Network and Storage Protocols

ftp to filer with no cifs

vlfabecic
20,798 Views

Hello

I want to configure ftp access to filer with no cifs license.

Users must be local.

Currently there is no /etc/passwd file.

I created user with useradmin but ftp login failes with "Login incorrect".

Should I create /etc/passwd with wrfile?

I must be able to set users "home" directory (for example /vol/vol1/files) because there will be file upload to that directory through some scripts from unix hosts.

Version:  NetApp Release 8.0.2P4 7-Mode: Tue Nov 15 16:16:47 PST 2011

9 REPLIES 9

bsti
20,798 Views

You can still run a cifs setup and map to the c$ and etc$ shares on a controller without a CIFS license.  We use it for administration all of the time.  You only need the license if you are serving up data with CIFS, I beleive. That would be easier than FTP.

vlfabecic
20,798 Views

Here is the output:

netappxx> cifs

CIFS is not licensed.

(Use the "license" command to license it.)

netappxx> cifs setup

CIFS is not licensed.

(Use the "license" command to license it.)

netappxx>

I do not need cifs at all on this filer. It has to do ftp (read and write, and not anonymous), http get and nfs file serving later.

And no authorization to AD, NIS or LDAP.

In version 7.3 problem was fixed by creating entry in /etc/passwd (OK, I also had CIFS license, but did not use it).

Have no experience with ONTAP 8.

Authorization has to be local. And ftp service is primary job of this filer.

How to create functional /etc/passwd file?

Is there any other way?

kumaraysun
20,799 Views

Hi,

you can setup an anonymous FTP , without CIFS. Please try the follwoing

1) in option FTP enbale anonymous FTP ( when loigin from the client use the login mae: ftp , password : <blank>

2) In the anonymous FTP directory give the path of the qtree where the scripts needs to be put.

3) in ftpd.dir.override provide the same path as that of the anonymous FTP.

4) leave everthing else default.

Check if the FTP works. if it fails please prove me the error message.

Kumaresan

vlfabecic
20,799 Views

Anonymous ftp must not be allowed.

But I fixed the problem with the following:

1. On the other filer (with CIFS) I did:

# cifs passwd somepassword

and copied hash to notepad.

2. Then I created /etc/passwd with:

# wrfile /etc/passwd

and added user entry manualy (with hash generated on the other filer) with home dir as it has to be.

After that ftp authorization worked as it has to.

Anyway, thanks for your ideas and time.

Vladimir

bsti
20,799 Views

I apologize for that.  For some reason, for us, we can do this even though CIFS is not licensed.  I assumed that is the case for everyone.  I think in our case we re licensed for FCP, so we get some cifs functionality as a result.

vlfabecic
20,799 Views

What version of Data ONTAP you have?

Maybe it worked on Data ONTAP 7, but does not work on Data ONTAP 8? In the moment I have no time to check it.

Anyway, I think that Netapp engineers should make some utility to create local users even if no SAN or NAS protocol is licensed (or at least document how to do it).

Netapp filer works very good as ftp server. In this case, that was the main reason why Netapp storage was chosen (and not some other storage).

aborzenkov
20,798 Views

Can you try “cifs passwd” command?

vlfabecic
20,798 Views

As I said, no cifs command works, but once again:

netappxx>

netappxx> cifs passwd

CIFS is not licensed.

(Use the "license" command to license it.)

netappxx>

bsti
20,798 Views

Okay, you were on the right track with the passwd file.  Here is your issue:

https://kb.netapp.com/support/index?page=content&id=2011031&actp=LIST_RECENT&viewlocale=en_US&searchid=1329871738158

I was confused because apparently ifyou have FCP or ISCSI licensed, you get partial CIFS functionality per below. 

https://kb.netapp.com/support/index?page=content&id=2012847&actp=LIST_RECENT&viewlocale=en_US&searchid=1329870988100

You need to add passwd entries into the /etc/passwd file to get FTP access.  The trick is generating the password.  Aborzenkov listed the most likely solution, which is to use CIFS passwd.  Since you don't have CIFS, you can't use that.  Another option (and probably your ONLY option) is below:

https://kb.netapp.com/support/index?page=content&id=1011368&actp=search&viewlocale=en_US&searchid=1329871738158

Specifically, near the bottom:

For UNIX operating systems, a normal UNIX crypt(3) password entry can be used
in the NetApp filer's /etc/passwd file. This can be done using the
filer's wrfile command to rewrite the /etc/passwd file. Note that
without an NFS or CIFS license, the only way to manage /etc files
would be through telnet (wrfile/rdfile) or FTP.

I would do this:

Add a new passwd entry in the file for your FTP user.

Generate the password using the crypt function from one of your linux/unix workstations in your environment.

Make sure FTP is enabled:

options ftpd.enable on

And I think you should be set.

Public