You modify or configure naming services from
File > NAS Servers > [nas server] > Naming Services.
Modify or configure the following naming services for the selected NAS server.
DNS
DNS is required for Secure NFS.
You cannot disable DNS for:
NAS servers that support multiprotocol file sharing.
NAS servers that support SMB file sharing and that are joined to an Active Directory (AD).
UDS with NIS
You will need the NIS domain name, and the IP addresses for each of the NIS servers.
UDS with LDAP
LDAP must adhere to the IDMU, RFC2307, or RFC2307bis schemas. Some examples include AD LDAP with IDMU, iPlanet, and OpenLDAP. The LDAP server must be configured properly to provide UIDs for each user. For example, on IDMU, the administrator must go in to the properties of each user and add a UID to the UNIX Attributes tab.
You can configure LDAP to use anonymous, simple, and Kerberos authentication.
Authentication type
About
Anonymous
Specify the Base DN, and the Profile DN for the iPlanet/OpenLDAP server.
Simple
Specify the following:
If using AD, LDAP/IDMU:
Bind DN in LDAP notation format; for example, cn=administrator,cn=users,dc=svt,dc=lab,dc=com.
Base DN, which is the same as the Fully Qualified Domain Name (for example, svt.lab.com).
Profile DN.
If using the iPlanet/OpenLDAP server:
Bind DN in LDAP notation format; for example, cn=administrator,cn=users,dc=svt,dc=lab,dc=com.
Password.
Base DN. For example, if using svt.lab.com, the Base DN would be DC=svt,DC=lab,DC=com.
Profile DN for the iPlanet/OpenLDAP server.
Kerberos
If using Kerberos authentication, you must perform the following steps before setting LDAP to use Kerberos authentication:
From the
Naming Services card, configure the DNS server used to join and unjoin a Kerberos server to a realm.
From the
Security card, configure the Kerberos realm.
Use either of the following methods to configure Kerberos:
Authenticate to the SMB domain. With this option, you can either authenticate using the SMB server account or authenticate with other credentials.
Configure a custom realm to point to any type of Kerberos realm (Windows, MIT, Heimdal). With this option, the NAS server uses the custom Kerberos realm defined in the Kerberos subsection of the NAS server's
Security tab.
NOTE:If you use NFS secure with a custom realm, you must upload a keytab file.
You can also configure LDAP with SSL (LDAP Secure) and can enforce the use of a Certificate Authority certificate for authentication.
Local files
Local files can be used instead of, or in addition to DNS, LDAP, and NIS directory services.
To use local files, configuration information must be provided through the files listed in PowerFlex Manager. If you have not created your own files ahead of time, use the download arrows to download the template for the type of file you need to provide, and then upload the edited version.
To use local files for NFS, FTP access, the
passwd file must include an encrypted password for the users. This password is used for FTP access only. The
passwd file uses the same format and syntax as a standard Unix system, so you can leverage this to generate the local
passwd file. On a Unix system, use
useradd to add a new user and
passwd to set the password for that user. Then, copy the hashed password from the
/etc/shadow file, add it to the second field in the
/etc/passwd file, and upload the
/etc/passwd file to the NAS server.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\