- Notes, cautions, and warnings
- Introduction
- Revision history
- Accessing PowerFlex appliance components
- PowerFlex appliance deployment types
- Managing components with PowerFlex Manager
- Add licenses to PowerFlex Manager
- Configuring VMware vCenter high availability
- Enable or disable SSH on the VMware ESXi host dynamically
- Performing maintenance activities in a PowerFlex cluster
- Monitoring system health
- Monitor system resources
- Manage compliance
- Enabling SupportAssist
- Managing events and alerts
- CloudLink Center
- Network management
- Storage management
- Protection domains
- Fault sets
- Storage data servers
- Storage pools
- Acceleration pools
- Devices
- Volumes
- NVMe targets
- Hosts
- Storage management for PowerFlex controller nodes
- Configuring replication on PowerFlex nodes
- Redistribute the MDM cluster using PowerFlex Manager
- Set rebuild and rebalance settings
- Enabling or disabling SDC authentication
- Log in to PowerFlex using scli
- Prepare for storage data clients authentication
- Configure storage data client to use authentication
- Enable storage data client authentication
- Disable SDC authentication
- Expand an existing PowerFlex cluster with SDC authentication enabled
- Add a Windows or Linux authenticated SDC
- PowerFlex file storage
- Multitenancy
- NAS server
- Create a NAS server for NFS (UNIX-only) file systems
- Create NAS server for SMB (Windows-only) file systems
- Change NAS server settings
- Configure settings of an existing NAS server
- Manage the network routes between the NAS server and the supported external services
- Modify or configure the NAS server naming services
- NAS server sharing protocols
- NAS server protection and events
- Managing NAS server configuration
- NAS server settings
- NAS server security
- Create a global namespace
- File systems
- Quotas
- Shares and exports
- File protection
- Create a protection policy
- Create snapshot rules
- Create a snapshot
- Modify a snapshot
- Delete a snapshot
- Assign a protection policy to a file system
- Unassign a protection policy
- Modify a protection policy
- Delete a protection policy
- Modify a snapshot rule
- Delete a snapshot rule
- Refresh a file system using snapshot
- Restore a file system from a snapshot
- Clone NAS server and file system
- Clone the file system
- Create a thin clone using a snapshot
- Reconfiguring MDM roles
- Set rebuild and rebalance settings
- Enabling or disabling SDC authentication
- Log in to PowerFlex using scli
- Prepare for storage data clients authentication
- Configure storage data client to use authentication
- Enable storage data client authentication
- Disable SDC authentication
- Expand an existing PowerFlex cluster with SDC authentication enabled
- Add a Windows or Linux authenticated SDC
- Enabling replication on existing PowerFlex hyperconverged nodes
- Prerequisites
- Workflow
- Remove a PowerFlex hyperconverged resource group from PowerFlex Manager
- Create and configure replication port groups
- Preparing the SVMs for replication
- Shut down the SVM
- Add network adapters
- Record the MAC address of the newly added network interface controllers
- Modify SVMs
- Install SDR RPMs on the SDS nodes (SVMs)
- Exit SDS maintenance mode
- Adding the Storage Data Replicator to a PowerFlex appliance
- Create and copy certificates
- Add replication networks to PowerFlex Manager
- Add the hyperconverged resource group back to PowerFlex Manager
- Enabling replication on existing PowerFlex storage-only nodes
- Prerequisites
- Gather the MDM IP address information
- Install SDR
- Configure replication networks
- Create static routes
- Add SDRs to PowerFlex Manager
- Add firewall rules for SDR
- Remove existing storage-only resource group from PowerFlex Manager
- Add replication networks to PowerFlex Manager
- Add the storage-only resource group back to PowerFlex Manager
- Add peer replication systems
- Create the remote consistency group
- Secure component verification and TPM enablement on the PowerFlex nodes
- Administering the CloudLink Center
- Add the CloudLink Center license in PowerFlex Manager
- Adding and managing CloudLink Center licenses
- Configure syslog and audit logs in CloudLink
- Manage a self-encrypting drive (SED) from CloudLink Center
- Manage a self-encrypting drive from the command line
- Release a self-encrypting drive
- Release management of a self-encrypting drive from the command line
- Backup and restore
- Powering on and off
- Power on a Technology Extension with PowerScale
- Power on a PowerFlex appliance
- Power on the PowerFlex management controller 2.0
- Power on the PowerFlex management node
- Power on the VMware NSX Edge nodes
- Power on PowerFlex storage-only nodes
- Power on PowerFlex file nodes
- Power on all PowerFlex hyperconverged nodes
- Power on PowerFlex compute-only nodes
- Complete the powering on of PowerFlex appliance
- Power off a PowerFlex appliance
- Deactivate protection domain and power off PowerFlex storage-only node using PowerFlex Manager
- Power off PowerFlex compute-only nodes with VMware ESXi
- Power off PowerFlex file nodes
- Power off PowerFlex hyperconverged nodes with VMware ESXi
- Power off the VMware NSX Edge nodes
- Power off the PowerFlex management controller 2.0
- Power off the PowerFlex management node
- Complete the powering off of PowerFlex appliance
- Power off a Technology Extension with PowerScale
- Usernames and password management
- PowerFlex servers
- PowerFlex Manager
- Virtualization
- Management VMs
- Change CloudLink passwords
- Manage EmbeddedOS15.3 users credentials for the jump server
- Changing the IPI appliance password
- Changing a user account password on the IPI appliance
- Changing the operating system password
- System logs and audit logs
- PowerFlex Manager logs
- VMware vCenter logs
- CloudLink logs
- Network logs
- Configuring syslogs and audit logs
- Configure syslogs using VMware ESXi
- Configure and forward the syslogs using VMware vCenter
- Configure syslog and audit logs in CloudLink
- Configure audit logs in SVMs and PowerFlex storage-only nodes
- Configure iDRAC for audit logging
- Retrieve SDNAS audit logs
- Configuring syslogs for Dell PowerSwitch and Cisco Nexus switches
- PowerFlex audit log
- Migrating to NVMe over TCP on VMware ESXi
Dell PowerFlex Appliance with PowerFlex 4.x Administration Guide
Modify or configure the NAS server naming services
Use this procedure to modify or configure naming services.
About this task
- DNS: DNS is required for Secure NFS.
You cannot disable DNS for:
- NAS servers that support multiprotocol file sharing.
- NAS servers that support SMB file sharing and that are joined to an Active Directory (AD).
- UDS with NIS: You will need the NIS domain name and the IP addresses of each of the NIS servers.
- UDS with LDAP: LDAP must adhere to the IDMU, RFC2307, or RFC2307bis schemas. Some examples include AD LDAP with IDMU, iPlanet, and OpenLDAP. The LDAP server must be configured properly to provide UIDs for each user. For example, on IDMU, the administrator must go in to the properties of each user and add a UID to the UNIX Attributes tab. You can configure LDAP to use anonymous, simple, and Kerberos authentication.
Table 1. LDAP authentication typesLDAP authentication types and descriptions. Authentication type Description Anonymous Specify the base DN, and the profile DN for the iPlanet/OpenLDAP server. Simple Specify the following: - If using AD, LDAP/IDMU:
- Bind DN in LDAP notation format
- Base DN
- Profile DN
- If using the iPlanet/OpenLDAP server:
- Bind DN in LDAP notation format
- Password
- Base DN
- Profile DN for the iPlanet/OpenLDAP server
Kerberos To use Kerberos authentication, you must perform the following steps before setting LDAP to use Kerberos authentication: - From the Naming Services card, configure the DNS server used to join and unjoin a Kerberos server to a realm.
- From the Security card, configure the Kerberos realm.
There are two methods for configuring Kerberos:
- Authenticate to the SMB domain. With this option, authenticate using either the SMB server account or authenticate with other credentials.
- Configure a custom realm to point to any type of Kerberos realm. With this option, the NAS server uses the custom Kerberos realm defined in the Kerberos subsection of the NAS server Security tab.
NOTE:If you use NFS secure with a custom realm, you have to upload a keytab file.
- If using AD, LDAP/IDMU:
- Local files: Local files can be used instead of, or in addition to DNS, LDAP, and NIS directory services. To use local files, configuration information must be provided through the files listed in
PowerFlex Manager. If you have not created your own files ahead of time, use the download arrows to download the template for the type of file you need to provide, and upload the edited version.
To use local files for NFS, FTP access, the passwd file must include an encrypted password for the users. This password is used for FTP access only. The passwd file uses the same format and syntax as a standard Unix system, so you can leverage this to generate the local passwd file. On a Unix system, use useradd to add a new user and passwd to set the password for that user. Copy the hashed password from the /etc/shadow file, add it to the second field in the /etc/passwd file, and upload the /etc/passwd file to the NAS server.
- User mapping: If you are configuring a NAS server to support both types of protocols, SMB and NFS, you will need to configure the user mapping. When configured for both types of protocol, the user mapping requires that the NAS server is joined with an AD domain. You can configure the SMB server, with AD from the SMB Server card.
If the Windows Server Type is set to Join to the Active Directory Domain, you must select Enable automatic mapping for unmapped Windows accounts/users.
Steps
- Log in to PowerFlex Manager.
- For DNS, click , and select the NAS server. Click . Click the Disabled button to Enable and click DNS Transport protocol drop-down menu and select Protocol. Enter the domain, the IP address(es), click Add and click Apply.
- For UDS with NIS, click , and select the NAS server. Click and click Unix Directory Service: NIS. Enter the domain, the IP address, click Add, and click Apply.
- For UDS with LDAP, click , and select the NAS server. Click , click the Disabled button to Enable, and click Unix Directory Service: LDAP. Enter the port number, IP address, click Add, and enter the base DN, select the Authentication from the drop-down menu and click Apply.
- For local files, click , and select the NAS server. Click , and click . From the Upload Local Files window, select the file type, choose the file to upload and click .
- For user mapping, click , and select the NAS server. Click , and click User Mapping. Select Enable automatic mapping for unmapped Windows accounts/users, select Unix Directory Service Search Order and click Apply.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\