Server for NFS allows the administrator to set the mount permissions for NFS shares for groups of client computers, simplifying management. The NFS export (share) can be made available as a read-only share, a read-write share, or access can be denied for a group of computers. Root access can also be set by group.
Create Client Group in Server for NFS
NFS client computers can be logically grouped to enable the administrator to easily manage mount permissions for all the computers in a group without having to set them for individual machines. The first step in this process is creating the client groups.
To create a client group:
- Log on to the Server for NFS computer with an administrative level account.
- Click Start, Programs, Services for UNIX, Services for UNIX Administration to open the SFU Administrative MMC.
- Click the Server for NFS pane. Click on the Client Groups tab.
- In the Group Name field, type in the name for the new group and click New.
- With the new name highlighted, click Advanced to see the clients in the group and be able to add new clients.
- Enter a client name in the Type the name of the client machine you want to add field, and then click Add to add it to the group.
- Continue adding client machines to the group as desired. When you have finished, click Apply to actually create the client group.
Set Mount Permissions for Client Group in Server for NFS
Mount permissions for Server for NFS shares default to read-only, no root access, for all clients. The administrator can change this, either at the time the share is created, or later.
To set the mount permissions for a shared folder:
- Log onto the Windows server with an administrative level account.
- Open Windows Explorer.
- Highlight the folder you want to set the permissions for and right click. Select Sharing.
- Click on the NFS Sharing tab.
- If the folder is not already shared, click Share this folder.
- Click on the Permissions button.
- Set the global permissions for the All Machines client group (default is read only, no root access.)
- Click Add to bring up the Add Clients and Groups dialog. From here you can add groups of client machines and set their access permission, or type in the name of an individual computer to set permissions for just that node.
- When you have set the permissions as you want them, click OK to add the client group.
- Click OK again to make the change, then finish setting any other options for the NFS share and click OK to finish sharing the folder via NFS.Note: You should install at least one User Name Mapping service on your network to map UNIX and Windows user names to each other. For instructions on how to install and configure User Name Mapping service, see article in our REFERENCES section.
If Server for NFS is installed on a non domain controller, you must also install the Server for NFS Authentication module on the local machine. See KB article:
HOW TO: Set Up Server for NFS
For more information about performing maintenance tasks after migrating from UNIX to Windows, see the Knowledge Base article:
How To: Perform Maintenance and Ancillary Tasks After a UNIX-to-Windows Migration
For more information about configuring the User Name Mapping service, see the Knowledge Base article:
HOW TO: Configure User Name Mapping
Article ID: 324221 - Last Review: October 30, 2006 - Revision: 2.2
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows XP Professional
- Microsoft Windows NT 4.0 Service Pack 6a
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows Services for UNIX 3.0 Standard Edition
|kbhowto kbhowtomaster KB324221|