Creating an SMB location for Amazon DataSync - Amazon DataSync
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Creating an SMB location for Amazon DataSync

A location is an endpoint for a Server Message Block (SMB) file server, which can be hosted on-premises. Amazon DataSync can use the location as a source or destination for copying data.

Accessing SMB file servers

DataSync connects to your file server using the SMB protocol and authenticates with credentials that you provide it.

Supported SMB protocol versions

By default, DataSync automatically chooses a version of the SMB protocol based on negotiation with your SMB file server.

You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically. See the following table for a list of options in the DataSync console and API:

Console option API option Description
Automatic

AUTOMATIC

DataSync and the SMB file server negotiate a protocol version that they mutually support. (DataSync supports SMB versions 2.1.0 and later.)

This is the default and recommended option. If you instead choose a specific version that your file server doesn't support, you may get an Operation Not Supported error.

SMB3

SMB3

Restricts the protocol negotiation to only SMB version 3.0.2.

SMB2

SMB2

Restricts the protocol negotiation to only SMB version 2.1.0.

Required permissions

DataSync needs a user who has permission to mount and access your SMB location. This can be a local user on your Windows file server or a domain user that's defined in your Microsoft Active Directory.

To set object ownership, DataSync requires the SE_RESTORE_NAME privilege, which is usually granted to members of the built-in Active Directory groups Backup Operators and Domain Admins. Providing a user to DataSync with this privilege also helps ensure sufficient permissions to files, folders, and file metadata, except for NTFS system access control lists (SACLs).

Additional privileges are required to copy NTFS system access control lists (SACLs). Specifically, this requires the Windows SE_SECURITY_NAME privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. To learn more about configuring a task to copy SACLs, see Managing how Amazon DataSync transfers files, objects, and metadata.

When you copy data between an SMB file server and Amazon FSx for Windows File Server file system, the source and destination locations must belong to the same Microsoft Active Directory domain or have an Active Directory trust relationship between their domains.

Creating the location

Before you begin, you need an existing SMB file server where you plan to copy data.

To create an SMB location by using the console
  1. Open the Amazon DataSync console at https://console.amazonaws.cn/datasync/.

  2. In the left navigation pane, choose Locations, and then choose Create location.

  3. For Location type, choose Server Message Block (SMB).

    You configure this location as a source or destination later.

  4. For Agents, choose one or more DataSync agents that you want to connect to your SMB file server.

    If you choose more than one agent, make sure you understand using multiple agents for a location.

  5. For SMB Server, enter the Domain Name System (DNS) name or IP address of the SMB file server that your DataSync agent will mount.

    Note

    You can't specify an IP version 6 (IPv6) address.

  6. For Share name, enter the name of the share exported by your SMB file server where DataSync will read or write data.

    You can include a subdirectory in the share path (for example, /path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.

    To copy all the data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Required permissions.

  7. (Optional) Expand Additional settings and choose an SMB Version for DataSync to use when accessing your file server.

    By default, DataSync automatically chooses a version based on negotiation with the SMB file server. For information, see Supported SMB protocol versions.

  8. For User, enter a user name that can mount your SMB file server and has permission to access the files and folders involved in your transfer.

    For more information, see Required permissions.

  9. For Password, enter the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer.

  10. (Optional) For Domain, enter the Windows domain name that your SMB file server belongs to.

  11. (Optional) Choose Add tag to tag your SMB location.

    Tags are key-value pairs that help you manage, filter, and search for your locations.

  12. Choose Create location.