This module demonstrates how to provide CIFS storage access to a VNX system.

Module 13 - Configuring CIFS 1

This lesson demonstrates how to create and join a CIFS server into the domain.

Module 13 - Configuring CIFS 2

There are some preparation steps needed for CIFS. Windows Active Directory uses Kerberos
authentication and it is time-sensitive. It is a best practice to configure the Data Mover to
acquire its time from a Network Time Server (NTP) to ensure it is in time synchronization
with the Key Distribution Center (KDC). To do this, first manually set the date and time of the
Data Mover then configure it to acquire its time from an NTP server. Windows Domain
Controller systems run a service for Network time. In the example shown the IP address of
the NTP server is a Windows Domain Controller.
Another preparation step required before configuring CIFS for the Windows 2003/08
environment includes Dynamic DNS. In order for the Data Mover to be able to update DNS
with its IP information dynamic updates must be supported. , Dynamic Updates must be set
to Secure only or Nonsecure and secure in the Forward Lookup Zone.
This slide illustrates a Windows 2008 R2 DDNS server supporting dynamic updates set to
Secure only.

Module 13 - Configuring CIFS 3

To manage CIFS in Unisphere hover over the Storage icon from the top main bar, in the drop
down from the Shared Folders section, select CIFS. The main CIFS management pane will be
displayed.

Module 13 - Configuring CIFS 4

Before you create any CIFS servers, it is recommended that you start the CIFS service to
activate the protocol for each physical Data Mover. Once the service is started, it cannot be
stopped without adversely impacting CIFS client access.
With the main CIFS management page open, on the right side Tasks tree File Storage section
select the Configure CIFS link.
By default Unicode is enabled. Unicode is the Universal Character Set supported in the VNX
for File.
Next, click in the CIFS Service Started box and then click Apply.
The same operation can be accomplished via CLI by using the following syntax:
server_cifs { <movername> | ALL } | -Enable <interface>[,<interface>...]

To verify the status of the service use the following command syntax:
server_cifs { <movername> | ALL } | -stats [-full [-zero]] | [-summary]

Module 13 - Configuring CIFS 5

Once you have started the CIFS service on your Data Mover, it’s now time to add a CIFS
server. To add a CIFS server, from the main CIFS management page select the CIFS Servers
tab then click the Create button. This opens the Create CIFS Server configuration window.

Module 13 - Configuring CIFS 6

The Create CIFS Server configuration window has several sections for creating and
configuring a CIFS server. The first section has a drop-down to select the Data Mover that will
hold the CIFS server. The Data Movers can be physical or Virtual Data Movers. The Server
Type section defines the behavior of the CIFS server. There are three options of CIFS servers:
Windows NT4 (Windows NT domain member), Windows 2000/2003/2008 (AD membership)
and standalone (local login) servers. The section will have different fields corresponding to
the type of server selected. The screen show has fields for the Windows 2000 Computer
Name, Aliases and NetBIOS Name. The slide illustrates creating a Windows 2000/2003/2008
server named cifs01.
Next is the Domain section which has fields for the Windows Domain, a checkbox option for
joining the domain, credential fields for a Domain user with the rights to add computers into
the domain and the Organizational Unit that the CIFS server will be added into. The default
organizational unit (OU) for a Data Mover’s CIFS server is Computers:EMC Celerra.
The next section is for enabling local users on the CIFS server and setting a local Admin
password.
The final step is to select an interface. If no interface is specified, the associated CIFS server
uses all unassigned interfaces on that Data Mover. This configuration is known as the default
CIFS server.
To verify if server was configured properly use the CLI command:
server_cifs <movername>

Module 13 - Configuring CIFS 7

The status of the CIFS server can be seen from the main CIFS page on the CIFS Servers tab.
The CIFS Server Properties page displays its status with the domain. In the example shown,
the CIFS server has been joined to the domain.
When creating a CIFS server it is useful to check its properties to confirm that ithe CIFS server
has been joined to the domain. Unsuccessful joins are commonly caused by time
synchronization with Kerberos or they could be related to Data Mover routing configurations.

Module 13 - Configuring CIFS 8

The CIFS server should also be seen within the Windows environment. It should be seen
within Active Directory within the EMC Celerra OU as shown.
Additionally it should be present within Dynamic DNS as shown.

Module 13 - Configuring CIFS 9

This lesson focuses on making a file system available to a CIFS client.

Module 13 - Configuring CIFS 10

To export a file system for CIFS, in Unisphere click Storage > Shared Folders > CIFS > Create.
The first step for creating a CIFS share is to select a Data Mover for the share, it is selected
from a drop-down menu. Only Primary Data Movers will be displayed – either physical or
Virtual Data Movers. In the CIFS Share Name field, a share name must be input. The share
name will be the name of the share that the CIFS server presents to the network. It does not
have to be the same name as the file system pathname that is exported. Next, select the
desired File System from the drop-down menu. Only file systems that are mounted to the
selected Data Mover will be displayed. Next select the file system Path name to export.
When creating an initial share on a file system, the only pathname available will be to the
top-level of the file system. The field only accepts pathnames that exist and it will not create
any structure that does not already exist. Make sure you check the corresponding CIFS
Server. Click OK when done.

Module 13 - Configuring CIFS 11

When you create a share, you can define it as a global share by not selecting a specific CIFS
server or servers for the share. A global share is accessible from all the available Data Mover
CIFS Servers. A local share can be defined by selecting a specific CIFS server for the share. A
local share can only be accessed from the specified server and all of its aliases if aliases are
configured. If the Data Mover has multiple CIFS servers, and multiple CIFS servers are
selected for the share, the share is only available from the specified CIFS servers, not any
unselected CIFS servers.
Shares created through Windows tools are local shares by default. This behavior is controlled
with a VNX parameter “ cifs srvmgr.globalShares” using the server_param command.
Setting the parameter value to 1 enables creating global shares, the default value is 0. See
the document Configuring and Managing CIFS on VNX available from Powerlink for details.

Module 13 - Configuring CIFS 12

The CIFS service must be stopped and restarted for any changes in the configuration to take
effect. Such change could include but not be limited to:
• Adding/changing the External Usermapper address
• Adding/changing the address of the WINS server
• Changing the security mode
To start or stop CIFS, access the main CIFS page, then from the Tasks pane File Storage
section, select Configure CIFS.

Module 13 - Configuring CIFS 13

Deleting a CIFS server is a multi-step process. Please note that a CIFS server can be removed
directly in Unisphere without performing all these steps. These steps represent a best
practice for removing a CIFS server to prevent any data loss from in-process write operations
or incomplete removal.
The first step is to ensure that there are no users actively accessing the CIFS server. This can
be done using Computer Management and connecting to the CIFS server and checking for
any open sessions to users.
The next step is to remove the CIFS server from the domain. This is done in the Unisphere
GUI on the main CIFS page. Select the specific CIFS Server’s properties and perform the un-
join operation.
Next is to delete any CIFS shares that are specifically associated with the CIFS Server. This is
done in the Unisphere GUI on the main CIFS page. From the CIFS Shares tab, select Shares
related to the CIFS server and delete them. The delete shares operation does not delete data
from the file system, it simply removes the sharing of the data.
Finally the CIFS server can be deleted. From the main CIFS page in Unisphere, select the
specific CIFS server from the CIFS Servers tab and delete it.
Using this multistep process prevents removal of a CIFS Server when write operations are in
process and clears the CIFS configuration of the CIFS Server completely.

Module 13 - Configuring CIFS 14

Listed are the key points covered in this module.

Module 13 - Configuring CIFS 15

Test the knowledge acquired through this training by answering the questions in this slide.
Continue to the next page for the answer key.

Module 13 - Configuring CIFS 16

Displayed here are the answers from the previous slide. Please take a moment to review
them.

Module 13 - Configuring CIFS 17

Module 13 - Configuring CIFS 18