更新目录服务和认证文件

  • 2021年7月7日
  • 0回答
  • 74的浏览量
R
排名
Userlevel 2
徽章 +4
  • raaji Nutanix员工
  • Nutanix员工
  • 70回复

更新目录服务配置的步骤如下:

过程:

  1. 文件服务器仪表板,单击文件服务器选择目标文件服务器,单击协议管理

  2. 点击目录服务

  3. 目录服务窗口中,选择要使用的协议,并完成所选协议的字段。

可选择SMB、NFS或两者兼备。每个协议包含更多需要完成的字段。

4.当所有字段都正确时,单击更新按钮。


身份验证:

根据为文件服务器配置的主协议和辅助协议,访问和身份验证配置有所不同。采用SMB协议的文件服务器必须配置AD (Active Directory)。使用NFS协议的文件服务器可以使用LDAP (Lightweight Directory Access protocol)、AD和非托管认证服务。

LDAP

当配置LDAP作为认证服务时,Files使用netgroup控制客户端访问。Files LDAP设置基于RFC 2307标准。

配置LDAP时,请在“目录服务”页签中分配LDAP服务器和基本区别名(DN)。基准DN指定从哪里开始搜索用户。文件服务器与LDAP服务器绑定。为提高安全性,请为LDAP服务器配置绑定DN。如果没有绑定DN,“Files”将以匿名方式绑定到LDAP服务器。

活动目录

文件支持AD + NFS + SMB。设置Active Directory时,需要指定AD域名称、用户名和密码。当有多个域控制器时,可以配置一个PDC (preferred domain controller)。如果不配置PDC,“文件”将使用任意可用的域控制器。

使用RFC 2307标准是AD中的可选设置。

Raaji
To update the directory services configuration, do the following:<\/span><\/p>

Procedure:<\/span><\/p>

  1. \t

    Go to the <\/span>File Server<\/strong> dashboard, click the <\/span>File Server<\/strong> tab, select the target file server and then click <\/span>Protocol Management<\/strong><\/p>\t<\/li>\t

  2. \t

    Click Directory Services<\/span><\/p>\t<\/li>\t

  3. \t

    In the <\/span>Directory Services<\/strong> window, select the protocols you want to use and complete the fields for the selected protocols.<\/span><\/p>\t<\/li><\/ol>

    You can select SMB, NFS or both. Each protocol contains more fields to complete.<\/span><\/p>

    \u00a0\u00a0\u00a0\u00a0\u00a0\u00a04.\u00a0 When all the fields are correct, click the <\/span>Update<\/strong> button.\u00a0<\/span><\/p>


    Authentication:<\/strong><\/p>

    Depending on the primary and secondary protocols configured for your file server, access and authentication configuration vary. File servers using SMB protocol must configure Active Directory (AD). File servers using the NFS protocol can use Lightweight Directory Access Protocol (LDAP), AD, or unmanaged authentication services.<\/span><\/p>

    \u00a0<\/p>

    LDAP<\/strong><\/p>

    When you configure LDAP as the authentication service, Files uses Netgroups to control client access. The Files LDAP setup is based on the RFC 2307 standard.<\/span><\/p>

    \u00a0<\/p>

    To configure LDAP, assign an LDAP server and a base distinguished name (DN) in the Directory Services tab. The base DN specifies where the search for users begins. The file server binds to the LDAP server. For added security, set up a bind DN for the LDAP server. Without the bind DN, Files bind to the LDAP server as anonymous.<\/span><\/p>

    \u00a0<\/p>

    Active Directory<\/strong><\/p>

    Files supports AD with NFS and SMB. To set up Active Directory, specify the AD realm name, username, and password. If you have multiple domain controllers, you can configure a preferred domain controller (PDC). If you do not configure a PDC, Files uses any available domain controller.<\/span><\/p>

    \u00a0<\/p>

    Using the RFC 2307 standard is an optional setting in AD.<\/span><\/p>","quoteUsername":"raaji","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

本主题已关闭供评论
Baidu