Configure
Active Directory Lookup for UNIX GID and UID Information
So that NTFS
permissions can be properly mapped to UNIX user accounts, Integration
with Active Directory Domain Services (AD DS) must be set up between AD
DS and UNIX. This requires the proper schema extensions to be enabled in
the Domain. By default, Windows Server 2008 AD DS includes these schema
extensions. If installing Services for NFS into a downlevel schema
version of AD, such as with Windows Server 2003, the schema must be
extended first to Windows Server 2008 levels.
To enable AD DS Lookup
for Services for NFS, do the following:
1. | Open the Services for Network File System MMC Console
(Start, All Programs, Administrative Tools, Services for Network File
System).
|
2. | Right-click
the Services for NFS node in the node pane and choose Properties.
|
3. | Check the box to enable Active Directory Identity
mapping, and enter the name of the domain where Identity mapping will be
enabled in, as shown in Figure 2.
|
4. | Click OK
to save the changes.
|
Note
Windows Server 2008
Services for NFS still supports legacy User Name Mapping Service,
although installation of the User Name Mapping Service itself cannot be
done on a Windows 2008 server. It is preferable to use the AD DS
integration, however, rather than the User Name Mapping Service.
Configuring Client
for NFS and Server for NFS Settings
After enabling the
lookup method used for Services for NFS, you can configure the
individual Server for NFS and Client for NFS settings by right-clicking
the individual nodes and choosing properties. This enables you to change
default file permissions levels, TCP and UDP settings, mount types, and
filename support levels. For example, in Figure 3, the screen for customizing Client for
NFS permissions displays.
Creating NFS
Shared Network Resources
Configuring a Shared
Resource with Server for NFS requires opening the command prompt window
with elevated privileges (Start, All Programs, Accessories, right-click
command prompt, Run as Administrator) and then creating the share using
the nfsshare commandline utility. Type nfsshare /? for exact
syntax.
To create an NFS
Shared Network resource using the GUI interface, perform the following
tasks:
1. | From Windows Explorer on the server, navigate to the
folder that will be shared; right-click it and choose Properties.
|
2. | Select the NFS Sharing tab.
|
3. | Click the button for Manage NFS Sharing.
|
4. | Check the box to Share the folder, as shown in Figure 4.
Configure if anonymous access will be allowed (not normally recommended)
or configure any special permissions by clicking the Permissions
button.
|
5. | Click OK
and then Close to save the changes.
|
