■
Authentication in an NFS Environment
A login authentication by the LDAP authentication server (such as OpenLDAP) is required to perform user
management of directories and files with NFS access.
Caution
During the design phase
Operations using an LDAP authentication server that is running Active Directory Lightweight Directory
Services are not supported.
Note
During the configuration phase
•
To use the LDAP authentication server, add the administrator to manage subdirectories under the target
directory tree in the LDAP authentication server in advance. In addition, set this administrator as the
LDAP domain administrator when setting the authentication server from ETERNUS Web GUI or ETERNUS
CLI.
The procedure to set a directory tree administrator varies depending on the software. The examples
when using the following products are as follows.
-
When the 389 Directory Server (formerly called as Fedora Directory Server) is used
Register the administrator to manage subdirectories under the target directory tree using "ldapadd"
command or GUI screen after installing the package in addition to the "Directory Server Manager
(account that is specified with Directory Manager DN)" that is input when installing the package.
-
When OpenLDAP is used
Because an administrator has already been registered during the package installation, additional
settings are not required.
-
When Oracle Unified Directory (OUD) is used
Create the administrator to manage subdirectories under the target directory tree in addition to the
"Directory Server Manager" that is input when creating the instance. Register the administrator to
manage subdirectories under the target directory tree using the "ldapadd" command or GUI screen.
•
If an LDAP authentication server is used, the DN, which is the starting point to search for users from
ETERNUS CLI, can be set for the "search base". Because the "search base" setting is not displayed on
ETERNUS Web GUI, use ETERNUS CLI to change or delete the setting.
During the operation phase
The access privilege for the shared folder cannot be changed from an NFS client by executing the "mount"
command with an option to assign a Read-Write (rw) access privilege when this shared folder is created
with the operation management interface (ETERNUS Web GUI or ETERNUS CLI) so that it supports the NFS
protocol and receives a Read (r) access privilege.
4. NAS Functions
User Management
176
Design Guide
Summary of Contents for ETERNUS DX S5 Series
Page 335: ......