1 / 44

Configuring CIFS

Configuring CIFS. Upon completion of this module, you should be able to: Configure the Data Mover for a Windows environment Create and Join a CIFS Server to a Windows Domain Export a file system as a CIFS Share Describe UserMapper Basics. Module 12: Configuring CIFS.

tracen
Download Presentation

Configuring CIFS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Configuring CIFS Upon completion of this module, you should be able to: Configure the Data Mover for a Windows environment Create and Join a CIFS Server to a Windows Domain Export a file system as a CIFS Share Describe UserMapper Basics Configuring CIFS

  2. Module 12: Configuring CIFS Lesson 1: Overview of Configuring VNX for CIFS During this lesson the following topics are covered: Preparing for CIFS Creating a CIFS server Creating a CIFS share Configuring CIFS

  3. Virtual Data Mover Preparing for CIFS • Configure IP networking • Interface addressing • Routing • Configure Network Services • DNS – Dynamic DNS recommended • NTP • Configure Virtual Data Mover • Best practice for CIFS • Configure a file system • Provides file storage space DataFS cge-1-0 192.168.65.12 /Sales Configuring CIFS

  4. Virtual Data Mover Configuring CIFS: CIFS Server • Start the CIFS service • Runs on physical Data Mover • Create a CIFS server on VDM • Uses an available interface for network communications • CIFS server binds to interface name • Join CIFS server to the Windows Domain • CIFS server created in domain OU EMC Celerra CIFSServer VNX_CIFS01 cge-1-0 192.168.65.12 DataFS /Sales CIFS OU EMC Celerra VNX_CIFS01 Configuring CIFS

  5. Virtual Data Mover Configuring CIFS: Storage • Create CIFS share • From prepared file system • CIFS server makes share available on network to clients • CIFS is now configured on VNX • CIFS server is available to Microsoft network • File storage available to CIFS clients though the CIFS share CIFSServer VNX_CIFS01 cge-1-0 192.168.65.12 DataFS /Sales /DataFS/Sales shared as Sales_data CIFS Sales_data OU EMC Celerra VNX_CIFS01 Configuring CIFS

  6. Configuring CIFS Lesson 1: Summary During this lesson the following topics were covered: Preparing for CIFS Creating a CIFS server Creating a CIFS share Configuring CIFS

  7. Configuring CIFS Lesson 2: Create and Join a CIFS Server to a Windows Domain During this lesson the following topics are covered: Starting CIFS Creating a CIFS Server Joining a CIFS Server to the domain Verifying CIFS server status Configuring CIFS

  8. CIFS Management in Unisphere Storage > Shared Folders > CIFS Configuring CIFS

  9. Starting CIFS Storage > Shared Folders > CIFS Tasks tree > Configure CIFS link Configuring CIFS

  10. Create a CIFS Server Storage > Shared Folders >CIFS > CIFS Servers tab > Create Configuring CIFS

  11. CIFS Server Status • CIFS Server Properties: • Displays status with the domain Configuring CIFS

  12. CIFS Servers in the Windows Environment • CIFS server in Active Directory • CIFS server in Dynamic DNS Configuring CIFS

  13. Configuring CIFS Lesson 2: Summary During this lesson the following topics were covered: Starting CIFS Creating a CIFS Server Joining a CIFS Server to the domain Verifying CIFS server status Configuring CIFS

  14. Configuring CIFS Lesson 3: File System Access via CIFS During this lesson the following topics are covered: Exporting a file system as a CIFS share Creating a top-level file system share Creating shares using Windows tools Configuring CIFS

  15. CIFS Shares • Exporting a file system pathname as a CIFS share • Provide a “share” name File System /DataFS/shared as hidden share Top$ DataFS lost+found .etc /DataFS/Engineering shared as Designs Engineering CIFSServer Structural Designs /DataFS/Sales shared as Sales Sales West Sales Configuring CIFS

  16. Exporting a File System as a CIFS Share: Unisphere Storage > Shared Folders > CIFS > Shares tab Create Configuring CIFS

  17. Exporting a File System as a CIFS Share: Windows • Initial top-level share created with Unisphere must be in place! Computer Management > select CIFS Server • System Tools> Shared Folders > Share > New Share Configuring CIFS

  18. Unisphere Display of CIFS Shares • VNX shares created with Microsoft tools displayed in Unisphere Configuring CIFS

  19. Configuring CIFS Lesson 3: Summary During this lesson the following topics were covered: Exporting a file system as a CIFS share Creating a top-level file system share Creating shares using Windows tools Configuring CIFS

  20. Configuring CIFS Lesson 4: CIFS Operational Considerations During this lesson the following topics are covered: Stopping/restarting the CIFS service Modifying CIFS server interfaces Moving a VDM with a CIFS server CIFS restrictions with VDM Configuring CIFS

  21. CIFS Servers Interface Considerations • Interface “stealing” is: • Possible between CIFS Servers on the same Physical Data Mover • Possible between CIFS Servers on the same Virtual Data Mover • Not possible between CIFS Servers on different Data Movers (Physical or Virtual) • Interfaces are not changed for Default CIFS Servers • Default CIFS Servers automatically use interfaces that are not currently used by any other CIFS Servers • When a CIFS Server interface is disabled • CIFS shares that are connected through this interface will no longer be accessible • Shares need to be reconnected through new interface Configuring CIFS

  22. Stealing CIFS Server Interface • Assigning an already used Interface to a CIFS server: New CIFS Server VNX_CIFS02 being configured Interface already in use by VNX_CIFS01 Configuring CIFS

  23. Start/Stop the CIFS Service • Stop and Restart CIFS service after Changes • WINS settings for legacy NT4 domains • Other CIFS related changes • See Configuring and Managing CIFS on VNX • Stopping CIFS service stops all CIFS servers • On physical Data Mover and its VDMs CIFS Configuring CIFS

  24. Moving a VDM with a CIFS Server • Target physical Data Mover must have interface with same name • CIFS server binds to interface name • Name resolution: • Different IP addresses • Dynamic DNS updates • Client DNS cache flush • Same IP address • Down inactive interface Configuring CIFS

  25. Virtual Data Mover CIFS Restrictions with VDMs • VDM containing a CIFS server cannot be loaded onto physical Data Mover with a “default CIFS server • Default CIFS servers use all available interfaces • VDM CIFS server cannot provide antivirus functionality • Antivirus functionality is provided by “global” CIFS server from physical Data Mover • Refer to Configuring Virtual Data Movers on VNX document for other restrictions CIFSServer Configuring CIFS

  26. Configuring CIFS Lesson 4: Summary During this lesson the following topics were covered: Stopping/restarting the CIFS service Modifying CIFS server interfaces Moving a VDM with a CIFS server CIFS restrictions with VDM Configuring CIFS

  27. Configuring CIFS Lesson 5: Usermapper During this lesson the following topics are covered: Explain Usermapper basic operations Explain Usermapper configuration Configuring CIFS

  28. User Mapping with VNX • Method for uniquely identifying users and groups accessing the VNX with file access protocols (CIFS and NFS) • Windows SIDs • UNIX/Linux UIDs and GIDs • VNX requires UIDs and GIDs • UxFS based file system file and directory permissions • Mapping required for CIFS only & mixed CIFS/NFS environments UID/GID User/Group SIDs Mapping method UID/GID VNX FSUID/GID UNIX/LinuxNFS WindowsCIFS Configuring CIFS

  29. User Mapping Methods • Variety of methods available • Supporting various user environments • Internal and external to VNX Mapping method Configuring CIFS

  30. User Mapping and Secure Mapping • Secmap records (caches) SID to UID/GID mappings provided by user mapping methods • Does not generate mappings • Used for resolving subsequent user mapping • Is persistent mapping • Present on all physical and virtual Data Movers • Mapping entries displayed with CLI only Data Mover Data Mover Mapping method Secmap Secmap Configuring CIFS

  31. ntxmap 3 2 1 ntxmap nsswitch.conf Default mapping search order 3 # /.etc/nsswitch.conf : # passwd: files ldap nis group: files ldap nis hosts: dns nis files netgroup: files nis User Mapping Search Order Yes User is authenticated Yes secmap Start No No Yes Local user & group files The access to CIFS share is allowed No 2 Yes NIS End No Yes LDAP No Yes Active Directory 1 No Yes Usermapper No Usermapper generates UID or GID and ads it to its database Yes Was the user added? An error is generated No Configuring CIFS

  32. Usermapper Overview • A user mapping method which runs on a VNX for File • Mapping method used for CIFS-only user environments • Automatically generates UIDs/GIDs for Windows user/group SIDs • Database maintains mappings • UID and GID values start at 32768 and increase • Custom ranges can be configured in usrmap.cfg file (not recommended) Data Mover Data Mover Usermapper Service Secmap Secmap Configuring CIFS

  33. Usermapper Roles • Primary Usermapper • One per VNX environment • Generates user mappings • By default runs on Data Mover 2 • Secondary Usermapper • One per each additional VNX • Queries Primary Usermapper for mapping • Usermapper client • All other VNX Data Movers • Query Primary/Secondary for user mappings Primary Usermapper Secmap Secmap Data Mover 3 Data Mover 2 Data Mover 3 Data Mover 2 Data Mover 2 Data Mover 3 Secondary Usermapper Secmap Secmap Primary/Secondary UsermapperClient Secmap Secmap Configuring CIFS

  34. Primary Usermapper Operations • Multiple VNXs: one Primary, two Secondary Usermappers • User1 accesses DM2 on VNX1 • Primary Usermapper generates & records UID for user1 SID • Secmap records mapping VNX3 Sec. Usermapper Data Mover 2 Data Mover 2 Data Mover 2 Secmap VNX2 Sec. Usermapper Secmap VNX1 User1 SID Primary Usermapper 1 User1 SID: UID 32768 2 Secmap 3 User1 SID: UID 32768 User1 Configuring CIFS

  35. Secondary Usermapper Operations • Multiple VNXs: one Primary, two Secondary Usermappers • User2 accesses DM2 on VNX2 • Secondary queries Primary for mapping • Primary generates & records UID for user2 SID • Secmap on VNX1 DM2 records mapping • Primary replies with mapping • Secondary records User2 mapping • Secmap on VNX2 DM2 records mapping VNX3 Sec. Usermapper Data Mover 2 Data Mover 2 Data Mover 2 Secmap Mapping Query VNX2 VNX1 User2 SID 2 Sec. Usermapper Primary Usermapper 6 User2 SID: UID 32769 User1 SID: UID 32768 1 User2 SID: UID 32769 3 Mapping reply 5 Secmap Secmap 7 User2 SID: UID 32769 User1 SID: UID 32768 User2 SID: UID 32769 4 User2 Configuring CIFS

  36. Secondary Usermapper Operations (Continued) • Multiple VNXs: one Primary, two Secondary Usermappers • User3 accesses DM2 on VNX3 • Secondary queries Primary for mapping • Primary generates & records UID for user3 SID • Secmap on VNX1 DM2 records mapping • Primary replies with mapping • Secondary records User3 mapping • Secmap on VNX2 DM2 records mapping VNX2 Sec. Usermapper User2 SID: UID 32769 Data Mover 2 Data Mover 2 Data Mover 2 Secmap User2 SID: UID 32769 Mapping Query VNX3 VNX1 User3 SID 2 Sec. Usermapper Primary Usermapper 6 User3 SID: UID 32770 User1 SID: UID 32768 1 User2 SID: UID 32769 Mapping reply 5 3 User3 SID: UID 32770 Secmap Secmap 7 User3 SID: UID 32770 User1 SID: UID 32768 User2 SID: UID 32769 4 User3 SID: UID 32770 User3 Configuring CIFS

  37. Usermapper Client Operations • Multiple VNXs: one Primary, two Secondary Usermappers • User4 accesses DM3 on VNX1 • Client broadcasts to Usermapper service for mapping • DM2 Primary generates & records UID for User4 SID • DM2 secmap records mapping • Primary replies with mapping • DM3 secmap records mapping VNX3 Sec. Usermapper User3 SID: UID 32770 Data Mover 3 Data Mover 2 Data Mover 2 Data Mover 2 Secmap VNX2 User3 SID: UID 32770 Sec. Usermapper User2 SID: UID 32769 Secmap Mapping broadcast User2 SID: UID 32769 VNX1 User4 SID 2 Primary Usermapper Usermapper Client User1 SID: UID 32768 1 User1 SID: UID 32768 User2 SID: UID 32769 User3 SID: UID 32770 Mapping reply 5 3 User4 SID: UID 32771 Secmap Secmap 6 User1 SID: UID 32768 User4 SID: UID 32771 User1 SID: UID 32768 User1 SID: UID 32768 User2 SID: UID 32769 User3 SID: UID 32770 4 User4 SID: UID 32771 User4 Configuring CIFS

  38. Storage > Shared Folders > CIFS > Usermappers tab Viewing the Usermapper Configuration Configuring CIFS

  39. Usermapper Database Backup Storage > Shared Folders > CIFS > Usermappers tab • Backups used to update Secondary database • If promoting to Primary • EMC recommends that you do not modify Usermapper database entries. Configuring CIFS

  40. Storage > Shared Folders > CIFS > Usermappers tab Managing Usermapper Roles Configuring CIFS

  41. Storage > Shared Folders > CIFS > Usermappers tab Managing Usermapper Roles (continued) Configuring CIFS

  42. Configuring CIFS Lesson 5: Summary During this lesson the following topics were covered: Usermapper basic operations Usermapper configuration Configuring CIFS

  43. Summary Key points covered in this module: • Preparation is key to CIFS implementation. Identify key network resources: • Interface addressing • Routing • DNS • NTP • VDM CIFS server cannot provide antivirus functionality • Usermapper provides unique IDs for users and groups from Windows environments that access the Configuring CIFS

  44. Configuring CIFS

More Related