16.7 NetStorage Implementation and Maintenance

16.7.1 About Automatic Access and Storage Locations

The inherent value of NetStorage lies in its ability to connect users with various servers and file systems. Some connections are created automatically depending on the OES platform where NetStorage is installed. Other connections must be created by the network administrator.

NetStorage provides automatic access to:

  • NSS volumes on the same server that use the default mount point (/media/nss)

  • User Home directories that are specified in eDirectory on NCP or NSS volumes.

  • Drive mapping locations in login scripts of the user logging in (if the NCP Server for Linux is running on the server)

Administrators can create storage locations to storage on any of the target servers illustrated in Figure 16-3, including Dynamic Storage Technology (DST) volume pairs and Distributed File Services (DFS). For instructions on creating Storage Locations, see Creating a Storage Location Object in the OES 2018 SP3: NetStorage Administration Guide for Linux.

16.7.2 Assigning User and Group Access Rights

Because NetStorage provides access to other file storage systems, the users and groups that access the other systems through NetStorage must be granted file and directory access on those systems.

For example:

  • eDirectory users must exist in the eDirectory tree where the OES server resides and have access rights to the files and directories on the OES server.

  • Windows users must exist on the Windows systems and have the required access rights to the files and directories on those systems.

IMPORTANT:The eDirectory usernames and passwords that are used to authenticate to the NetStorage (OES) server must match the usernames and passwords defined on the target systems.

16.7.3 Authenticating to Access Other Target Systems

The OES installation establishes a primary authentication domain (or context) for NetStorage. To access any storage location, users must exist somewhere in this primary domain. When it receives an authentication request, NetStorage searches for the username in the context you specified during OES installation and in all its subcontexts.

Authentication to other file systems is often controlled by other authentication domains. For example, you might create a storage location on the OES server that points to a legacy NetWare server that resides in a different eDirectory tree. To access this storage location, users must authenticate to the other tree.

This means that you must specify an additional context in the NetStorage configuration as a non-primary authentication domain.

When defining a non-primary authentication domain, you must

  • Ensure that the username and password in the non-primary domain matches the username and password in the primary domain.

  • Specify the exact context where User objects reside. In contrast to the way it searches in the primary authentication domain, NetStorage does not search the subcontexts of non-primary authentication domains.

For more information about managing NetStorage authentication domains, see Authentication Domains in the OES 2018 SP3: NetStorage Administration Guide for Linux.

16.7.4 NetStorage Authentication Is Not Persistent by Default

By default, users must reauthenticate each time they access NetStorage in a browser. This is true even if another browser window is open and authenticated on the same workstation.

The reason for this is that persistent cookies are not enabled by default.

This setting can be changed. For more information, see Persistent Cookies in the OES 2018 SP3: NetStorage Administration Guide for Linux.

16.7.5 NetStorage Maintenance

Your NetStorage installation can change as your network changes and evolves by providing access to new or consolidated storage locations. For information about the kinds of tasks you can perform to keep your NetStorage implementation current, see the OES 2018 SP3: NetStorage Administration Guide for Linux.