4. Right-click Network access: Let Everyone permissions apply to anonymous users, and then click
Properties.
5. To allow permissions applied to the Everyone group to apply to anonymous users, click Enabled.
The default is Disabled.
6. Restart the NFS server service. From a command prompt, enter net stop nfssvc. Then enter
net start nfssvc. Notify users before restarting the NFS service.
7. AssigntheEveryonegrouptheappropriatepermissionsontheNFSShare.
8. Enable anonymous access to the share.
To enable anonymous access to an NFS share, do the following:
1. Open Windows Explorer by clicking Star t > Run, and entering Explorer.
2. Navigate to the NFS share .
3. Right-click the NFS Sha re, and then click Proper ties.
4. Click NFS Sharing.
5. Select the Allow A nonymous Access checkbox.
6. Change from the default of -2,-2, if desired.
7. Click Apply.
8. Click OK.
Best practices for running Server for NFS
• Provide u
ser-level security
• Secure files
• Secure new drives
• Allow use
rs to disconnect before stopping the Server for NFS service
• Use naming conventions to identify shares with EUC encoding
• Protect configuration files
For further details, see the online help for Microsoft Services for Network File System.
User Name Mapping
The User Name Mapping component provides centralized user m apping ser vices for Server for NFS and
Client for NFS. User Name Mapping lets you create maps between Windows a nd UNIX user and group
accounts even though the user and group nam es in both environments may not be identical. User
Name Mapping lets you maintain a single mapping database making it easier to configure account
mapping for multiple computers running MSNFS.
In addition to one-to-one mapping between Windows and UNIX user and group accounts, User Name
Mapping permits one-to-many mapping. This lets you associate multiple Windows accounts with a single
UNIX account. This can be useful, for example, when you do not need to maintain separate UNIX
accounts for individuals and would rather use a few accounts to provide different classes of ac cess
permission.
You can use simple m aps, which map Windows and UNIX accounts with identical names. You can also
create advanced maps to associate Windows and UNIX accounts with different names, which you can
use in conjunction with simple maps.
User Name Mapping can obtain UNIX user, password, and group information from one or more Network
Information Service (NIS) servers or from password and group files located on a local hard drive. The
password and group files can be copied from a UNIX host or from a NIS server.
User Name Mapping periodically refreshes its mapping database from the source databases, ensuring
that it is always kept up-to-date as changes occur in the Windows and UNIX name spaces. You can also
refresh the database anytime you know the source databases have changed.
94
Other network file and print services