Assigning Network Share Ownership Using Active Directory

Creating Network Attached Storage (NAS) Shares with Active Directory using QuantaStor has always been an easy process, and now with the latest QuantaStor release we’ve made Active Directory integration even easier by adding new security policies that let storage administrators assign owners to specific group shares with just a few mouse clicks.

Microsoft’s Active Directory (AD), included in most Windows Server operating systems, is a directory service for Windows domain networks that acts as an information hub for the operating system.

Active Directory brokers relationships between distributed resources such as user account information, email address books, firewalls or network devices. One example would be an Active Directory domain controller authenticating and authorizing all users and computers in a Windows domain network by assigning and enforcing security policies for computers and installing or updating software.

Joining an Active Directory Domain

With QuantaStor, storage appliances can be joined to Active Directory (AD) domains so that CIFS Network Share access is granted to specific AD users and AD groups.

To join a domain go to the “Network Shares” menu, select “Configure CIFS” in the top ribbon bar, or by right clicking in the “Network Shares” space and selecting “Configure CIFS Services” from the context window (Figure 1). Check the box to enable Active Directory and provide the necessary information. If you have any problems joining the domain verify that you can ping the IP address of the domain controller and that you are also able to ping the domain itself.

domain join

Figure 1

Managing CIFS Owner Access

CIFS access can be controlled on a per user basis with the ability to assign Owner access to specific shares from within the Modify Network Share window. (Figure 2)

cifsowneraccess

Figure 2

You can also select the different users/groups that are present within a domain. This can be done the same way as using the QuantaStor users, but by selecting “AD Users” or “AD Groups.” You can set the access to either “Valid User,” “Admin User,” or “Invalid User.” (Figure 3)

modifynetworkshare
Figure 3

Finally, you can set permission at the file level by clicking on the on “File Permissions” tab. (Figure 4)

 adpermissions
Figure 4

Leaving an Active Directory Domain

To leave a domain open the “Network Shares” section and select “Configure CIFS” in the top ribbon bar, or by right clicking in the “Network Shares” space and selecting “Configure CIFS Services” from the context window. Unselect the checkbox to disable active directory integration. If you would like to remove the computer from the domain controller you must also specify the domain administrator and password. After clicking “OK” QuantaStor will then leave the domain. (Figure 5)

cifsconfiguration

Figure 5



Categories: Active Directory, Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: