Instruction Manual
Table Of Contents
- Dell FluidFS V3 NAS Solutions For PowerVault NX3500, NX3600, And NX3610 Administrator's Guide
- Introduction
- How PowerVault FluidFS NAS Works
- FluidFS Terminology
- Key Features Of PowerVault FluidFS Systems
- Overview Of PowerVault FluidFS Systems
- PowerVault FluidFS Architecture
- Data Caching And Redundancy
- File Metadata Protection
- High Availability And Load Balancing
- Ports Used by the FluidFS System
- Other Information You May Need
- Upgrading to FluidFS Version 3
- FluidFS Manager User Interface Overview
- FluidFS 3.0 System Management
- Connecting to the FluidFS Cluster
- Managing Secured Management
- Adding a Secured Management Subnet
- Changing the Netmask for the Secured Management Subnet
- Changing the VLAN ID for the Secured Management Subnet
- Changing the VIP for the Secured Management Subnet
- Changing the NAS Controller IP Addresses for the Secured Management Subnet
- Deleting the Secured Management Subnet
- Enabling Secured Management
- Disabling Secured Management
- Managing the FluidFS Cluster Name
- Managing Licensing
- Managing the System Time
- Managing the FTP Server
- Managing SNMP
- Managing the Health Scan Throttling Mode
- Managing the Operation Mode
- Managing Client Connections
- Displaying the Distribution of Clients between NAS Controllers
- Viewing Clients Assigned to a NAS Controller
- Assigning a Client to a NAS Controller
- Unassigning a Client from a NAS Controller
- Manually Migrating Clients to another NAS Controller
- Failing Back Clients to Their Assigned NAS Controller
- Rebalancing Client Connections across NAS Controllers
- Shutting Down and Restarting NAS Controllers
- Managing NAS Appliance and NAS Controller
- FluidFS 3.0 Networking
- Managing the Default Gateway
- Managing DNS Servers and Suffixes
- Managing Static Routes
- Managing the Internal Network
- Managing the Client Networks
- Viewing the Client Networks
- Creating a Client Network
- Changing the Netmask for a Client Network
- Changing the VLAN Tag for a Client Network
- Changing the Client VIPs for a Client Network
- Changing the NAS Controller IP Addresses for a Client Network
- Deleting a Client Network
- Viewing the Client Network MTU
- Changing the Client Network MTU
- Viewing the Client Network Bonding Mode
- Changing the Client Network Bonding Mode
- Managing SAN Fabrics
- FluidFS 3.0 Account Management And Authentication
- Account Management and Authentication
- Default Administrative Accounts
- Default Local User and Local Group Accounts
- Managing Administrator Accounts
- Managing Local Users
- Managing Password Age and Expiration
- Managing Local Groups
- Managing Active Directory
- Managing LDAP
- Managing NIS
- Managing User Mappings between Windows and UNIX/Linux Users
- FluidFS 3.0 NAS Volumes, Shares, and Exports
- Managing the NAS Pool
- Managing NAS Volumes
- File Security Styles
- Thin and Thick Provisioning for NAS Volumes
- Choosing a Strategy for NAS Volume Creation
- Example NAS Volume Creation Scenarios
- NAS Volumes Storage Space Terminology
- Configuring NAS Volumes
- Cloning a NAS Volume
- NAS Volume Clone Defaults
- NAS Volume Clone Restrictions
- Managing NAS Volume Clones
- Managing CIFS Shares
- Managing NFS Exports
- Managing Quota Rules
- Viewing Quota Rules for a NAS Volume
- Setting the Default Quota per User
- Setting the Default Quota per Group
- Adding a Quota Rule for a Specific User
- Adding a Quota Rule for Each User in a Specific Group
- Adding a Quota Rule for an Entire Group
- Changing the Soft Quota or Hard Quota for a User or Group
- Enabling or Disabling the Soft Quota or Hard Quota for a User or Group
- Deleting a User or Group Quota Rule
- Managing Data Reduction
- FluidFS 3.0 Data Protection
- FluidFS 3.0 Monitoring
- FluidFS 3.0 Maintenance
- Troubleshooting
- Getting Help
Enabling Active Directory Authentication
Join the FluidFS cluster to an Active Directory domain to allow it to communicate with the directory
service.
By default, the FluidFS cluster uses the domain controller returned by Active Directory. Alternatively, you
can designate a domain controller if you want to ensure that the FluidFS cluster uses a specific domain
controller. Adding multiple domain controllers ensures continued authentication of users in the event of
a domain controller failure. If the FluidFS cluster cannot establish contact with the preferred server, it will
attempt to connect to the remaining servers in order.
• An Active Directory service must be deployed in your environment.
• The FluidFS cluster must have network connectivity to the directory service.
• You must be familiar with the Active Directory configuration.
• The FluidFS cluster requires credentials from an Active Directory account for the join operation. The
join operation is the only action for which these credentials are required, and they are not stored or
cached by the FluidFS cluster.
Use one of the following options for the account used to join the FluidFS cluster to the domain:
– Use a Domain Admin account. This is the preferred method.
– Use an account that has the "join a computer to the domain" privilege, as well as having full
control over all computer objects in the domain.
– If both of the above options are unavailable, the minimum requirements for an account are:
* An Organizational Unit (OU) admin that has the "join a computer to the domain" privilege, as
well as having full control over objects within that OU, including computer objects.
* Before joining the FluidFS cluster to the domain, a computer object must be created by the OU
admin for the FluidFS cluster; in the OU privileges to administer are provided. The FluidFS
cluster computer object name, and the NetBIOS name used when joining it, must match.
When creating the FluidFS cluster computer object, in the User or Group field under
permissions to join it to the domain, select the OU admin account. Then, the FluidFS cluster
can be joined using the OU admin credentials.
• FluidFS clusters need read access for the tokenGroups attribute for all users. The default
configuration of Active Directory for all domain computers is to allow read access to the
tokenGroups attribute. If the permission is not given, Active Directory domain users that are in nested
groups or OUs encounter Access Denied errors, and users that are not in nested OUs or groups are
permitted access.
• The Active Directory server and the FluidFS cluster must use a common time server.
• You must configure the FluidFS cluster to use DNS. The DNS servers you specify must be the same as
those your Active Directory domain controllers use.
1. Click the Access Control tab on the left.
2. Click the User Repositories tab on the top.
3. In the Active Directory for CIFS and NFS users Authentication pane, click .
4. Click Join.
The Join Active Directory dialog box appears.
5. In the Active Directory domain name field, type a domain to which to join the FluidFS cluster.
6. (Optional) To add preferred controllers for the join operation and users authentication:
a) Select the Consider these controllers as preferred check box.
b) Type a domain controller host name or IP address in the controllers text field and click Add.
c) Repeat step (b) for each controller you want to add.
77