Manualshelf

Installation manual

ManualsBrandsAcopia Networks ManualsHome building and Decor810-0044-00
211212213214215216217218219220
Adding a Managed Volume
Setting CIFS Options
9-18 CLI Storage-Management Guide
Supporting Filers with Local Groups
A Windows filer can support Global Groups, which are managed by Domain
Controllers, and/or Local Groups, which are unique to the filer. Local groups have
their own Security IDs (SIDs), unknown to any other Windows machine. When you
aggregate shares from these filers into a single volume, some files tagged for
local-group X are likely to migrate to another filer, which does not recognize the SID
for that group (SID X). This invalidates any Access Control Entries (ACEs) with SID
X while the file resides on that filer; members of group X lose their privileges. To
resolve this problem, you must first prepare all of the filers before you aggregate them
into a namespace volume:
all local-group names must be configured on all filers behind the volume, and
all groups must contain the same users on those filers.
For example, if filer A has local group “doctors” and filer B has local group “nurses,”
you must add a new “nurses” local group to filer A and a new “doctors” group to filer
B. The membership of these groups must match at both filers. This preparation is
required so that all doctors and nurses can share the filers behind a volume.
Disabling CIFS Oplocks (optional)
The CIFS protocol supports opportunistic locks (oplocks) for its files. A client
application has the option to take an oplock as it opens a file. While it holds the
oplock, it can write to the file (or a cached copy of the file) knowing that no other
CIFS client can write to the same file. Once another client tries to access the file for
writes, the server gives the first client the opportunity to finish writing. This feature
makes it possible for clients to cache their file-writes locally, thereby improving client
performance.
CIFS volumes provide oplock support by default. Some installations prefer not to
offer oplocks to their CIFS clients. A volume with oplocks disabled does not grant
any oplocks to any CIFS clients, so CIFS clients cannot safely use file caching as
described above. As with direct volumes (recall “Disabling CIFS Oplocks (optional)”
on page 8-6), you use the
cifs oplocks-disable command to disable oplock support in a
managed volume. For example, the following command sequence disables oplock
support in “insur~/claims,” a multi-protocol (CIFS and NFS) namespace:
bstnA6k(gbl)# namespace insur
bstnA6k(gbl-ns[insur])# volume /claims