Figure 91 Process for Acquiring the Authentication Information (NFS)
ETERNUS DX
LAN
CIFS NFS
Active Directory authentication server LDAP authentication server
Reference the information to
authenticate the access request
2.
Request access to the
shared folder
1.
4. Respond to the
access request
UNIX / Linux clientWindows client
Shared folder A Shared folder B
3.
Reference the information to
authenticate the access
request (only if the AD
authentication server lacks the
authentication information)
● Policies Related to the Operation Design of the Authentication Information
• For users who use the CIFS protocol and the NFS protocol
The relevant username and group name need to be set in the AD authentication server and the LDAP
authentication server.
1 Register the user in the AD authentication server
After the user registration, check the user's Relative ID (RID). RID is a part of the Security ID (SID).
For a SID value of "S-1-5-21-xxxx-yyyy-zzzz-nnnn", the RID value is indicated by the "nnnn" portion.
2 Register the user in the LDAP authentication server
Set the following values to UID and GID.
The RID value obtained when the user is registered in the AD authentication server + 10,000,000
• For users who use only the NFS protocol
The relevant username and group name need to be set in the LDAP authentication server.
In the LDAP authentication server, set a UID and GID value within the following range.
1,005 – 9,999,999
• For users who use only the CIFS protocol
No consideration is needed.
4. NAS Functions
User Management
178 Design Guide
To Next Page
Loading...
