Today’s video outlines how to configure Openfiler and continues where I left off from the installing OpenFiler video. This article assumes that you have already already installed Openfiler. For instructions on how to do that see our video on installing openfiler.
**Note: This information came from a previous site of ours, so the information may be out of date
For those of you who don’t feel up for watching a video I have written instructions below:
Open Filer has two methods for authentication, NT/AD Authentication and LDAP Authentication. If you are using LDAP authentication you can either use an extrernal LDAP server or use the LDAP server included with Openfiler. In this tutorial I will assume you are using the integrated LDAP Server.
To setup LDAP, click on the Accounts tab at the top. On the accounts page, Check the box next to Use LDAP, then check the box next to use local LDAP Server.
By Default the base DN is: dc=example,dc=com
It is ok to leave this value alone, but if you have another domain name you want to use, simply replace example and com with whatever you want. For example; if you want to use everythingvm.com as your domain name, you would enter dc=everythingvm,dc=com
The next item is the Root Bind DN. The default value is Openfiler. It won’t work if you leave this value as default. You need to enter the right syntax. Assuming you want the Hostname to remain Openfiler, and the domain name is everythingvm.com you would enter the following: dc=openfiler,dc=everything,dc=com
Next check the box next to SMB LDAP Configuration; then scroll to the bottom of the page and click Submit.
Next click on the Services tab and verify that the LDAP service is now enabled. If LDAP is now enabled then you know the LDAP server is working.
Now that LDAP has been configured you can start creating users and groups. All users need to at least one group. To create the first group, click on the Accounts tab, then on the right side click on Administration.
Ensure the Group Administration tab is selected, enter the name of the group you want to create: Example,:Normal Users
Click Add Group.
The next step is to create a user. Click on the User Administration tab,
Enter the user name for the user you want to create, Example: Seanp
Enter the password in both the Password and Retype Password fields.
In the primary group field, select the Normal Users group, click Add User.
Click on the Volumes tab, click on Create new Physical Volume.
Listed will be all the physical disks in your system. Click on the disk you want to create the Volume on (Example: /dev/sdb)
Scroll to the bottom of the page, change the partition type to Physical Volume
Enter the starting and Ending Cylinders, then verify the size column shows the size of Volume you are aiming for. If you want to create a smaller volume, reduce the number of the Ending Cylinder.
Click Create to create the Volume.
The next screen will show you a pie chart demonstrating how much of the disk has been allocated.
Next we need to create a Volume Group, click on the Volume Groups link on the right side of the page. Enter the name of the Volume Group, check the box next to the Physical Volume you just created, then click Add Volume Group.
Now that we have created a Volume Group and added a volume to it, we need to create a logical Volume or Partition as some people call it. On the right side, click on Add Volume.
The next screen will show you a pie chart telling you how much of the volume group is still available. Enter the name you want the Volume to be known by, Example: MyShare
Use the slider to choose how large you want the volume to be. In the drop down, select the file system type you want to use for this volume: Example: EXT3 or iSCSI. If you are creating an iSCSI LUN, you would select iSCSI, if you plan on creating a file share, you want to select XFS or EXT3.
For the purpose of our example, I will first create an EXT3 partition/volume using 50% of the Volume Group, then create a second partition/volume by clicking on Add volume on the right side and selecting iSCSI.
Network ACL’s (Access Control Lists) allow you to control access to your storage system based on the IP address of the client. Provided you have good network security, it is an easy way to restrict access and not have to deal with user-names and passwords.
To configure Network ACL’s:
*Note* If you use the above examples, you would be setting access controls which would affect any computers whose IP addresses begin with 10.
4. Click Update
Repeat steps one thorugh four to create as many ACL’s as you please. You will be able to grant or restrict access based on these ACL’s when you create your shares and LUN’s.
OpenFiler is capable of sharing files using many protocols. In order to create a share you must first enable the service, then create the share.
*Note* You can either select Public Guest Access, or Controlled Access. If you select Public Access, there will be no username/password required to access the share, but we can still use Network ACL’s to control Access.
So far we have covered sharing files using Open Filer, this would be using OpenFiler as a Network Attached Storage device (NAS). iSCSI is known as a SAN protocol and works by sending SCSI commands over a network.
Before proceeding, review the Creating Volumes section of this document and create an iSCSI Volume.
To create an iSCSI LUN:
At this point your LUN has been created. For information on how to connect to your LUN from different clients, see the article on Connecting to Storage Systems using iSCSI, NFS< and CIFS (SMB).