Jochen,
We don't use the Expand boxes, but the steelheads from Riverbed, they also offer caching of Cifs data, which you can do on a per share/directory basis.
The best option we have found is to create a windows AD account that had the required access to all the shares/directories, and then use that account, from experience we found that to get all of the rights needed, we ended up assigning "domain admins" membership which is a bit of a bull in a china shop approach, but having gone through the rights of various files and folders, the only group that had consistent access was any account with "domain admins" membership.
I would take serious look at the steelhead boxes, from my experience they work a lot better than the rest of WAN optimisation appliances I worked with.
Feel free to contact me off list if you would like any more information.
Cheers
Matt
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Willeke, Jochen Sent: 09 July 2008 09:29 To: Darren Sykes; toasters@mathworks.com Subject: RE: Backup Operators group on filer
Hi,
i just found out that the "cifs superuser" is only available in Ontap 10 :/
Sadly we do have 7.2.4 so still some way to go.
Rgds and thanks anyway
Jochen
-----Original Message----- From: Darren Sykes [mailto:Darren.Sykes@csr.com] Sent: Tuesday, July 08, 2008 5:57 PM To: Willeke, Jochen; toasters@mathworks.com Subject: RE: Backup Operators group on filer
We use Expand boxes with our filers, though we don't do scheduled replication of data.
Have you attempted adding the service account as a CIFS superuser (which effectively gives it access to all files)? If you consider that too insecure, then you may have to reconsider caching files (after all, it can't cache them if it can't read them).
Darren
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Willeke, Jochen Sent: 08 July 2008 10:11 To: toasters@mathworks.com Subject: Backup Operators group on filer
Hi toasters,
we are currently testing expand boxes to boost our cifs access from remote locations to our centralized Netapp filers.
Sadly the expand boxes need to have access to the cifs files in order to replicate them to the remote boxes. When accessing files of course the normal user-rights of the user accessing the files are used.
What i did is, i put the service-user into the "Backup Operators" group on the filer, but without success. When i try to replicate the cifs-shares i always get error messages that the user is not allowed to open the files.
With the "Administrators" group on the filer it worked. But this is not an option in my eyes, as this right is too high and in case a user removes the "Administrators" group from a folder the expand box will fail to replicate this folder as well.
Has anybody a good idea or even deployed expand boxes for cifs-acceleration with netapp?
Regards and thanks in advance
Jochen
-- WINCOR NIXDORF International GmbH Sitz der Gesellschaft: Paderborn Registergericht Paderborn HRB 3507 Geschäftsführer: Eckard Heidloff (Vorsitzender), Stefan Auerbach, Dr. Jürgen Wunram Vorsitzender des Aufsichtsrats: Karl-Heinz Stiller Steuernummer: 339/5884/0020 - Ust-ID Nr.: DE812927716 - WEEE-Reg.-Nr. DE44477193
Diese E-Mail enthält vertrauliche Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.
This e-mail may contain confidential information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
-- WINCOR NIXDORF International GmbH Sitz der Gesellschaft: Paderborn Registergericht Paderborn HRB 3507 Geschäftsführer: Eckard Heidloff (Vorsitzender), Stefan Auerbach, Dr. Jürgen Wunram Vorsitzender des Aufsichtsrats: Karl-Heinz Stiller Steuernummer: 339/5884/0020 - Ust-ID Nr.: DE812927716 - WEEE-Reg.-Nr. DE44477193
Diese E-Mail enthält vertrauliche Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.
This e-mail may contain confidential information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
_____________________________________________________________ This e-mail (including all attachments) is confidential and may be privileged. It is for the exclusive use of the addressee only. If you are not the addressee, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately at help@generalatlantic.com mailto:help@generalatlantic.com. Thank You.