Acopia Networks 810-0044-00 Manual de instalación Pagina 50
- Pagina / 492
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Preparing for CIFS Authentication
Configuring the NTLM Authentication Server
3-6 CLI Storage-Management Guide
For example, the following command sequence removes a proxy user called
proxyNYC:
bstnA6k(gbl)# no proxy-user proxyNYC
bstnA6k(gbl)# ...
Configuring the NTLM Authentication Server
Before you configure a namespace with Windows NTLM, you must also configure an
NTLM-authentication server for the namespace. The NTLM Authentication Server is
the Windows Domain Controller (DC) that is the host for the Acopia Secure Agent
software. When the ARX gets a request for access from a CIFS client, it passes the
password to the Secure Agent for authentication. As a CIFS proxy, the ARX must also
access back-end CIFS filers; the Secure Agent answers all password challenges as the
same client.
The Secure Agent is required because the ARX acts both as the CIFS server for an
end user and then as a CIFS client on behalf of the same user. The user may request
access to multiple back-end filers, so the ARX must answer multiple NTLM
challenges on behalf of the client. The NTLM protocol prevents the ARX from
holding onto the user’s password, so a secure mechanism is required for retrieving the
user’s password as needed. The Secure Agent, residing on the Windows Domain
Controller, provides this mechanism. The ARX passes the NTLM authentication
challenge and the client’s username to the Secure Agent, which retrieves the client’s
password to answer the NTLM challenge. (The Secure Agent accesses the DC’s SAM
database to get the client’s password hash.) The ARX forwards the challenge response
to the back-end filer, completing the authentication session.
You separately install the Acopia Secure Agent at a DC, then you specify the server’s
IP address (and other parameters) at the ARX’s CLI. Refer to the Secure Agent
Installation Guide for instructions to install the Secure Agent and then configure it at
the ARX.
- CLI Storage-Management Guide 1
- Contents 3
- Chapter 3 4
- Chapter 4 5
- Chapter 10 12
- Chapter 11 12
- Chapter 12 14
- Chapter 13 16
- Chapter 14 17
- Chapter 15 18
- Chapter 1 21
- Introduction 21
- Back-end Storage and Servers 22
- Front-end Services 22
- Audience for this Manual 23
- Using this Manual 23
- Document Conventions 24
- CLI Overview 25
- Exiting a Mode 26
- The no Convention 27
- Getting Started 28
- Sample Network 30
- Contacting Customer Service 31
- Chapter 2 33
- Product Overview 33
- NAS NAS NAS 35
- Configuration Instructions 37
- Migration for Capacity 39
- Controlling Costs 43
- Adding a Proxy User 46
- Specifying the Windows Domain 47
- Listing All Proxy Users 49
- Removing a Proxy User 49
- Identifying the Forest Root 54
- Removing a Name Server 57
- Adding a Child Domain 58
- MEDARCH.ORG 59
- NE.MEDARCH.ORG 59
- Removing a Child Domain 60
- Adding a Tree Domain 61
- Removing a Tree Domain 62
- For example: 64
- Showing DC Status 66
- Removing a User 73
- Removing a Permission 74
- Focusing on One Group 76
- Removing a NIS Server 81
- Updating the NIS Database 84
- Scheduling Regular Updates 86
- Listing All NFS Access Lists 88
- Showing One NFS Access List 89
- Setting the NIS Domain 91
- Adding a Permit Rule 92
- Permitting a Netgroup 93
- Rule Ordering 94
- Allowing Root Access 94
- Removing a Permit Rule 95
- Adding a Deny Rule 97
- Adding a Description 100
- Removing an Access List 101
- Adding an NFS Access List 102
- Chapter 5 103
- Examining Filers 103
- Examining CIFS Shares 106
- Using Proxy-User Credentials 108
- Focusing on One Share 111
- Showing Connectivity Only 112
- Showing Capabilities Only 113
- Showing Shares Only 114
- Showing CIFS Attributes 115
- Probing for CIFS Security 116
- Chapter 6 119
- Adding an External Filer 119
- Ignoring a Directory 121
- Re-Instating a Directory 122
- Removing the Description 123
- Listing External Filers 124
- Samples - Adding Two Filers 126
- Removing an External Filer 127
- Chapter 7 129
- Configuring a Namespace 129
- Concepts and Terminology 130
- Listing All Namespaces 131
- (NFSv3 137
- 138
- Disabling Kerberos 143
- Multi-Domain Support 145
- Adding a Volume 149
- Disabling the Namespace 152
- volume /acct 153
- Removing a Namespace 155
- Chapter 8 157
- Adding a Direct Volume 157
- Declaring the Volume “Direct” 158
- (optional) 159
- Setting CIFS Options 160
- Adding a Share 163
- Listing Filer Shares 164
- Disconnecting From the Filer 167
- Removing an Attach Point 170
- Enabling the Share 174
- Selecting a VPU (optional) 175
- Default-VPU Assignment 176
- Assigning the Volume to a VPU 178
- Showing One VPU 182
- Enabling the Volume 183
- Disabling All Shares 184
- Showing the Volume 185
- Showing One Share 188
- volume /vol 191
- Removing a Direct Volume 193
- Chapter 9 195
- Adding a Managed Volume 195
- for a CIFS-only volume), and 197
- Removing a Metadata Share 198
- Running a No-Modify Import 205
- Preventing Modifications 206
- Auto-Sync Jobs and Reports 207
- Allowing Renames on Collision 208
- Disallowing Renames 209
- Reinstating Oplock Support 213
- Filer fs4 214
- Required Windows Permissions 216
- Filer fs1 217
- Filer fs2 218
- Setting Share-Import Options 222
- (Multi-Protocol) 226
- Disabling SID Translation 229
- Acknowledging SID Errors 231
- Disabling the Share 238
- single namespace 240
- Monitoring the Import 249
- Import Errors 250
- Canceling a Share Import 251
- volume /rcrds 262
- enable 262
- Removing a Managed Volume 265
- Configuring a Global Server 267
- Adding a Global Server 268
- Adding a Virtual Server 270
- Adding a NetBIOS Alias 274
- Removing NetBIOS Aliases 274
- Enabling a Virtual Server 275
- Removing a Virtual Server 276
- Enabling the Global Server 277
- Showing All Global Servers 277
- Showing One Global-Server 279
- Removing a Global Server 280
- Before You Begin 284
- Configuring NFS 284
- Exporting a Namespace Volume 285
- Stopping an NFS Export 286
- Disabling NLM (optional) 287
- Enabling NFS Service 288
- Listing All NFS Services 289
- Showing One NFS Service 290
- Removing an NFS Service 292
- Showing the NFS/TCP Timeout 293
- Configuring CIFS 294
- volume /lab_equipment 296
- Exposing Hidden Subshares 299
- Exposing All Hidden Subshares 302
- Adding New Subshares 303
- Stopping a CIFS Share 303
- Enabling CIFS Service 308
- Using Dynamic DNS (Kerberos) 310
- Replacing Back-End Services 311
- • \\fs7.medarch.org\tests 312
- Removing a Host Name 313
- Showing Dynamic-DNS Status 313
- Listing CIFS Services 317
- Showing All CIFS Services 320
- “ac1.medarch.org:” 321
- Removing a CIFS Service 322
- Showing Server Maps 327
- With Filer IP Addresses 329
- Showing Server Status 332
- Policy for Balancing Capacity 335
- Showing All Policy Rules 336
- Showing Details 337
- Focusing on One Namespace 343
- Focusing on One Volume 345
- Adding a Share Farm 349
- Adding a Share to the Farm 350
- Auto Migrating Existing Files 352
- Based on Latency (Bandwidth) 354
- Constraining New Files 356
- Distributing New Files 357
- Constraining New Directories 357
- Enabling All Share-Farm Rules 359
- Removing a Share Farm 360
- Creating a Schedule 361
- Removing the Duration 362
- Starting Now 363
- Showing All Schedules 364
- Removing a Schedule 365
- Pausing All Rules in a Volume 366
- Pausing on a Schedule 368
- Draining One or More Shares 369
- Choosing the Target Storage 371
- Removing the Schedule 372
- Removing the Limit 374
- Generating a Verbose Report 375
- Deleting Empty Reports 375
- Disabling Reports 376
- Enabling the Placement Rule 377
- Tentatively Enabling the Rule 378
- Disabling the Rule 378
- Removing the Placement Rule 380
- File-Attribute Migrations 383
- From an EMC Filer 386
- From a Unix Filer with SMB 386
- Grouping Files into Filesets 389
- Disabling Recursive Matches 391
- Regular Expression Syntax 393
- Creating Bounds for the Match 394
- Adding Complexity 394
- Negating the Match 395
- Reverting to the Root Path 396
- Matching Filenames (optional) 397
- Removing the Fileset 398
- Grouping Files by Size 399
- Removing a File Selection 400
- Grouping Files by Age 401
- Removing the Source Fileset 404
- Joining Filesets 408
- Removing a Source Fileset 409
- Removing All Source Filesets 409
- Intersecting Filesets 410
- Identifying a Source Fileset 411
- Listing all Filesets 412
- Showing One Global Fileset 415
- Migrating Filesets 419
- Directing File Placement 420
- After 1st Migration 421
- Matching Directories Only 423
- Configuring Progress Reports 437
- Generating Verbose Reports 438
- Changing Rule Order 441
- Shadowing a Volume 445
- /acctShdw 446
- "wwmed" namespace 446
- "nemed" namespace 446
- Compatible Software Releases 448
- Allowing Modifications 449
- Turning Off Shadowing 450
- Applying a Schedule 456
- Translating Local SIDs 460
- File-Attribute Translations 463
- Enabling Pruning 464
- Copying All Directories 465
- Setting a Bandwidth Limit 466
- Removing any Bandwidth Limit 467
- Reverting to the Default 468
- Enabling the Shadow-Copy Rule 469
- Showing Shadow-Copy Status 469
- Focusing on One Rule 473
- Report Format 475
- Reformatting the Report 478
- Truncating the Report 479
- Removing the Shadow-Copy Rule 480
- Copyrights 483
- Kerberos 492
© 2020, manymanuals.es. Todos los derechos reservados | 0.180 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales