toasters April 1999

toasters@lists.teaparty.net

117 participants
153 discussions

Re: netapp meets bugtraq. again.
by Jason D. Kelleher 30 Apr '99

30 Apr '99

In message <Pine.LNX.4.04.9904291507120.12868-100000(a)phaeton.cebaf.gov>, Bry an Hess writes: > >On Thu, 29 Apr 1999 tkaczma(a)gryf.net wrote: >> >> On Wed, 28 Apr 1999, Kendall Libby wrote: >> >> > ------- Start of forwarded message (RFC 934 encapsulation) ------- >> > From: pashdown(a)XMISSION.COM (Pete Ashdown) >> > >> > /vol/vol0 -root=adminhost >> > >> > This is all fine and good, but it also exports to the WORLD with root >> > privileges. >> >> Are you sure it exports to all with root priviledges or does it just >> export to all read/write but as root only to adminhost? > > >It doesn't export root privs to all, but just exporting read/write to all >machines is scary enough. If I am a malicious user, I can find the mount >points easily enough, mount the filesystems, and create user accounts on >my machine to match any uid on the filer. After that, who needs root privs >except for files owner by uid 0? > >--Bryan This is not a "netapp meets bugtraq" issue. It's an "every NFS server configured by someone who doesn't know what he's doing meets bugtraq" issue. Security is dependent on the competence of the administrator. Of course, here in the USA, no one is responsible for their own actions. So we should report Linux, SunOS, Solaris, HP-UX, AIX, Free BSD, NetBSD, etc... to bugtraq right away!!! And we'll all sue too!!! Ooops, got way too sarcastic at the end there... jason

2 1

Re: Unable to log onto NetApp machine
by sirbruce＠ix.netcom.com 30 Apr '99

30 Apr '99

On 04/29/99 15:39:16 you wrote: >Hmm, this is what I thought of at first, but when I tried it in the lab, >it did not work. I did get it to work (sort of) bye doing #rsh filer >rc_toggle_basic; passwd . You should not use rsh to rc_toggle_basic to get at commands that are normally not accessible via rsh. There are reasons why they aren't rsh-able. Bruce

1 0

RE: How to use CIFS if PDC not on same lan?
by Muhlestein, Mark 30 Apr '99

30 Apr '99

NT requires you to see the PDC in certain cases, because the BDCs are basically read-only replicas of the PDC. One of those cases is setting the machine password, which is done when the server (NT or filer) is installed, then once a week (Sunday morning at 2 or so). You will have to make the PDC visible at least temporarily to install the filer. After that, it will keep pestering you because it won't be able to do the periodic machine account password update. This is really an issue with NT networking. You would have the same problem trying to install an NT member server in the same situation. There are probably some reasonable ways around this problem; your situation is not that unusual. The details depend on what you are trying to accomplish. You should probably work with customer support to see what makes most sense. You will also probably want 5.3, since it preferentially connects to domain controllers based on the IP address, which would mean it would always use the local BDC except for changing the passwords. By the way, you'll find that if your Windows clients cannot see the PDC they will not be able to change their login passwords from their workstations for the same reason: they have to be able to contact the PDC to do that. Mark Muhlestein -- mmm(a)netapp.com -----Original Message----- From: Jaye Mathisen [mailto:mrcpu@internetcds.com] Sent: Thursday, April 29, 1999 1:20 PM To: Puneet Anand Cc: toasters(a)mathworks.com Subject: Re: How to use CIFS if PDC not on same lan? The PDC is not IP reachable from the filer. The filer is on a private backbone, serving NFS/CIFS clients off secondary ethernet interfaces. The BDC happens to be one of those clients. And it has 2 interfaces... On Thu, 29 Apr 1999, Puneet Anand wrote: > Is the PDC registering with the same WINS ? Hopefully yes. > We do need PDC for installation.If this is ONTAP 5.1 or later ,you can > run cifs testdc command with the following options to troubleshoot. > > cifs testdc <wins_ip> <domain_name> <filer_name> > > > -Puneet > __________________ > > > Jaye Mathisen wrote: > > > > I have 2 sites. Site B has a BDC for a domain, and the Netapp. > > Site A connected via T1 has the PDC. > > > > When I try to run CIFS setup, it gets to the part about needing to reach > > the PDC and can't find it, so it aborts. > > > > I'm not sure why it can't just do whatever it needs to do with the BDC > > right there (running WINS)... > > > > Perhaps I need to add some key to WINS for the netapp to see it? >

1 0

Procom Netforce
by Kevin W. Brown 30 Apr '99

30 Apr '99

I just got back from ISPCon, where I saw the Procom Netforce filer, and I was wondering if anyone here has experience with this product. Specifically, they have a 100G fault-tolerant version for around $30K. It has two host "controllers", which are basically Pentium II/III machines that load balance and automatically fail over. It has a journaling file system and snapshot backup capability. We are looking to purchase some new network attached (NFS) storage, and this looks like it just might fit the bill. Thganks! -------------------------------------------------------------------------- Kevin W. Brown | 4080 Water Tank Rd. | E-Mail: kevin(a)qis.net Quantum Internet Services | Manchester, MD 21102 | Voice: 410-239-6920 --------------------------------------------------------------------------

1 0

RE: How to use CIFS if PDC not on same lan?
by Sam Schorr 29 Apr '99

29 Apr '99

The fun question is, what if there is no domain controller available due exactly to the configuration Jaye is trying to install - a separate, "back channel" subnet that is not part of the domain. How would the filers use CIFS then? Install as workstation and do authentication with every file request off a local pwd file? -----Original Message----- From: Jaye Mathisen [mailto:mrcpu@internetcds.com] Sent: Thursday, April 29, 1999 1:20 PM To: Puneet Anand Cc: toasters(a)mathworks.com Subject: Re: How to use CIFS if PDC not on same lan? The PDC is not IP reachable from the filer. The filer is on a private backbone, serving NFS/CIFS clients off secondary ethernet interfaces. The BDC happens to be one of those clients. And it has 2 interfaces... On Thu, 29 Apr 1999, Puneet Anand wrote: > Is the PDC registering with the same WINS ? Hopefully yes. > We do need PDC for installation.If this is ONTAP 5.1 or later ,you can > run cifs testdc command with the following options to troubleshoot. > > cifs testdc <wins_ip> <domain_name> <filer_name> > > > -Puneet > __________________ > > > Jaye Mathisen wrote: > > > > I have 2 sites. Site B has a BDC for a domain, and the Netapp. > > Site A connected via T1 has the PDC. > > > > When I try to run CIFS setup, it gets to the part about needing to reach > > the PDC and can't find it, so it aborts. > > > > I'm not sure why it can't just do whatever it needs to do with the BDC > > right there (running WINS)... > > > > Perhaps I need to add some key to WINS for the netapp to see it? >

1 0

The great online RMA experiment
by Graham C. Knight 29 Apr '99

29 Apr '99

I had a few failed disks hanging around that I needed to get RMA's for. So I decided to experiment and use the online RMA feautre on the NOW page: http://now.netapp.com/products/rma/rma.shtml Within 5 minutes of submitting 2 RMA's I had an email with the RMA number in my box. I'd call the experiment a great success! :-) Very impressive. Graham

1 0

How to use CIFS if PDC not on same lan?
by Jaye Mathisen 29 Apr '99

29 Apr '99

I have 2 sites. Site B has a BDC for a domain, and the Netapp. Site A connected via T1 has the PDC. When I try to run CIFS setup, it gets to the part about needing to reach the PDC and can't find it, so it aborts. I'm not sure why it can't just do whatever it needs to do with the BDC right there (running WINS)... Perhaps I need to add some key to WINS for the netapp to see it?

2 2

RE: SNMP traps (+ other monitoring issues)
by Richard Moore 29 Apr '99

29 Apr '99

Keith, We have currently set up to trap on 'miscGlobalStatus' as it seemed a reasonable starter - The MIB description is a little woolly however : "This indicates the overall status of the appliance. The algorithm to determine the value uses both hardware status (e.g. the number of failed fans) and volume status (e.g. number of volumes that are full). This may change...etc" This has values of other(1) unknown(2) ok(3) nonCritical(4) critical(5) nonRecoverable(6) Is there a more detailed explanation of what event will trigger what status ? We are considering configuring our notification system to respond according to the value; i.e. email/phone on (4), 24hr page(5), print CV(6). On testing, when we switch off 1 power supply out of 2, we get a 'critical'(5) trap. ( is 'nonCritical' more appropriate ?) Other traps to possibly have set up as a 'starter' set : OverTemperature, FailedFanCount, FailedPowerSupplyCount, dfPerCentKBytesCapacity. Other monitoring issues : We have configured syslog.conf to send message errors to 'messages.err', critical to 'messages.crit' etc. hoping to be able to parse these files to enable an appropriate response according to severity. However, when doing the same power supply pull, we only get a message in the 'info' file. (This is deemed of sufficient importance however to trigger autosupport email.) So it appears we have to match on the message wording itself - an incremental approach of matching on all known potential error messages - time consuming. In lieu of better classification of messages, has anybody got a list of known filer error messages, with severity level ? How do other users monitor filers ? Regards, Richard Moore NortelNetworks Harlow UK

2 1

temperature inside filer
by Jason Middlebrooks 29 Apr '99

29 Apr '99

Are there any commands to monitor the temperature inside the filer or to get information from the temperatures sensors? Thanks In advance.

1 0

DNS problems
by Mohler, Jeff 29 Apr '99

29 Apr '99

Anyone else figure out the heck to resolve this? 08:56:23 CDT [ratbert: rshd_0]: DNS server for domain "wcg.net" not responding : Connection timed out. MY blinkin DNS servers are working just fine...all of 30,000 miles of fiber hardware, routers, and customers have no problems with it either. Why only the NetApp, and a reboot isnt an option.

5 6

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters April 1999