Creating Network Attached Storage (NAS) Shares with Active Directory using QuantaStor has always been an easy process, and now with the latest QuantaStor release we’ve made Active Directory integration even easier by adding new security policies that let storage administrators assign owners to specific group shares with just a few mouse clicks.
Microsoft’s Active Directory (AD), included in most Windows Server operating systems, is a directory service for Windows domain networks that acts as an information hub for the operating system.
Active Directory brokers relationships between distributed resources such as user account information, email address books, firewalls or network devices. One example would be an Active Directory domain controller authenticating and authorizing all users and computers in a Windows domain network by assigning and enforcing security policies for computers and installing or updating software.
Joining an Active Directory Domain
With QuantaStor, storage appliances can be joined to Active Directory (AD) domains so that CIFS Network Share access is granted to specific AD users and AD groups.
To join a domain go to the “Network Shares” menu, select “Configure CIFS” in the top ribbon bar, or by right clicking in the “Network Shares” space and selecting “Configure CIFS Services” from the context window (Figure 1). Check the box to enable Active Directory and provide the necessary information. If you have any problems joining the domain verify that you can ping the IP address of the domain controller and that you are also able to ping the domain itself.
Managing CIFS Owner Access
CIFS access can be controlled on a per user basis with the ability to assign Owner access to specific shares from within the Modify Network Share window. (Figure 2)
You can also select the different users/groups that are present within a domain. This can be done the same way as using the QuantaStor users, but by selecting “AD Users” or “AD Groups.” You can set the access to either “Valid User,” “Admin User,” or “Invalid User.” (Figure 3)
Finally, you can set permission at the file level by clicking on the on “File Permissions” tab. (Figure 4)
Leaving an Active Directory Domain
To leave a domain open the “Network Shares” section and select “Configure CIFS” in the top ribbon bar, or by right clicking in the “Network Shares” space and selecting “Configure CIFS Services” from the context window. Unselect the checkbox to disable active directory integration. If you would like to remove the computer from the domain controller you must also specify the domain administrator and password. After clicking “OK” QuantaStor will then leave the domain. (Figure 5)
Categories: Active Directory, Security
Leave a Reply