A few days ago,  I posted an article about creating a hidden share on a Mac server. Well, apparently, with Apple, from version 10.5.8 to version 10.6.x, the way things work actually changed. What a shocker! ok.. sarcasm aside.. Here’s what happened.

In OS 10.5.8, there used to be a file in /var/samba/shares, that can be renamed with a “$” sign in the end, to make an existing share hidden.

In OS 10.6.2 and above, that “shares” directory just disappeared, and therefore my idea about creating hidden shares with this method became obsolete.

So, I went back out there googling for a solution. Unfortunately, not at a single forum I went, did I find any one dealing with this issue. (strange?), so I started digging in Samba documents in order to see if I can somehow have a workaround in the Samba configuration to allow the hidden shares to show up.

Here’s what I found:

Samba, in Snow Leopard, keeps its configuration in /var/db/samba. The file is that is of interest, is the /var/db/samba/smb.shares. In Traditional configurations of Samba, these shares get their configs from smb.conf, however, in this situation, smb.shares is the file needed.

So, let’s put down the scenario I was in and how I resolved it:

The Snow Leopard server was the SMB server for home folders, for both Mac workstations, as well as Windows workstations. The home folders for the Mac was at the following path: /Volumes/StudentData/User/Students

The SMB share from within the OS X GUI was pointing exactly at that path, and was shared as a non-hidden share called: Students. When creating the Mac home folders, this is the path that gets looked at, and gets the users’ home folder. Thats a no brainer. However, when Windows workstations need to map the home directory, they need a different path, mostly because my Windows infrastructure is standardized to the format of: \\servername\user$\students.

From the GUI, as far as I know, it’s impossible to create a separate share point to the same physical path. However, in SMB it’s possible. Unfortunately, this was not the only challenge, because, even if it was possible to create multiple share points within the GUI, there is no way to make it a hidden share.

So the idea is to create a config file in SMB that will do what we need.

Caution: The file we’re going to change is going to have a warning on top that says: # This file is automatically generated, DO NOT EDIT!  . This is nothing to worry about it in this case, as long as you are aware that this statement is actually TRUE! meaning, if you go back to the GUI, and modify any of the shares, this file is going to revert to its default, overwriting any changes you made outside of the GUI. So consider yourself warned, and make sure that you keep your changes somewhere that you can restore after you make modifications to GUI share points. 

Edit the file: /var/db/samba/smb.shares

For the configuration above, the file would look something like this:

#
# Configuration options for smbd(8), nmbd(8) and winbindd(8).
#
# This file is automatically generated, DO NOT EDIT!
#
[Students]
comment = Students
path = /Volumes/StudentData/User$/Students

available = yes
guest ok = yes
inherit permissions = yes
create mask = 0644
directory mask = 0755
oplocks = yes
strict locking = 1
read only = no
Browseable = yes
[global]

In order to add the hidden share to be accessible via \\servername\user$
we’ll add the following section, before the [global] section.

[User$]
comment = Users
path = /Volumes/StudentData/User$
available = yes
guest ok = yes
inherit permissions = yes
create mask = 0644
directory mask = 0755
oplocks = yes
strict locking = 1
read only = no
Browseable = no

[global]

What we have effectively done in this case, is create a share that is non-browseable for Samba (by setting the “Browseable = no” argument.), and naming the share User$, which is what Windows refers to hidden shares as. By combining the way both OS’s understand hidden shares, we have satisfied all the requirements needed or both Mac home folders, as well as PC shares, that no longer have to comply with the exact nomenclature that OS X pins us down to. (Take that Apple!!)
Make sure to restart SMB on the OS X server anytime you make change.

Print Friendly
Subscribe By Email for Updates.