Home » HP Manuals » Storage Devices » HP StorageWorks 4000s » Manual Viewer

HP StorageWorks 4000s NAS 4000s and 9000s Administration Guide - Page 134

Share Management, Share Considerations, Defining Access Control Lists

View all HP StorageWorks 4000s manuals

Add to My Manuals
Save this manual to your list of manuals

Page 134 highlights

Folder, Printer, and Share Management Share Management There are several ways to set up and manage shares. The WebUI provides screens for setting up and managing shares. Additional methods include using a command line interface, Windows Explorer, or NAS Management Console. This guide demonstrates using the WebUI to set up and manage shares. Note: The NAS 4000s and 9000s servers can be deployed in a clustered as well as a non-clustered configuration. This chapter discusses share setup for a non-clustered deployment. For information on managing file shares and printers in a cluster, see the Cluster Administration chapter. As previously mentioned, the file sharing security model of the NAS device is based on the NTFS file-level security model. Share security seamlessly integrates with file security. In addition to discussing share management, this section discusses share security. See "Managing File Level Permissions" earlier in this chapter for information on file security. Shares management topics include: ■ Share Considerations ■ Defining Access Control Lists ■ Integrating Local File System Security into Windows Domain Environments ■ Comparing Administrative and Standard Shares ■ Planning for Compatibility between File-Sharing Protocols ■ Managing Shares Share Considerations Planning the content, size, and distribution of shares on the NAS server can improve performance, manageability, and ease of use. The content of shares should be carefully chosen to avoid two common pitfalls: either having too many shares of a very specific nature or of having very few shares of a generic nature. For example, shares for general usage are easier to set up in the beginning, but can cause problems later. Frequently, a better approach is to create separate shares with a specific purpose or group of users in mind. However, creating too many shares also has its drawbacks. Take care to avoid creating shares unnecessarily. For example, if it is sufficient to create a single share for user home directories, create a "homes" share rather than creating separate shares for each user. By keeping the number of shares and other resources low, the performance of the NAS server is optimized. For example, instead of sharing out each individual user's home directory as its own share, share out the top level directory and let the users map personal drives to their own subdirectory. Defining Access Control Lists The Access Control List (ACL) contains the information that dictates which users and groups have access to a share, as well as the type of access that is permitted. Each share on an NTFS file system has one ACL with multiple associated user permissions. For example, an ACL can define that User1 has read and write access to a share, User2 has read only access, and User3 has no access to the share. The ACL also includes group access information that applies to every user in a configured group. ACLs are also referred to as permissions. 134 NAS 4000s and 9000s Administration Guide

Section	Page
Administration Guide	1
Table of Contents	3
About this Guide	13
Overview	14
Intended Audience	14
Prerequisites	14
Conventions	15
Document Conventions	15
Text Symbols	15
Equipment Symbols	16
Rack Stability	17
Getting Help	17
HP Technical Support	17
HP Storage Website	17
HP Authorized Reseller	17
Chapter 1, System Overview	19
Product Definition and Information	19
Server Hardware and Software Features	19
Product Manageability	19
Product Redundancy	20
Deployment Scenarios	21
Configuration Options for the NAS Server	21
NAS Server as a Single Device	22
NAS Server as a Clustered Pair	23
Multi Node Support Beyond Two Nodes	23
Connecting NAS Servers to the Network	23
NAS Server Single Device Deployment	24
NAS Server Cluster Deployment	25
Environment Scenarios	26
Workgroup	26
Domain	26
User Interfaces	27
NAS Server Web-Based User Interface	27
Menu Tabs	27
Welcome Screen Contents	28
NAS Server Desktop	29
NAS Management Console	30
NIC Team Setup	30
Chapter 2, Basic Administrative Procedures and Setup Completion	31
Basic Administrative Procedures	31
Setting the System Date and Time	32
Shutting Down or Restarting the Server	33
Viewing and Maintaining Audit Logs	34
Using Remote Desktop	35
Improper Closure of Remote Desktop	35
Setting up E-mail Alerts	36
Changing System Network Settings	37
Setup Completion	38
Activating the iLO Port Using the License Key	38
Setting up Ethernet NIC Teams (Optional)	38
Installing the HP Network Teaming Utility	39
Opening the HP Network Teaming Utility	40
Adding and Configuring NICs in a Team	41
Configuring the NIC Team Properties	44
Checking the Status of the Team	47
NIC Teaming Troubleshooting	48
Using Secure Path	48
Clustering the NAS Server	49
Managing System Storage	49
Creating and Managing Users and Groups	49
Creating and Managing File Shares	49
Chapter 3, Storage Management Overview	51
Storage Management Process	51
Storage Elements Overview	53
Physical Hard Drives	53
Arrays	53
Logical Drives (LUNs)	55
Fault-Tolerance Methods	56
RAID 0-Data Striping	56
RAID 1+0-Drive Mirroring and Striping	57
RAID 5-Distributed Data Guarding	58
RAID ADG-Advanced Data Guarding and RAID 5DP-Double Parity	59
Online Spares	61
Physical Storage Best Practices	61
Logical Storage Elements Overview	61
Partitions	61
Volumes	62
Utilizing Storage Elements	62
Volume Shadow Copy Service Overview	63
File System Elements	63
File-Sharing Elements	63
Clustered Server Elements	64
Chapter 4, Disk Management	65
WebUI Disks Tab	65
Storage Configuration Overview	67
Array Configuration Utility (MSA1000 and internal OS drives only)	69
Using the ACU to Configure Storage	69
ACU Guidelines	72
Managing Disks	73
Creating a New Volume via the WebUI	74
Advanced Disk Management	75
Guidelines for Managing Disks	76
Volumes Page	77
Managing Volumes	79
Dynamic Growth	80
Scheduling Defragmentation	84
Managing Disks After Quick Restore	85
Disk Quotas	87
Enabling Quota Management	87
Setting User Quota Entries	88
DiskPart	90
Example of using DiskPart	91
Chapter 5, Shadow Copies	93
Overview	93
Shadow Copy Planning	94
Identifying the Volume	94
Allocating Disk Space	94
Identifying the Storage Area	96
Determining Creation Frequency	96
Shadow Copies and Drive Defragmentation	97
Mounted Drives	97
Managing Shadow Copies	98
The Shadow Copy Cache File	99
Enabling and Creating Shadow Copies	101
Viewing a List of Shadow Copies	101
Set Schedules	102
Scheduling Shadow Copies	102
Deleting a Shadow Copy Schedule	102
Viewing Shadow Copy Properties	102
Disabling Shadow Copies	104
Managing Shadow Copies from the NAS Desktop	105
Shadow Copies for Shared Folders	106
SMB Shadow Copies	106
NFS Shadow Copies	107
Recovery of Files or Folders	108
Recovering a Deleted File or Folder	109
Recovering an Overwritten or Corrupted File	110
Recovering a Folder	110
Backup and Shadow Copies	110
Chapter 6, User and Group Management	111
Domain Compared to Workgroup Environments	111
User and Group Name Planning	112
Managing User Names	112
Managing Group Names	112
Workgroup User and Group Management	113
Managing Local Users	113
Adding a New User	114
Deleting a User	115
Modifying a User Password	116
Modifying User Properties	116
Managing Local Groups	117
Adding a New Group	118
Deleting a Group	118
Modifying Group Properties	119
Chapter 7, Folder, Printer, and Share Management	121
Folder Management	121
Navigating to a Specific Volume or Folder	122
Creating a New Folder	123
Deleting a Folder	124
Modifying Folder Properties	124
Creating a New Share for a Volume or Folder	125
Managing Shares for a Volume or Folder	126
Managing File Level Permissions	127
Share Management	134
Share Considerations	134
Defining Access Control Lists	134
Integrating Local File System Security into Windows Domain Environments	135
Comparing Administrative (Hidden) and Standard Shares	135
Planning for Compatibility between File Sharing Protocols	135
NFS Compatibility Issues	136
Managing Shares	136
Creating a New Share	136
Deleting a Share	137
Modifying Share Properties	138
Protocol Parameter Settings	141
DFS Protocol Settings	142
Deploying DFS	142
DFS Administration Tool	143
Accessing the DFS Namespace from other Computers	143
Setting DFS Sharing Defaults	144
Creating a Local DFS Root	144
Deleting a Local DFS Root	145
Publishing a New Share in DFS	146
Publishing an Existing Share in DFS	147
Removing a Published Share from DFS	147
Storage Management	148
Directory Quotas	148
Establishing Directory Quotas	149
File Screening	151
Storage Reports	152
Print Services	153
Configuring the Print Server	153
Removing the Print Server Role	155
Adding an Additional Printer	155
Adding Additional Operating System Support	156
Installing Print Services for UNIX	156
Chapter 8, Microsoft Services for NFS	157
Server for NFS	157
Authenticating User Access	157
Indicating the Computer to Use for the NFS User Mapping Server	158
Logging Events	159
Server for NFS Server Settings	160
Installing NFS Authentication Software on the Domain Controllers and Active Directory Domain Controllers	162
Understanding NTFS and UNIX Permissions	164
NFS File Shares	164
Creating a New Share	164
Deleting a Share	166
Modifying Share Properties	166
Anonymous Access to an NFS Share	168
Encoding Types	169
NFS Only	169
NFS Protocol Properties Settings	169
NFS Async/Sync Settings	170
NFS Locks	171
NFS Client Groups	173
Adding a New Client Group	174
Deleting a Client Group	174
Editing Client Group Information	175
NFS User and Group Mappings	176
Types of Mappings	176
Explicit Mappings	176
Simple Mappings	176
Squashed Mappings	177
User Name Mapping Best Practices	177
Creating and Managing User and Group Mappings	178
General Tab	178
Simple Mapping Tab	179
Explicit User Mapping Tab	180
Explicit Group Mapping Tab	181
Backing up and Restoring Mappings	183
Backing up User Mappings	183
Restoring User Mappings	183
Creating a Sample NFS File Share	184
Remote Desktop	186
Using Remote Desktop	186
Chapter 9, NetWare File System Management	187
Installing Services for NetWare	188
Managing File and Print Services for NetWare	190
Creating and Managing NetWare Users	191
Adding Local NetWare Users	191
Enabling Local NetWare User Accounts	192
Managing NCP Volumes (Shares)	193
Creating a New NCP Share	193
Modifying NCP Share Properties	195
Chapter 10, Cluster Administration	197
Cluster Overview	197
Multi Node Support Beyond Two Nodes	197
Cluster Terms and Components	198
Nodes	198
Resources	198
Virtual Servers	199
Failover	199
Quorum Disk	199
Cluster Concepts	200
Sequence of Events for Cluster Resources	200
Hierarchy of Cluster Resource Components	202
Cluster Planning	203
Storage Planning	203
Network Planning	204
Protocol Planning	205
Preparing for Cluster Installation	206
Before Beginning Installation	206
HP StorageWorks NAS Software Updates	206
Checklists for Cluster Server Installation	207
Network Requirements	207
Shared Disk Requirements	207
Cluster Installation	208
Setting Up Networks	208
Configure the Private Network Adapter	209
Configure the Public Network Adapter	209
Rename the Local Area Network Icons	209
Verifying Connectivity and Name Resolution	209
Verifying Domain Membership	209
Setting Up a Cluster User Account	209
About the Quorum Disk	209
Configuring Shared Disks	210
Verifying Disk Access and Functionality	210
Install Cluster Service Software	211
Creating a Cluster	211
Adding Nodes to a Cluster	212
Geographically Dispersed Clusters	214
HP Storage Works NAS Software Updates	214
Cluster Groups and Resources, including File Shares	214
Cluster Group Overview	215
Node Based Cluster Groups	215
Load Balancing	215
Cluster Resource Overview	216
File Share Resource Planning Issues	216
Resource Planning	216
Permissions and Access Rights on Share Resources	217
NFS Cluster Specific Issues	217
Non Cluster Aware File Sharing Protocols	218
Creating a New Cluster Group	218
Adding New Storage to a Cluster	219
Creating Physical Disk Resources	219
Creating File Share Resources	221
Setting Permissions for a SMB File Share	222
Creating NFS Share Resources	223
Setting Permissions for an NFS Share	224
Creating IP Address Resources	226
Creating Network Name Resources	227
Basic Cluster Administration Procedures	228
Failing Over and Failing Back	228
Restarting One Cluster Node	228
Shutting Down One Cluster Node	229
Powering Down the Cluster	229
Powering Up the Cluster	230
Shadow Copies in a Clustered Environment	231
Creating a Cluster Printer Spooler	231
Chapter 11, Remote Access Methods and Monitoring	233
Web Based User Interface	234
Remote Desktop	234
Integrated Lights-Out Port	234
Features	235
Security Features	235
Manage Users Feature	235
Manage Alerts Feature	236
Integrated Lights-Out Port Configuration	236
Using the Integrated Lights-Out Port to Access the NAS Server	237
Telnet Server	238
Enabling Telnet Server	238
Sessions Information	238
HP Insight Manager Version 7	238

Match case Limit results 1 per page

Folder, Printer, and Share Management

134

NAS 4000s and 9000s Administration Guide

Share Management

There are several ways to set up and manage shares. The WebUI provides screens for setting

up and managing shares. Additional methods include using a command line interface,

Windows Explorer, or NAS Management Console. This guide demonstrates using the WebUI

to set up and manage shares.

Note:

The NAS 4000s and 9000s servers can be deployed in a clustered as well as a

non-clustered configuration. This chapter discusses share setup for a non-clustered deployment. For

information on managing file shares and printers in a cluster, see the Cluster Administration

chapter.

As previously mentioned, the file sharing security model of the NAS device is based on the

NTFS file-level security model. Share security seamlessly integrates with file security. In

addition to discussing share management, this section discusses share security. See “Managing

File Level Permissions” earlier in this chapter for information on file security.

Shares management topics include:

■

Share Considerations

■

Defining Access Control Lists

■

Integrating Local File System Security into Windows Domain Environments

■

Comparing Administrative and Standard Shares

■

Planning for Compatibility between File-Sharing Protocols

■

Managing Shares

Share Considerations

Planning the content, size, and distribution of shares on the NAS server can improve

performance, manageability, and ease of use.

The content of shares should be carefully chosen to avoid two common pitfalls: either having

too many shares of a very specific nature or of having very few shares of a generic nature. For

example, shares for general usage are easier to set up in the beginning, but can cause problems

later. Frequently, a better approach is to create separate shares with a specific purpose or group

of users in mind. However, creating too many shares also has its drawbacks. Take care to avoid

creating shares unnecessarily. For example, if it is sufficient to create a single share for user

home directories, create a “homes” share rather than creating separate shares for each user.

By keeping the number of shares and other resources low, the performance of the NAS server

is optimized. For example, instead of sharing out each individual user's home directory as its

own share, share out the top level directory and let the users map personal drives to their own

subdirectory.

Defining Access Control Lists

The Access Control List (ACL) contains the information that dictates which users and groups

have access to a share, as well as the type of access that is permitted. Each share on an NTFS

file system has one ACL with multiple associated user permissions. For example, an ACL can

define that User1 has read and write access to a share, User2 has read only access, and User3

has no access to the share. The ACL also includes group access information that applies to

every user in a configured group. ACLs are also referred to as permissions.