We have been using filers to store users' home directories since 1997. We started out with NFS on Unix and added CIFS access later. We have about 30,000 user accounts.
We have always used NIS authentication for CIFS so that folks have the same password on Unix and CIFS. But we have been unhappy with the passwords going over the network in clear text. We have finally gotten funding for enough Windows client licenses to give all our users accounts in a Windows domain, so we want to switch our filers to Windows domain auth.
This is going to cause us a serious user education problem. Currently it does not matter what domain a CIFS user specifies because the domain name is ignored when mapping a to a NIS user. For example, BOGUS\fred maps to "fred" and MYDOM\jane maps to "jane", etc. Right now when "fred" does a "map network drive" he just enters "fred" for his username. His PC supplies the windows domain, whatever that may be. Some folks login to local departmental domains. Some do local Windows logins, etc. Right now that doesn't matter because the filers ignore the domain name when mapping to a NIS username.
But that will suddenly change when we switch to Windows domain auth. Fred will suddenly be required enter "ESERVICES\fred" instead of just "fred".
Does the filer have any option where it "knows" that no matter what domain name the user supplies, in his heart of hearts he really means "ESERVICES" ? That would save us an awful lot of calls at our help desk when we cut over. By the way, we don't know in advance what domain name a user may supply. Many of them appear to be whatever name the user gave his PC.
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
We will be retiring a NetApp filer soon and are required to sanitize storage devices. Is there a command that will sanitize the disks, preferably by overwriting the data?
Thanks,
-- Mike
what level do you need? defcon 4? netapp licenses a product depending on your filer that will sanitize it to d.o.d. specs. If you dont need that level than you could initialize the drives to delete the data.
|---------+--------------------------------> | | Mike Mueller | | | <Michael.D.Mueller@jp| | | l.nasa.gov> | | | Sent by: | | | owner-toasters@mathwo| | | rks.com | | | | | | | | | 02/01/2005 10:21 AM | |---------+-------------------------------->
--------------------------------------------------------------------------------------------------------------------------------|
| | | To: toasters@mathworks.com | | cc: | | Subject: Command to Sanitize NetApp Filer? |
--------------------------------------------------------------------------------------------------------------------------------|
We will be retiring a NetApp filer soon and are required to sanitize storage devices. Is there a command that will sanitize the disks, preferably by overwriting the data?
Thanks,
-- Mike
yes. "disk sanitize". available in later versions of OnTap.
-skottie
Mike Mueller wrote:
We will be retiring a NetApp filer soon and are required to sanitize storage devices. Is there a command that will sanitize the disks, preferably by overwriting the data?
Thanks,
-- Mike
"Mike" == Mike Mueller Michael.D.Mueller@jpl.nasa.gov writes:
Mike> We will be retiring a NetApp filer soon and are required to Mike> sanitize storage devices. Is there a command that will sanitize Mike> the disks, preferably by overwriting the data?
disk sanitize start <disk>
Login to your filer and do 'man disk' for details. It will take a long time to complete though, esp if you do it across a large number of disks.
This only works for some version of 6.x and newer, not sure which though.
John John Stoffel - Senior Staff Systems Administrator - System LSI Group Toshiba America Electronic Components, Inc. - http://www.toshiba.com/taec john.stoffel@taec.toshiba.com - 508-486-1087
I don't think the sanitize option is available in OnTap 6.4.5.
Re:
Date: Tue, 1 Feb 2005 13:48:01 -0500 From: "John Stoffel" john.stoffel@taec.toshiba.com To: Mike Mueller Michael.D.Mueller@jpl.nasa.gov Cc: toasters@mathworks.com Subject: Re: Command to Sanitize NetApp Filer?
"Mike" == Mike Mueller Michael.D.Mueller@jpl.nasa.gov writes:
Mike> We will be retiring a NetApp filer soon and are required to Mike> sanitize storage devices. Is there a command that will sanitize Mike> the disks, preferably by overwriting the data?
disk sanitize start <disk>
Login to your filer and do 'man disk' for details. It will take a long time to complete though, esp if you do it across a large number of disks.
This only works for some version of 6.x and newer, not sure which though.
John John Stoffel - Senior Staff Systems Administrator - System LSI Group Toshiba America Electronic Components, Inc. - http://www.toshiba.com/taec john.stoffel@taec.toshiba.com - 508-486-1087
On Tuesday, February 1, 2005, at 10:48 AM, John Stoffel wrote:
"Mike" == Mike Mueller Michael.D.Mueller@jpl.nasa.gov writes:
Mike> We will be retiring a NetApp filer soon and are required to Mike> sanitize storage devices. Is there a command that will sanitize Mike> the disks, preferably by overwriting the data?
disk sanitize start <disk>
Login to your filer and do 'man disk' for details. It will take a long time to complete though, esp if you do it across a large number of disks.
This only works for some version of 6.x and newer, not sure which though.
Ah, I guess I shouldn't have let my maintenance expire without upgrading to a later version, but we got delayed migrating the data to another server and taking it down for an upgrade is very difficult while in ops. I am running 6.3.1R1 and it doesn't have the disk sanitize command.
On Tuesday, February 1, 2005, at 10:50 AM, Holland, William L wrote:
after deleting your volumes, run "disk zero spares" -- it will zero all your spare disks - assuming you are running 6.5x prior to that you had to "priv set diag" then "spares_zero".
I can run the "priv set diag" and "spares_zero" commands. Not quite as thorough as the "disk sanitize" but better than trying to do something half baked via NFS. Is there a command that will cause the NetApp to crash all the heads into the disk surfaces, or perhaps a command to have the toaster make it's disks into toast? ;-)
Any other ideas? Spares_zero will have to if not.
Thanks,
-- Mike
We will be retiring a NetApp filer soon and are required to sanitize storage devices. Is there a command that will sanitize the disks, preferably by overwriting the data?
What OS do you have available on the filer?
-
Brian Parent -
Darren Dunham -
Joel.Cooper@lvvwd.com -
John Stoffel -
Mike Mueller -
Skottie Miller -
Steve Losen