NAS 1000s - Administration Guide
Table Of Contents
- NAS 1000s Administration Guide
- Table of Contents
- About This Guide
- 1 System Overview
- 2 Setup Completion and Basic Administrative Procedures
- 3 Persistent Storage Manager
- Operational Overview
- Reading Snapshots
- Creating Snapshots
- PSM Snapshot Attributes
- Automated Snapshot Deletion
- Data Recovery
- Snapshots Performance Impact
- Recovering Snapshots after a System Restore or System Loss
- Granule Size Update Utility
- Clearing the Cache File from the System
- Re-extending Volumes from Old Snapshots
- Global Settings
- Volume Settings
- Schedules
- Persistent Image and Group Information
- Managing Persistent Images
- Creating a New Persistent Image
- Deleting a Persistent Image
- Editing Persistent Image Properties
- Undo Persistent Image Changes
- Restoring an Image
- Known Issues
- 4 User and Group Management
- 5 Folder and Share Management
- 6 UNIX File System Management
- 7 NetWare File System Management
- 8 Remote Access Methods and Monitoring
- A Backup Management
- B PSM Error Codes
- Index
User and Group Management
64 NAS 1000s Administration Guide
Domain Compared to Workgroup Environments
NAS 1000s devices can be deployed in workgroup or domain environments. When in a
domain environment, the server is a member of the domain. The domain controller is a
repository of accounts and account access for the NAS 1000s. Client machines are also
members of the domain, and users log on to the domain through their Windows clients. The
domain controller also administers user accounts and appropriate access levels to resources
that are a part of the domain.
In a CIFS environment, when mapping a network drive or a client machine, a user sends a
logon credential to the server. This credential includes the username, password, and if
appropriate, domain information. Using the credential, the server authenticates and provides
the corresponding access to the user.
When a NAS 1000s is deployed into a workgroup environment, all user and group account
access permissions to file resources are stored locally on the server.
By contrast, when a NAS 1000s is deployed into a domain environment it uses the account
database from the domain controller, with user and group accounts stored outside the server.
The server integrates with the domain controller infrastructure.
Note: The NAS 1000s cannot act as a domain controller for other servers on the network. If user
and group account information is stored locally, those accounts may be used only to authenticate
logons to the NAS 1000s, resulting in a workgroup configuration.
Administering users and groups in a domain environment is similar in a mechanical sense to
administering them in a workgroup environment. If using an Active Directory domain
controller, the Computer Management tool allows for adding, modifying, and removing users
in the same context as in a workgroup environment. The concepts, however, are very different.
Additional information about planning for domain environments can be found at:
http://www.mi cr o s o ft.com/windo ws2000/technologie s/dir ectory/ad/defa ult.asp
The configuration of the domain controller is reflected on the NAS 1000s because it obtains
user account information from the domain controller when deployed in a domain environment.
As mentioned previously, the server cannot act as a domain controller itself.
User and Group Name Planning
Effective user and group management is dependent upon how well the user and group names
are organized. Administrators typically create a small number of groups on the network and
then assign users to the appropriate group or groups. File system and share permissions can
then be applied at the group level, rather than at the user level. If the number of groups is
small, assigning the appropriate permissions to selected group, or groups, is more efficient
than assigning permissions to each user.
Although each organization has specific conventions, following general guidelines makes
administration simpler and more efficient. Because CIFS is dependent on users and groups to
grant appropriate access levels to file shares, CIFS administration benefits from a consistent
user and group administration strategy.