Home » HP Manuals » Storage Devices » HP StorageWorks 4000s » Manual Viewer

HP StorageWorks 4000s NAS 4000s and 9000s Administration Guide - Page 158

Indicating the Computer to Use for the NFS User Mapping Server, Remote Desktop, NAS Management Console

View all HP StorageWorks 4000s manuals

Add to My Manuals
Save this manual to your list of manuals

Page 158 highlights

Microsoft Services for NFS Permissions are granted on a per-export basis; each export has its own permissions, independent of other exports on the system. For example, file system a can be exported to allow only the Accounting department access, and file system m can be exported allowing only the Management department access. If a user in Management needs access to the Accounting information, the A export permissions can be modified to let that one user's client machine have access. This modification does not affect other client access to the same export, nor does it allow the Management user or client access to other exports. After the client machine has permission to the export, the user logon affects file access. The client machine presents the UNIX user ID (UID) and group ID (GID) to the server. When the computer accesses a file, the UID and GID of the client are transferred to a Windows user ID and group ID by the mapping server. The ACLs of the file or directory object being requested are then compared against the mapped Windows login or group ID to determine whether the access attempt should be granted. Note: User credentials are not questioned or verified by the NFS server. The server accepts the presented credentials as valid and correct. If the NFS server does not have a corresponding UID or GID, or if the administrator has set other conditions to filter out the user, a process called squashing takes effect. Squashing is the conversion of an unknown or filtered user to an anonymous user. This anonymous user has very restricted permissions on the system. Squashing helps administrators manage access to their exports by allowing them to restrict access to certain individuals or groups and to squash all others down to restricted (or no) access. Squashing enables the administrator to allow permissions instead of denying access to all the individuals who are not supposed to have access. See "NFS User and Group Mappings" later in this chapter for specific information about creating and maintaining mappings. Indicating the Computer to Use for the NFS User Mapping Server During the processes of starting and installing the NAS server, the name localhost is assigned by default to the computer. It is assumed that the NAS server is the computer that will be used for user name mapping. If there are other mapping servers and a machine other than the localhost that will store user name mappings, the name of that computer must be indicated, as detailed below: 1. Use Remote Desktop to access the NAS Management Console, click File Sharing, Microsoft Services for Network File System. Click Settings. Figure 88 is an example of the Server for NFS user interface. 2. In the Computer name box of the user-mapping screen, type the name of the computer designated for user mapping and authentication. 3. Localhost is the computer name assigned by default on the NAS server. To control user mapping from a different computer, enter the name of that computer. Note: If a machine other than the localhost is to be used, make sure that the user name mapping service is installed and running on that machine. 158 NAS 4000s and 9000s Administration Guide

Section	Page
Administration Guide	1
Table of Contents	3
About this Guide	13
Overview	14
Intended Audience	14
Prerequisites	14
Conventions	15
Document Conventions	15
Text Symbols	15
Equipment Symbols	16
Rack Stability	17
Getting Help	17
HP Technical Support	17
HP Storage Website	17
HP Authorized Reseller	17
Chapter 1, System Overview	19
Product Definition and Information	19
Server Hardware and Software Features	19
Product Manageability	19
Product Redundancy	20
Deployment Scenarios	21
Configuration Options for the NAS Server	21
NAS Server as a Single Device	22
NAS Server as a Clustered Pair	23
Multi Node Support Beyond Two Nodes	23
Connecting NAS Servers to the Network	23
NAS Server Single Device Deployment	24
NAS Server Cluster Deployment	25
Environment Scenarios	26
Workgroup	26
Domain	26
User Interfaces	27
NAS Server Web-Based User Interface	27
Menu Tabs	27
Welcome Screen Contents	28
NAS Server Desktop	29
NAS Management Console	30
NIC Team Setup	30
Chapter 2, Basic Administrative Procedures and Setup Completion	31
Basic Administrative Procedures	31
Setting the System Date and Time	32
Shutting Down or Restarting the Server	33
Viewing and Maintaining Audit Logs	34
Using Remote Desktop	35
Improper Closure of Remote Desktop	35
Setting up E-mail Alerts	36
Changing System Network Settings	37
Setup Completion	38
Activating the iLO Port Using the License Key	38
Setting up Ethernet NIC Teams (Optional)	38
Installing the HP Network Teaming Utility	39
Opening the HP Network Teaming Utility	40
Adding and Configuring NICs in a Team	41
Configuring the NIC Team Properties	44
Checking the Status of the Team	47
NIC Teaming Troubleshooting	48
Using Secure Path	48
Clustering the NAS Server	49
Managing System Storage	49
Creating and Managing Users and Groups	49
Creating and Managing File Shares	49
Chapter 3, Storage Management Overview	51
Storage Management Process	51
Storage Elements Overview	53
Physical Hard Drives	53
Arrays	53
Logical Drives (LUNs)	55
Fault-Tolerance Methods	56
RAID 0-Data Striping	56
RAID 1+0-Drive Mirroring and Striping	57
RAID 5-Distributed Data Guarding	58
RAID ADG-Advanced Data Guarding and RAID 5DP-Double Parity	59
Online Spares	61
Physical Storage Best Practices	61
Logical Storage Elements Overview	61
Partitions	61
Volumes	62
Utilizing Storage Elements	62
Volume Shadow Copy Service Overview	63
File System Elements	63
File-Sharing Elements	63
Clustered Server Elements	64
Chapter 4, Disk Management	65
WebUI Disks Tab	65
Storage Configuration Overview	67
Array Configuration Utility (MSA1000 and internal OS drives only)	69
Using the ACU to Configure Storage	69
ACU Guidelines	72
Managing Disks	73
Creating a New Volume via the WebUI	74
Advanced Disk Management	75
Guidelines for Managing Disks	76
Volumes Page	77
Managing Volumes	79
Dynamic Growth	80
Scheduling Defragmentation	84
Managing Disks After Quick Restore	85
Disk Quotas	87
Enabling Quota Management	87
Setting User Quota Entries	88
DiskPart	90
Example of using DiskPart	91
Chapter 5, Shadow Copies	93
Overview	93
Shadow Copy Planning	94
Identifying the Volume	94
Allocating Disk Space	94
Identifying the Storage Area	96
Determining Creation Frequency	96
Shadow Copies and Drive Defragmentation	97
Mounted Drives	97
Managing Shadow Copies	98
The Shadow Copy Cache File	99
Enabling and Creating Shadow Copies	101
Viewing a List of Shadow Copies	101
Set Schedules	102
Scheduling Shadow Copies	102
Deleting a Shadow Copy Schedule	102
Viewing Shadow Copy Properties	102
Disabling Shadow Copies	104
Managing Shadow Copies from the NAS Desktop	105
Shadow Copies for Shared Folders	106
SMB Shadow Copies	106
NFS Shadow Copies	107
Recovery of Files or Folders	108
Recovering a Deleted File or Folder	109
Recovering an Overwritten or Corrupted File	110
Recovering a Folder	110
Backup and Shadow Copies	110
Chapter 6, User and Group Management	111
Domain Compared to Workgroup Environments	111
User and Group Name Planning	112
Managing User Names	112
Managing Group Names	112
Workgroup User and Group Management	113
Managing Local Users	113
Adding a New User	114
Deleting a User	115
Modifying a User Password	116
Modifying User Properties	116
Managing Local Groups	117
Adding a New Group	118
Deleting a Group	118
Modifying Group Properties	119
Chapter 7, Folder, Printer, and Share Management	121
Folder Management	121
Navigating to a Specific Volume or Folder	122
Creating a New Folder	123
Deleting a Folder	124
Modifying Folder Properties	124
Creating a New Share for a Volume or Folder	125
Managing Shares for a Volume or Folder	126
Managing File Level Permissions	127
Share Management	134
Share Considerations	134
Defining Access Control Lists	134
Integrating Local File System Security into Windows Domain Environments	135
Comparing Administrative (Hidden) and Standard Shares	135
Planning for Compatibility between File Sharing Protocols	135
NFS Compatibility Issues	136
Managing Shares	136
Creating a New Share	136
Deleting a Share	137
Modifying Share Properties	138
Protocol Parameter Settings	141
DFS Protocol Settings	142
Deploying DFS	142
DFS Administration Tool	143
Accessing the DFS Namespace from other Computers	143
Setting DFS Sharing Defaults	144
Creating a Local DFS Root	144
Deleting a Local DFS Root	145
Publishing a New Share in DFS	146
Publishing an Existing Share in DFS	147
Removing a Published Share from DFS	147
Storage Management	148
Directory Quotas	148
Establishing Directory Quotas	149
File Screening	151
Storage Reports	152
Print Services	153
Configuring the Print Server	153
Removing the Print Server Role	155
Adding an Additional Printer	155
Adding Additional Operating System Support	156
Installing Print Services for UNIX	156
Chapter 8, Microsoft Services for NFS	157
Server for NFS	157
Authenticating User Access	157
Indicating the Computer to Use for the NFS User Mapping Server	158
Logging Events	159
Server for NFS Server Settings	160
Installing NFS Authentication Software on the Domain Controllers and Active Directory Domain Controllers	162
Understanding NTFS and UNIX Permissions	164
NFS File Shares	164
Creating a New Share	164
Deleting a Share	166
Modifying Share Properties	166
Anonymous Access to an NFS Share	168
Encoding Types	169
NFS Only	169
NFS Protocol Properties Settings	169
NFS Async/Sync Settings	170
NFS Locks	171
NFS Client Groups	173
Adding a New Client Group	174
Deleting a Client Group	174
Editing Client Group Information	175
NFS User and Group Mappings	176
Types of Mappings	176
Explicit Mappings	176
Simple Mappings	176
Squashed Mappings	177
User Name Mapping Best Practices	177
Creating and Managing User and Group Mappings	178
General Tab	178
Simple Mapping Tab	179
Explicit User Mapping Tab	180
Explicit Group Mapping Tab	181
Backing up and Restoring Mappings	183
Backing up User Mappings	183
Restoring User Mappings	183
Creating a Sample NFS File Share	184
Remote Desktop	186
Using Remote Desktop	186
Chapter 9, NetWare File System Management	187
Installing Services for NetWare	188
Managing File and Print Services for NetWare	190
Creating and Managing NetWare Users	191
Adding Local NetWare Users	191
Enabling Local NetWare User Accounts	192
Managing NCP Volumes (Shares)	193
Creating a New NCP Share	193
Modifying NCP Share Properties	195
Chapter 10, Cluster Administration	197
Cluster Overview	197
Multi Node Support Beyond Two Nodes	197
Cluster Terms and Components	198
Nodes	198
Resources	198
Virtual Servers	199
Failover	199
Quorum Disk	199
Cluster Concepts	200
Sequence of Events for Cluster Resources	200
Hierarchy of Cluster Resource Components	202
Cluster Planning	203
Storage Planning	203
Network Planning	204
Protocol Planning	205
Preparing for Cluster Installation	206
Before Beginning Installation	206
HP StorageWorks NAS Software Updates	206
Checklists for Cluster Server Installation	207
Network Requirements	207
Shared Disk Requirements	207
Cluster Installation	208
Setting Up Networks	208
Configure the Private Network Adapter	209
Configure the Public Network Adapter	209
Rename the Local Area Network Icons	209
Verifying Connectivity and Name Resolution	209
Verifying Domain Membership	209
Setting Up a Cluster User Account	209
About the Quorum Disk	209
Configuring Shared Disks	210
Verifying Disk Access and Functionality	210
Install Cluster Service Software	211
Creating a Cluster	211
Adding Nodes to a Cluster	212
Geographically Dispersed Clusters	214
HP Storage Works NAS Software Updates	214
Cluster Groups and Resources, including File Shares	214
Cluster Group Overview	215
Node Based Cluster Groups	215
Load Balancing	215
Cluster Resource Overview	216
File Share Resource Planning Issues	216
Resource Planning	216
Permissions and Access Rights on Share Resources	217
NFS Cluster Specific Issues	217
Non Cluster Aware File Sharing Protocols	218
Creating a New Cluster Group	218
Adding New Storage to a Cluster	219
Creating Physical Disk Resources	219
Creating File Share Resources	221
Setting Permissions for a SMB File Share	222
Creating NFS Share Resources	223
Setting Permissions for an NFS Share	224
Creating IP Address Resources	226
Creating Network Name Resources	227
Basic Cluster Administration Procedures	228
Failing Over and Failing Back	228
Restarting One Cluster Node	228
Shutting Down One Cluster Node	229
Powering Down the Cluster	229
Powering Up the Cluster	230
Shadow Copies in a Clustered Environment	231
Creating a Cluster Printer Spooler	231
Chapter 11, Remote Access Methods and Monitoring	233
Web Based User Interface	234
Remote Desktop	234
Integrated Lights-Out Port	234
Features	235
Security Features	235
Manage Users Feature	235
Manage Alerts Feature	236
Integrated Lights-Out Port Configuration	236
Using the Integrated Lights-Out Port to Access the NAS Server	237
Telnet Server	238
Enabling Telnet Server	238
Sessions Information	238
HP Insight Manager Version 7	238

Match case Limit results 1 per page

Microsoft Services for NFS

158

NAS 4000s and 9000s Administration Guide

Permissions are granted on a per-export basis; each export has its own permissions,

independent of other exports on the system. For example, file system a can be exported to

allow only the Accounting department access, and file system m can be exported allowing

only the Management department access. If a user in Management needs access to the

Accounting information, the A export permissions can be modified to let that one user's client

machine have access. This modification does not affect other client access to the same export,

nor does it allow the Management user or client access to other exports.

After the client machine has permission to the export, the user logon affects file access. The

client machine presents the UNIX user ID (UID) and group ID (GID) to the server. When the

computer accesses a file, the UID and GID of the client are transferred to a Windows user ID

and group ID by the mapping server. The ACLs of the file or directory object being requested

are then compared against the mapped Windows login or group ID to determine whether the

access attempt should be granted.

Note:

User credentials are not questioned or verified by the NFS server. The server accepts the

presented credentials as valid and correct.

If the NFS server does not have a corresponding UID or GID, or if the administrator has set

other conditions to filter out the user, a process called squashing takes effect. Squashing is the

conversion of an unknown or filtered user to an anonymous user. This anonymous user has

very restricted permissions on the system. Squashing helps administrators manage access to

their exports by allowing them to restrict access to certain individuals or groups and to squash

all others down to restricted (or no) access. Squashing enables the administrator to allow

permissions instead of denying access to all the individuals who are not supposed to have

access. See “NFS User and Group Mappings” later in this chapter for specific information

about creating and maintaining mappings.

Indicating the Computer to Use for the NFS User Mapping Server

During the processes of starting and installing the NAS server, the name localhost is assigned

by default to the computer. It is assumed that the NAS server is the computer that will be used

for user name mapping.

If there are other mapping servers and a machine other than the localhost that will store user

name mappings, the name of that computer must be indicated, as detailed below:

Use

Remote Desktop

to access the

NAS Management Console

, click

File Sharing

Microsoft Services for Network File System

. Click

Settings

Figure 88

is an example of

the Server for NFS user interface.

In the

Computer

name box of the user-mapping screen, type the name of the computer

designated for user mapping and authentication.

Localhost is the computer name assigned by default on the NAS server. To control user

mapping from a different computer, enter the name of that computer.

Note:

If a machine other than the localhost is to be used, make sure that the user name mapping

service is installed and running on that machine.