Overview of BASIC NFS SERVER PERMISSIONS (NFS 2.x).
(Last modified: 09Oct2002)
This document (10014565) is provided subject to the disclaimer at the end of this document.
goal
Overview of BASIC NFS SERVER PERMISSIONS (NFS 2.x).
fact
Novell NetWare 4.11
Novell NetWare 5.0
Novell NFS 2.4
IntraNetWare NFS 2.12
IntraNetWare NFS 2.3
Formerly TID 2918775
fix
A. EXPORT THE NETWARE DIRECTORY
1. LOAD UNICON and make the following selections:
Manage Services -> NFS Server -> Export NetWare Directories
2. Select the directory to export, and check the following export options:
Assign Trusted Hosts (All hosts are trusted if none are specified, so you may want to leave this field empty while testing.)
Hosts with Root Access (Default is Nobody, which means root will authenticate as nobody, ID -2, if no hosts are specified.)
Select the appropriate hosts.
Anonymous Access (If No, only owner and group have access.) Select Yes to open up to anybody.
Access Control Mode (Default is NFS NetWare Mode #2 - best for troubleshooting)
B. MAP USERS
1. From the main menu of UNICON, select Manage Global Objects -> Manage Users -> All Entries.
2. Map the Unix Superuser (usually called Root, UID of 0) to the Novell administrative user Admin (or a user with Admin rights).
3. Map other NetWare users to Unix users as needed for group memberships. (See next step.)
C. MAP GROUPS
1. From the main menu of UNICON, select Manage Global Objects -> Manage Users -> All Entries.
2. Verify that the Unix group World (which has a GID of -1) is mapped to the NDS container in which your server is installed.. This
mapping should occur automatically if both objects exist in the list.
a. If world is not in the list, press insert and follow the prompts to create an Unix group world with GID of -1.
b. If the container object is not displayed in the list of NetWare groups on the left side of the screen, make sure NETDB.NLM is
logged in to NDS as the Unix service handler user. If it is not, you may need to re-initialize the required objects in the correct context
with this console command: LOAD UNICON /L NFS. Also verify that time is synchronized to the network by typing TIME at the
console prompt.
3. Map remaining NetWare groups to UNIX groups as needed.
NOTE: Check the membership list for the mapped group by highlighting the group and pressing return, then selecting User
Membership. If the user name is enclosed in brackets, it indicates that the user is not mapped. Go back to the Manage Users
screen and map the users.
C. SET PERMISSIONS
1. From the main menu of UNICON, select Perform File Operations -> View/Set File Permissions.
2. Select the path to the directory or volume to be exported (press Insert, and browse if the correct path is not displayed).
3. On the File Information screen, edit the Unix User ID and Unix Group ID fields to set the ownership. Next, set the NFS
permissions to 777 for testing by setting all three permissions categories to rwx, as shown below:
NetWare Owner: Admin Unix User ID: 0
NetWare Group: (As Mapped) Unix Group ID: (As mapped)
NFS Permissions: [U=rwx] [G=rwx] [O=rwx]
Note: When using NFS-NetWare Mode #2, you can change file permissions and ownership more easily from the Unix side by using
the CHMOD and CHGRP commands with the recursive switch. From the NetWare side they can only be changed one at a time using
Unicon as shown above.
4. After you have verified that NFS Server works in a wide-open configuration, you may wish to customize your configuration by
changing the NFS permissions, ownership, trusted hosts, NetWare rights, etc, to restrict access.
document
| Document Title: | Overview of BASIC NFS SERVER PERMISSIONS (NFS 2.x). |
| Document ID: | 10014565 |
| Solution ID: | 4.0.26702553.2281644 |
| Creation Date: | 18Aug1999 |
| Modified Date: | 09Oct2002 |
| Novell Product Class: | Connectivity Products |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.