.
#windows_smb::manage_smb_client_config
Avoided EnableInsecureGuestLogons
as only available windows 10 / server 2016 and documentation I found simply says 'TBD'. so no.
Avoided EnableLoadBalanceScaleOut
- I do not know enough about impact of this. Tell me and I'll add it.
Avoided RequireSecuritySignature
- typically options for client/server digital signing / encryption handled in organization via GPO. Yes, we can replace a lot of whats going on there with puppet code but at this time I deem that invasive to the Windows OS platform as typically managed in an enterprise.
Manage smb client settings on node. suggest name resource like so for sanity across your catalog: windows_smb::manage_smb_client_config{$::clientcert: ensure => present, ...}
##windows_smb::manage_smb_client_config
parameters
Sensible caps on resource params are not implemented. You may tweak up to the maximum allowed value and it is assumed you will research impact on system performance / viability to serve. Good luck, have fun!
####ensure
Set the ensure state of the smb share. string.
- 'present': will ensure the smb client config exists and is set as desired
- 'default': 'default' will reset node values to sensible OS defaults. These may or may not be the most optimal for node use case.
default value: 'present'
###smb_client_connection_count_per_interface
Uint32. Specifies the maximum connections per interface to be established with a smb server running Windows Server for non-RSS interfaces.
valid integer range: 1 - 16
default value: 1
###smb_client_connection_count_per_rss_interface
Uint32. Specifies the maximum connections per rss interface to be established with a server running Windows Server 2012 for RSS interfaces.
valid integer range: 1 - 16
default value: 4
###smb_client_connection_count_per_rdma_interface
Uint32. Specifies the maximum connections per rss interface to be established with a server running Windows Server 2012 for RDMA interfaces.
valid integer range: 1 - 16
default value: 2
###smb_client_connection_count_per_server_max
Uint32. Specifies the maximum number of connections to be established with a single smb server running Windows across all interfaces.
valid integer range: 1 - 64
default value: 32
###smb_client_dormant_directory_timeout_seconds
Uint32. Specifies the maximum time server directory handles held open with directory leases.
valid integer range: 0 - 4294967295
default value: 600
###smb_client_directory_cache_lifetime_seconds
Uint32. Specifies the directory cache timeout. This parameter controls caching of directory metadata in the absence of directory leases.
valid integer range: 0 - 4294967295
default value: 10
###smb_client_dormant_file_limit
Uint32. Specifies the maximum number of files that should be left open on a shared resource after the application has closed the file.
valid integer range: 1 - 4294967295
default value: 1023
###smb_client_directory_cache_entry_size_max_bytes
Uint32. in bytes. Specifies the maximum size of directory cache entries. The default is 64KB. Can be increased to max of 16MB.
valid integer range: 65536 - 16777216
default value: 1023
tweaking notes: try 16777216
###smb_client_directory_cache_entries_max
Uint32. in bytes. Specifies the amount of directory information that can be cached by the client. Increasing the value can reduce network traffic and increase performance when large directories are accessed.
valid integer range: 1 - 4096
default value: 16
tweaking notes: recommend set to 4096 - ref: https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx
###smb_client_file_not_found_cache_lifetime_seconds
Uint32. in bytes. Specifies the amount of directory information that can be cached by the client. Increasing the value can reduce network traffic and increase performance when large directories are accessed.
valid integer range: 0 - 4294967295
default value: 5
tweaking notes: try increase, e.g. 10 or more, use with smb_client_file_not_found_cache_entries_max
###smb_client_file_not_found_cache_entries_max
Uint32. Specifies the amount of file name information that can be cached by the client. Increasing the value can reduce network traffic and increase performance when a large number of file names are accessed.
valid integer range: 1 - 65536
default value: 128
tweaking notes: try increase, use with smb_client_file_not_found_cache_lifetime_seconds
- suggest 32768 - ref: https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx
###smb_client_file_info_cache_lifetime_seconds
Uint32. The file information cache timeout period.
valid integer range: 0 - 4294967295
default value: 10
tweaking notes: try increase, 15 or more. use with smb_client_file_info_cache_entries_max
###smb_client_file_info_cache_entries_max
Uint32. Specifies the amount of file metadata that can be cached by the client. Increasing the value can reduce network traffic and increase performance when a large number of files are accessed.
valid integer range: 1 - 65536
default value: 64
tweaking notes: suggest 32768 - ref: https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx
###smb_client_enable_bandwidth_throttling
bool. the SMB redirector throttles throughput across high-latency network connections, in some cases to avoid network-related timeouts. Setting this param to false may result in higher file transfer throughput over high-latency network connections.
valid values:
- true: ENABLE bandwidth throttling
- false: DISABLE bandwidth throttling
default value: true
tweaking notes: suggest false - ref: https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx
###smb_client_enable_large_mtu
bool. if enabled (true) the SMB redirector transfers payloads as large as 1 MB per request, which can improve file transfer speed. if disabled, limited to 64 KB.
valid values:
- true: ENABLE large MTU
- false: DISABLE large MTU
default value: true
###smb_client_enable_byte_range_locking_read_only_files
bool. Controls whether byte-range locking is enabled on read-only files.
valid values:
- true: ENABLE byte-range locking on read-only files
- false: DISABLE byte-range locking on read-only files
default value: true
###smb_client_enable_multichannel
bool. Enable or disable the use of multiple physical network interfaces.
valid values:
- true: ENABLE use of multiple physical network interfaces
- false: DISABLE use of multiple physical network interfaces
default value: true
###smb_client_extended_session_timeout_seconds
Uint32. extended session timeout in seconds.
valid integer range: 0 - 4294967295
default value: 1000
###smb_client_keep_connection_seconds
Uint32. How long to keep an smb session open.
valid integer range: 0 - 4294967295
default value: 600
###smb_client_max_commands
Uint32. Specifies the maximum number of network control blocks that the redirector can reserve. The value of this entry coincides with the number of execution threads that can be outstanding simultaneously.
valid integer range: 0 - 4294967295
default value: 50
###smb_client_oplocks_disabled
bool. set this true if opportunistic locking is to be disabled. See smb_client_use_opportunistic_locking
. did not mask this setting into one thing as want to expose as much as possible raw in this module.
valid values:
- true: DISABLE use of opportunistic locking
- false: ENABLE use of opportunistic locking
default value: false
tweaking notes: I don't know what you want to do as a devops person / admin / engineer / architect / whatever we're called today; so you're getting both setting exposed and are not locked to setting both in tandem. Though this is suggested. see smb_client_use_opportunistic_locking
###smb_client_use_opportunistic_locking
Controls whether the opportunistic-locking (oplock) performance enhancement is enabled. If true, the redirector requests an opportunistic lock on any file opened in "Deny None" mode. As a result, the server performs automatic read-ahead and write-behind caching on behalf of the redirector.
valid values:
- true: ENABLE use of opportunistic locking
- false: DISABLE use of opportunistic locking
default value: true
tweaking notes: there may be interference if this is used in certain scenarios but for general use (and os default) sounds like a good idea to use. leave smb_client_oplocks_disabled
not specified as a param or specify false for smb_client_oplocks_disabled
if you want op locking ON.
###smb_client_session_timeout_seconds
Uint32. The number of seconds that the client waits before disconnecting an inactive session.
valid integer range: 10 - 65535
default value: 60
###smb_client_window_size_threshold
Uint32. The minimum window size before Multichannel will trigger the use of multiple connections.
valid integer range: 10 - 65535
default value: 1
tweaking notes: The default value is 1 for Windows Server operating systems and 8 for Windows client operating systems. This module uses 1 as default. It won't kill the workstation and is what server wants.
References
Set-SmbShare documentation: https://technet.microsoft.com/en-us/%5Clibrary/jj635727(v=wps.630).aspx
Set-SmbServerConfiguration: https://technet.microsoft.com/en-us/library/jj635714(v=wps.630).aspx
Performance Tuning for File Servers: https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx
Optimizing Operating System Performance: https://msdn.microsoft.com/en-us/library/cc615012(v=bts.10).aspx
CIFS and SMB Timeouts in Windows: https://blogs.msdn.microsoft.com/openspecification/2013/03/19/cifs-and-smb-timeouts-in-windows/
SetConfiguration method of the MSFT_SmbClientConfiguration class: https://msdn.microsoft.com/en-us/library/hh830477(v=vs.85).aspx
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
Changed
- Configure windows_smb::manage_smb_server_config and windows_smb::manage_client_config to classes from types
[1.0.3] - 2024-4-08
Changed
- Re-added support for PUppet 5.5
[1.0.2] - 2024-4-03
Changed
- Removed additional validate_string functions that were found
[1.0.1] - 2024-4-02
Changed
- Modified Author in CHANGELOG
- Modified Puppet minimum version requirement as I can't test on lower Puppet versions
- Updated module to be compatible with PDK 3.0.1
Note: No functionality has been changed or fixed since the 1.0.0 version. No need to upgrade if on v1.0.0.
[1.0.0] - 2024-4-02
Addded
- Data types to Class Parameters
- Docuemntation for Class Parameters
Changed
- Start using Semantic Versioning
- Updated CHANGELOG format
- Forked project from karmabeast/windows_smb
- Moved current init class to examples/example.pp becuase it doesn't seem to be code that should be used in production.
Removed
- Remove references to deprecated validate functions
[0.4.4] - 2023-9-13
Changed
- Converted Module to use PDK 1.13
[0.4.3] - 2019-09-13
Fixed
- incorporate PR from skyrawrcode - vars were not properly initialized in share mgmt class, would cause issue when not populated via params.
[0.4.2] - 2017-05-03
Fixed
- needing this one again... fixed some bad client settings stuff for oplocks which doesnt seem to exist in 2016 at the very least...
[0.4.1] - 2016-04-26
Changed
- NOTE NEW DEPENDENCY ON
puppetlabs_registry
as of 0.4.0 - see metadata.json
FIXED
- incorrect code block placement for registry defaults in
windows_smb::manage_client_config
- would cause ensure => default resource create to fail, fixed. - doc typos fix
[0.4.0] - 2016-04-26
Changed
- NOTE NEW DEPENDENCY ON
puppetlabs_registry
- see metadata.json - complete rework of resources to manage
windows_smb::manage_client_config
andwindows_smb::manage_server_config
- now like 10x faster to apply due to direct reg mod and its providers direct interface with win APIs - significant optimization of
windows_smb::manage_client_config
andwindows_smb::manage_server_config
[0.3.0] - 2016-04-13
Added
- added documentation for
windows_smb::manage_smb_client_config
. - improvements! many things for
managing smb client settings
on windows added - have fun! - many things for
managing smb client settings
on windows added
[0.2.0] - 2016-04-13
Added
- added documentation for
windows_smb::manage_smb_server_config
. - bug fixes
- improvements!
- added support for MaxSessionPerConnection control in
windows_smb::manage_smb_server_config
Fixed
- fixed validator of Uint32 for various params in
windows_smb::manage_smb_share
- was allowing out of range value.
Changed
- found defaults for
smb_server_max_channel_per_session
- removed defaulting toundef
for this param inwindows_smb::manage_smb_server_config
[0.1.3] - 2016-04-13
Added
- added smb server settings class and example in init, documentation to come.
windows_smb::manage_smb_server_config
safe to use.
[0.1.0] - 2016-04
Initial release - NOTE SUPPORT FOR SMB CLIENT AND SERVER SETTINGS NOT YET IMPLEMENTED - windows_smb::manage_smb_share
ok to use
Added
- added support for managing smb shares on windows systems
Dependencies
- puppetlabs/stdlib (>= 4.6.0 < 10.0.0)
- puppetlabs/powershell (>= 1.0.1 < 10.0.0)
- puppet/windowsfeature (>= 1.1.0 < 10.0.0)
- puppetlabs-registry (>= 1.0.3 < 10.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "{}" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright {yyyy} {name of copyright owner} Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.