Microsoft Services for Network File System (2k3r2)

NFS Microsoft Services for Network File System Linux NFS Summary Notes http://www.debianhelp.co.uk/nfs.htm /etc/exports (man exports): # reload: exportfs -a /base remotehost(rw,sync) anotherhost(ro) anotherhostnam*(ro) /path 192.168.4.0/24 /etc/fstab 1.1.1.1:/home /home nfs rw,rsize=4096,wsize=4096,hard,intr,async,nodev,nosuid 0 0 1.1.1.2:/usr /usr nfs ro,rsize=8192,hard,intr,nfsvers=3,tcp,noatime,nodev,async 0 0 -------------------------------------------------------------------------------- You control which computers can access User Name Mapping by editing a file named .maphosts in the %windir%\msnfs directory. c:\windows\msnfs\ c:\windows\msnfs\nfsadmin.exe c:\windows\msnfs\nfsshare.exe c:\windows\msnfs\nfsmgmt.msc c:\windows\msnfs\mount.exe c:\windows\msnfs\umount.exe nfsadmin server [ComputerName] stop nfsadmin server [ComputerName] start nfsadmin server /? share a folder: nfsshare /? -------------------------------------------------------------------------------- When a root directory (/) on a UNIX computer is shared, Client for NFS cannot mount it by using the standard path syntax (net use * \\server\ or net use server:/). Solution: To mount the root directory, enter this command: net use * \\ server \! The share name must be an exclamation mark (!). If the Windows user name is a domain account, then the domain controller authenticates the user with Kerberos extensions called Services-For-User (S4U). If the Windows user name is a local account, then the local security authority needs the assistance of Server for NFS Authentication. Without Server for NFS Authentication, the local security authority cannot authenticate the user and access will be denied. ->Other Network File and Print Services ->Microsoft Services for NFS ->Server For NFS Authentication Note Active Directory Lookup always associates UNIX users to Windows domain user accounts. If Server for NFS is configured to only use Active Directory Lookup, then you will not need to install Server for NFS Authentication on the local computer. If you want to associate UNIX users with Windows user accounts, you must use User Name Mapping. ->Other Network File and Print Services ->Microsoft Services for NFS ->User Name Mapping Maps Unix user names to Windows user names (for domains which do not store Unix identities in AD). Before using Active Directory Lookup, you must install and populate the Identity Management for UNIX Active Directory schema extension, included in Windows Server 2003 R2, or have an equivalent schema which includes UNIX UID and GID fields. Identity Management for UNIX greatly simplifies this aspect of Windows-to-UNIX user account management in Active Directory. Before using User Name Mapping, the computer running Server for NFS must be listed in the .maphosts file on the computer running User Name Mapping. You can use simple maps, which map Windows and UNIX accounts with identical names. You can also create advanced maps to associate Windows and UNIX accounts with different names, which you can use in conjunction with simple maps. The password and group files can be copied from a UNIX host or from a Windows based computer that is running Server for NIS. -------------------------------------------------------------------------------- To view user maps from the command line: mapadmin [ ComputerName ] [–u User ] [–p Password ] list {–all|–advanced|–simple} mapadmin [ ComputerName ] [–u User ] [–p Password ] list –wu Windows_User_Name mapadmin [ ComputerName ] [–u User ] [–p Password ] list –uu unix_User_Name mapadmin [ ComputerName ] [–u User ] [–p Password ] list –wg WindowsGroupName mapadmin [ ComputerName ] [–u User ] [–p Password ] list –ug unixGroupName Maps are displayed in the Mapped users and Mapped groups lists in the order in which the maps are evaluated. Primary maps are always listed and evaluated first, followed by secondary maps. To change the order in which maps are evaluated within the list of secondary maps, right-click User Name Mapping and click Properties. Then, click the Simple Maps tab and use the Move up or Move down buttons to reposition the map within the list. Use Simple Mapping: o add the unix servers in the sharepoint permissions area. o create windows user "root", give ntfs permissions or put in admin group (spc works). -------------------------------------------------------------------------------- NFS Tools (e.g. rpcinfo, showmount, nfsstat) Server for NFS includes several tools for monitoring Network File System (NFS) use and for probing the network for other NFS servers and resources. These tools include Windows System Monitor, rpcinfo, showmount, and nfsstat. You can use Windows System Monitor to display NFS statistics, including the number and type of requests received and the number of bytes read and written. You can use the "rpcinfo" utility to: o List all programs registered with the port mapper on a local or remote host (rpcinfo -p). o Find all network nodes that have a specified program and version registered with the port mapper (rpcinfo -b). You must specify a program name and number and version. o Use the Transmission Control Protocol (TCP) to call the specified program (rpcinfo -t). You must specify a node name and program name. If a version is not specified, the program calls all versions. o Use the User Datagram Protocol (UDP) to call the specified program (rpcinfo -u). You must specify a node name and program name. If a version is not specified, the program calls all versions. You can use the "showmount" utility to: o List all file systems exported on the specified NFS server (showmount -e). o List all remotely mounted clients and the directories each has mounted on the specified NFS server (showmount -a). o List all directories remotely mounted on the specified NFS server (showmount -d). You can use the "nfsstat" utility to display the number of NFS v2, NFS v3, and Mount v3 calls made to the server since the counters were set to 0, either when the service started or when the counters were reset using nfsstat –z. -------------------------------------------------------------------------------- Troubleshooting (this occured after r2 upgrade and NFS Services installation) Event Type: Error Event Source: Srv Event Category: None Event ID: 2011 Date: 2/11/2007 Time: 6:48:49 PM User: N/A Computer: EMERALD Description: The server's configuration parameter "irpstacksize" is too small for the server to use a local device. Please increase the value of this parameter. http://support.microsoft.com/?id=177078 http://support.microsoft.com/?kbid=285089 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters dword:IRPStackSize In Windows 2000 and XP, the default value of IRPStackSize is 15, the range is 11 to 50.