Hi all, i'm a newby in file access protocol and have some questions about how doing or not doing configurations.
i went throught the TR-3490 explaning multiprotocol file access. The Chapetr interesting is forme the Chapter 6 explaining how NTFS users access a NFS export in Unix security style. But the difference in my case in that there is no NIS on my Domain. Unix users are only authenticated on Unix server throught which they access the NFS export mounted from the NetApp.
i have a brief idea of what is expected when configuring Unix security style qtree when access by windows users and/or Unix users.
the context is the following:
- Filers are FAS2020 in HA pairs in 7.3.6p1
- filer is connected to a windows AD domain. (users are authenticated on AD)
- there is no NIS server on the area
- Unix users access the NFS share throught a Unix server on which they are authenticated
- Windows Users access the NFS share by creating a share for their access
we want Unix users (for batch access) to have access on a NFS share and then Windows users can modify file initially created by Unix batch users.
- so i'm creating a qtree in Unix security style
- creating a NFS export with RW and root access from the UNIX erver with sec=sys parameter
-i'm creating a share for users to access the data from windows side
- i have to add the root password in the /etc/passwd on the filer to allow the Unix server to mount the NFS share
Since windows user have to access data contained in the Unix security style qtree created before, i have to provide a /etc/usermap.cfg file to mapp Windows users to Unix users. ( i can be simple if windows users are the same unix users: it takes only one line)
Since windows users have to get the Unix permission, i have to add lines in the /etc/passwd file with each Unix user Uid, Gid...
so at this point, windows users have been mapped on the Unix side (with usermap.cfg file) and then having Unix permission attributed from the /etc/passwd file.
my question is the following:
1) first, is that wayof configuration is correct ?
2) Since Unix users are accessing the NFS export throught an authenticated session on Unix server, do they also need to be entered in the /etc/password file ?
anyway, the /etc/passwd file contains each Unix Uid and Gid for unix users since windows users are mapped to each same unix user .
Thanks a lot in adance for your reply or further information on how making the thing in the right way.