Skip to content

Adding an NFS Application

In order to integrate with NFS, we must first create an application entry in File Access Manager. This entry includes the identification, connection details, and other parameters necessary to create the link.

To add an application, use the New Application Wizard.

  1. Go to Admin > Applications.
  2. Select Add New to open the wizard.

Select Wizard Type

  1. Select Standard Application
  2. Select Next to open the General Details page.

General Details

  • Application Type - NFS
  • Application Name - Logical name of the application
  • Description - Description of the application
  • Tags - Select tags for the application from the dropdown menu, and / or type a new name, and select Enter to create a new tag. The dropdown list of tags filters out matching tags as you type and displays up to 50 tags.

    Note

    The tags replace the Logical container field that was used when creating applications in releases before 8.2

  • Event Manager Server - This option is available if there are more than one event manager servers configured in the system.

    Select an event manager from the drop down menu.

  • NIS Identity Collector - You can choose to assign an identity collector that’s configured over a Linux NIS server. Select an identity collector from the dropdown list.

  • AD Identity Collector - You can choose to assign an identity collector that’s configured over a Windows Active Directory service. Select an identity collector from the dropdown list.

    Note

    You can create identity collectors in the business website. Select the Refresh button to update the Identity Collector dropdown list after adding a new identity collector.

Select Next. to open the Connection Details page.

Connection Details

  • Server Address - The network address of the NFS server – any network-reachable address is valid - IP Address / WINS / DNS

  • Shell Protocol - Select whether to use SSH (default) or Telnet when connecting to the server to gather local users & groups

  • Shell Port - The target remote port for SSH/Telnet connection (Default: 22)

  • Shell Username - The username for interactive shell login.

    This field can contain:

    • NIS username
    • Local user’s UID
    • “root” (not recommended for security reasons)
  • Shell Password - The password to use when connecting to SSH/Telnet

  • NFS Version - Select from the dropdown list. (default: v3)

  • Authentication Type (for NFS version v4) - When you configure an NFSv4.1 server, this dropdown allows configuring the scheme of NFS authentication.

    • Select Unix for classic NFS authentication (using UID/GID) or Kerberos for NFSv4-style authentication (using RPCSEC_GSS over NFSv4.1).

    • Default value - Unix

    Note

    NFSv3 supports only Unix authentication. NFSv4.1 supports both Unix and Kerberos authentication.

Unix Authentication

For Unix authentication, fill in the following fields:

  • Username - When connecting to the NFS file server. This field can contain

    • NIS user name
    • Local user’s UID
    • “root” (not recommended for security reasons)
  • Group Name - When connecting to the NFS file server. This field can contain:

    • NIS group name
    • Local group’s GID
    • “root” (not recommended for security reasons)

Kerberos Authentication

For Kerberos authentication, fill in the following fields:

Server SPN

The NFS server’s service principle name as defined in your Active Directory (or other KDC). This value can be found in:

  • NFS server’s Computer Account in the Active Directory – under the servicePrincipleName attribute.
  • On the NFS server’s Unix/Linux machine, run the following commands:

    – `ktutil`
    – `read_kt /etc/krb5.keytab`
    – `list`
    

    Note

    /etc/krb5.keytab is the default location of the keytab file, but it may vary in your environment.

  • Domain Name - The NetBIOS domain name of the user when connecting to the NFS server

  • Username - When connecting to the NFS server
  • Password - The password when connecting to the NFS server

Select Next.