toasters

toasters@lists.teaparty.net

13513 discussions

Re: A tale of two domains...
by Keith Brown 03 Feb '99

03 Feb '99

>The problem: I need to be able for clients of Dom1 to place data onto the filer >so that members of Dom2 can access the data and vice versa. Ordinarily, users in one domain are not permitted to access resources in another domain unless there is a trust relationship betwixt the domains. This holds for any Windows NT resident resource (shares, printers etc...) as well as filer based resources. If you can not put the needed trust relationship in place (for whatever reason), your only option is to enable and use the so-called "anonymous access" provision which is provided within the Windows NT security model. On a filer, this is quite simple (as ever! :-)). You just need to set the "cifs.guest_account" option to a valid user identity that is defined within the filer's /etc/passwd file (or the NIS passwd.byname equivalent thereof). So, for example, if you... options cifs.guest_account dom2usrs ... then the CIFS users defined in Dom2 will be able to access the filer anonymously, and they will be mapped to the UNIX "dom2usrs" account (which in turn maps to a UNIX UID) for the puproses of assessing what they can and cannot do to the file system. More specifically, their "dom2usrs" identity will be used to assess what they can and cannot do to a UNIX-Style file system. On an NTFS-Style file system, they will be controlled by NTFS permissions, and their identity will, I believe, be defined as the Windows NT "AnonymousLogon" well known SID (S-1-5-7, if you care! :-)). The shares that the users in Dom2 want to connect to, as well as the areas of the file system they wish to access will have to be somehow accessible to these accounts. This will usually mean manipulating file system permissions and share level ACLs to provide these users with the level of access they need. Unfortunately you do not have the option to control these users access individually. Keith

1 0

A tale of two domains...
by Patrick.Day.B＠bayer.com 02 Feb '99

02 Feb '99

I am in need of some help. Here is the background... I have two NT domains, Dom1 and Dom2. The domains are NOT trusted and Dom2 is essentially a closed network, making no connections whatsoever to Dom1. I have one netfiler (740 with Ontap 5.1.2r3) who (through CIFS) is a member of Dom1. One NIC port is connected to Dom1's Subnet and another NIC port is connected to Dom2. Whew, thanks for staying with me so far. The problem: I need to be able for clients of Dom1 to place data onto the filer so that members of Dom2 can access the data and vice versa. Has anyone attempted this or does anyone have any suggestions? Any constructive input would be appreciated. I thank you ahead of time. Patrick Day Sys Admin Bayer Corporation patrick.day.b(a)bayer.com

1 0

ndmpcopy license
by Daniel Quinlan 30 Jan '99

30 Jan '99

Maybe someone at NetApp can answer this question... What are the copying/license terms for ndmpcopy? The source code is copyright Network Appliance and PDC, contains a few disclaimers, but no terms for source modification and copying. Maybe an Open Source license would be in order. - Dan

4 3

Using MORE than one narrow shelf on a single Wide Bus
by Weeks, Thomas 29 Jan '99

29 Jan '99

Hi all... Here's a question that I still have never got a straight answer on from anyone: Using a F230 server with two wide SCSI busses. I have a wide shelf on my 9b bus, and a narrow DEC-Shelf (with personality module) on my 9a bus. My Q is this: On my 9a bus(only); since the personality module allows you to set the beginning SCSI/Wide address of the narrow shelf on the wide bus, could one essentially run TWO narrow shelves on a wide bus? This would be done by setting the first narrow shelf to map narrow-SCSI ID's 0-6 to the wide-SCSI bus 0-6, and setting the personality module in the SECOND narrow shelf (on 9a) to superposition the second narrow-SCSI shelf's ID's 0-6 to the SCSI-wide bus ID's of 8-15? If SO... then I could buy a personality module for one of my extra narrow shelves lying around and use TWO narrow shelves on the 9a bus of our F230! If not.. I am thinking about ripping it all out and putting it on a Linux box running SW RAID and SAMBA. But I would really like to keep it set up on the NetApp box if possible. Anyone know for SURE if this can be done (the former.. not the latter). Thomas Weeks GTE SYSTEMS ENGINEER Testing-Integration Center "The Pit" Brooks AFB, DSN 240-5444

1 0

Used NetApps?
by Brian Marcotte 29 Jan '99

29 Jan '99

I'm looking into the possibility of buying used Filers from companies who resell used equipment, or directly from other end users. I've seen no mention of this idea on the list. Does anyone know of any such companies (or do you have a filer you'd like to sell me?) Thanks. -- - Brian

1 0

RE: multiple CIFS HOME directories?
by Hawley, Rob 29 Jan '99

29 Jan '99

The symlink feature works due to a quirk in the implementation. Home Dirs work by resolving the path <cifs.home_dir>/<user_name> using an internal NFS like operation. Since the operation is NFS like, it knows how to follow symlinks. As Keith said, we now have the root of a virtual share so we obey the NT security model from that point on. You can't follow the symlink in CIFS due to the current security restrictions on respecting share boundaries. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > mailto: hawleyr(a)netapp.com <mailto:hawleyr@netapp.com> US Mail: Network Appliance Inc. > Phone: 408-367-3254 2770 San Tomas Expressway > FAX: 408-367-3451 Santa Clara, CA 95051 -----Original Message----- From: Graham Knight [mailto:grahamk@ast.lmco.com] Sent: Thursday, January 28, 1999 4:27 AM To: Keith Brown Cc: quinlan(a)transmeta.com; toasters(a)mathworks.com; support(a)netapp.com Subject: Re: multiple CIFS HOME directories? Keith Brown wrote: > >Is it possible to have multiple default shares for CIFS homes? > > Not at the moment, although some enhancements are currently being made in this > area. For people who have UNIX though, there is a workaround. Here's the gig... > > The idea is that you create a single home directories > directory and populate it with symbolic links to the real home directories > which can be anywhere on the filer. > > So, if: > > options cifs.home_dir {/vol/vol0}/home > > and joe and bill have home directories in /vol/vol5/home, then from a UNIX > client you can: > > % cd /filer/vol0/home > % ln -s /vol/vol5/home/joe ./joe > % ln -s /vol/vol5/home/bill ./bill We do this and it works very well. One thing that has always confused me though - the cifs.homedir works - but if i set up /filer/vol0/home as a share and browse to it all i see are the unresolved links. How come it can do one and not the other? It'd be nice to be able to browse to one spot on the filer and see all the home dirs.... Graham

1 0

ndmpcopy error?
by Anthony Fiarito 28 Jan '99

28 Jan '99

First off, thanks to those who replied to my previous post about moving large amounts of data between netapps. I am trying most of the recommendations and have come to ndmpcopy. I have everything set up to copy data from one netapp to a second one, but I am getting an error. Has anyone come across the following error and know of any way to remedy it? adminhost# ./ndmpcopy na1:/vol/mail/testdata na2:/vol/mail -l 0 \ -v -sa root:rootpw -da root:rootpw Connecting to na1. Connecting to na2. na1: CONNECT: Connection established. na2: CONNECT: Connection established. na1: LOG: DUMP: na1: LOG: creating "/vol/mail/.snapshot/snapshot_for_backup.0" snapshot. na1: LOG: DUMP: na1: LOG: Using Partial Volume Dump na1: LOG: DUMP: na1: LOG: Date of this level 0 dump: Thu Jan 28 23:06:32 1999. na1: LOG: DUMP: na1: LOG: Date of last level 0 dump: the epoch. na1: LOG: DUMP: na1: LOG: Dumping /vol/mail/testdata/ to NDMP connection na1: LOG: DUMP: na1: LOG: mapping (Pass I)[regular files] na1: LOG: DUMP: na1: LOG: mapping (Pass II)[directories] na2: LOG: RESTORE: na2: LOG: restore: Can't create /etc/tmp directory: No such file or directory na2: Connection halted: HALT: Internal error! Elapsed time: 0 hours, 1 minutes, 39 seconds. Thanks a bunch in advance! -alf --- Anthony Fiarito alf(a)cp.net

2 1

Re: Samba 2.0 as Windows PDC ?
by Jason D. Kelleher 28 Jan '99

28 Jan '99

In message <199901281940.NAA21281(a)vortex.more.net>, David Drum writes: >Quoth Mark Muhlestein: > >> When LDAP support is available it should help the account synchronization >> problem greatly. We are planning to provide that in the Win2000 timeframe >. > >I don't think I will live that long. > >Regards, > >David K. Drum >david(a)more.net Don't worry, I hear there are cryogenics companies that will freeze your body and revive you when Win2000 ships... :) jason

1 0

Re: Samba 2.0 as Windows PDC ?
by Mark Muhlestein 28 Jan '99

28 Jan '99

When LDAP support is available it should help the account synchronization problem greatly. We are planning to provide that in the Win2000 timeframe. Mark Muhlestein -- mmm(a)netapp.com -----Original Message----- From: Daniel Quinlan <quinlan(a)transmeta.com> To: Keith Brown <keith(a)netapp.com> Cc: quinlan(a)transmeta.com <quinlan(a)transmeta.com>; toasters(a)mathworks.com <toasters(a)mathworks.com> Date: Thursday, January 28, 1999 12:10 AM Subject: Re: Samba 2.0 as Windows PDC ? >Keith Brown <keith(a)netapp.com> writes: > >>> Does anyone have any experience using Samba 2.0 as a PDC? > >> We don't officially support the use of non-Microsoft domain >> controllers at this time. Sorry... > >Ahem, you didn't actually answer my question. > >>> Also, what products (like Samba 2.0), if any, are people using to >>> synchronize logins between Unix (NIS) and Windows (NT PDC), >>> especially in a mixed environment using NetApp filers. > >> We have one of our own, and it's free! :-) >> [...] the "SecureShare Account Migrator" tool. > >It looks like that tool only lets you go from NT to Unix, which >unfortunately is not useful for us. I was hoping for a program that >allows NT to stay synchronized with an NIS domain (or just /etc/passwd >and /etc/group). > >- Dan >

2 1

RE: Tape Robots and "autoloading".
by Genrich, James R 28 Jan '99

28 Jan '99

Steve & Others, There are a few questions to be answered from the previous information. What is the OS being run on the F630? Is the Q2/15 an Autoloader of Robot version. Based upon a few assumptions there are three options. 1. If cost is the major consideration for using the Dump command as opposed to Backup Software there are a couple of options. First, you can use the control panel on a 9730 to mount drives to certain drives ( I am not sure if this is available in the Q2/15). This is not very automated since an individual will have to be present to use the control panel for mounts and unmounts. Secondly, you could write a script to do this, however this will be time consuming and it is reinventing the wheel (ie backup software is already written and tested) 2. To be able to perform simultaneous backup of 2 or more servers a backup software can be used along with STK ACSLS software (This software simply controls the robot and shares it between multiple servers or multiple backup packages). ACSLS needs a stand alone SUN or IBM box to run on (Sparc 10 or Small AIX server) for UNIX and needs Libattach software from STK if NT is involved. 3. Backup software can be installed on one of the server and the additional servers can be backed up over the network simultaneously using multiplexing capabilities common in most backup software. Based upon the current information these are the possible solutions. Jim Genrich MPSE Storage Technology, Inc. ---------- From: grdodson(a)lexmark.com [SMTP:grdodson@lexmark.com] Sent: Wednesday, January 27, 1999 8:29 PM To: toasters(a)mathworks.com Subject: Tape Robots and "autoloading". We are purchasing a F760 and are faced with the usual backup dilemma. To backup our F630 we have a single drive DLT robot (Breece Hill Q2.15) and use local dumps. This takes 15+ hours a day (3 tapes) and obviously doesn't scale well. So we are investigating larger robots with multiple tape drives. Currently the StorageTek 9730 is looking interesting. The problem we have is by using local dumps we need the tape robot to autoload the drives. Moreover with a multi drive robot the autoload function needs to be able to control which slots are loaded into which drives. Anyone know of the StorageTek supports this? Any other recommendations multi drive 28+ slot tape robots are also welcome. FYI. The reason we aren't just stacking two Breece Hill Q2.15's is that we have been underwhelmed with the usability and quality of these boxes. We find the documentation and user interface to be quite poor. (And they never delivered the S/W upgrade they promised) The reason we aren't using an NDMP backup S/W package is that the nature of the data on this box requires a "level 0" backup every night. Most of the features of the NDMP S/W would never be needed (indexing, etc.) and therefore be an unnecessary expense. Graydon Dodson (606) 232-6483 grdodson(a)lexmark.com Lexmark International Inc.

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters