IBM Storwize V7000 Unified Quick Installation Manual page 43
Hide thumbs
Also See for Storwize V7000 Unified:
- Introduction and implementation manual (670 pages) ,
- Problem determination manual (474 pages) ,
- Troubleshooting and maintenance manual (189 pages)
Table of Contents
Advertisement
Use the flow chart below to assist in deciding which authentication method is right
for you. The factors that influence the decision are the types of client hosts, the
existing authentication infrastructure (if any), and if asynchronous file system
replication is to be utilized.
UNIX
Authentication
Infrastructure?
No
Local
Passwords
Yes
Choose
Implement
external
auth
LDAP
or
NIS
Stay with local
Ensure that you
have method for
manually syncing
Obtain the
password tables
and highlight
information in
Table <N>
risk of UID conflicts
Internally the Storwize V7000 Unified use IBM's General Parallel File System
(GPFS). GPFS is a Unix file system, and uses Unix style User IDs (UID) and Group
Ids (GID) to manage file permissions. In order for Windows (CIFS) users to access
files, there has to be some sort of User ID Mapping. For example, some way to
map the Windows user and group objects to Unix UIDs and GIDs. The Storwize
V7000 Unified support user ID mapping either internally or externally. While
external user ID mapping is preferred, internal mapping can be done using a table
local to the Storwize V7000 Unified to map Windows user and group objects to
arbitrary Unix UIDs and GIDs. That table is not accessible externally, even to
another Storwize V7000 Unified system for asynchronous file system replication.
Thus asynchronous replication requires external user ID mapping, specifically
Windows Active Directory with the Subsystem for Unix (SUA) enabled and
populated. Mixed client access, i.e. having both Unix and Windows clients access
the same files (via NFS and CIFS) also requires external user mapping using either
AD with SUA/SFU or LDAP with Samba extensions.
UNIX/Windows/Mixed
Windows
Active Directory with
NO
Unix ID mapping
mapping.
Choose
Implement ID Mapping
Implement ID mapping
Populate all users and
groups with UNIX IDs
Don't
Implement ID
Mapping
Use Unified Internal ID Mapping
There is a risk of ID conflict
Await Development to produce
export method or automation for
user ID assignments
Chapter 1. Before you begin the installation
MIXED
Authentication
Infrastructure?
Windows 2008
Active Directory
Yes
with UNIX ID
Mapping
Active Directory with
UNIX ID mapping
mapping enabled.
Windows
Active Directory
Version?
2003sp2 or 2008
Pre-2003sp2
ID mapping included,
SFU, use
just needs to be
schema
enabled, use schema
type sfu
type rfc2307
21
Advertisement
Table of Contents
