ONTAP Discussions
ONTAP Discussions
1) Do you you have the NFS exports on the same volume as the CIFS?
2) We have a few cases where NFS and CIFS are pointing to the same location. How do I create such?
Thanks,
SVHO
Hello SVHO,
NFS and CIFS are configured at SVM level.
For NFS, you must create an export policy and apply it on the volume via the namespace menu.
For CIFS, you must create a share (shares menu). During the share creation wizard, you can choose any volume.
In conclusion, yes a volume can be access simultaniously by NFS (via export policy) and CIFS (via share)
Regards,
Dlaumor
Thanks for the quick response. I did see the protocols for NFS, CIFS, etc at the SVM level (Data Protocols). At the volume level, it has to be specified with "Mixed" security style if one chooses to have both NFS & CIFS on that volume?
Not really.
Security style and access protocol are completely different things.
There are 3 different security styles:
- Unix : file permissions are based on Unix permissions (rwx) and can only be modify by Unix clients
- NTFS: file permissions are based on Windows ACL and can only be modify by Windows clients
- Mixed: filer permissions are based on Unix permission or on Windows ACL (but not at the same time). If the last client who change permission are a Unix client, permission will be Unix. If the last client is a Windows client, permission will be NTFS.
For example, a Unix security style volume can be accessed by NFS and CIFS but files permissions will be only Unix. Even a Windows client will only view 3 differents permissions (Read/Write/Execute).
Personaly, I'm trying not to use Mixed security style. If you put a lot of ACL on a folder and then, a Unix client use the "chmod" command, all the ACL will be lost.
Dlaumor
Thanks. We have had our experience with the mixed permission in our current NAS (other vendor).
So basically for good practice, any NFS export has to have its own volume? Lets say I have 5 NFS exports.
So to simplify things, I could create a volume called "NFS", then create 5 qtrees (link to each export policy) for each nfs export. For the one CIFS share, I just point to the location of nfs export
@SVHO wrote:
So to simplify things, I could create a volume called "NFS", then create 5 qtrees (link to each export policy) for each nfs export. For the one CIFS share, I just point to the location of nfs export
Yes