EMC VNX Series

Transcription

EMC VNX SeriesRelease 7.0Configuring and Managing CIFS on VNX P/N 300-011-826REV A01EMC CorporationCorporate Headquarters:Hopkinton, MA 01748-91031-508-435-1000www.EMC.com

Copyright 1998 - 2011 EMC Corporation. All rights reserved.Published February 2011EMC believes the information in this publication is accurate as of its publication date. Theinformation is subject to change without notice.THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC CORPORATIONMAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TOTHE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIEDWARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.Use, copying, and distribution of any EMC software described in this publication requires anapplicable software license.For the most up-to-date regulatory document for your product line, go to the TechnicalDocumentation and Advisories section on EMC Powerlink.For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks onEMC.com.All other trademarks used herein are the property of their respective owners.Corporate Headquarters: Hopkinton, MA 01748-91032Configuring and Managing CIFS on VNX 7.0

ContentsPreface.9Chapter 1: Introduction.13System requirements.14User interface choices.15Related information.15Use of the term Windows Server.16Chapter 2: Concepts.17Active Directory.19Windows environments.19DNS servers.20NTP servers.20IPv6 best practices.20Domain migration.21Domain-joined and stand-alone CIFS servers.21Network interfaces and CIFS servers.23CIFS shares.23International character support.24Enable internationalization support.25Quotas.26Alias.26Kerberos authentication.27LDAP signing and encryption.28Windows 2000 LDAP Registry setting.29Windows Server 2003 LDAP security policy.29Combining Windows settings with VNX ldap SecurityLayer.30Configuring and Managing CIFS on VNX 7.03

ContentsUser authentication methods.30User mapping.32Local user and group accounts.33Create local user accounts.34Administrator accounts.35Guest accounts.36Other local user accounts.36Virtual Data Movers.36Group policy objects.37GPO support on VNX.37Support for restricted groups.40Manage and enforce ACL.41Delegating joins.42Home directories.43Restrictions to using the home directory.43Alternate data stream support.44SMB protocol support.45SMB signing.46Symbolic links.47SMB2 support for symbolic links.48Opportunistic file locking.48File change notification.49Event log auto archive.49Planning considerations.52Chapter 3: Configuring.53Add a CIFS server to a Windows domain.54Create a domain account in Active Directory.54Add a WINS server.54Start the CIFS service.55Create a CIFS server for Windows Server environments.55Join a CIFS server to a Windows domain.57Join existing computer accounts.58Verify the configuration.58Mount a file system for CIFS access.60Create shares for CIFS users.61Create a local share.61Create a global share.62Create global shares with MMC or Server Manager.634Configuring and Managing CIFS on VNX 7.0

ContentsVerify shares.64Provide the network password when performing managementtasks.65Create a stand-alone CIFS server.65Chapter 4: Managing.67Set maximum number of passwords to retain in Kerberosauthentication.68Change the LDAP security level.68Check the current CIFS configuration.69Check a CIFS configuration and its dependencies.70Manage CIFS servers with local users support.72Enable local user support on a domain CIFS server.72Enable local user support using Unisphere.73Change the password for the local Administrator account.74Access and manage a CIFS server within the same domain.74Access and manage a stand-alone CIFS server within aworkgroup environment.74Enable the Guest account on a stand-alone server.76Delete a stand-alone server.76Rename a NetBIOS name.77Rename a compname.78Assign a NetBIOS or computer name alias.80Add a NetBIOS alias to a CIFS server.80Add a NetBIOS alias to the NetBIOS name.81Delete a CIFS server alias.81Delete a NetBIOS alias.82View aliases.82Associate comments with CIFS servers.83Add comments to a CIFS server in a Windows Serverenvironment.83Clear comments.84View comments from the CLI.84Comment limitations for Windows XP clients.85Change the CIFS server password.86Display the SMB2 dialect release.87Display the number and names of open files.87Delegate join authority.88Manage file systems.89Configuring and Managing CIFS on VNX 7.05

ContentsEnsure synchronous writes.89Turn oplocks off.89Configure file change notification.90Stop the CIFS service.91Delete a CIFS server.92Delete a CIFS server in a Windows Server environment.92Delete CIFS shares.93Delete a specific share.93Delete all shares.95Manage domain migration.95Change the user authentication method.97Check the user authentication method.97Chapter 5: Leveraging Advanced Functionality.99Enable and manage home directories.100Create the database.100Create the home directory file.100Add home directories to user profiles.101Disable home directories on the Data Mover.103Manage group policy objects.103Display GPO settings.104Update GPO settings.105Disable GPO support.107Disable GPO caching.107Disable alternate data streams.108Configure SMB signing.109Configure SMB signing with the smbsigning parameter.109Disable SMB signing on a Data Mover.109Configure SMB signing with GPOs.109Configure SMB signing with the Windows Registry.110Manage SMB2 protocol.112Enable the SMB2 protocol.112Disable the SMB2 protocol.113Create a symbolic link to a file with a relative path.113Change the default symbolic link behavior.114Enable symbolic links with target paths to parent directories.114Enable symbolic links with absolute paths.115Access symbolic links through CIFS clients.116Configure automatic computer password changes.1186Configuring and Managing CIFS on VNX 7.0

ContentsChange time interval for password changes.118Change the location of the Windows security log.119Join a CIFS server to a Windows domain—Advanced Procedures.120Join a CIFS server to a Windows domain for a disjoint namespaceand a delegated join.120Join a CIFS server to a Windows domain for the same namespaceand a delegated join.121Add the user performing the join to the local administratorsgroup.122Customize file filtering pop-up messages.122Chapter 6: Troubleshooting.125EMC E-Lab Interoperability Navigator.126Known problems and limitations.127Symbolic link limitations.131Error messages.132EMC Training and Professional Services.133GPO conflict resolution.133LDAP signing and encryption.135SMB signing resolution.135DNS issues.136MS Event Viewer snap-in.137Appendix A: Additional Home Directory Information.139Home directory database format.140Wildcards.141Regular expressions.142Parsing order.143Guest accounts.143Appendix B: MMC Snap-ins and Programs.145Data Mover Management snap-in.146AntiVirus Management.146Home Directory Management snap-in.146Data Mover Security Settings snap-in.146Glossary.149Configuring and Managing CIFS on VNX 7.07

ContentsIndex.1538Configuring and Managing CIFS on VNX 7.0

PrefaceAs part of an effort to improve and enhance the performance and capabilities of its product lines,EMC periodically releases revisions of its hardware and software. Therefore, some functions describedin this document may not be supported by all versions of the software or hardware currently in use.For the most up-to-date information on product features, refer to your product release notes.If a product does not function properly or does not function as described in this document, pleasecontact your EMC representative.Configuring and Managing CIFS on VNX 7.09

PrefaceSpecial notice conventionsEMC uses the following conventions for special notices:CAUTION: A caution contains information essential to avoid data loss or damage to the systemor equipment.Important: An important note contains information essential to operation of the software.Note: A note presents information that is important, but not hazard-related.Hint: A note that provides suggested advice to users, often involving follow-on activity for aparticular action.Where to get helpEMC support, product, and licensing information can be

EMC VNX Series Release 7.0 Configuring and Managing CIFS on VNX P/N 300-011-826 REV A01 EMC Corporation Corpor