Modify or configure the NAS server naming services
Use this procedure to modify or configure naming services.
About this task
Modify or configure the following naming services for the selected NAS server:
DNS: DNS is required for Secure NFS.
You cannot disable DNS for:
NAS servers that support multiprotocol file sharing.
NAS servers that support SMB file sharing and that are joined to an Active Directory (AD).
UDS with NIS: You will need the NIS domain name and the IP addresses of each of the NIS servers.
UDS with LDAP: LDAP must adhere to the IDMU, RFC2307, or RFC2307bis schemas. Some examples include AD LDAP with IDMU, iPlanet, and OpenLDAP. The LDAP server must be configured properly to provide UIDs for each user. For example, on IDMU, the administrator must go in to the properties of each user and add a UID to the UNIX Attributes tab. You can configure LDAP to use anonymous, simple, and Kerberos authentication.
Table 1. LDAP authentication typesLDAP authentication types and descriptions.
Authentication type
Description
Anonymous
Specify the base DN, and the profile DN for the iPlanet/OpenLDAP server.
Simple
Specify the following:
If using AD, LDAP/IDMU:
Bind DN in LDAP notation format
Base DN
Profile DN
If using the iPlanet/OpenLDAP server:
Bind DN in LDAP notation format
Password
Base DN
Profile DN for the iPlanet/OpenLDAP server
Kerberos
To use Kerberos authentication, you must perform the following steps before setting LDAP to use Kerberos authentication:
From the Naming Services card, configure the DNS server used to join and unjoin a Kerberos server to a realm.
From the Security card, configure the Kerberos realm.
There are two methods for configuring Kerberos:
Authenticate to the SMB domain. With this option, authenticate using either the SMB server account or authenticate with other credentials.
Configure a custom realm to point to any type of Kerberos realm. With this option, the NAS server uses the custom Kerberos realm defined in the Kerberos subsection of the NAS server Security tab.
NOTE:If you use NFS secure with a custom realm, you have to upload a keytab file.
Local files: Local files can be used instead of, or in addition to DNS, LDAP, and NIS directory services. To use local files, configuration information must be provided through the files listed in
PowerFlex Manager. If you have not created your own files ahead of time, use the download arrows to download the template for the type of file you need to provide, and upload the edited version.
To use local files for NFS, FTP access, the
passwd file must include an encrypted password for the users. This password is used for FTP access only. The
passwd file uses the same format and syntax as a standard Unix system, so you can leverage this to generate the local
passwd file. On a Unix system, use useradd to add a new user and
passwd to set the password for that user. Copy the hashed password from the /etc/shadow file, add it to the second field in the
/etc/passwd file, and upload the
/etc/passwd file to the NAS server.
User mapping: If you are configuring a NAS server to support both types of protocols, SMB and NFS, you will need to configure the user mapping. When configured for both types of protocol, the user mapping requires that the NAS server is joined with an AD domain. You can configure the SMB server, with AD from the SMB Server card.
If the
Windows Server Type is set to
Join to the Active Directory Domain, you must select
Enable automatic mapping for unmapped Windows accounts/users.
Steps
Log in to
PowerFlex Manager.
For DNS, click
File > NAS Servers, and select the NAS server. Click
View Details > Naming Services > DNS Server. Click the
Disabled button to
Enable and click
DNS Transport protocol drop-down menu and select
Protocol. Enter the domain, the IP address(es), click
Add and click
Apply.
For UDS with NIS, click
File > NAS Servers, and select the NAS server. Click
View Details > Naming Services > UDS and click
Unix Directory Service: NIS. Enter the domain, the IP address, click
Add, and click
Apply.
For UDS with LDAP, click
File > NAS Servers, and select the NAS server. Click
View Details > Naming Services > UDS, click the
Disabled button to
Enable, and click
Unix Directory Service: LDAP. Enter the port number, IP address, click
Add, and enter the base DN, select the Authentication from the drop-down menu and click
Apply.
For local files, click
File > NAS Servers, and select the NAS server. Click
View Details > Naming Services, and click
Local Files > Upload Local Files. From the
Upload Local Files window, select the file type, choose the file to upload and click
Open > Upload.
For user mapping, click
File > NAS Servers, and select the NAS server. Click
View Details > Naming Services, and click
User Mapping. Select
Enable automatic mapping for unmapped Windows accounts/users, select
Unix Directory Service Search Order and click
Apply.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\