Manualshelf

Installation manual

ManualsBrandsAcopia Networks ManualsHome building and Decor810-0044-00
51525354555657585960
Preparing for CIFS Authentication
Adding an Active-Directory Forest (Kerberos)
CLI Storage-Management Guide 3-11
for the forest root. From gbl-forest mode, use the forest-root command:
forest-root domain-name ip-address
where
domain-name (1-256 characters) identifies the AD domain of the forest root,
and
ip-address is the IP address (for example, 10.120.95.56) of the forest root’s
DC.
For example, this command sequence selects the forest root for the ‘medarcv’ forest,
‘MEDARCH.ORG:’
bstnA6k(gbl)# active-directory-forest medarcv
bstnA6k(gbl-forest[medarcv])# forest-root MEDARCH.ORG 192.168.25.102
bstnA6k(gbl-forest[medarcv])# . . .
Adding a Redundant Forest Root
Some networks configure redundant DCs to manage the AD-forest root. You can
re-use the
forest-root command to identify a redundant DC. The domain name is the
same, but the IP address for the DC is different. For example, this command sequence
configures redundant DCs for the ‘medarcv’ forest:
bstnA6k(gbl)# active-directory-forest medarcv
bstnA6k(gbl-forest[medarcv])# forest-root MEDARCH.ORG 192.168.25.102
bstnA6k(gbl-forest[medarcv])# forest-root MEDARCH.ORG 192.168.25.103
bstnA6k(gbl-forest[medarcv])# . . .
Removing a DC for the Forest Root
If there are redundant DCs for this forest root, you can always remove one of them. To
remove a forest root with only a single DC, there can be no child domains or sub trees
in the forest, nor can there be any trust relationships between this forest and any other
forest. (Child domains and forest-to-forest trusts are explained in the subsections
below.)