Configuring CIFS

Upon completion of this module, you should be able

to:
Configure the Data Mover for a Windows
environment
Create and Join a CIFS Server to a Windows Domain
Export a file system as a CIFS Share
Describe UserMapper Basics

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 1

 Module 12: Configuring CIFS

Lesson 1: Overview of Configuring VNX for CIFS

During this lesson the following topics are covered:
Preparing for CIFS
Creating a CIFS server
Creating a CIFS share

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 2

Preparing for CIFS
Configure IP networking
Interface addressing
Routing Virtual Data
Mover
Configure Network
Services DataF
cge-1-0
192.168.6
5.12
DNS Dynamic DNS S
/
recommended Sales
NTP
Configure Virtual Data
Mover
Best practice for CIFS
Configure a file system
Provides file storage
space

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 3

Configuring CIFS: CIFS Server
Click icon to add picture
Start the CIFS service CIFS
Runs on physical Data
Virtual Data
Mover
Mover
Create a CIFS server on CIFS cge-1-0

VDM Server 192.168.6

DataF 5.12
VNX_CIFS01
Uses an available S
/
interface for network Sales
communications
CIFS server binds to
interface name
Join CIFS server to the
Windows Domain OU
EMC
CIFS server created in Celerra
VNX_CIF
S01
domain OU EMC Celerra

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 4

Configuring CIFS: Storage
Click icon to add picture
Create CIFS share CIFS
From prepared file
Virtual Data
system
Mover
CIFS server makes share CIFS cge-1-0
available on network to Server 192.168.6
DataF 5.12
clients VNX_CIFS01
S
CIFS is now configured /
/DataFS/Sales shared as
Sale Sales_data
on VNX s Sales_d
ata
CIFS server is available
to Microsoft network
File storage available to
CIFS clients though the OU
EMC
CIFS share Celerra
VNX_CIF
S01

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 5

 Configuring CIFS

Lesson 1: Summary
During this lesson the following topics were covered:
Preparing for CIFS
Creating a CIFS server
Creating a CIFS share

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 6

 Configuring CIFS

Lesson 2: Create and Join a CIFS Server to a

Windows Domain
During this lesson the following topics are covered:
Starting CIFS
Creating a CIFS Server
Joining a CIFS Server to the domain
Verifying CIFS server status

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 7

CIFS Management in Unisphere

Storage > Shared Folders > CIFS

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 8

Starting CIFS

Storage > Shared Folders > CIFS

Tasks tree > Configure CIFS link

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 9

Create a CIFS Server

Storage > Shared

Folders > CIFS > CIFS
Servers tab > Create

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 10

CIFS Server Status
CIFS Server
Properties:
Displays status
with the domain

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 11

CIFS Servers in the Windows Environment
CIFS server in
Active
Directory

CIFS server
in Dynamic
DNS
Copyright 2014 EMC Corporation. All Rights Configuring CIFS 12
 Configuring CIFS

Lesson 2: Summary
During this lesson the following topics were covered:
Starting CIFS
Creating a CIFS Server
Joining a CIFS Server to the domain
Verifying CIFS server status

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 13

 Configuring CIFS

Lesson 3: File System Access via CIFS

During this lesson the following topics are covered:
Exporting a file system as a CIFS share
Creating a top-level file system share
Creating shares using Windows tools

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 14

CIFS Shares
Exporting a file system pathname as a CIFS
share
Provide a share name

CIFS
File Server
System /DataFS/shared as hidden share
DataFS Top$
lost+foun
.etc
d
Engineeri /DataFS/Engineering
Designs
shared as

ngStructura Desig
ns
Sales
l /DataFS/Sales shared as Sales
West Sales

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 15

 Exporting a File System as a CIFS Share:
Unisphere
Storage > Shared Folders > CIFS > Shares tab
Create

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 16

 Exporting a File System as a CIFS Share:
Windows
Initial top-level share created with Unisphere must
be in place!
Computer Management > select CIFS Server

System Tools > Shared Folders > Share > New

Share

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 17

Unisphere Display of CIFS Shares
VNX shares created with Microsoft tools displayed in
Unisphere

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 18

 Configuring CIFS

Lesson 3: Summary
During this lesson the following topics were covered:
Exporting a file system as a CIFS share
Creating a top-level file system share
Creating shares using Windows tools

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 19

 Configuring CIFS

Lesson 4: CIFS Operational Considerations

During this lesson the following topics are covered:
Stopping/restarting the CIFS service
Modifying CIFS server interfaces
Moving a VDM with a CIFS server
CIFS restrictions with VDM

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 20

CIFS Servers Interface Considerations
Interface stealing is:
Possible between CIFS Servers on the same Physical
Data Mover
Possible between CIFS Servers on the same Virtual
Data Mover
Not possible between CIFS Servers on different Data
Movers (Physical or Virtual)
Interfaces are not changed for Default CIFS Servers
Default CIFS Servers automatically use interfaces that
are not currently used by any other CIFS Servers
When a CIFS Server interface is disabled
CIFS shares that are connected through this interface
will no longer be accessible
Shares need to be reconnected through new interface

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 21

 Stealing CIFS Server Interface

Assigning an already used Interface to a CIFS

server:

New CIFS Server

VNX_CIFS02 being
configured

Interface already in use

by VNX_CIFS01

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 22

Start/Stop the CIFS Service
Stop and Restart CIFS service after Changes
WINS settings for legacy NT4 domains
Other CIFS related changes
See Configuring and Managing CIFS on VNX
Stopping CIFS service stops all CIFS servers
On physical Data Mover and its VDMs

CIF
S

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 23

 Moving a VDM with a CIFS Server

Target physical Data Name resolution:

Mover must have Different IP addresses
interface with same Dynamic DNS updates
name Client DNS cache flush
CIFS server binds to Same IP address
interface name Down inactive
interface

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 24

CIFS Restrictions with VDMs
VDM containing a CIFS server
cannot be loaded onto physical
Data Mover with a default
CIFS server
Default CIFS servers use all Virtual Data
available interfaces Mover
VDM CIFS server cannot CIFS
Server
provide antivirus functionality
Antivirus functionality is
provided by global CIFS
server from physical Data
Mover
Refer to Configuring Virtual
Data Movers on VNX document
for other restrictions
Copyright 2014 EMC Corporation. All Rights Configuring CIFS 25
 Configuring CIFS

Lesson 4: Summary
During this lesson the following topics were covered:
Stopping/restarting the CIFS service
Modifying CIFS server interfaces
Moving a VDM with a CIFS server
CIFS restrictions with VDM

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 26

 Configuring CIFS

Lesson 5: Usermapper
During this lesson the following topics are covered:
Explain Usermapper basic operations
Explain Usermapper configuration

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 27

User Mapping with VNX
Method for uniquely identifying users and groups
accessing the VNX with file access protocols (CIFS
and NFS)
Windows SIDs
UNIX/Linux UIDs and GIDs
VNX requires UIDs and GIDs
UxFS based file system file and directory permissions
Mapping required for CIFS only & mixed CIFS/NFS
environmentsUser/Group SIDs
Mapping method
UID/GID
UID/GID
UID/GID

VNX FS
Windows UID/GID
UNIX/Linux
CIFS NFS

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 28

User Mapping Methods
Variety of methods available
Supporting various user environments
Internal and external to VNX

Mapping User
Location Enabled By
Method Environment
VNX Data
Usermapper CIFS only default
Mover
nsswitch.conf
Microsoft IdMU CIFS and NFS Windows AD
(LDAP)
nsswitch.conf
Microsoft SFU CIFS and NFS Windows AD
(LDAP)
OpenLDAP/ UNIX/Linux nsswitch.conf
Mapping method CIFS and NFS
iPlanet LDAP server (LDAP)
VNX UNIX User CIFS ADMap
CIFS and NFS Windows AD
Management parameter
Data Mover
NIS CIFS and NFS NIS server
network settings
VNX Data Data Mover
Local Files CIFS and NFS
Mover passwd/group files
VNX Data
ntxmap CIFS and NFS ntxmap.conf
Mover

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 29

User Mapping and Secure Mapping
Secmap records (caches) SID to UID/GID mappings
provided by user mapping methods
Does not generate mappings
Used for resolving subsequent user mapping
Is persistent mapping
Present on all physical and virtual Data Movers
Mapping entries displayed with CLI only

Mapping method

Data Data
Mover Mover
Secmap Secmap

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 30

User Mapping Search Order
Ye
s Ye User is
Start ntxmap secmap s authenticated
No
3 No
Ye
2 Local
user s
The access to
CIFS share is
#
# /.etc/nsswitch.conf
/.etc/nsswitch.conf :: & group allowed
# Nofiles
#
passwd:
passwd: files
files ldap
ldap nis
nis Ye
group:
group: files
files ldap
ldap nis
nis NIS s End
hosts:
hosts: dns
dns nisnis files
files
netgroup: files No
netgroup: files nis
nis
Ye
LDAP s

No
1 Default mapping search order 1
Active
Directory
Ye
s
No
2 nsswitch.conf Usermapper
Ye
s
No
3 ntxmap Usermapper
generates UID
or GID and ads
it to its
database

Ye
Was the s
user
added?
No An error is
generated

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 31

Usermapper Overview
A user mapping method which runs on a VNX for
File
Mapping method used for CIFS-only user
environments
Automatically generates UIDs/GIDs for Windows
user/group SIDs
Database maintains mappings
UID and GID values start at 32768 and increase
Custom ranges can be configured in usrmap.cfg file (not
recommended)
Data Data
Mover
Usermapper Mover
Service

Secmap Secmap

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 32

Usermapper Roles
Primary Usermapper
One per VNX environment Data Data
Primary
Mover 2 Mover 3
Generates user mappings Usermap
per
By default runs on Data Secmap Secmap
Mover 2
Secondary Usermapper Data
Secondar Data
One per each additional VNX Mover
y 2 Mover 3
Queries Primary Usermapper Usermap
per
Secmap Secmap
for mapping
Usermapper client
Data Data
All other VNX Data Movers Primary/ Usermap
Mover 2 Mover 3
Query Primary/Secondary for Secondar per
y Client
user mappings Secmap Secmap

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 33

Primary Usermapper Operations
Multiple VNXs: one Primary,
two Secondary Usermappers
1. User1 accesses DM2 on VNX3
Data Mover
VNX1 2
Sec. Usermapper
2. Primary Usermapper
Secmap
generates & records UID for VNX2
user1 SID Data Mover
2
3. Secmap records mapping Sec. Usermapper

Secmap
VNX1
Data Mover
2
Primary
1 User1 SID
User1 SID: UID 2
Usermapper
32768
Secmap
User1 SID: UID 3
32768
User1

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 34

 Secondary Usermapper Operations
Multiple VNXs: one Primary, two Secondary
Usermappers
VNX3
1. User2 accesses DM2 on VNX2 Data Mover
2. Secondary queries Primary for mapping 2
Sec. Usermapper

3. Primary generates & records UID for user2 SID

4. Secmap on VNX1 DM2 records mapping Secmap

5. Primary replies with mapping

6. Secondary records User2 mapping
7. Secmap on VNX2 DM2 records mapping
VNX2 VNX1
Data Mover Data Mover
2 2 2
6Sec. Usermapper Primary
Mapping Query
6 User2 SID: UID User1 SID: UID
1 User2 SID
Usermapper
User2 SID: UID
32769 Mapping reply 5 32768 3
32769
Secmap Secmap
7 User2 SID: UID User1 SID: UID
32769 User2 32768
SID: UID
4
32769
User2

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 35

 Secondary Usermapper Operations
(Continued)
Multiple VNXs: one Primary, two Secondary
Usermappers
VNX2
1. User3 accesses DM2 on VNX3 Data Mover
2. Secondary queries Primary for mapping 2
Sec. Usermapper
User2 SID: UID
3. Primary generates & records UID for user3 SID 32769

4. Secmap on VNX1 DM2 records mapping Secmap

User2 SID: UID
32769
5. Primary replies with mapping
6. Secondary records User3 mapping
7. Secmap on VNX2 DM2 records mapping
VNX3 VNX1
Data Mover Data Mover
2 2
6 Sec. Usermapper
Mapping Query 2
Primary
1 User3 SID: UID User1 SID: UID
Usermapper
User2 SID: UID
User3 SID
32770 Mapping reply 5 32768
User3 SID: UID 3
32769
Secmap 32770
Secmap
7 User3 SID: UID User1 SID: UID
32770 User2 32768
SID: UID
User3 32769
SID: UID 4
User3 32770

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 36

Usermapper Client Operations
Multiple VNXs: one Primary, two Secondary
Usermappers
1. User4 accesses DM3 on VNX1 VNX3
Data Mover
2. Client broadcasts to Usermapper service for mapping 2
Sec. Usermapper
3. DM2 Primary generates & records UID for User4 SID32770
User3 SID: UID

4. DM2 secmap records mapping VNX2

Secmap
User3 SID: UID
5. Primary replies with mapping Data Mover 32770
2
Sec. Usermapper
6. DM3 secmap records mapping User2 SID: UID
32769
Secmap
User2 SID: UID
VNX1 32769
Data Mover Data Mover
3
Usermapp
2 Mapping broadcast 2
Primary
User1 SID:UID
UsermapperUID
1 User4 SID
er User1
User2SID:
SID: UID
32768
Client Mapping reply 5 User3
User4
SID: UID
32768
32769
SID: UID 3
32770
Secmap 32771
Secmap
6 User4 SID: UID User1 SID:UID
UID
User1 SID: UID User1
User2SID:
SID: UID
32771
32768 User3 32768
SID: UID
32768
User4 32769
SID: UID 4
User4 32770
32771

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 37

 Viewing the Usermapper Configuration
Storage > Shared Folders > CIFS >
Usermappers tab

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 38

Usermapper Database Backup
Storage > Shared Folders > CIFS > Usermappers
tab
Backups used to update Secondary database
If promoting to Primary
EMC recommends that you do not modify
Usermapper database entries.

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 39

 Managing Usermapper Roles
Storage > Shared Folders > CIFS >
Usermappers tab

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 40

 Managing Usermapper Roles (continued)
Storage > Shared Folders > CIFS > Usermappers
tab

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 41

 Configuring CIFS

Lesson 5: Summary
During this lesson the following topics were covered:
Usermapper basic operations
Usermapper configuration

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 42

Summary
Key points covered in this module:
Preparation is key to CIFS implementation. Identify
key network resources:
Interface addressing
Routing
DNS
NTP
VDM CIFS server cannot provide antivirus
functionality
Usermapper provides unique IDs for users and
groups from Windows environments that access the

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 43

 This slide is intentionally left blank.

Copyright 2014 EMC Corporation. All Rights Configuring CIFS 44