Administrator Guide

ManualsBrandsDell ManualsCompellent (SCStorage SCv2000

571

572

573

574

575

576

577

578

579

580

5. Select the ACL to UNIX 777 Mapping Enabled checkbox.

NOTE: Actual data-access checks in FluidFS are still made against the original security ACLs.

This feature applies only to NAS volumes with Windows or mixed security style (for les with Windows ACLs).

Setting ACLs on an SMB Share

To set ACLs, use Windows Explorer procedures. When dening an ACL for a local user account, you must use this format:

<client_VIP_or_name>\<local_user_name>

Setting SLPs on an SMB Share Using MMC

To set SLPs, you can use the Microsoft Management Console (MMC) with the Shared Folder snap-in to set permissions.

Administrators can use a predened MMC le (.msc) from the Windows Server 2003/2008/2012 start menu and add a Shared

Folder snap-in to connect to the FluidFS cluster.

About this task

The MMC does not let you chose which user to connect with a remote computer. By default, it forms the connection through the

user logged in to the machine. To connect through a dierent user:

• If the FluidFS cluster that you are trying to manage is joined to an Active Directory, log in to the management station with

<domain>\Administrator.

• Before using MMC, connect to the FluidFS cluster by using the client VIP address in the address bar of Windows Explorer. Log in

with the administrator account and then connect to MMC.

NOTE: You might need to reset the local administrator password rst.

Steps

1. Select Start → Run.

2. Type mmc and click OK. The Console 1 - [Console Root] window opens.

3. Select File → Add/Remove Snap-in.

4. Select Shared Folders and click Add.

5. In the Shared Folders window, select Another computer and type the FluidFS cluster name (as congured in the DNS).

Alternatively, you can use a client VIP.

6. Click Finish. The new shares tree is displayed in the Console Root window.

7. Right-click the required SMB share, and choose Properties.

8. In the Share Properties window, click the Share Permission tab to set SLPs.

Displaying Security Audit Events

Storage Manager displays a centralized view of the security audit events generated in volumes where SACL events are congured.

To display security events:

1. Click the Storage view and select a FluidFS cluster.

2. Click the Events tab.

3. In the right pane, make your selections across the top of the pane to determine which security audit events you want to display.

Audit SACL Access

Set Audit SACL (System Access Control List) Access to enable the type of auditing to be performed when an object (le or directory

with SACL entries) is accessed. If SACL access is not enabled for a NAS volume, then even if a le or directory has SACL entries,

the access does not generate an auditing event. Generated events for a NAS volume can be limited to successes, failures, or both.

1. Click the Storage view and select a FluidFS cluster.

2. Click the File System tab, expand NAS Volumes and select a NAS volume.

3. In the right pane, click Edit Settings. The Edit NAS Volume Settings dialog box appears.

4. Click Auditing in the vertical pane.

5. In the Audit File Access of SMB Users via SACL area, select On Success, On Failure, or both.

6. Click OK.

574

FluidFS NAS Volumes, Shares, and Exports