Unsolved
This post is more than 5 years old
1 Message
0
1279
Setup Celerra share on Unix and windows clients with User mapping
I have an existing NFS share in Celerra which is exported to a Unix host. Now I need to make that share accessible to a Windows server as well.
As of now using SFU (Services for Unix) on the Windows client I an able to access (only read) the NFS share from the windows host. But i need to give the permissions for that share to a Windows domain user on the server.
Please suggest how can I achieve this using either user mapper or ACL or any other Celerra/ third party tools
Thanks,
Sumeet
As of now using SFU (Services for Unix) on the Windows client I an able to access (only read) the NFS share from the windows host. But i need to give the permissions for that share to a Windows domain user on the server.
Please suggest how can I achieve this using either user mapper or ACL or any other Celerra/ third party tools
Thanks,
Sumeet
mmadsen21
1 Message
0
October 25th, 2009 13:00
Rainer_EMC
8.6K Posts
0
October 26th, 2009 01:00
I assume you want to use CIFS from the Windows client even though you mention SFU, which can provide a Windows NFS client.
For that I suggest to take a look at the Managing Celerra for a Multiprotocol Environment and Configuring EMC Celerra User Mapping manuals available from Powerlink.
You need to make a choice about:
- access policies for your file systems(s)
- user mapping methods
The choice usually depends on how much work you want to put in and:
- how many users that need to access are in which world ?
- do they have the same user names ?
- where your "primary" clients are (CIFS or Windows) ?
- which "world" creates files ?
- what security you need on the Unix side
....
If you do use NFS on Windows (SFU) then you dont need to do anything on the Celerra, but you need to also do some user mapping on the Windows client or domain.
regards
Rainer
serge_sterck
22 Posts
0
October 27th, 2009 12:00
in summery if you don't have more than 1000 user you create a file called ntxmap.conf
put it on the data mover
How Windows credentials mapping works
When a Windows user logs in and requests a UNIX resource:
1. The user logs in to the Data Mover and provides a Windows credential, which
include the SID, domain, and Windows username.
2. The Data Mover uses the domain and Windows username to query the
ntxmap.conf file for a corresponding mapped UNIX name, if one is available.
format of the ntxmap.conf
domain : user : direction : unix_name
example
*:f731:=:f731
means from any domain the user windows f731 as been mapped to unix user f731 and use the unix uid and gid
Work greats for me i have a very very old os/2 application i have mapped the os/2 smb user to my unix user. The file system shared between cifs & nfs has security set to UNIX.
see documentation in the pdf
Using ntxmap for Celerra CIFS User
Mapping
P/N 300-006-209
Rev A02
Version 5.6
May 2008
Rainer_EMC
8.6K Posts
0
October 28th, 2009 01:00
you also need to take into account the other direction for mapping - i.e. if a NFS user creates a file we also need to map that to a Windows user. That might need some sort of Unix UID->name tranlation like NIS or LDAP or files