Installation manual
Preparing for NFS Authentication
Adding an NFS Access List
CLI Storage-Management Guide 4-9
Removing the NIS Domain-Server Map
From gbl mode, use no nis domain to remove a NIS domain-server map:
no nis domain domain
where domain (1-256 characters) is the name of the domain to remove.
You cannot remove a domain that is referenced by an NFS access list. The next
section describes how to use an NIS domain in an access list.
For example, the following command sequence removes the NIS domain named
“PROVIDENCE:”
bstnA6k(gbl)# no nis domain PROVIDENCE
bstnA6k(gbl)# ...
Adding an NFS Access List
Before you configure any NFS exports or services, you can optionally configure one
or more NFS access lists. An access list is a list of subnets and hosts to which you
permit or deny access to NFS service. For example, you could permit access from the
subnet at 192.168.101.0 but deny access from all other subnets.
If you are not planning to configure any NFS shares or services, you can skip this
section. Otherwise, when you configure NFS shares and services later, you can apply
one NFS access list to each NFS share. You can reuse one NFS access list for any
number of NFS shares.
If you currently use NIS at your back-end filers, the front-end NFS service passes the
client’s User ID and Group ID through to the back-end filer, and the back-end filer
authenticates against those IDs as usual. The access list filters out users based on IP
address only, but the filer(s) may deny access based on user ID after the IP address
passes at the ARX.