Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
cloudproviders:nasuni [2022_07_29 15:03] – dan | cloudproviders:nasuni [2024_04_25 14:38] (current) – [Guidelines and Notices] smeadmin | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Nasuni Connector ====== | ====== Nasuni Connector ====== | ||
- | == last updated on July 29, 2022 == | ||
- | Nasuni replaces traditionally isolated, fixed, network attached storage (NAS) and filesystems with a unified, infinitely scalable, cloud-based global file services platform. Users and applications access this global shared data through Nasuni Edge appliances deployed in data centers and offices all around the world. The Edge appliances provide local SMB access to data, caching active files and metadata for fast access. | ||
- | The Enterprise File Fabric platform extends the Nasuni global file system, supporting remote, mobile | + | <WRAP center round important 60%> |
+ | The latest information on Nasuni | ||
+ | </ | ||
+ | |||
+ | == last updated June, 2023 == | ||
+ | |||
+ | Nasuni replaces traditionally isolated, fixed, network-attached storage (NAS) and filesystems with a unified, infinitely scalable, cloud-based | ||
- | The Nasuni | + | Nasuni |
- | The Nasuni connector | + | The Nasuni connector |
===== Overview ===== | ===== Overview ===== | ||
- | The Nasuni connector provides end-users with access to their data stored within the Nasuni platform via the Enterprise File Fabric | + | The Nasuni connector provides end-users with access to their data stored within the Nasuni platform via Nasuni Access Anywhere |
{{ : | {{ : | ||
- | The connector binds Identity and Access Management from the Enterprise File Fabric | + | The connector binds Identity and Access Management from Nasuni Access Anywhere |
- | Nasuni | + | Administrators will continue to manage and maintain file share permissions directly from the Nasuni file shares. Furthermore, |
===== Prerequisites ===== | ===== Prerequisites ===== | ||
- | Enterprise File Fabric (EFF) requirements: | + | Nasuni Access Anywhere |
- | * Version 1906.07 or higher | + | * Organization |
- | * Organization | + | |
* Organization connected to your Active Directory via the LDAP Auth Connector. | * Organization connected to your Active Directory via the LDAP Auth Connector. | ||
* AD Administrative account | * AD Administrative account | ||
Line 32: | Line 35: | ||
To begin adding the Nasuni connector, it must first be enabled in your applicable **Package** from your **appladmin** account. In the Package options, ensure that the **Nasuni** connector is checked for it to be available to the organization. | To begin adding the Nasuni connector, it must first be enabled in your applicable **Package** from your **appladmin** account. In the Package options, ensure that the **Nasuni** connector is checked for it to be available to the organization. | ||
- | Next, logging | + | Next, log into the Organization Admin account, visit the **Dashboard** and click the **Add new provider** button. |
From the dropdown list, select **Nasuni** and then click **Add provider**. | From the dropdown list, select **Nasuni** and then click **Add provider**. | ||
Line 40: | Line 43: | ||
* **Name** — This will be the friendly name of the provider. Your users will see this inside of their accounts. | * **Name** — This will be the friendly name of the provider. Your users will see this inside of their accounts. | ||
- | * **Username** - The Nasuni provider will index the storage using a credential set that can access the entire storage estate, normally the Administrator user. This field accepts the Username, and should include the domain, for example " | + | * **Username** - The Nasuni provider will index the storage using a credential set that can access the entire storage estate, normally the Administrator user. This field accepts the Username, and should include the domain, for example, " |
* **Password** - This is the password for the account used in the **Username** field. | * **Password** - This is the password for the account used in the **Username** field. | ||
- | * **Share Path** - This is the UNC path to the Nasuni Edge Appliance. Enter a Unix compatible path, for example: | + | * **Share Path** - This is the UNC path to the Nasuni Edge Appliance. Enter a Unix-compatible path, for example: |
/ / | / / | ||
Line 51: | Line 54: | ||
* **Use SMBClient for Listing** - Using the smbclient can have performance benefits and is recommended. | * **Use SMBClient for Listing** - Using the smbclient can have performance benefits and is recommended. | ||
- | * **Binding LDAP** - A prerequisite noted for this connector is an already established Active Directory connection via LDAP. This should be the same AD domain that is integrated with your Nasuni Edge Appliance. You should select this Enterprise File Fabric | + | * **Binding LDAP** - A prerequisite noted for this connector is an already established Active Directory connection via LDAP. This should be the same AD domain that is integrated with your Nasuni Edge Appliance. You should select this Authentication System from the list. |
- | <WRAP center round important 100%> | + | Before proceeding with the next step, it is advisable to review the number of threads that will be used for the Synchronization. Increasing the thread count can improve the rate at which the storage is indexed. For details on increasing that, [[:provider-synchronization|please see this guide]]. |
- | If you have not already configured at least one LDAP authentication system for the organization then it is possible to complete the provider configuration without specifying an authentication system for the provider. | + | |
- | </ | + | |
- | + | ||
- | Before proceeding with the next step, it is advisable to review the number of threads that will be used for the Synchronization. Increasing the thread count can improve the rate at which the storage is indexed. For details on increasing that, [[provider-synchronization|please see this guide]]. | + | |
Once completed, click **Continue**. | Once completed, click **Continue**. | ||
- | At this point, the EFF will connect to the Nasuni Edge Appliance, and perform a Provider Sync of the storage metadata. | + | At this point, the NAA will connect to the Nasuni Edge Appliance, and perform a Provider Sync of the storage metadata. |
During the phase of Provider Synchronization, | During the phase of Provider Synchronization, | ||
Line 73: | Line 72: | ||
If this option is not present on your Dashboard, then it may need to be enabled from the **appladmin**' | If this option is not present on your Dashboard, then it may need to be enabled from the **appladmin**' | ||
- | The Nasuni connector automatically establishes itself as a [[organisationcloud/ | + | The Nasuni connector automatically establishes itself as a [[admin/ |
- | When users next login to the EFF, they will observe a team shared folder at the root of their view, with access to the data stored on Nasuni. | + | When users next login to the NAA , they will observe a team shared folder at the root of their view, with access to the data stored on Nasuni. |
If you need to add multiple Nasuni Edge Appliances, this can be done by repeating the above steps. | If you need to add multiple Nasuni Edge Appliances, this can be done by repeating the above steps. | ||
===== Guidelines and Notices ===== | ===== Guidelines and Notices ===== | ||
+ | |||
<WRAP center round info 100%> | <WRAP center round info 100%> | ||
Starting with v2106, users who authenticate with SAML can use Nasuni providers. | Starting with v2106, users who authenticate with SAML can use Nasuni providers. | ||
Line 85: | Line 85: | ||
<WRAP center round tip 100%> | <WRAP center round tip 100%> | ||
- | Because this connector imports and applies access permissions in a way that prevents direct control in the File Fabric, some of the File Fabric's behaviours may differ from the behavior with other connector types. | + | Because this connector imports and applies access permissions in a way that prevents direct control in Access Anywhere, some of Access Anywhere's behaviours may differ from the behavior with other connector types. |
</ | </ | ||
- | * By design, this connector cannot be added by individual org members to create personal providers as it involves creating a Shared Team Folder for the organization' | + | * By design, this connector cannot be added by individual org members to create personal providers as it involves creating a Shared Team Folder for the organization' |
- | * For each Nasuni provider that you add, you will find a shared team folder created in the root of the Organization account. | + | * For each Nasuni provider that you add, you will find a shared team folder created in the root of the Organization account. |
- | * Generally, Trash and Versioning can be disabled, as the Nasuni file system will handle these capabilities natively. | + | * Generally, Trash and Versioning can be disabled, as the Nasuni file system will handle these capabilities natively. |
- | * The top level of a Nasuni share is a Shared Team Folder. | + | * The top level of a Nasuni share is a Shared Team Folder. |
- | * To prevent overloading your LDAP server with repeat requests, caching of user groups and SIDs is done within the EFF. The default cache expiration time is 300 seconds. This can be tuned using the following configuration parameter: | + | * To prevent overloading your LDAP server with repeat requests, caching of user groups and SIDs is done within the NAA . The default cache expiration time is 300 seconds. This can be tuned using the following configuration parameter: |
``` | ``` | ||
- | var $cifsldapcachetime | + | ffconfig set cifsldapcachetime 300 |
``` | ``` | ||
- | * The EFF will automatically manage specific mount points on the EFF host machine. Operations performed by users, such as opening, editing and sharing are performed on the individual user's mounts. This underpins the security of the connector. | + | * The NAA will automatically manage specific mount points on the NAA host machine. Operations performed by users, such as opening, editing and sharing are performed on the individual user's mounts. This underpins the security of the connector. |
* It is recommended to have the following configuration option enabled: | * It is recommended to have the following configuration option enabled: | ||
``` | ``` | ||
- | var $cifs_passwd | + | ffconfig set cifs_passwd 1 |
``` | ``` | ||
* If a user receives the message " | * If a user receives the message " | ||
\\ \\ | \\ \\ | ||
- | * If the password of a user who is using the File Fabric's desktop tools to access storage via this connector changes, she must log in via the web to cause the password to be refreshed, preventing mount errors. As of appliance 2106, end-users will be automatically logged out when passwords on Active Directory if the configuration option on the Authentication System is enabled to check for password changes. | + | * If the password of a user who is using Access Anywhere's desktop tools to access storage via this connector changes, she must log in via the web to cause the password to be refreshed, preventing mount errors. As of appliance 2106, end-users will be automatically logged out when passwords on Active Directory if the configuration option on the Authentication System is enabled to check for password changes. |
- | * It is recommended on the first setup to add this connector using your Organization | + | * You must add this connector using the Organization |
\\ \\ | \\ \\ | ||
* The baseDN that you specify for LDAP searches must be high enough in the tree to encompass both all of your users and all of your shares. | * The baseDN that you specify for LDAP searches must be high enough in the tree to encompass both all of your users and all of your shares. | ||
\\ \\ | \\ \\ | ||
- | * If the password of a user who is using the File Fabric's desktop tools to access storage via this connector changes, she must log in via the web to cause the password to be refreshed, preventing mount errors. | + | * If the password of a user who is using Access Anywhere's desktop tools to access storage via this connector changes, she must log in via the web to cause the password to be refreshed, preventing mount errors. |
\\ \\ | \\ \\ | ||
- | * Share names configured in the File Fabric | + | * Share names configured in Access Anywhere |
\\ \\ | \\ \\ | ||
- | * When a folder is being configured as the root of a share, the full folder path configured in the File Fabric | + | * When a folder is being configured as the root of a share, the full folder path configured in Access Anywhere |
\\ \\ | \\ \\ | ||
- | * When a user's permissions to access a folder are changed on the storage, that change will not be reflected in File Fabric's metadata until the File Fabric | + | * When a user's permissions to access a folder are changed on the storage, that change will not be reflected in Access Anywhere's metadata until Access Anywhere |
\\ \\ | \\ \\ | ||
<WRAP center round tip 100%> | <WRAP center round tip 100%> | ||
- | After you upgrade your Filer you should either drop all of the mounts on the Filer that are used by the File Fabric | + | After you upgrade your Filer you should either drop all of the mounts on the Filer that are used by Access Anywhere |
</ | </ | ||
- | See also [[multi-user-smb-guide]]. | + | See also [[:multi-user-smb-guide]]. |