To update the list of users/groups, right-click on the Windows Clients object and select Refresh Windows Clients.

Information on the Connection(s), Share(s), and Locked File(s) tabs is updated every few seconds. You can set the interval by right-clicking on the Windows Clients object and selecting Start Connection Status Refresh.

Note: If you do not see the NAS objects, the NAS option is not loaded on your ASC Server.

Enable NAS

Note: You must enable NAS before creating a failover configuration. Otherwise, you will have to remove the failover configuration, enable NAS, and then recreate your failover configuration.

1. In the Console, right-click on the server and select Options --> Enable NAS.
2. Select which security mode you will use to authenticate users/groups.

   There are three security modes that you can use to authenticate users/groups trying to access NAS shares.

   Share mode - (Default) Authentication is done by a set of passwords (one full access password and one read only password) that are set from the Console. This mode does not use an authentication server.

   Domain mode - The authentication server must be a Primary Domain Controller (PDC) for pure Windows NT or mixed Windows NT/2000 domains, or a Domain Controller for native Windows 2000 domains. The ASC Server and all NAS clients must belong to the domain controlled by this PDC/Domain Controller.

   Server mode - Any Windows NT (Server or Workstation), or Windows 2000 (Server or Professional) computer (including a PDC/Domain Controller) can be used to authenticate users.

   Note: It is important that you do not change your authentication mode once you begin using your NAS system. If you do change it, you will lose all of your share assignments.

3. (Domain and Sever modes) Enter your authentication servers and domain information.

   Primary Authentication Server - Enter the name of the server (not an IP address) from which the ASC Server will get the user account information. The ASC Server will use this server to authenticate users when they try to share a NAS resource. The server's name must be resolvable.

   Backup Authentication Server - You can optionally enter a server name (not an IP address) to use for authentication if the primary authentication server is a PDC and is not available. If your primary authentication server is a PDC, the backup authentication server has to be your BDC. The server's name must be resolvable.

   Domain/Workgroup - For Domain mode, enter the NT domain that the ASC Server must join. For Server mode, enter the workgroup that the ASC Server must join. If you are using Active Directory you will not see this field.

4. (Domain and Sever modes with Active Directory) Enter information about the account ASC will use to log into Active Directory.

   User - Enter the account ASC will use to log into Active Directory.

   Password - Enter a valid password for this account.

   Confirm Password - Re-enter the password for this account.

   Bind Point - You can use the Bind Point to mark where in the OU tree ASC will start browsing from. This is useful if ASC's user account does not have root access to the entire OU tree. Without this access, ASC cannot see anything in the tree. In this case, enter a Bind Point to direct ASC to a starting point or a single tree such as the /Engineering or /Accounting tree. If you leave this field blank or enter "/", ASC will start at the root of this OU.

5. (Domain and Sever modes with Active Directory) Select the organizational units to which you will offer NAS shares.

   Click in the checkbox next to the OUs to which you want to offer NAS shares.

   If you select the checkbox next to the root (/), it will select all OUs.

6. (Share mode) Enter the workgroup that the ASC Server must join.

   Enter the existing workgroup of your ASC Server or you can group all of your ASC Servers in a new workgroup. This can be useful for locating your ASC Servers in your Windows Explorer.

7. (All authentication modes) Enter a comment and the applicable client code page.

   Comment - Enter a description of the ASC Server. This description will be displayed in the Comment field of Windows Explorer, such as when you see a list of computers under My Network Places.

   Client Code Page - Specify the DOS code page that clients accessing Samba are using. To determine what code page a Windows client is using, open a DOS command prompt and type the command chcp. This will output the code page.

8. (All authentication modes) Select how you want to reserve User IDs (UIDs).

   UIDs are associated with users on your system (such as administrators).

   Auto Selection lets you set the maximum number of UIDs that ASC should use for authentication of your NAS users and then automatically reserves an unused range.

   Manual Selection lets you select exactly which range(s) to use. If you select this, you will need to select an available UID range and designate a starting and ending UID.

9. (Server or Domain Mode only) Select how you want to reserve Group IDs (GIDs).

   GIDs are associated with groups on your system.

   Auto Selection lets you set the maximum number of GIDs that ASC should use for authentication of your NAS groups and then automatically reserves an unused range.

   Manual Selection lets you select exactly which range(s) to use. If you select this, you will need to select an available GID range and designate a starting and ending GID.

10. (All authentication modes) Confirm all information and click Finish to start the NAS daemons.

    If you want to update these settings later, right-click on the Windows Clients object (under NAS Clients) and select Properties or Set Security Mode.

Add NFS clients

1. Right-click on the NFS Clients object and select Add.
2. Enter information as applicable.

   Display Name - This is the name displayed in the Console for this group of one or more NFS clients. For example, you may want to enter Finance Department to indicate where these clients are located.

   Machine(s) - These are the machines that will become NFS clients. You can enter an abbreviated name that can be resolved, a fully qualified domain name, or an IP address for a machine. You can also include all machines on an IP sub-network by specifying an IP address and netmask pair as address/netmask.

   Machine names can use the wildcard characters * and ?. For example, unixbox* or unixbox? includes all clients in that subnet and *.Acer.com matches all clients in the domain Acer.com. But 10.1.1.* or 10.1.1.? are not acceptable.

   Comment - You can optionally enter a description or explanation in this field. This information will be displayed in the right pane of the Console for this client.

Create a NAS Resource

1. Right-click on the NAS Resources object and select Create NAS Resource Wizard.
2. Select how you want to create this NAS Resource.

   Custom lets you select which physical device(s) to use and lets you designate how much space to allocate from each.

   Express lets you designate how much space to allocate and then automatically creates a NAS Resource using all available devices.

   Batch lets you create multiple NAS Resources at one time. These NAS Resources will all be the same size.

3. (Express and Custom only) Enter a name for the new NAS Resource.

   You cannot use blanks or the following characters in the resource name: < > " & $ / \ ' ( ) % # : ; | * ` ?

4. Enter information about your file system.

   File System - ASC automatically detects the file system for you. You need a 2.4 based kernel for ext3.

   Block Size - The minimum amount of space to use for each file. For example, if you keep the default of 4, each file will minimally be 4k in size.

   Synchronous File I/O - Provides file system caching. If selected, there will be no file system caching. This offers greater data integrity but impacts performance.

   Journaling Mode - Specifies the journaling mode for file data. Metadata is always journaled.

   - Journal: All data is committed into the journal prior to being written into the main file system.

   - Ordered: This is the default mode. All data is forced directly out to the main file system prior to its metadata being committed to the journal.

   - Writeback: Data ordering is not preserved. Data may be written into the main file system after its metadata has been committed to the journal. This is said to be the highest-throughput option. It guarantees internal file system integrity, but it can allow old data to appear in files after a crash and journal recovery.

5. Confirm that all information is correct and then click Finish to create the NAS Resource.

   You should wait until the NAS Resource is attached and mounted before continuing with folder assignments.

Add/share a folder and assign clients

1. Right-click on a NAS Resource or a folder and select New Share.

   You can also select New Folder. Any time after creating the folder, you can assign clients to it by right-clicking and selecting Sharing.

2. Enter a folder name.

   The folder name cannot exceed 238 characters.

3. Enter a share name and indicate if you want Windows clients to have access to this share.

   The share name cannot exceed 12 characters.

   Share names cannot start with a dot or contain the following characters \ / : * ? " < > | # % [ ] = + ; ,

4. (Windows clients) Enter permissions for the Windows clients who will access the share.

   If you add new Windows users/groups to your server at a later time, you can assign shared folders to them in two ways:

   · You can right-click on the new user in the tree and select Assign Share.

   · You can right-click on the shared folder, select Sharing, click on the Permission button, and click on the Assign Windows Clients button.

5. (NFS clients) Enter permissions for the NFS clients who will access the share.

   Select Insecure if your client's operating system does not use a reserved port for NFS (an Internet port less than IPPORT_RESERVED -- 1024). AIX is an example of an operating system that needs to select Insecure.

   Select Sync if you want all file writes to be committed to disk before the write request completes. This offers greater data integrity but impacts performance.

   NFS will normally delay committing a write request to disk slightly if it suspects that another related write request may be in progress or may arrive soon. This allows multiple write requests to be committed to disk with one operation, which can improve performance. Check No_wdelay (write delay) only if you want to turn this NFS functionality off. No_wdelay can only be selected if Sync is selected.

   Squash can be used to map user IDs to nobody. See below for more information about using these options.

   root_squash	all_squash	Action
   -	-	No UIDs are mapped
   X	-	UID=0 (root user) is remapped to nfsnobod:nasgrp (default)
   X	X	All UIDs are mapped to nfsnobod:nasgrp

   Note: If you use ASC's Failover option, we recommend you use the Sync and No_wdelay options.

Map/mount the share

Windows clients

You should map a share for each Windows client so that they have access to the share. Do the following on each Windows client's computer:

1. Open Windows Explorer (or My Computer).
2. Select Tools --> Map Network Drive.
3. Set the path to the shared folder.

   The path is: \\hostname\sharename

   where hostname is the ASC Server's name and sharename is the name of the shared folder. For example: \\server1\engineering

   Note that if [homes] is enabled on your ASC server running in server or domain mode, users can map to \\hostname\homes or \\hostname\username. Refer to 'Homes' for more information.

4. Enter login information.

   For Share mode, enter the password you set when you created the share. You can leave the Connect As field blank.

   For Server and Domain modes, enter the user's account name in the Connect As field and the user's password. For Domain mode, be sure to enter the user's full account name (including domain name).

   If your Windows NT/2000 client is authenticated into one domain while your ASC Server is part of another domain, you must enter the following into the Connect As or Username field:

   DomainX\UserY

   where DomainX is the name of the domain with the drive you wish to map and UserY is the username allowed on that Windows machine. Enter the correct password for UserY.

NFS clients

You must mount a share for each NFS client so that they have access to the share. Do the following on each NFS client's computer:

1. Create a directory.

   For example: /mnt/share

2. Locally, mount the share.

NAS properties

You can set NAS properties or update your NAS configuration settings:

1. Right-click on Windows Clients and select Properties.

   The tabs you will see depend upon your authentication mode.

2. On the General tab, you can change your comment and/or client code page and set the interval that determines how often ASC should poll the domain controller for the latest users/groups.

3. On the Reserved UID/GID tabs, you can select available UID/GID range(s). GID range is for Server and Domain modes only.

4. On the Activity Log tab, determine how long NAS information should be kept for ASC reports.

5. On the NetBIOS Alias tab, you can set a NetBIOS alias for a Samba server, giving the server more than one NetBIOS name.

6. (Server and Domain modes only) On the Admin Users tab, you can give a user administrative rights by making the user root equivalent on the ASC Server.

7. (Server and Domain modes only) On the Homes tab, you can set [homes] properties and select to audit all NAS shares.

   [homes] is a Samba feature that permits users to map to a NAS share based on their username.

   When you check the Share out use home directory option, you can set the following:

   Select the NAS resource on which the [homes] share will be located - Users will map a share on this NAS resource in one of the following ways:
   \\servername\homes (the system uses the username from their current login)
   or
   \\servername\username

   Sub-directory on which [homes] share will be mapped - This sub-directory is a folder that must already exist on a NAS resource. It becomes the root folder for the [homes] share. Shares for users are created beneath, and relative to, this folder. You may want to make this sub-directory a separate share that is assigned to the system administrator only. This way the system administrator can set ACLS, permissions, etc., and have the settings apply to all users.

   Allow TimeView Creation by Users - Allows users to mount the latest TimeMark to recover data. TimeMark must be enabled for the [homes] share. A TimeView will be automatically created when the user maps to their share with a tilda:
   \\servername\~homes (uses the username from their current login)
   or
   \\servername\~username
   

   Length of time TimeView should be maintained (minutes) - How long the TimeView should remain mounted. The TimeView will be deleted when this length of time is reached.

8. (Server and Domain modes only) On the Advanced tab, you can change ASC’s default global Samba options.

   For example, if you have an existing group that you are using, you can change force group from the default nasgrp to your group, such as:
   force group = engineering
   

   You can alse set wins server and name resolve order if you do not have any DNS set up and the server is on a different subnet than the CIFS clients. For example:
   wins server = 192.168.0.1
   name resolve order = wins bcast host lmhosts

---

Acer, Inc. www.acer.com