HP StorageWorks 9000s NAS 4000s and 9000s Administration Guide - Page 217
Permissions and Access Rights on Share Resources, NFS Cluster Specific Issues
View all HP StorageWorks 9000s manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 217 highlights
Cluster Administration 4. Create the file share resources. In a clustered environment, file shares are created as a type of cluster resource. Creating cluster resources and file shares is documented later in this chapter. 5. Assign ownership of the file share resources to the resource groups. a. Divide ownership of the file share resource between the resource groups, which are in turn distributed between the virtual servers, for effective load balancing. b. Make sure that the physical disk resource for this file share is also included in this group. c. Make sure that the resources are dependent on the virtual servers and physical disk resources from which the file share was created. Permissions and Access Rights on Share Resources File Share and NFS Share permissions must be managed via the Cluster Administrator tool versus the individual shares on the file system themselves via Windows Explorer. Administering them through the Cluster Administrator tool allows the permissions to migrate from one node to other. In addition, permissions established using Explorer will be lost once the share is failed or taken offline. To access the permissions, see "Setting Permissions for a SMB File Share" and "Setting Permissions for an NFS Share." NFS Cluster Specific Issues In addition to the user name mapping best practices outlined in the "Microsoft Services for NFS" chapter, there are additional recommendations. For convenience, all suggestions are listed below: ■ Back up user and group mappings To avoid loss of complex advanced mappings in the case of a system failure, back up the mappings whenever the mappings have been edited or new mappings have been added. ■ Map consistently Groups that are mapped to each other should contain the same users and the members of the groups should be properly mapped to each other to ensure proper file access. ■ Map properly - Valid UNIX users should be mapped to valid Windows users. - Valid UNIX groups should be mapped to valid Windows groups. - Mapped Windows user must have the Access this computer from the Network privilege or the mapping will be squashed. - The mapped Windows user must have an active password, or the mapping will be squashed. ■ In a clustered deployment, create user name mappings using domain user accounts. Because the security identifiers of local accounts are recognized only by the local server, other nodes in the cluster will not be able to resolve those accounts during a failover. Do not create mappings using local user and group accounts. ■ In a clustered deployment, administer user name mapping on a computer that belongs to a trusted domain. If NFS administration tasks are performed on a computer that belongs to a domain that is not trusted by the domain of the cluster, the changes are not properly replicated among the nodes in the cluster. NAS 4000s and 9000s Administration Guide 217