Configuring the mapping source – Dell PowerVault NX3200 User Manual

Page 32

Advertising
background image

4. Set the gidNumber and sAMAccountName attributes for the new group object.

NOTE: The gidNumber is the GID of the UNIX group that is being mapped, and
sAMAccountName must match the name of a local group on the Windows-based computer
that is running Server for NFS. If, after selecting the More Attributes button, the uidNumber and
gidNumber do not appear, close and open the ADSI Edit MMC.

5. Click OK, and click Finish to exit the wizard.

Authorizing Appropriate Access To The ADS LDS

Namespace Object

To connect to the Configuration partition:

1.

Press the Windows logo key on the keyboard.

2. Type CMD.

Command Prompt application is displayed.

3. Right-click Command Prompt, and select Run as administrator to open an elevated command

prompt.

4. Navigate to the C:\WINDOWS\ADAM directory, and run the dsacls command to grant the Everyone

group read access to the mapping data store as follows:
dsacls "\\server1:389\CN=nfsadldsinstance,dc=server1" /G everyone:GR /I:T

5. Optionally, if you are setting up a shared AD LDS store to allow multiple NFS servers to query the

account mapping database, add the mapping data store to the ACL to allow Read permissions for the

Anonymous Logon account as follows:
dsacls "\\server1:389\CN=nfsadldsinstance,dc=server1" /G "anonymous

logon":GR /I:T

NOTE: You can skip this step if there is no shared access between computers to the mapping
data store.

Configuring The Mapping Source

To configure the mapping source:

1.

Press the Windows logo key on the keyboard.

2. Type CMD.

Command Prompt application is displayed.

3. Right-click Command Prompt, and select Run as administrator to open an elevated command

prompt.

4. Run the following command, where <Computer>is the name of the computer where the AD LDS

instance was created,<Port> is the port that the AD LDS instance uses:
nfsadmin mapping config adlookup=yes addomain=<Computer>:<Port>

NOTE: For this example, use the following:
nfsadmin mapping config adlookup=yes addomain=server1:389

5. Test the setup by accessing the NFS resources and verifying that the user and group account

mappings work as expected.

32

Advertising
This manual is related to the following products:

PowerVault NX3300, Powervault NX400

Popular Brands
Popular manuals