ebook img

Hitachi Data Ingestor File System Protocols PDF

336 Pages·2014·2.29 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Hitachi Data Ingestor File System Protocols

Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide Product Version Getting Help Contents MK-90HDI035-10 © 2013 - 2015 Hitachi, Ltd. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or stored in a database or retrieval system for any purpose without the express written permission of Hitachi, Ltd. Hitachi, Ltd., reserves the right to make changes to this document at any time without notice and assume no responsibility for its use. This document contains the most current information available at the time of publication. When new or revised information becomes available, this entire document will be updated and distributed to all registered users. Some of the features described in this document might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Data Systems Corporation at https://portal.hds.com. Notice: Hitachi, Ltd., products and services can be ordered only under the terms and conditions of the applicable Hitachi Data Systems Corporation agreements. he use of Hitachi, Ltd., products is governed by the terms of your agreements with Hitachi Data Systems Corporation. Hitachi is a registered trademark of Hitachi, Ltd., in the United States and other countries. Hitachi Data Systems is a registered trademark and service mark of Hitachi, Ltd., in the United States and other countries. Archivas, Essential NAS Platform, HiCommand, Hi-Track, ShadowImage, Tagmaserve, Tagmasoft, Tagmasolve, Tagmastore, TrueCopy, Universal Star Network, and Universal Storage Platform are registered trademarks of Hitachi Data Systems Corporation. AIX, AIX 5L, AS/400, DB2, Domino, DS8000, Enterprise Storage Server, ESCON, FICON, FlashCopy, IBM, Lotus, OS/2, OS/390, RS6000, S/390, System z9, System z10, Tivoli, VM/ESA, z/OS, z9, zSeries, z/VM, z/VSE are registered trademarks and DS6000, MVS, and z10 are trademarks of International Business Machines Corporation. All other trademarks, service marks, and company names in this document or website are properties of their respective owners. Microsoft product screen shots are reprinted with permission from Microsoft Corporation. ii Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide Contents Preface.................................................................................................xiii Intended audience...................................................................................................xv Product version........................................................................................................xv Release notes..........................................................................................................xv Organization of HDI manuals....................................................................................xv Abbreviation conventions.........................................................................................xvi Document conventions.............................................................................................xix Convention for storage capacity values......................................................................xx Getting help.............................................................................................................xx Comments...............................................................................................................xx 1 Overview of the CIFS Service.................................................................1-1 Overview of how to use the CIFS service..................................................................1-2 2 System Configuration When the CIFS Service Is Used.............................2-1 Products supported by the CIFS service....................................................................2-2 CIFS clients......................................................................................................2-2 Active Directory domain controllers....................................................................2-4 Network configuration.............................................................................................2-5 Configuration in which the CIFS client and the HDI node are connected to the same subnetwork......................................................................................................2-6 Configuration in which the CIFS client and the HDI node are connected to different subnetworks.....................................................................................................2-6 When the CIFS service is used on multiple ports.................................................2-7 When the DNS is used......................................................................................2-7 When DHCP is used..........................................................................................2-8 3 Using File Services Manager To Run the CIFS Service..............................3-1 Procedure for File Services Manager setup................................................................3-2 Setting network information and system information.................................................3-2 Editing system files directly...............................................................................3-3 Service configuration definition................................................................................3-3 Changing the CIFS service configuration definition..............................................3-3 Changing the CIFS service configuration definition.....................................3-3 iii Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide Setting an authentication mode................................................................3-4 Setting up user mapping..........................................................................3-6 Setting SMB 2.0......................................................................................3-6 Managing a CIFS file share......................................................................................3-7 Creating a CIFS file share..................................................................................3-7 Editing CIFS file share attributes........................................................................3-8 Setting up quota information...................................................................................3-8 Using CIFS access logs............................................................................................3-9 What to check before collecting CIFS access logs................................................3-9 Estimating log file size.....................................................................................3-10 Information written to the CIFS access log.......................................................3-11 Backing up the most recent CIFS access logs....................................................3-13 4 Managing CIFS Client Users...................................................................4-1 Procedure for managing users.................................................................................4-2 Local user management..........................................................................................4-2 Registering information in an NIS server or an LDAP server (for user authentication) .......................................................................................................................4-2 Overview of functionality.........................................................................4-3 CSV file formats......................................................................................4-4 Script for registering, deleting, or listing users...........................................4-5 Script for CIFS group mapping.................................................................4-6 Note on users managed by an NIS server or an LDAP server (for user authentication)........................................................................................4-8 Notes on user registration.................................................................................4-8 User management in a domain................................................................................4-8 Setting up an LDAP server for user mapping.............................................................4-8 Precautions when setting up an LDAP server......................................................4-9 Precautions when using OpenLDAP to set up an LDAP server...............................4-9 Precautions when using ADAM to set up an LDAP server.....................................4-9 Precautions when using Sun Java System Directory Server to set up an LDAP server .....................................................................................................................4-10 Examples settings for when using OpenLDAP to set up an LDAP server..............4-11 Creating a schema file...........................................................................4-11 Setting the index directive......................................................................4-12 Example settings for when using ADAM to set up an LDAP server.......................4-12 Creating a schema file...........................................................................4-12 Setting index.........................................................................................4-15 Example settings for when using Sun Java System Directory Server to set up an LDAP server...................................................................................................4-15 Creating a schema file...........................................................................4-15 Setting index.........................................................................................4-16 Manually registering a user ID and group ID...........................................................4-17 How to register IDs with Active Directory.........................................................4-17 Registering a group ID...........................................................................4-17 Registering a user ID.............................................................................4-18 How to register IDs with an LDAP server..........................................................4-20 Registering a group ID...........................................................................4-21 Registering a user ID.............................................................................4-21 How to delete IDs registered with an LDAP server.............................................4-22 User management when using the RFC 2307 schema..............................................4-22 Accessing CIFS shares when an HDI system is accessed from multiple domains........4-24 iv Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide 5 User Authentication for CIFS Clients.......................................................5-1 Local authentication................................................................................................5-2 NT server authentication.........................................................................................5-2 NT domain authentication........................................................................................5-2 Active Directory authentication................................................................................5-3 Authentication when user mapping is being used......................................................5-5 6 Procedure for Migrating User Resources in a Windows Domain Environment ...........................................................................................................6-1 Before performing resource migration......................................................................6-2 Using the backup utility to perform migration............................................................6-7 7 Accessing CIFS Shares..........................................................................7-1 Access method.......................................................................................................7-2 Notes on access from CIFS client.............................................................................7-3 Notes on CIFS access in an environment where Anti-Virus Enabler is applied..............7-8 Setting home drives................................................................................................7-9 What is the function for automatically creating a home directory?......................7-10 Before using the function for automatically creating a home directory.................7-11 Using home drives..........................................................................................7-12 Notes on using the Windows roaming user profile functionality.................................7-13 8 Files and Folders in a CIFS Share...........................................................8-1 About file and directory names................................................................................8-2 Supported characters........................................................................................8-2 MS-DOS file names in 8.3 format.......................................................................8-2 Notes concerning display of a CIFS share name..................................................8-2 Access Control Lists................................................................................................8-3 Differences between Classic ACLs and Advanced ACLs.........................................8-3 Classic ACL type of file system...........................................................................8-5 Procedure for specifying ACL settings from a CIFS client............................8-6 How to specify or view the ACL settings for a file.......................................8-8 How to specify or view the ACL settings for a folder...................................8-9 Inheriting access permissions from the parent folder................................8-14 Adding user ACLs or group ACLs.............................................................8-17 ACL set for a newly created file..............................................................8-19 ACL set for a newly created folder..........................................................8-19 SACL....................................................................................................8-19 Invalid ACE...........................................................................................8-19 Mapping ACL specifications in Windows to file permissions in the HDI system ............................................................................................................8-19 Advanced ACL type of file system.....................................................................8-20 Setting and displaying an ACL from a CIFS client.....................................8-20 File system root ACL..............................................................................8-23 ACL-related values.................................................................................8-24 ACL evaluation......................................................................................8-30 ACL initial values, inheritance, and propagation.......................................8-31 ACE duplication check............................................................................8-31 SACL....................................................................................................8-31 Invalid ACE...........................................................................................8-31 v Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide File owners and UNIX permissions..........................................................8-31 Maximum number of ACL entries that can be set.....................................8-34 Migrating to an Advanced ACL type of file system....................................8-34 ACL set by default if there is no inherited ACL.........................................8-34 Notes on the case of migrating from Windows.........................................8-36 Changing file attributes..........................................................................8-36 Notes on ACLs set by default for new folders and files created in CIFS shares ............................................................................................................8-36 File attributes.......................................................................................................8-41 Setting and checking file attributes from a CIFS client.......................................8-41 Whether file attributes can be set...........................................................8-42 Notes on sharing a file or directory with NFS...........................................8-43 Notes on the archive attribute................................................................8-43 Notes on the read-only attribute.............................................................8-43 Offline attribute.....................................................................................8-43 Extended attributes in Windows.......................................................................8-45 Timestamps..........................................................................................................8-45 File access date and time................................................................................8-45 File modified date and time.............................................................................8-46 File creation date and time..............................................................................8-46 File timestamp resolution................................................................................8-46 File timestamp management method......................................................8-46 File timestamp update resolution............................................................8-46 Note for granting file timestamp update permission...........................................8-47 Displaying disk capacity.........................................................................................8-47 Whether the quotas can be checked on a CIFS client.........................................8-48 Disk capacity displayed in accordance with disk usage.......................................8-51 Disk capacity displayed when multiple quotas are set........................................8-53 The HDI system....................................................................................8-53 Windows server.....................................................................................8-55 WORM files...........................................................................................................8-57 Access Control by using ABE..................................................................................8-58 How ABE controls whether to display files and folders.......................................8-59 About Read permission required for displaying files and folders when ABE is enabled .....................................................................................................................8-61 Restrictions on files and folders on CIFS shares.......................................................8-62 9 MMC Linkage........................................................................................9-1 Linking an HDI system with MMC.............................................................................9-2 Operations required to link with MMC (for system administrators)..............................9-3 Linking to MMC (for CIFS administrators)..................................................................9-3 Before using the administrative share.......................................................................9-4 CIFS share management from MMC.........................................................................9-4 Viewing a list of CIFS shares..............................................................................9-4 Creating a CIFS share.......................................................................................9-5 Changing CIFS share information.......................................................................9-6 Session management from MMC..............................................................................9-7 Viewing a list of sessions...................................................................................9-7 Closing sessions...............................................................................................9-8 Managing open files from MMC................................................................................9-8 List of open files...............................................................................................9-9 Closing open files.............................................................................................9-9 vi Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide Share-level ACLs...................................................................................................9-10 Notes on using MMC.............................................................................................9-12 10 CIFS Client Platforms.........................................................................10-1 Notes common to all supported types of Windows...................................................10-2 Notes for Windows NT...........................................................................................10-2 Notes for Windows Server 2003.............................................................................10-2 Notes for Windows Vista........................................................................................10-2 When the CIFS service authentication mode is set to NT server authentication....10-3 Files and folders in shared directories...............................................................10-3 When adding an ACL.............................................................................10-3 When using quotas................................................................................10-3 When enabling offline files.....................................................................10-4 When using network drives....................................................................10-4 When using MMC............................................................................................10-4 Logging on to Windows.........................................................................10-4 Share-level ACLs...................................................................................10-4 Notes for Windows Server 2008.............................................................................10-5 When the CIFS service authentication mode is set to NT server authentication....10-5 Files and folders in shared directories...............................................................10-5 When adding an ACL.............................................................................10-5 When using quotas................................................................................10-6 When using a network drive...................................................................10-6 When using MMC............................................................................................10-6 Logging on to Windows.........................................................................10-6 Share-level ACLs...................................................................................10-6 Notes on accessing the CIFS service.................................................................10-7 Notes for Windows 7.............................................................................................10-7 When the CIFS service authentication mode is set to NT server authentication....10-7 Files and folders in shared directories...............................................................10-7 When adding an ACL.............................................................................10-7 When using quotas................................................................................10-8 When using network drives....................................................................10-8 When enabling offline files.....................................................................10-8 When using MMC............................................................................................10-8 Logging on to Windows.........................................................................10-9 Share-level ACLs...................................................................................10-9 Notes for Windows 8.............................................................................................10-9 Files and folders in shared directories...............................................................10-9 When adding an ACL.............................................................................10-9 When using quotas..............................................................................10-10 When enabling offline files...................................................................10-10 When using MMC..........................................................................................10-10 Logging on to Windows........................................................................10-10 Share-level ACLs..................................................................................10-10 Notes for Windows Server 2012...........................................................................10-11 Files and folders in shared directories.............................................................10-11 When adding an ACL...........................................................................10-11 When using quotas..............................................................................10-12 When using MMC..........................................................................................10-12 Logging on to Windows........................................................................10-12 Share-level ACLs..................................................................................10-12 vii Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide Notes on accessing the CIFS service...............................................................10-13 Notes for Mac OS X.............................................................................................10-13 Support range...............................................................................................10-13 Notes on file and directory names..................................................................10-13 Notes on operations......................................................................................10-13 11 Overview of the NFS Service..............................................................11-1 Overview of using the NFS service..........................................................................11-2 12 System Configuration When the NFS Service Is Used...........................12-1 Products supported by the NFS service...................................................................12-2 NFS clients.....................................................................................................12-2 KDC server.....................................................................................................12-3 ID mapping server..........................................................................................12-4 Network configurations..........................................................................................12-5 Network configuration when only the NFS service is running..............................12-5 Network configuration when both the CIFS and NFS services are running...........12-6 Configuring an NFS environment when Kerberos authentication and an NFSv4 domain configuration are used...........................................................................................12-7 Configuring an NFS environment when only the NFS service is running...............12-8 Configuring the KDC server and creating a keytab file..............................12-9 Transferring and installing the keytab file................................................12-9 Set the service configuration definition and create an NFS share from an HDI node...................................................................................................12-10 Mounting from an NFS client................................................................12-10 Configuring an NFS environment when the CIFS and NFS services are both running at the same time...........................................................................................12-10 Creating a keytab file...........................................................................12-11 Transferring and installing the keytab file..............................................12-11 Set the service configuration definition and create an NFS share from an HDI node...................................................................................................12-12 Mounting from an NFS client................................................................12-12 13 Using File Services Manager To Run the NFS Service...........................13-1 File Services Manager setup...................................................................................13-2 Configuring network and system information..........................................................13-2 Editing system files directly..............................................................................13-3 Service configuration definition..............................................................................13-3 Changing the NFS service configuration definition.............................................13-4 Managing NFS shares............................................................................................13-5 Creating an NFS share and changing the settings..............................................13-5 Modifying NFS shares......................................................................................13-6 14 Managing NFS Client Users................................................................14-1 User management methods...................................................................................14-2 User management when an NFSv4 domain has been set up.....................................14-2 15 User Authentication for NFS Clients....................................................15-1 User authentication methods.................................................................................15-2 viii Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide UNIX (AUTH_SYS) authentication...........................................................................15-2 Kerberos authentication.........................................................................................15-2 16 Accessing NFS Shares........................................................................16-1 Access method......................................................................................................16-2 Mounting and viewing a file system........................................................................16-2 When mounting shared directories...................................................................16-2 When mounting the root directory...................................................................16-4 Notes on using a file system from an NFS client......................................................16-6 Notes on mounting a file system......................................................................16-6 Notes on using file locking...............................................................................16-7 Notes on using a file system..........................................................................16-10 17 Files and Directories in an NFS Share..................................................17-1 File and directory names........................................................................................17-2 ACLs....................................................................................................................17-2 File attributes.......................................................................................................17-2 WORM files...........................................................................................................17-3 18 Notes on Using File Shares................................................................18-1 Notes on accessing file shares................................................................................18-2 Notes on modifying directories...............................................................................18-3 Managing users who access file shares...................................................................18-4 A Troubleshooting when using the CIFS service.........................................A-1 syslog....................................................................................................................A-2 CIFS logs...............................................................................................................A-3 log.smbd.........................................................................................................A-3 log.winbindd....................................................................................................A-5 MMC operation errors and corrective actions.............................................................A-8 Errors occurring when a share is added..............................................................A-8 Errors occurring when the property of a share is changed.................................A-10 Errors occurring when a share is removed........................................................A-11 Stopping a share fails due to access denial..............................................A-12 Disconnecting a session fails due to access denial....................................A-13 Errors that occur when an open file is closed....................................................A-14 Error occurring when a session is displayed......................................................A-14 File operation errors and corrective actions.............................................................A-15 FAQ.....................................................................................................................A-19 My system performance sometimes suffers when CIFS file shares are accessed. Is it possible to improve the system performance?...................................................A-19 Is there a user account that is similar to a Windows Administrator account? If so, how can I set one up?...............................................................................A-19 Can only Direct Hosting of SMB be used for the CIFS service?............................A-20 How can CIFS clients view the Security tab, which allows them to set up or view ACLs?............................................................................................................A-20 Can I specify access permissions for entire file systems?...................................A-20 Sometimes it takes time to access the CIFS shares. What is the potential cause of this problem?.................................................................................................A-21 ix Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide The error message "Cannot access file" was displayed when I attempted to access a file in a CIFS share while the on-access scan function of the scan software was enabled.........................................................................................................A-21 A SID, not the user name or group name, is displayed in the security tab of the properties window of a file or folder. What causes this problem to occur?...........A-21 Microsoft office files that were correctly overwritten and saved on a CIFS client are displayed as temporary files (.tmp) on other CIFS clients. What causes this problem to occur?........................................................................................................A-21 B Troubleshooting when using the NFS service..........................................B-1 Kerberos authentication errors.................................................................................B-2 Errors in an NFSv4 domain configuration..................................................................B-4 C Configuring an NFS environment for Kerberos authentication...................C-1 NFS environment to be configured in this appendix...................................................C-2 Configuring the KDC server and adding NFS service principals...................................C-3 Before configuring the KDC server.....................................................................C-3 For Windows Server 2003 or Windows Server 2008............................................C-3 For Red Hat Enterprise Linux Advanced Platform v5.2.........................................C-7 For Solaris 10.................................................................................................C-10 For HP-UX 11i v3............................................................................................C-13 For AIX 5L V5.3..............................................................................................C-16 Distributing and retrieving keytab files....................................................................C-18 Keytab file distribution destinations..................................................................C-18 Distributing keytab files...................................................................................C-18 Retrieving keytab files (for HDI nodes).............................................................C-18 Retrieving keytab files (for an NFS client).........................................................C-19 D Accessing NFS shared directories when Kerberos authentication is used. .D-1 Specifying a security flavor from File Services Manager.............................................D-2 Mounting shared directories from NFS clients...........................................................D-2 Accessing NFS shared directories.............................................................................D-3 E Adding a secondary KDC server.............................................................E-1 Procedure for adding a KDC server...........................................................................E-2 F APIs for WORM operation......................................................................F-1 Creating a WORM file from a CIFS share file.............................................................F-2 Creating a WORM file........................................................................................F-2 APIs required for creating WORM files................................................................F-2 SetFileTime.............................................................................................F-2 SetFileAttributes......................................................................................F-3 Useful APIs for creating WORM files...................................................................F-4 Sample program...............................................................................................F-4 Creating a WORM file from an NFS share file............................................................F-6 Creating a WORM file........................................................................................F-6 APIs required for creating WORM files................................................................F-6 utime(), utimes().....................................................................................F-7 chmod(), fchmod()..................................................................................F-7 x Hitachi Data Ingestor File System Protocols (CIFS/NFS) Administrator's Guide

Description:
the applicable Hitachi Data Systems Corporation agreements. he use of zSeries, z/VM, z/VSE are registered trademarks and DS6000, MVS, and z10 are Mapping ACL specifications in Windows to file permissions in the HDI . Notes on ACLs set by default for new folders and files created in CIFS
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.