Home » Dell Manuals » Storage Devices » Dell PowerVault LTO4-120HH » Manual Viewer

Dell PowerVault LTO4-120HH Dell DR Series System Administrator's Guide - Page 22

Unix Permissions Guidelines, Allows: Full Access, Object Inherit, and Container Inherit

View all Dell PowerVault LTO4-120HH manuals

Add to My Manuals
Save this manual to your list of manuals

Page 22 highlights

For any existing containers that were created prior to Release 1.1, all files are accessible to any user that logs in to the designated DR Series system. The associated ACL in these existing pre-1.1 release containers support only the following permissions: • Everyone: - Allows: Full Access - Applies to: This folder, subfolders, and files • BUILTIN\Administrators: - Allows: Full Access, Object Inherit, and Container Inherit - Applies to: This folder, subfolders, and files However, you can also apply your own ACLs to existing containers if desired. You can do this by navigating to the root of the share for the designated container, and then flow an ACL down the directory tree. Be aware that the time required for this to complete is dependent upon the number of files and folders that reside in the container. If you create local users, they will be added to BUILTIN\Users. Because the administrator account is a member of BUILTIN\Administrators, if you do experience any problems with ACLs on a container (for example, an ACL was applied that locks themselves or domain administrators out), you can connect via a client as MACHINE\Administrator. At this point, you can edit the ACL (the BUILTIN\Administrators account has TakeOwnership privilege). Be aware that large ACLs can consume additional inodes on the container, which can cause problems if there are a large number of files and folders in the container. Small ACLs (with up to 10 ACEs) can reside in the spare space in the inode, while larger ones can consume an additional inode. Inodes functions as data structures on a Linux (or Unix-like operating system) filesystem where all the information about a file except its name and its actual data are stored. NOTE: Dell recommends that administrators apply a set of permissions to existing containers that are similar to the way defaults are set for new containers. However, careful consideration needs to be given about granting access that addresses any specific security needs for individual users. Unix Permissions Guidelines For a user to create, delete, or rename a file or a directory requires Write access to the parent directory that contains these files. Only the owner of a file (or the root user) can change permissions. Permissions are based on the user IDs (UIDs) for the file Owner and group IDs (GIDs) for the primary Group. Files have owner IDs and group owner IDs. To enable Unix access, the DR Series system supports three levels of users: • Owner (of the file) • Group (group in which the owner belongs) • Other (other users with an account on the system) Each of these three user types support the following access permissions: • Read (read access that allows user to read files) • Write (write access that allows user to create or write to a file) • Execute (access that allows user to execute files or traverse directories in the filesystem) NOTE: A root user has all levels of permission access, and a user can be a member of a single group or of multiple groups (up to 32 groups are allowed in Unix). Windows Permissions Guidelines To enable Windows access, the DR Series system supports access control lists (ACLs) that contain zero or more access control entries (ACEs), and an empty ACE list grants all access requests. The Windows New Technology File System 22

Section	Page
Dell DR Series System Administrator Guide	3
Introduction to the DR Series System	9
About the DR Series System GUI Documentation	9
Other Information You May Need	9
Source Code Availability	10
Understanding the DR Series System	11
About the DR Series System	12
Drive and Available Physical Capacities	12
Internal Drive Capacity	13
External Drive Capacity	13
Data Storage Terminology and Concepts	13
Data Deduplication and Compression	16
Replication	17
Reverse Replication	18
Reverse Replication: Alternate Method	19
Supported File System Protocols	19
NFS	19
CIFS	20
CIFS ACL Support	20
Access Control List Support in Containers	20
Existing Containers (Pre–1.1 Release)	21
Unix Permissions Guidelines	22
Windows Permissions Guidelines	22
OpenStorage Technology (OST): DR Series System	23
OpenStorage Technology (OST) API	24
Software Components and Operational Guidelines	25
DR Series System and Data Operations	26
DR Series Expansion Shelf	27
Understanding About Adding a DR Series Expansion Shelf	28
Supported Software and Hardware	28
Terminal Emulation Applications	28
DR Series — Expansion Shelf Cabling	29
Adding a DR Series System Expansion Shelf	30
Setting Up the DR Series System	33
Interacting with the DR Series System	33
Networking Preparations for the DR Series System	33
Connections for Initializing a DR Series System	34
Initializing the DR Series System	34
Default IP Address and Subnet Mask Address	35
Local Console Connection	36
iDRAC Connection	37
Logging in and Initializing the DR Series System	38
Accessing iDRAC6/iDRAC7 Using RACADM	39
Logging in Using a Web Interface	39
Registering a DR Series System	44
Enabling Active Scripting in Windows IE Browsers	45
Disabling the Compatibility View Settings	46
Dashboard Page and Options	46
Understanding the Dashboard Options	47
Displaying System Alerts	47
Events	47
Health	48
Usage	51
Viewing the Latest Range	51
Viewing a Specific Time Range	52
System Usage	52
Statistics: Container Page	53
Statistics: Replication Page	57
Storage Page and Options	58
Understanding the Storage Options	59
Containers	59
Replication Page	60
Compression Level	60
Clients	60
About the Schedules Page and Options	62
Setting a Replication Schedule	62
Setting a Cleaner Schedule	63
About the System Configuration Page and Options	63
System Configuration Page and Options	64
Understanding the System Configuration Page Options	66
Support Page and Options	66
Understanding the Support Page Options	67
Configuring the DR Series System Settings	71
Configuring Networking Settings	71
Networking Page and Ethernet Port Values	74
Managing the DR Series System Password	75
Modifying the System Password	75
Resetting the Default System Password	75
Shutting Down the DR Series System	76
Rebooting the DR Series System	76
Configuring Compression Level Settings	76
Configuring Active Directory Settings	77
Configuring Local Workgroup Users Settings	78
Configuring Email Alert Settings	79
Adding a Recipient Email Address	79
Editing or Deleting a Recipient Email Address	79
Sending a Test Message	80
Configuring Administrator Contact Information	80
Adding Administrator Contact Information	80
Editing Administrator Contact Information	81
Configuring an Email Relay Host	81
Adding an Email Relay Host	81
Editing an Email Relay Host	82
Configuring System Date and Time Settings	82
Editing System Date and Time Settings	83
Creating Containers	84
Configuring Share-Level Security	84
Managing DR Series Storage Operations	87
Managing Container Operations	87
Creating Storage Containers	87
Editing Container Settings	90
Deleting Containers	91
Moving Data into a Container	92
Displaying Container Statistics	92
Managing Replication Operations	94
Creating Replication Relationships	94
Editing Replication Relationships	96
Deleting Replication Relationships	96
Starting and Stopping Replication	96
Setting the Replication Bandwidth	97
Displaying Replication Statistics	97
Creating a Replication Schedule	98
Monitoring the DR Series System	101
Monitoring Operations Using the Dashboard Page	101
System Status Bar	101
DR Series System and the Capacity-Storage Savings-Throughput Panes	102
System Information Pane	102
Monitoring System Alerts	103
Using the Dashboard Alerts Page	103
Viewing the System Alerts	103
Monitoring System Events	104
Using the Dashboard to Display System Events	104
Using the Dashboard Events Option	105
Using the Event Filter	105
Monitoring System Health	106
Using the Dashboard Page to Monitor System Health	106
Using the Dashboard Health Options	107
Monitoring System Usage	108
Displaying Current System Usage	109
Setting a Latest Range Value	109
Setting a Time Range Value	109
Monitoring Container Statistics	110
Displaying the Statistics: Container Page	110
Monitoring Replication Statistics	111
Displaying the Statistics: Replication Page	112
Displaying Replication Statistics Using the CLI	113
Using the DR Series System Support Options	115
Support Information Pane	115
Diagnostics Page and Options	115
Generating a Diagnostics Log File	116
Downloading Diagnostics Log Files	117
Deleting a Diagnostics Log File	118
DR Series System Software Upgrade	118
Software Upgrade Page and Options	118
Verifying the Current Software Version	119
Upgrading the DR Series System Software	119
Restore Manager (RM)	120
Downloading the Restore Manager	121
Creating the Restore Manager USB Key	121
Running the Restore Manager (RM)	121
Resetting the Boot LUN Setting in H700 BIOS After Running RM	122
Hardware Removal or Replacement	124
DR Series System: Proper Shut Down and Start Up	125
DR Series System NVRAM	125
Configuring and Using OST	127
Understanding OST	127
OpenStorage Technology (OST) API	128
OST Guidelines	129
OST Terminology	129
Supported OST Software and Components	130
Supported OST Software and Components	130
OST Required Configurations	131
Best Practices: OST and the DR Series System	131
Setting Client-Side Optimization	131
Configuring an LSU	131
Installing a Dell OST Plug-In	132
Understanding the Dell OST Plug-In (Linux)	132
Understanding the Dell OST Plug-In (Windows)	133
Installing the OST Plug-In for Backup Exec on Windows	133
Installing the OST Plug-In for NetBackup on Windows	134
Uninstalling the Dell OST Plug-In for Windows	134
Installing the OST Plug-In for NetBackup on Linux	135
Uninstalling the Dell OST Plug-In for Linux	136
Configuring DR Series System Information Using NetBackup	136
Using NetBackup CLI to Add DR Series System Name (Linux)	137
Using NetBackup CLI to Add DR Series System Name (Windows)	137
Configuring NetBackup for the DR Series System	137
Creating Disk Pools from LSUs	138
Creating Storage Units Using the Disk Pool	139
Backing Up Data from a DR Series System (NetBackup)	139
Restoring Data from a DR Series System Using NetBackup	139
Duplicating Backup Images Between DR Series Systems Using NetBackup	140
Using Backup Exec with a DR Series System (Windows)	140
OST Plug-In and Supported Versions	140
Installation Prerequisites for the OST Plug-In for Backup Exec	141
Configuring the DR Series System Using the Backup Exec GUI	141
Creating Backups on the DR Series System Using Backup Exec	142
Optimizing Duplication Between DR Series Systems Using Backup Exec	142
Restoring Data from a DR Series System Using Backup Exec	143
Understanding the OST CLI Commands	143
Supported DR Series System CLI Commands for OST	144
Understanding OST Plug-In Diagnostic Logs	145
Rotating OST Plug-In Logs for Windows	145
Collecting Diagnostics Using a Linux Utility	145
Rotating OST Plug-In Logs for Linux	146
Guidelines for Gathering Media Server Information	146
NetBackup on Linux Media Servers	146
NetBackup on Windows Media Servers	147
Backup Exec on Windows Media Servers	147
Troubleshooting and Maintenance	149
Troubleshooting Error Conditions	149
DR Series System Alert and Event Messages	150
About the Diagnostics Service	167
Understanding Diagnostics Collection	168
About the DR Series System Maintenance Mode	168
About the DR Series System Support Mode	170
Scheduling DR Series System Operations	170
Creating a Cleaner Schedule	171
Displaying Cleaner Statistics	172
Getting Help	173
Before Contacting Dell Support	173
Contacting Dell	174

Match case Limit results 1 per page

For any existing containers that were created prior to Release 1.1, all files are accessible to any user that logs in to the

designated DR Series system. The associated ACL in these existing pre–1.1 release containers support only the

following permissions:

•

Everyone

–

Allows: Full Access

–

Applies to: This folder, subfolders, and files

•

BUILTIN\Administrators

–

Allows: Full Access, Object Inherit, and Container Inherit

–

Applies to: This folder, subfolders, and files

However, you can also apply your own ACLs to existing containers if desired. You can do this by navigating to the root of

the share for the designated container, and then flow an ACL down the directory tree. Be aware that the time required

for this to complete is dependent upon the number of files and folders that reside in the container.

If you create local users, they will be added to BUILTIN\Users. Because the administrator account is a member of

BUILTIN\Administrators, if you do experience any problems with ACLs on a container (for example, an ACL was applied

that locks themselves or domain administrators out), you can connect via a client as MACHINE\Administrator.

At this point, you can edit the ACL (the BUILTIN\Administrators account has TakeOwnership privilege). Be aware that

large ACLs can consume additional inodes on the container, which can cause problems if there are a large number of

files and folders in the container. Small ACLs (with up to 10 ACEs) can reside in the spare space in the inode, while

larger ones can consume an additional inode. Inodes functions as data structures on a Linux (or Unix-like operating

system) filesystem where all the information about a file except its name and its actual data are stored.

NOTE:

Dell recommends that administrators apply a set of permissions to existing containers that are similar to the

way defaults are set for new containers. However, careful consideration needs to be given about granting access

that addresses any specific security needs for individual users.

Unix Permissions Guidelines

For a user to create, delete, or rename a file or a directory requires Write access to the parent directory that contains

these files. Only the owner of a file (or the root user) can change permissions.

Permissions are based on the user IDs (UIDs) for the file Owner and group IDs (GIDs) for the primary Group. Files have

owner IDs and group owner IDs. To enable Unix access, the DR Series system supports three levels of users:

•

Owner (of the file)

•

Group (group in which the owner belongs)

•

Other (other users with an account on the system)

Each of these three user types support the following access permissions:

•

Read (read access that allows user to read files)

•

Write (write access that allows user to create or write to a file)

•

Execute (access that allows user to execute files or traverse directories in the filesystem)

NOTE:

A root user has all levels of permission access, and a user can be a member of a single group or of multiple

groups (up to 32 groups are allowed in Unix).

Windows Permissions Guidelines

To enable Windows access, the DR Series system supports access control lists (ACLs) that contain zero or more access

control entries (ACEs), and an empty ACE list grants all access requests. The Windows New Technology File System