Dell EMC UNITY, How can we share nfs and cifs shares on the same file system
without defining NIS or LDAP?
The customer currently has VNX 7500 unified and can create shares and exports against a file system without defining an LDAP or NIS server. Customer does not use LDAP or NIS. Unity requires creation of a multi-protocol server with access to a windows and linux directory service (AD, LDAP/NIS). Without a MP server, there doesn't seem to be a way to present the FS to both Win and Linux. Customer is threatening to ship it back. Is there a way to share nfs and cifs shares on the same file system without defining NIS or LDAP?
Rainer_EMC
8.6K Posts
1
June 27th, 2017 03:00
You're welcome
I wasnt that difficult - was it ?
One thing to keep in mind is that if you are mapping all or multiple SMB users to the same Unix user like default than for the purpose of file system user quotas they will all be counted as the same user since user quotas on ufs32/64 are based on Unix UIDs.
manik-chawla
6 Posts
0
June 27th, 2017 04:00
Thanks Rainer, finally got it done
Rainer_EMC
8.6K Posts
0
June 28th, 2017 01:00
so what was the piece you were missing ?
manik-chawla
6 Posts
0
June 28th, 2017 02:00
Was missing the entries in the password file
Thanks a lot for the help... this was the last piece that was missing.
Rainer_EMC
8.6K Posts
0
June 28th, 2017 04:00
From the Unity Unisphere Online help:
Default user names
You can optionally configure default user accounts for a NAS server when you modify the NAS server sharing protocols:
The default Unix user account specifies the Unix account to use for file system access from an unmapped Windows account. If you do not specify a default Unix account, an unmapped Windows user will not be able to access the system. The default Unix user account must exist in the configured UDS.
The default Windows account specifies the Windows account to use for file system access from an unmapped Unix account, if the file system access policy is Windows. If you do not specify a default Windows account, an unmapped Unix user will not be able to access a file system that has a Windows access policy. The default Windows user account must be an existing user account in the AD in which the SMB server of the NAS server is joined.
Rainer_EMC
8.6K Posts
0
June 28th, 2017 04:00
you're welcome
BTW this is just the same as on VNX and is covered in the VNX file documentation - ntxmap only is responsible for name-to-name mapping and we do need to have a way to map the Unix name to a Unix UID
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
July 26th, 2017 00:00
Hi Rainer,
Our client does not have AD or NIS/LDAP server, can we still configure a multiprotocol FS using the procedure in # 11, In GUI its required to enter AD, will dummy AD works? just to finish the wizard. Thanks.
Rainer_EMC
8.6K Posts
0
July 26th, 2017 03:00
Is the CIFS server domain-joined or a standalone CIFS server ?
multi-protocol is only supported on CIFS servers that are member or a domain - not on standalone CIFS servers
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
July 26th, 2017 18:00
Thanks Rainer, we will just advise the customer to setup an AD Server as a prerequisite on multiprotocol filesystem.
maniemc
169 Posts
0
July 26th, 2017 18:00
MikeChan,
If you really dont have AD in your environment, you can just do a NFS export on a standalone server and your windows clients can access by "NFS on Windows" (Available for many enterprise windows client by MS or they can use other nfs solutions for windows). For Unity, this is just a NFS export (no cifs or multi protocol).
If they do want AD just for multiprotocol (not making much sense to me), they can use Multi protocol and use "Local files" for name resolve, no need to use AD as LDAP Server as this looks like small environment.
Rainer_EMC
8.6K Posts
0
July 27th, 2017 02:00
or vice versa - you could configure the Unity NAS server as CIFS and use smbfs from Linux clients
martin08151
4 Posts
0
July 28th, 2017 05:00
Hi Rainer
I tried that on a Unity VSA but it came up with an syntax error
uemcli -d -u Local/admin -p /net/nas/server -name srvfilvsat001 set -mpSharingEnabled yes -unixDirectoryService local
Storage system address:
Storage system port: 443
HTTPS connection
Operation failed. Error code: 0x1000017
Command line parsing failed near "local" token.
There is a syntax error in the command. Please recheck the command syntax. (Error Code:0x1000017)
The help for the installed uemcli lists "local" as usable option:
[Set]
/net/nas/server { -id | -name } set [ -name ] [ -mpSharingEnabled { yes | no } ] [ -unixDirectoryService { local | nis | ldap | localThenNis | localThenLdap | none } ] [ { -defaultAccessDisabled | [ -defaultUnixUser ] [ -defaultWindowsUser ] } ] [ -replDest { yes | no } ] [ -enablePacketReflect { yes | no } ] [ -preferredProductionOverride { no | yes } ] [ -preferredProductionIPv4 { auto | } ] [ -preferredProductionIPv6 { auto | } ] [ -preferredBackupIPv4 { auto | } ] [ -preferredBackupIPv6 { auto | } ]
I tried it from a Windows Machine where "local" is not an usable option ???
Anyway. Do i miss thomething here or doesn't it work on a VSA ?
thx in advance
Martin
maniemc
169 Posts
0
July 29th, 2017 04:00
Hi Matrin,
Your vsa is old, running on 4.0, which do not have local option for unix directory services. Windows uemcli will show the syntax because it is newer. Upgrade your vsa to the latest OE. (and Unisphere is lot easier).
martin08151
4 Posts
0
July 31st, 2017 04:00
Hi
That did the trick. Updated to Version 4.2.0.939xxxxx
I'm now able to set this in the GUI :-)
The Rest is good old usermapping, right ?
thanks
maniemc
169 Posts
0
July 31st, 2017 14:00
Rest should be easy. Play with the local password file (mainly for the unix id and exact cifs user name).