2010-08-20 01:38 AM
As much as I have tried searching, I just can't seem to find any documentation on setting up a Snaplock volume correctly? Am I being blind and completely missing it somewhere.
We already have our compliance aggregate setup, and set up what we thought was a working snaplock volume and lun to attach to a Win2k3 server as a disk for use similar to the old WORM drive it is replacing (the software using this can't attach to UNC paths so it must be a drive). However we still seem to be able to modify or delete entries in the volume. I'm therefore after some documentation I can flick through to see what settings are available and what they mean or a general setup guide for snaplock; is there such a thing?
Many thanks in advance
2010-08-20 07:50 PM
I don't believe Snaplock works on block-based storage (i.e. LUNs) and must work on files (NAS). The problem is that ONTAP does not see inside the LUN and so therefore cannot know when you are changing the attributes of a file within the LUN.
If you must use LUNs, you'll need some kind of host application to do the WORM functionality for you.
-- Adam Fox
2010-08-23 12:46 AM
Very basic question I'm aware; but if we have to set a Read Only attribute on the file; then I'm guessing anyone could in theory just take the read attribute off and then delete the file in this case then? Or am I wrong..
2010-08-23 12:48 AM
If that's the case, then that's a bit of a pain as this is how it was sold to us. Is it not possible just to set the minimum retention period and default retention period to something extremely high and for it to not allow you to delete things like that? or are you saying you must have a third party front end on top
2010-08-23 06:58 AM
You do not have to have a third party application on top, but it is recommended for structured data. LockVault is recommended for unstructured data.
You can set the snaplock autocommit option to automatically set the read only flag if the file has not been modified for a certain amount of time.
2010-08-23 07:01 AM
You cannot take the read-only attribute on the file off as long as the snaplock retention time is still valid.
Since you are setting up snaplock compliance edition, I would recommend setting up a Data ONTAP simulator to test snaplock. SnapLock compliance edition is tamperproof to the extreme so if you make a mistake on a real filer with real disks you cannot fix it until all of the files expire.
2010-08-23 07:04 AM
Hi, thanks for that. Sorry if there is confusion, but we are using SnapLock Enterprise in this particular case rather than Compliance (we want to be able to recover the storage in future if needed).