No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 18500 V3 and 18800 V3 Mission Critical Storage System V300R003 Basic Storage Service Guide for File 16

"This document describes the basic storage services and explains how to configure and managebasic storage services."
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a Homedir Share

Configuring a Homedir Share

The OceanStor 18500 V3/18800 V3 supports the Homedir share mode. After the Homedir share service is enabled, a user can only access the shared directory with the same name as the user.

Configuration Process

Homedir shares are applicable to both an AD domain and a non-domain environment. This section describes the Homedir share configuration process.

Figure 3-5 shows the Homedir share configuration process.
Figure 3-5  Homedir share configuration process

Preparing Data

Before configuring a Homedir share, obtain information about storage system IP address, file system, quota tree, local users in non-domain environment or AD server in AD domain environment to assist in the follow-up configuration.

Table 3-37 describes preparations required for configuring a Homedir share.
Table 3-37  Preparations required for configuring a Homedir share

Item

Description

Example

Logical IP address of the storage system

Indicates a logical IP address used by a storage system to provide shared space for a client.

-

172.16.128.10

File system

Indicates the file system for which a Homedir share is configured.

The OceanStor 18500 V3/18800 V3 enables you to configure a file system or its quota tree as a Homedir share.

FileSystem001

Quota Tree

Indicates the quota treefor which a Homedir share is configured.

-

-

User

User that employs local authentication.
The user name:
  • Must contain 8 to 32 characters by default.
  • Cannot contain space, double quotation mark ("), slash (/), backslash (\), square brackets ([]), larger than (<), less than (>), plus (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal mark (=), (@), or end with a period (.).
NOTE:
You cannot use the user accounts retained in the system, including:
  • User accounts retained in Windows: Everyone, Local, Creator Owner, Creator Group, Creator Owner Server, Creator Group Server, Owner Rights, Group Rights, NT Pseudo Domain, Dialup, Network, Batch, Interactive, Service, Anonymous Logon, Proxy, Enterprise Domain Controllers, Self, Authenticated Users, Restricted, Terminal Server User, Remote Interactive Logon, This Organization, System, Local Service, Network Service, Write Restricted, Other Organization, Builtin, Internet$, Members can fully administer the computer/domain, Users, Guests, Power Users, Members can share directories, Account Operators, Server Operators, Print Operators, Backup Operators, Members can bypass file security to back up files, Replicator, Current Owner, Current Group.
  • User accounts retained in Linux: root, nogroup, nobody, ftp, anonymous.
  • User accounts retained in a storage system: ibc_os_hs.

test_user01

User group

User group that employs local authentication.
The user group name:
  • Must contain 1 to 32 characters.
  • Cannot contain space, double quotation mark ("), slash (/), backslash (\), square brackets ([]), larger than (<), less than (>), plus (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal mark (=), (@), or end with a period (.).
NOTE:
You cannot use the user accounts retained in the system, including:
  • User accounts retained in Windows: Everyone, Local, Creator Owner, Creator Group, Creator Owner Server, Creator Group Server, Owner Rights, Group Rights, NT Pseudo Domain, Dialup, Network, Batch, Interactive, Service, Anonymous Logon, Proxy, Enterprise Domain Controllers, Self, Authenticated Users, Restricted, Terminal Server User, Remote Interactive Logon, This Organization, System, Local Service, Network Service, Write Restricted, Other Organization, Builtin, Internet$, Members can fully administer the computer/domain, Users, Guests, Power Users, Members can share directories, Account Operators, Server Operators, Print Operators, Backup Operators, Members can bypass file security to back up files, Replicator, Current Owner, Current Group.
  • User accounts retained in Linux: root, nogroup, nobody, ftp, anonymous.
  • User accounts retained in a storage system: ibc_os_hs.

default_group

AD domain information

AD domain information for domain authentication.
AD domain information includes:
  • User name of the domain administrator: The AD domain can provide an account that has the rights to add storage systems to the domain.
  • Password: password of the user.
  • Full domain name: name of the AD domain
  • Organization Unit: Organization unit of a type of directory objects in a domain. These objects include users, computers, and printers. After an object is added to a domain, it will be a member in the organization unit. If you do not enter anything, the storage system is added to organization unit as Computers by default.
  • System name: name of a storage system that is added to the AD domain

-

DNS

DNS information for domain authentication.

IP address of DNS server.

-

NOTE:

You can contact your network administrator to obtain desired data.

Checking the License File

Each value-added feature requires a license file for activation. Before configuring a value-added feature, ensure that its license file is valid for the feature.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > License Management.
  3. Check the active license files.
    1. In the navigation tree on the left, choose Active License.
    2. In the middle information pane, verify the information about active license files.

Follow-up Procedure

If the storage system generates an alarm indicating that the license expired, obtain and import the license again.

Configuring a Network

This section describes how to use DeviceManager to configure IP addresses for a storage system.

Procedure

  1. Log in to DeviceManager and choose Provisioning > Port.

    The Port page is displayed.

  2. Optional: Create a bond port.

    Port bonding provides more bandwidth and redundancy for links. After Ethernet ports are bonded, MTU changes to the default value and you must set the link aggregation mode for the ports. On Huawei switches, you must set the ports to work in static LACP mode.

    • The port bond mode of a storage system has the following restrictions:
      • On the same controller, a bond port is formed by a maximum of eight Ethernet ports.
      • Only the interface modules with the same port rate (GE or 10GE) can be bonded.
      • The port cannot be bonded across controllers. Non-Ethernet network ports cannot be bonded.
      • SmartIO cards cannot be bonded if they work in cluster or FC mode or run FCoE service in FCoE/iSCSI mode.
      • The MTU value of the SmartIO port must be the same as that of the host.
      • Read-only users are unable to bind Ethernet ports.
      • Each port only allows to be added to one bonded port. It cannot be added to multiple bonded ports.
      • Physical ports are bonded to create a bond port that cannot be added to the port group.
    • Although ports are bonded, each host still transmits data through a single port and the total bandwidth can be increased only when there are multiple hosts. Determine whether to bond ports based on site requirements.
    • The link aggregation modes vary with switch manufacturers. If a non-Huawei switch is used, contact technical support of the switch manufacturer for specific link aggregation configurations.

    1. In Ethernet Ports, select a Ethernet port and click More > Bond Port.

      The Bond Port dialog box is displayed.

    2. Enter bond port information. Table 3-38 describes related parameters.

      Table 3-38  Bond port parameters

      Parameter

      Description

      Value

      Bond Name

      Name of the bond port.

      [Example]

      bond01

      Available Ports

      Ports that you select and ports to which you want to bond the selected ports.

      [Example]

      CTE0.A.IOM1.P0

    3. Click OK.

      The Danger dialog box is displayed.

    4. Select I have read and understood the consequences associated with performing this operation. And click OK.
  3. Create a logical port.

    NOTE:
    The number of logical ports created for each controller is recommended not more than 64. If the number exceeds 64 and a large number of ports do not work properly, logical ports drift towards the small number of ports available. As a result, service performance deteriorates.

    1. Select Logical Ports and click Create.

      The Create Logical Port dialog box is displayed.

    2. Enter logical port information. Table 3-39 describes related parameters.

      Table 3-39  Create Logical Port parameters

      Parameter

      Description

      Value

      Name

      Name of the logical port.

      [Example]

      logip

      IP Address Type

      Type of the IP address: IPv4 Address or IPv6 Address.

      [Example]

      IPv4 Address

      IPv4 Address (IPv6 Address)

      IP address of the logical port.

      [Example]

      172.16.128.10

      Subnet Mask (Prefix)

      Subnet mask (Prefix) of the logical port.

      [Example]

      255.255.255.0

      IPv4 Gateway (IPv6 Gateway)

      Address of the gateway.

      [Example]

      172.16.128.1

      Primary Port

      Physical port preferred by the logical port.

      [Example]

      CTE0.A.IOM0.P0

      IP Address Floating

      Whether IP address floating is enabled.

      OceanStor 18500 V3/18800 V3 support IP address floating. When the primary port is disabled, the IP address will be floated to another port that can be used. For details, see OceanStor 18500 V3&18800 V3 Mission Critical Storage System V300R003 IP Address Floating Deployment Guide.
      NOTE:

      Shares of file systems do not support the multipathing mode. IP address floating is used to improve reliability of links.

      [Example]

      Enable

      Failback Mode

      Failback mode of the IP address: Automatic and Manual.
      NOTE:
      • If Failback Mode is Manual, ensure that the link to the primary port is normal before the failback. Services will manually fail back to the primary port only when the link to the primary port keeps normal for over five minutes.
      • If Failback Mode is Automatic, ensure that the link to the primary port is normal before the failback. Services will auto fail back to the primary port only when the link to the primary port keeps normal for over five minutes.

      [Example]

      Automatic

      Activate Now

      Whether the logical port is activated immediately. After activated, the logical IP can be used to access the shared space.

      [Example]

      Enable

    3. Click OK.

      The Success dialog box is displayed.

    4. Click OK.
  4. Optional: Managing a Route.

    You need to configure a route when the CIFS server and the storage system are not on the same network.

    • When a domain controller server exists, ensure that the logical IP addresses, domain controller server, and DNS can ping each other. If they cannot ping each other, add routes from the logical IP addresses to the network segment of the domain controller server and the DNS.
    • When configuring CIFS share access, if the CIFS server and logical IP addresses cannot ping each other, add a route from the logical IP addresses to the network segment of the CIFS server.

    1. Select the locical port for which you want to add a route and click Route Management.

      The Route Management dialog box is displayed.

    2. Configure the route information for the logical port.

      1. In IP Address, select the IP address of the logical port.
      2. Click Add.
        The Add Route dialog box is displayed.

        The default IP addresses of the internal heartbeat on the dual-controller storage system are 127.127.127.10 and 127.127.127.11, and the default IP addresses of the internal heartbeat on the four-controller storage system are 127.127.127.10, 127.127.127.11, 127.127.127.12, and 127.127.127.13. Therefore, the IP address of the router cannot fall within the 127.127.127.XXX segment. Besides, the IP address of the gateway cannot be 127.127.127.10, 127.127.127.11, 127.127.127.12, or 127.127.127.13. Otherwise, routing will fail. (Internal heartbeat links are established between controllers for these controllers to detect each other's working status. You do not need to separately connect cables. In addition, internal heartbeat IP addresses have been assigned before delivery, and you cannot change these IP addresses).

      3. In Type, select the type of the route to be added.
        There are three route options:
        • Default route

          Data is forwarded through this route by default if no preferred route is available. The target address field and the target mask field (IPv4) or prefix (IPv6) of the default route are automatically set to 0. To use this option, you only need to add a gateway.

        • Host route

          The host route is the route to an individual host. The target mask (IPv4) or prefix (IPv6) of the host route are automatically set respectively to 255.255.255.255 or 128. To use this option, you only need to add the target address and a gateway.

        • Network segment route

          The network segment route is the route to a network segment. You need to add the target address, target mask (IPv4) or prefix (IPv6), and gateway. Such as the target address is 172.17.0.0, target mask is 255.255.0.0, and gateway is 172.16.0.1.

      4. Set Destination Address.
        • If IP Address is an IPv4 address, set Destination Address to the IPv4 address or network segment of the application server's service network port or that of the other storage system's logical port.
        • If IP Address is an IPv6 address, set Destination Address to the IPv6 address or network segment of the application server's service network port or that of the other storage system's logical port.
        • Set Destination Mask (IPv4) or Prefix (IPv6).
        • If a Destination Mask is set for an IPv4 address, this parameter specifies the subnet mask of the IP address for the service network port on the application server or storage device.
        • If a Prefix is set for an IPv6 address, this parameter specifies the prefix of the IPv6 address for application server's service network port or that of the other storage system's logical port.
      5. In Gateway, enter the gateway of the local storage system's logical port IP address.

    3. Click OK. The route information is added to the route list.

      The Danger dialog box is displayed.

    4. Confirm the information of the dialog box and select I have read and understood the consequences associated with performing this operation..
    5. Click OK.

      The Success dialog box is displayed indicating that the operation succeeded.

      NOTE:

      To remove a route, select it and click Remove.

    6. Click Close.

Configuring a Local Authentication User (Group)

In a non-domain environment, you must configure a local authentication user (group). After the Homedir share service is enabled in the OceanStor 18500 V3/18800 V3, you can access Homedir shares as a local user.

(Optional) Creating a Local Authentication User Grou

This section describes how to create a local authentication user group. Local authentication user groups can manage the local authentication users.

Context

A storage system has four local authentication user groups that are automatically created. The four local authentication user groups are reserved for the system and cannot be deleted.

  • default_group: default user group. When the group members access the shared file system in the storage systems, they must be authenticated to obtain their permissions.
  • Administrators: administrator group. When the group members access the shared file system in the storage system, they do not need to be authenticated by share level ACL and directory&file level NT ACL. They can operate any file in any share with administrator permissions.
  • AntivirusGroup: antivirus user group. The group members can use third-party antivirus software to scan for shared file systems. They have administrator permissions.
  • Backup Operators: backup user group. The group members can use third-party backup software to back up and recover shared file systems. They do not have administrator permissions.
NOTE:

Access Control List (ACL): a collection of permissions that are authorized to users or user groups to operate shared files. ACL permissions are classified into ACL permission storage and ACL permission authentication. After a user logs in to a share, the user determines the share permissions, reads the ACL permissions, and determines whether files can be read and written. For storage, each ACL permission is called Access Control Entry (ACE). After CIFS shares are mounted to a Windows client, the client sends NT ACLs to a server (storage system that provides CIFS shares).

Procedure

  1. Log in to DeviceManager.
  2. Choose Provisioning > User Authentication > Local Authentication User Group.
  3. Click Create.

    The Local Authentication User Group dialog box is displayed.

  4. In User Group Name, enter a new user group name.

    NOTE:
    • The user group name cannot contain the quotation mark ("), slash (/), backslash (\), square brackets ([]), less than sign (<), larger than sign (>), plus sign (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal sign (=), at sign (@) or end with a period (.). If the user group name start and end with spaces, the spaces are not displayed after the user group name is created.
    • The user group name can contain case-insensitive letters. Therefore, aa and AA cannot be created at the same time.
    • The user group name cannot be the same as the name of the local authentication user.
    • The user group name contains 1 to 32 characters.

  5. Optional: In Description, add the description of the user group.
  6. Click OK.
  7. In the Success dialog box that is displayed, click OK.
Creating a Local Authentication User

This section describes how to create a local user. For applications that use local authentication, local user accounts are used to access a share. You can add a local user to a user group and access a share as the user group.

Procedure

  1. Log in to DeviceManager.
  2. Choose Provisioning > User Authentication.
  3. Click Local Authentication User tab.
  4. Click Create.

    The Local Authentication User dialog box is displayed.

  5. In Username, enter a new user name.

    The user name:
    • Cannot contain space, double quotation mark ("), slash (/), backslash (\), square brackets ([]), less than (<), larger than (>), plus (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal mark (=), (@), or end with a period (.).
    • The user name can contain case-insensitive letters. Therefore, aaaaaaaa and AAAAAAAA cannot be created at the same time.
    • The user name cannot be the same as the name of the local authentication user group.
    • Contains 8 to 32 characters by default.
      NOTE:

      You can modify the minimum length of user name in More > Set Security Policies.

  6. In Password, enter the password of the user.

    The system default password requirements are:
    • Contain 8 to 16 characters.
    • Contain special characters. Special characters include: !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and space.
    • Contain any two types of the uppercase letters, lowercase letters, and digits.
    • Cannot contain three consecutive same characters.
    • Be different from the user name or the user name typed backwards.
    NOTE:

    Click More and choose Set Security Policies to set a security policy for the password of the local authentication user in the file system. If Password Validity Period (days) is not selected, your password will never expire. For the security purpose, you are advised to select Password Validity Period (days) and set a validity period. The default validity period is 90 days. After the password expires, you cannot access shares, but you can set a password again and modify the password security policy.

  7. In Confirm Password, enter the new password again.
  8. Select Primary Group.

    The Select Primary Group dialog box is displayed.

    NOTE:

    The primary group to which users belong controls the users' permission for CIFS shares. A user must and can only belong to one primary group.

  9. Select the user group to which the user belongs to and click OK.
  10. (Optional) Select Secondary Group.

    The Select Secondary Group dialog box is displayed.

    NOTE:
    The concepts of primary group and secondary group are for local authentication users and have no relationship with each other. A local authentication user must belong to a primary group but not to a secondary group.

  11. Click Add.

    The Select User Group dialog box is displayed.

  12. Select one or multiple groups which the user belongs to and click OK.

    The system goes back to Select Secondary Group dialog box.

  13. Click OK.

    The system goes back to Local Authentication User dialog box.

  14. Optional: In Description text box, enter the description for the local authentication user, for later management or search.
  15. Click OK.
  16. In the Success dialog box that is displayed, click OK.

Configuring a Storage System to Add It to an AD Domain

In a domain, after the Homedir share service is enabled in the storage system, you can access Homedir shares as a domain user.

Preparing AD Domain Configuration Data
Why AD Domains?

In the Windows shared mode, every Windows host is an independent node. The account and permission information about users allowed to access the shares are stored on each node. As a result, the information maintenance is complex and uncontrollable. For example, to grant a user the access permission, you need to add the configuration information about this user to every node.

If an AD domain is used, however, the domain controller manages all the user configuration information and authenticates the access to the domain. The domain controller incorporates a database that stores information about the domain account, password, and nodes in the domain. A user can access all the shared content in the domain after passing the authentication by the domain controller.

Working Principles and Panorama
  1. Create a DNS server and provide a full AD domain name (such as 123.com) using the server. Other servers only need to input the full domain name and pass the authentication to access the shares.
  2. Set up an AD domain on the domain controller side.
  3. Add the storage systems that need to provide sharing services to the AD domain.
  4. Create a domain user on the domain controller side. Log in to the servers in the AD domain using the domain user account. The shares in the domain can be accessed.


Data Preparation

The data to be prepared is as follows: Domain Administrator Username, Password, Full Domain Name, Organization Unit (optional), and System Name. For details about how to obtain the data, see the parameter description in section "Configuring AD Domain Authentication Parameters".

Connecting a Storage System to the DNS Server

After a storage system is connected to a DNS server, you can access the storage system through the IP address or domain name. This operation enables you to configure a system management IP address for the active or standby DNS.

Prerequisites

  • The DNS has been configured and is running properly.
  • Port 53 of the TCP/UDP protocol between the storage system and the DNS server is enabled.
  • Management network port 0 of management module A or management module B of the controller enclosure 0 has been connected to the network. And run change system management_ip command to change the management IP address to an IP address in the customer's network segment. For details about the command, see OceanStor 18500 V3&18800 V3 Mission Critical Storage System V300R003 Command Reference

Context

  • A DNS server is used to resolve host names in a domain.
  • If you want to configure a standby DNS server, keep the domain names of the active and standby servers consistent.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > Basic Information > DNS Service.
  3. Set the DNS information.

    1. Set Active DNS IP Address.
    2. Optional: Set Standby DNS IP Address 1.
    3. Optional: Set Standby DNS IP Address 2.

      NOTE:

      Please configure the standby DNS IP address 1 first and then the standby DNS IP address 2.

  4. Click Save.

    The Success dialog box is displayed indicating that the operation succeeded.

  5. Click OK.
Configuring AD Domain Authentication Parameters

In an AD domain, add a storage system to the AD domain. Then the AD server can authenticate CIFS clients when they try to access shared resources. The administrator can manage the share access permission and quotas of domain users. If the storage system is not added to the AD domain, domain users cannot use share services provided by the share server.

Prerequisites

  • An AD domain has been set up.
  • The storage system has been connected to the DNS server.
  • AD domain server and DNS server must have time synchronization with storage system. The time difference must be no larger than 5 minutes.
  • Between the storage system and AD domain environment, the following ports are enabled: ports 88 (TCP/UDP), 389 (TCP/UDP), 445 (TCP), and 464 (TCP/UDP).
NOTE:
  • OceanStor 18500 V3/18800 V3 storage system can be connected to the AD domain and DNS server through the service network port (logical port) only. And it requires all the controllers can communicate with the AD server.
  • If the management network and the AD domain server (or the DNS server) cannot communicate, and the IP address of the service network and the IP address of the AD domain server (or the DNS server) belong to different subnets, you need to configure the route from the service network to the AD domain server (or the DNS server) on the storage system to ensure that the service network and the AD domain server (or the DNS server) can communicate.
  • AD domain servers support the primary/secondary domain, parent/child domain, active/standby domain, or trust domain. One storage system can be connected to only one AD domain server.
Precautions
  • When adding a storage system to an AD domain, ensure that the network between primary controllers of the storage system and DNS and AD domain servers is working properly.
    NOTE:

    Run show controller general to query information about all controllers. Wherein Role indicates cluster role of a controller. When Role is Master, this controller is the primary controller of the storage system.

  • If OverWrite System Name is enabled and the entered system name is the same as that on the AD domain server, information of the existing system will be overwritten by that of the new system.
  • Simple password may cause security risk. Complicated password is recommended, for example, password contains uppercases, lowercases, digits and special characters.
  • You are advised to use physical isolation and end-to-end encryption to ensure security of data transfer between clients and AD domain servers.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > File Storage Service > Domain Authentication.
  3. In the AD Domain Settings area, configure the AD domain authentication. The related parameters are as shown in Table 3-40.



    Table 3-40  Parameters of the AD domain

    Parameter

    Description

    Value

    Domain Administrator Username

    User name of an administrator who logs in to the AD domain server.

    [Rule]

    Contains 1 to 63 letters.

    [Example]

    test123

    [How to Obtain]

    Contact the administrator of the AD domain controller.

    Password

    Password of an administrator who logs in to the AD domain server.

    [Rule]

    Contains 1 to 127 letters.

    [Example]

    !QAZ2wsx

    [How to Obtain]

    Contact the administrator of the AD domain controller.

    Full Domain Name

    Full domain name of the AD domain server

    [Rule]

    Contains 1 to 127 characters.

    [Example]

    abc.com

    [How to Obtain]

    Contact the administrator of the AD domain controller.

    Organization Unit

    Organization unit of a type of directory objects in a domain. These objects include users, computers, and printers. After an object is added to a domain, it will be a member in the organization unit. If you do not enter anything, the storage system is added to organization unit as Computers by default.

    If the Type of organization units of a domain controller is Container, enter cn=xxx,dc=abc,dc=com. Otherwise, enter ou=xxx,dc=abc,dc=com.

    [Example]

    ou=xxx,dc=abc,dc=com

    [How to Obtain]

    1. On the Windows AD domain server, open Active Directory Users and Computers or ADSI Edit.
    2. Select the folder directory on the left and right-click the directory. Choose Properties.
    3. In the Properties dialog box that is displayed, click Attribute Editor. The value of distinguishedName is the organization unit.

    System Name

    Name of the storage system in the AD domain. After being added to the domain, the client can use the name to access storage systems.

    [Rule]

    It can contain only letters, digits, and hyphens (-), and must not contain digits only, and contains 1 to 15 letters.

    [Example]

    systemname

    Overwrite System Name

    If a same system name already exists on the domain control server, the existing system name is overwritten after this option is selected.

    [Example]

    Enable

    Domain Status

    Whether storage system has been added to the domain.

    [Example]

    Exited domain

  4. Click Join Domain. The AD domain authentication configuration is completed.

Follow-up Procedure

If you want to exit domain, perform the following operations:
  1. In AD Domain Settings, input Domain Administrator Username and Password.
  2. Click exit domain.

    The Success dialog box is displayed indicating that the operation succeeded.

  3. Click OK to finish exiting the storage system to AD domain.

Enabling the Homedir Share Service

After the Homedir share service is enabled, the OceanStor 18500 V3/18800 V3 supports Homedir shares.

Prerequisites

A file system whose Homedir share service must be enabled has been created.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > File Storage Service > CIFS Service.
  3. In CIFS Service, select Enable.
  4. In Homedir, select Enable.
  5. In File System, select the file system whose Homedir share service you want to enable.

    NOTE:

    If you want to enable the Homedir share service for a quota tree in the file system, select the quota tree in Quota Tree.

  6. Click Save.

    The Success dialog box is displayed.

  7. Click OK.

Accessing Homedir Shares

This section describes how to access Homedir shares. By accessing a Homedir share, different users can access the shared directory.

Procedure

  1. Right-click Computer on a Windows-based client.
  2. Select Map Network Drive.
  3. In Folder, enter the path of the mapped folder, and select Connect using different credentials.

    The path format is \\logical ip address\username, logical ip address indicates the logical IP address of the storage system, for details to view the logical IP address, see Viewing Logical Port Details, and sharename indicates the name of the Homedir share.

    NOTE:

    If you use a domain authentication user, enter the domain user name in the ~Domain name~Domain user name format in User Name.

    If you use a local authentication user, enter the user name of the local authentication user in User Name.

  4. Click Finish.
  5. In Windows Security, enter the user name and password of the local user and click OK.

    • In a domain, enter the domain user name in the Domain name/Domain user name format in User Name and enter the password of the domain user in Password.
      NOTE:

      After Homedir shares are allocated to domain users, do not modify the domain user information. Otherwise, the CIFS shares cannot be accessed.

    • In a non-domain environment, enter the user name and password of the local authentication user in User Name and Password respectively.

  6. View the mapped network drive.

    Double-click Computer. The Computer window is displayed, listing mapped network drives.

  7. Double-click the mapped network drive to access the Homedir share.

Follow-up Procedure

To cancel the sharing, run the command net use [DeviceName] /del in the Windows CLI. DeviceName indicates the disk drive that needs to be disconnected, such as z:.

If the information about a local authentication user or domain user is changed (for example, the user is forbiddened, the password is changed or expires, the relationship is changed, or the user is deleted) when a client accesses the file system of CIFS and FTP shares, the changed information will take effect after authentication is passed in the next time (by mounting shares again).

The storage system supports offline sharing. When a client is mounted and shared, you can still read and write on a local duplicate on the client even when it is disconnected with the storage system. When the connection resumes, data modified offline is synchronized automatically to the storage system. (If the shared data in the storage system is changed, you need to manually start the synchronization.)

Translation
Download
Updated: 2019-08-14

Document ID: EDOC1000084081

Views: 37018

Downloads: 83

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next