Network and Storage Protocols

Multiple FTP target directories-How to?

ebryantff
7,004 Views

          I'm planning a migration from block storage to NAS (CIFS) storage for our Windows file servers.  There are about 50 different folders that are accessed via FTP by customers, either manually, or using scripts to grab and drop files.  Currently, they access a couple of Windows servers running FTP services via IIS.  They ftp to the server, and follow virtual directories to their destinations.  This way, there is FTP access and Windows client access via drives/shares mapped to the same destinations.

I'm looking to providing FTP access to these folders via ONTAP.  However, it seems I can only select one "landing zone" via the options ftpd.dir.override setting.  In my testing, I cannot traverse out of that volume/folder to go to another volume/folder.  So, if one folder is in /vol/vol0, and another is in /vol/other-volume, it appears I cannot host these both via FTP.  Since I've never configured FTP on a Filer before (but I've done nearly everything else on them), I'm sure I probably am not "getting" something.  Can anyone help me with steps in doing what I am looking to do?  If what I'd like is not possible, could it be possible to use a Windows server, still running FTP, with virtual directory links to the storage system's various target shares (although it seems like a needless extra layer)?

6 REPLIES 6

XIPHIAS256
7,004 Views

Bump!

We are in the same situation. We would like to have different ftp accounts mapped to different volumes. (much like regular ftp server configuration, done on Linux)

Is it possible????

It seems that the ftp service in Netapp is user sentric, in the way that you define 1 (ONE) volume to host all your users "home directories".

Could anyone please clarify how ftp on Netapp work?

Regards,

Finn Andersen

Norway

bruno_pessanha
7,004 Views

I have the same problem here! Somebody help...

andrc
7,004 Views

How about setting `options ftpd.auth_style unix` and setting the home directory path in /etc/passwd or NIS depending on your /etc/nsswitch.conf settings

CCOLEMAN_
7,004 Views

did anyone ever find anything out on this?

wassilios_lyghas
7,004 Views

You have to work with linked folders (can be done from a unix ws/server or from Windows with an add. tool called ln.exe)

Please find below our guide & config:

Requirements:
• Administrative privileges to the NetApp Console
• LN.EXE Tool available – To create links from Windows

Usage:

• Enable FTP

(on vfiler: switch to vfiler vfiler_host -> vfiler context vfiler_host)
options ftpd.enable on

• Change the ftpd.auth_style to ntlm
options ftpd.auth_style ntlm

• Enable ftpd.dir.restriction
options ftpd.dir.restriction on

• Check FTP options
vfiler_host@filer> options ftp
ftpd.3way.enable             off
ftpd.anonymous.enable        off
ftpd.anonymous.home_dir
ftpd.anonymous.name          anonymous
ftpd.auth_style              ntlm
ftpd.bypass_traverse_checking off   (only in OnTap 😎
ftpd.dir.override
ftpd.dir.restriction         on
ftpd.enable                  on
ftpd.locking                 none
ftpd.log.enable              on
ftpd.log.filesize            512k
ftpd.log.nfiles              6
ftpd.tcp_window_size         28960

• Create a small (500MB incl. snaps) volume called ftplinks
(on vfiler: switch back to vfiler vfiler0 -> vfiler context vfiler0)
vol create vfiler_host_ftplinks aggr0 500M

• Create a qtree with NTFS security style
qtree create /vol/vfiler_host_ftplinks
(on vfiler also: vfiler add vfiler_host /vol/vfiler_host_ftplinks)
(on vfiler: switch to vfiler vfiler_host -> vfiler context vfiler_host)
qtree create /vol/vfiler_host_ftplinks/vfiler_host_ftplinks
qtree security /vol/vfiler_host_ ftplinks ntfs


• From Windows: Edit the file with wordpad/write \\vfiler_host\etc$\cifs_homedir.cfg (not with Notepad!)
Add the following entry:

/vol/vfiler_host_ftplinks/vfiler_host_ftplinks

save the file

• Reload the changes with
cifs homedir load

• Create share(s)
cifs shares -add ftplinks$ /vol/vfiler_host_ftplinks/vfiler_host_ftplinks
cifs shares -change ftplinks$ -nosymlink_strict_security
cifs shares -add ftp_backup$ /vol/vfiler_host_ftplinks/vfiler_host_ftplinks


• From Windows: Create links with FTP-ID’s points to the requested folders

Requirement:
You have a drive letter! mapped to \\vfiler_host\proj before you run the command (net use b: \\vfiler_host\proj)

Request:
User DOMAIN\qms2 -> vfiler_host_proj/QMS
User DOMAIN\impex -> vfiler_host_proj/impex
User DOMAIN\recimpex -> vfiler_host_proj/department/RECONCILIACIONES

Use the tool ln.exe to create links from Windows:

Change to the mapped network drive

ln /vol/vfiler_host_proj/QMS \\vfiler_host\ftplinks$\qms2
ln /vol/vfiler_host_proj/impex \\vfiler_host\ftplinks$\impex
ln /vol/vfiler_host_proj/department/RECONCILIACIONES \\vfiler_host\ftplinks$\recimpex


• Make a test via the ftp command from Windows
(use backslash \ between domain and your account!)

C:\WINDOWS>ftp vfiler_host
Connected to vfiler_host
220 vfiler_host@vfiler_host FTP server (NetApp Release 7.2.6.1P6: Fri May 29 14:15:57 PDT 2009) ready
User (vfiler_host:(none)): DOMAIN\recimpex
331 Password required for DOMAIN\recimpex.
Password:
230 User DOMAIN\recimpex logged in.
ftp> dir
200 PORT command successful.
150 ASCII data connection for /bin/ls (19.170.131.35|2047) (0 bytes).
drwxrwxrwx     14 root    0             4096 Oct 19 08:43 .
drwxrwxrwx     44 root    0             8192 Oct 16 09:13 ..
-rwxrwxrwx      1 root    0             2274 Oct 19 08:40 FV.G099904.G020D.N001.G0016V00
-rwxrwxrwx      1 root    0              403 Oct 19 08:40 FV.G099904.G020D.N002.G0016V00
-rwxrwxrwx      1 root    0              403 Oct 19 08:40 FV.G099904.G020D.N003.G0016V00
-rwxrwxrwx      1 root    0            12109 Oct 19 08:40 FV.G099904.G020D.N004.G0016V00
ftp>

Hints
• Using FTP the user must be able to traverse the entire directory tree, having Change access to the sub dir only folder isn't enough. 
• The FTP user will have to enter their FTP IDs in all lower case.

JAN_PETRZELA
7,004 Views
Public