R MOD 18-Configuring CIFS

Configuring CIFS
Upon completion of this module, you should be able

to:
Configure the Data Mover for a Windows
environment
Create and Join a CIFS Server to a Windows Domain
Export a file system as a CIFS Share
Describe UserMapper Basics
Copyright 2014 EMC Corporation. All Rights
Configuring CIFS
Module 12: Configuring CIFS
Lesson 1: Overview of Configuring VNX for CIFS

During this lesson the following topics are covered:
Preparing for CIFS
Creating a CIFS server
Creating a CIFS share
Configuring CIFS
Preparing for CIFS
Configure IP networking
Interface addressing
Routing
Virtual Data
Mover
Configure Network
Services
DNS Dynamic DNS
recommended
NTP
DataF
S
/
Sales
cge-1-0
192.168.6
5.12
Configure Virtual Data

Mover
Best practice for CIFS
Configure a file system

Provides file storage
space
Configuring CIFS
Configuring CIFS: CIFS Server
Start the CIFS service
Click icon to add picture

CIFS
Runs on physical Data
Virtual Data
Mover
Mover
Create a CIFS server on

VDM
Uses an available
interface for network

communications
DataF
S
/
Sales
CIFS
cge-1-0
Server 192.168.6
5.12
VNX_CIFS01
CIFS server binds to
interface name
Join CIFS server to the

Windows Domain
CIFS server created in
domain OU EMC Celerra
OU
EMC
VNX_CIF
Celerra
S01
Configuring CIFS
Configuring CIFS: Storage
Create CIFS share

From prepared file
system
CIFS server makes share
available on network to
clients
CIFS is now configured

on VNX
Click icon to add picture

CIFS
Virtual Data
Mover
CIFS
cge-1-0
Server 192.168.6
5.12
VNX_CIFS01
DataF
S
/
/DataFS/Sales shared as
Sale Sales_data
s
CIFS server is available
to Microsoft network
File storage available to
CIFS clients though the
CIFS share
Sales_d
ata
OU
EMC
VNX_CIF
Celerra
S01
Configuring CIFS
Configuring CIFS
Lesson 1: Summary
During this lesson the following topics were covered:
Preparing for CIFS
Creating a CIFS server
Creating a CIFS share
Configuring CIFS
Configuring CIFS
Lesson 2: Create and Join a CIFS Server to a

Windows Domain

Starting CIFS
Creating a CIFS Server
Joining a CIFS Server to the domain
Verifying CIFS server status
Configuring CIFS
CIFS Management in Unisphere

Storage > Shared Folders > CIFS
Configuring CIFS
Starting CIFS
Storage > Shared Folders > CIFS
Tasks tree > Configure CIFS link
Configuring CIFS
Create a CIFS Server
Storage > Shared

Folders > CIFS > CIFS
Servers tab > Create
Configuring CIFS
10
CIFS Server Status
CIFS Server
Properties:
Displays status
with the domain
Configuring CIFS
11
CIFS Servers in the Windows Environment
CIFS server in
Active
Directory
CIFS server
in Dynamic
DNS
Configuring CIFS
12
Configuring CIFS
Lesson 2: Summary
Starting CIFS
Creating a CIFS Server
Joining a CIFS Server to the domain
Verifying CIFS server status
Configuring CIFS
13
Configuring CIFS
Lesson 3: File System Access via CIFS

Exporting a file system as a CIFS share
Creating a top-level file system share
Creating shares using Windows tools
Configuring CIFS
14
CIFS Shares
Exporting a file system pathname as a CIFS
share
Provide a share name
CIFS
File
Server
System
/DataFS/shared as hidden share
DataFS
Top$
lost+foun
.etc
d
shared as
Engineeri /DataFS/Engineering
Designs
ngStructura
Sales
/DataFS/Sales shared as Sales
l
West
Desig
ns
Sales
Configuring CIFS
15
Exporting a File System as a CIFS Share:

Unisphere
Storage > Shared Folders > CIFS > Shares tab
Create
Configuring CIFS
16
Exporting a File System as a CIFS Share:

Windows
Initial top-level share created with Unisphere must
be in place!
Computer Management > select CIFS Server
System Tools > Shared Folders > Share > New

Share
Configuring CIFS
17
Unisphere Display of CIFS Shares
VNX shares created with Microsoft tools displayed in

Unisphere
Configuring CIFS
18
Configuring CIFS
Lesson 3: Summary
Exporting a file system as a CIFS share
Creating a top-level file system share
Creating shares using Windows tools
Configuring CIFS
19
Configuring CIFS
Lesson 4: CIFS Operational Considerations

Stopping/restarting the CIFS service
Modifying CIFS server interfaces
Moving a VDM with a CIFS server
CIFS restrictions with VDM
Configuring CIFS
20
CIFS Servers Interface Considerations
Interface stealing is:

Possible between CIFS Servers on the same Physical
Data Mover
Possible between CIFS Servers on the same Virtual
Data Mover
Not possible between CIFS Servers on different Data
Movers (Physical or Virtual)
Interfaces are not changed for Default CIFS Servers

Default CIFS Servers automatically use interfaces that
are not currently used by any other CIFS Servers
When a CIFS Server interface is disabled

CIFS shares that are connected through this interface
will no longer be accessible

Shares need to be reconnected through new interface
Configuring CIFS
21
Stealing CIFS Server Interface
Assigning an already used Interface to a CIFS

server:
New CIFS Server
VNX_CIFS02 being
configured
Interface already in use

by VNX_CIFS01
Configuring CIFS
22
Start/Stop the CIFS Service
Stop and Restart CIFS service after Changes

WINS settings for legacy NT4 domains
Other CIFS related changes
See Configuring and Managing CIFS on VNX
Stopping CIFS service stops all CIFS servers

On physical Data Mover and its VDMs
CIF
S
Configuring CIFS
23
Moving a VDM with a CIFS Server
Target physical Data

Mover must have
interface with same
name
CIFS server binds to
interface name
Name resolution:
Different IP addresses
Dynamic DNS updates
Client DNS cache flush
Same IP address
Down inactive
interface
Configuring CIFS
24
CIFS Restrictions with VDMs
VDM containing a CIFS server

cannot be loaded onto physical
Data Mover with a default
CIFS server
Default CIFS servers use all
Virtual Data
Mover
available interfaces
VDM CIFS server cannot

provide antivirus functionality
CIFS
Server
Antivirus functionality is
provided by global CIFS

server from physical Data
Mover
Refer to Configuring Virtual

Data Movers on VNX document
for other restrictions
Configuring CIFS
25
Configuring CIFS
Lesson 4: Summary
Stopping/restarting the CIFS service
Modifying CIFS server interfaces
Moving a VDM with a CIFS server
CIFS restrictions with VDM
Configuring CIFS
26
Configuring CIFS
Lesson 5: Usermapper
Explain Usermapper basic operations
Explain Usermapper configuration
Configuring CIFS
27
User Mapping with VNX
Method for uniquely identifying users and groups

accessing the VNX with file access protocols (CIFS
and NFS)
Windows SIDs
UNIX/Linux UIDs and GIDs
VNX requires UIDs and GIDs

UxFS based file system file and directory permissions
Mapping required for CIFS only & mixed CIFS/NFS
Mapping method
UID/GID
environments
User/Group SIDs
UID/GID
UID/GID
Windows
CIFS
VNX FS
UID/GID
UNIX/Linux
NFS
Configuring CIFS
28
User Mapping Methods
Variety of methods available

Supporting various user environments
Internal and external to VNX
Mapping
Method
Mapping method
User
Environment
Location
Enabled By
Usermapper
CIFS only
VNX Data
Mover
Microsoft IdMU
CIFS and NFS
Windows AD
nsswitch.conf
(LDAP)
Microsoft SFU
CIFS and NFS
Windows AD
nsswitch.conf
(LDAP)
OpenLDAP/
iPlanet
CIFS and NFS
UNIX/Linux
LDAP server
nsswitch.conf
(LDAP)
VNX UNIX User

Management
CIFS and NFS
Windows AD
CIFS ADMap
parameter
NIS
CIFS and NFS
NIS server
Local Files
CIFS and NFS
ntxmap
CIFS and NFS
Configuring CIFS
VNX Data
Mover
VNX Data
Mover
default
Data Mover
network settings
Data Mover
passwd/group files
ntxmap.conf
29
User Mapping and Secure Mapping
Secmap records (caches) SID to UID/GID mappings

provided by user mapping methods
Does not generate mappings
Used for resolving subsequent user mapping
Is persistent mapping
Present on all physical and virtual Data Movers
Mapping entries displayed with CLI only
Mapping method
Data
Mover
Data
Mover
Secmap
Secmap
Configuring CIFS
30
User Mapping Search Order

Start
Ye
s
ntxmap
No
2 nsswitch.conf
3 ntxmap
Local
user
& group
Nofiles
Ye
s
NIS
Ye
s
User is
authenticated
LDAP
Ye
s
The access to
CIFS share is
allowed
End
No
No
Active
Directory
Ye
s
No
Usermapper
Ye
s
No
Usermapper
generates UID
or GID and ads
it to its
database
Was the
user
added?
No
Ye
s
No
#
# /.etc/nsswitch.conf
/.etc/nsswitch.conf ::
#
#
passwd:
files
passwd:
files ldap
ldap nis
nis
group:
files
group:
files ldap
ldap nis
nis
hosts:
dns
hosts:
dns nis
nis files
files
netgroup:
files
netgroup:
files nis
nis
1 Default mapping search order
secmap
Configuring CIFS
Ye
s
An error is
generated
31
Usermapper Overview
A user mapping method which runs on a VNX for

File
Mapping method used for CIFS-only user
environments
Automatically generates UIDs/GIDs for Windows
user/group SIDs
Database maintains mappings
UID and GID values start at 32768 and increase
Custom ranges can be configured in usrmap.cfg file (not
recommended)
Data
Data
Mover
Mover
Usermapper
Service
Secmap
Secmap
Configuring CIFS
32
Usermapper Roles
Primary Usermapper
One per VNX environment
Generates user mappings
Data
Primary
Mover 2
Usermap
per
Secmap
By default runs on Data
Data
Mover 3
Secmap
Mover 2
Secondary Usermapper
One per each additional VNX
Queries Primary Usermapper
for mapping
Usermapper client
All other VNX Data Movers
Query Primary/Secondary for
user mappings
Data
Secondar
Mover
y 2
Usermap
per
Secmap
Data
Mover 3
Data
Primary/
Mover 2
Secondar
y
Secmap
Data
Usermap
Mover 3
per
Client
Secmap
Configuring CIFS
Secmap
33
Primary Usermapper Operations
Multiple VNXs: one Primary,

two Secondary Usermappers
1. User1 accesses DM2 on
VNX3
Data Mover
2
Sec. Usermapper
VNX1
2. Primary Usermapper
generates & records UID for
user1 SID
3. Secmap records mapping
Secmap
VNX2
Data Mover
2
Sec. Usermapper
Secmap
User1
User1 SID
VNX1
Data Mover
2
Primary
User1
SID: UID
Usermapper
32768
Secmap
User1 SID: UID
32768
Configuring CIFS
2
3
34
Secondary Usermapper Operations
Multiple VNXs: one Primary, two Secondary

Usermappers
1. User2 accesses DM2 on VNX2
2. Secondary queries Primary for mapping
3. Primary generates & records UID for user2 SID
4. Secmap on VNX1 DM2 records mapping
5. Primary replies with mapping
6. Secondary records User2 mapping
6 User2 SID: UID
32769
User2 SID
Secmap
7 User2 SID: UID
32769
User2
Mapping Query
VNX2
Data Mover
2
2
6Sec. Usermapper
VNX3
Data Mover
2
Sec. Usermapper
Secmap
VNX1
Data Mover
2
Primary
User1
SID: UID
Usermapper
User2
SID: UID
32768
5
Mapping reply
32769
Secmap
User1 SID: UID
User2 32768
SID: UID
32769
Configuring CIFS
35
Secondary Usermapper Operations

(Continued)

Usermappers
2. Secondary queries Primary for mapping
3. Primary generates & records UID for user3 SID
6. Secondary records User3 mapping
User3 SID: UID
32770
User3 SID
Secmap
7 User3 SID: UID
32770
User3
Mapping Query
VNX3
Data Mover
2
2
6 Sec. Usermapper
VNX2
Data Mover
2
Sec. Usermapper
User2 SID: UID
32769
Secmap
User2 SID: UID
32769
VNX1
Data Mover
Primary
2
User1
SID: UID
Usermapper
User2
SID: UID
32768
5
User3 SID: UID
Mapping reply
32769
32770
Secmap
User1 SID: UID
User2 32768
SID: UID
User3 32769
SID: UID
32770
Configuring CIFS
36
Usermapper Client Operations

Usermappers
VNX3
Data Mover
2. Client broadcasts to Usermapper service for mapping
Sec. Usermapper
2
User3 SID: UID
3. DM2 Primary generates & records UID for User4 SID32770
Secmap
4. DM2 secmap records mapping
VNX2
User3 SID: UID
32770
Data Mover
Sec. Usermapper
2
User2 SID: UID
6. DM3 secmap records mapping
32769
er
Client
Secmap
6 User4 SID: UID
User1 SID: UID
32771
32768
User4 SID
User4
Mapping broadcast
Data Mover
2
3
Usermapp
Secmap
User2 SID: UID
VNX1
32769
Mapping reply
Configuring CIFS
Data Mover
Primary
2
User1
SID:UID
UID
Usermapper
User1
SID:
User2
SID: UID
32768
SID: UID
32768
5 User3
32769
User4
SID: UID
32770
32771
Secmap
User1
SID:UID
UID
User1
User2SID:
SID:
UID
32768
User3
SID: UID
32768
User4 32769
SID: UID
32770
32771
37
Viewing the Usermapper Configuration

Storage > Shared Folders > CIFS >
Usermappers tab
Configuring CIFS
38
Usermapper Database Backup

Storage > Shared Folders > CIFS > Usermappers
tab
Backups used to update Secondary database
If promoting to Primary
EMC recommends that you do not modify

Usermapper database entries.
Configuring CIFS
39
Managing Usermapper Roles

Storage > Shared Folders > CIFS >
Usermappers tab
Configuring CIFS
40
Managing Usermapper Roles (continued)

Storage > Shared Folders > CIFS > Usermappers
tab
Configuring CIFS
41
Configuring CIFS
Lesson 5: Summary
Usermapper basic operations
Usermapper configuration
Configuring CIFS
42
Summary
Key points covered in this module:
Preparation is key to CIFS implementation. Identify
key network resources:
Interface addressing
Routing
DNS
NTP
VDM CIFS server cannot provide antivirus
functionality
Usermapper provides unique IDs for users and
groups from Windows environments that access the
Configuring CIFS
43
This slide is intentionally left blank.
Configuring CIFS
44

R MOD 18-Configuring CIFS

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

R MOD 18-Configuring CIFS

Uploaded by

Copyright:

Available Formats

Configuring CIFS

Upon completion of this module, you should be able

Copyright 2014 EMC Corporation. All Rights

Module 12: Configuring CIFS

Lesson 1: Overview of Configuring VNX for CIFS

Copyright 2014 EMC Corporation. All Rights

Preparing for CIFS

Configure Virtual Data

Configure a file system

Configuring CIFS: CIFS Server

Start the CIFS service

Click icon to add picture

Runs on physical Data

Create a CIFS server on

interface for network

CIFS server binds to

Join CIFS server to the

domain OU EMC Celerra

Copyright 2014 EMC Corporation. All Rights

Configuring CIFS: Storage

Create CIFS share

CIFS is now configured

Click icon to add picture

CIFS server is available

Copyright 2014 EMC Corporation. All Rights

Copyright 2014 EMC Corporation. All Rights

Lesson 2: Create and Join a CIFS Server to a

During this lesson the following topics are covered:

Copyright 2014 EMC Corporation. All Rights

CIFS Management in Unisphere

Copyright 2014 EMC Corporation. All Rights

Copyright 2014 EMC Corporation. All Rights

Create a CIFS Server

Storage > Shared

Copyright 2014 EMC Corporation. All Rights

CIFS Server Status

with the domain

Copyright 2014 EMC Corporation. All Rights

CIFS Servers in the Windows Environment

Copyright 2014 EMC Corporation. All Rights

Lesson 3: File System Access via CIFS

Copyright 2014 EMC Corporation. All Rights

Exporting a file system pathname as a CIFS

Copyright 2014 EMC Corporation. All Rights

Exporting a File System as a CIFS Share:

Copyright 2014 EMC Corporation. All Rights

Exporting a File System as a CIFS Share:

System Tools > Shared Folders > Share > New

Copyright 2014 EMC Corporation. All Rights

Unisphere Display of CIFS Shares

VNX shares created with Microsoft tools displayed in

Copyright 2014 EMC Corporation. All Rights

Copyright 2014 EMC Corporation. All Rights

Lesson 4: CIFS Operational Considerations

Copyright 2014 EMC Corporation. All Rights

CIFS Servers Interface Considerations

Interface stealing is:

Interfaces are not changed for Default CIFS Servers

are not currently used by any other CIFS Servers

When a CIFS Server interface is disabled

will no longer be accessible

Stealing CIFS Server Interface