Manualshelf

Administrator Guide

ManualsBrandsDell ManualsCompellent (SCEMC Storage NX3340
21222324252627282930
2. Right-click CN=Users, point to New, and then click Object.
3. In the Create Object dialog box, select the Group class, and then click Next.
NOTE: Ensure that the group objects name matches the name of the group account for which group account mapping
is required.
4. Set the gidNumber and sAMAccountName attributes for the new group object.
NOTE: The gidNumber is the GID of the UNIX group that is being mapped, and sAMAccountName must match the
name of a local group on the Windows-based computer that is running Server for NFS. If, after selecting the More
Attributes button, the uidNumber and gidNumber do not appear, exit and start ADSI Edit MMC.
5. Click OK, and click Finish to close the wizard.
Authorizing access to the ADS LDS namespace object
To grant access to the namespace object:
Steps
1. On the taskbar, click Start, and then type cmd in the search box.
2. Right-click Command Prompt, and select Run as administrator.
3. Navigate to the C:\WINDOWS\ADAM directory, and run the dsacls command to grant the Everyone group read access to
the mapping data store as follows:
dsacls "\\server1:389\CN=nfsadldsinstance,dc=server1" /G everyone:GR /I:T
4. Optionally, if you are setting up a shared AD LDS store to allow multiple NFS servers to query the account mapping
database, add the mapping data store to the ACL to allow Read permissions for the Anonymous Logon account as follows:
dsacls "\\server1:389\CN=nfsadldsinstance,dc=server1" /G "anonymous logon":GR /I:T
NOTE: You can skip this task if there is no shared access between computers to the mapping data store.
Configuring the mapping source
To configure the mapping source:
Steps
1. On the taskbar, click Start, and then type cmd in the search box.
2. Right-click Command Prompt, and select Run as administrator.
3. Run the following command, where <Computer> is the name of the computer where the AD LDS instance was created,
<Port> is the port that the AD LDS instance uses:
nfsadmin mapping config adlookup=yes addomain=<Computer>:<Port>
NOTE:
For this example, use the following:
nfsadmin mapping config adlookup=yes addomain=server1:389
4. Test the setup by accessing the NFS resources and verifying that the user and group account mappings work as expected.
28
Using your NAS system