Enabling Active Directory Authentication

Join the FluidFS cluster to an Active Directory domain to allow it to communicate with the directory service.

By default, the FluidFS cluster uses the domain controller returned by Active Directory. Alternatively, you can designate a domain controller if you want to ensure that the FluidFS cluster uses a specific domain controller. Adding multiple domain controllers ensures continued authentication of users in the event of a domain controller failure. If the FluidFS cluster cannot establish contact with the preferred server, it will attempt to connect to the remaining servers in order.

An Active Directory service must be deployed in your environment.

The FluidFS cluster must have network connectivity to the directory service.

You must be familiar with the Active Directory configuration.

The FluidFS cluster requires credentials from an Active Directory account for the join operation. The join operation is the only action for which these credentials are required, and they are not stored or cached by the FluidFS cluster.

Use one of the following options for the account used to join the FluidFS cluster to the domain:

Use a Domain Admin account. This is the preferred method.

Use an account that has the "join a computer to the domain" privilege, as well as having full control over all computer objects in the domain.

If both of the above options are unavailable, the minimum requirements for an account are:

*An Organizational Unit (OU) admin that has the "join a computer to the domain" privilege, as well as having full control over objects within that OU, including computer objects.

*Before joining the FluidFS cluster to the domain, a computer object must be created by the OU admin for the FluidFS cluster; in the OU privileges to administer are provided. The FluidFS cluster computer object name, and the NetBIOS name used when joining it, must match. When creating the FluidFS cluster computer object, in the User or Group field under permissions to join it to the domain, select the OU admin account. Then, the FluidFS cluster can be joined using the OU admin credentials.

FluidFS clusters need read access for the tokenGroups attribute for all users. The default configuration of Active Directory for all domain computers is to allow read access to the tokenGroups attribute. If the permission is not given, Active Directory domain users that are in nested groups or OUs encounter Access Denied errors, and users that are not in nested OUs or groups are permitted access.

The Active Directory server and the FluidFS cluster must use a common time server.

You must configure the FluidFS cluster to use DNS. The DNS servers you specify must be the same as those your Active Directory domain controllers use.

1.Click the Access Control tab on the left.

2.Click the User Repositories tab on the top.

3.In the Active Directory for CIFS and NFS users Authentication pane, click .

4.Click Join.

The Join Active Directory dialog box appears.

5.In the Active Directory domain name field, type a domain to which to join the FluidFS cluster.

6.(Optional) To add preferred controllers for the join operation and users authentication:

a)Select the Consider these controllers as preferred check box.

b)Type a domain controller host name or IP address in the controllers text field and click Add.

c)Repeat step (b) for each controller you want to add.

77

Page 77
Image 77
Dell NX3600, NX3500, NX3610 manual Enabling Active Directory Authentication

NX3500, NX3600, NX3610 specifications

The Dell NX series, including the NX3610, NX3600, and NX3500, represents a robust and efficient solution for organizations seeking to optimize their storage solutions. These storage appliances are designed to meet the growing needs of data-driven businesses, providing a comprehensive platform that integrates software and hardware for optimal performance.

The Dell NX3610 is a high-performance storage solution that boasts an advanced dual-controller architecture. This model supports enhanced scalability and redundancy, ensuring that organizations can handle increasing data loads effortlessly. It is built for faster data access with a range of connectivity options, including 10GbE and iSCSI, enabling seamless integration into diverse IT environments. The NX3610 supports advanced file sharing capabilities, making it ideal for businesses requiring efficient collaboration and data access across multiple platforms. Furthermore, with features like snapshot and replication, users can ensure data integrity and security, minimizing downtime in case of system failures.

The NX3600, while slightly smaller in capacity compared to the NX3610, still delivers formidable performance and flexibility. It is designed to cater to mid-sized businesses that need a reliable and cost-effective storage solution. The NX3600 features a single-controller architecture, making it easier to manage and deploy in smaller IT environments. It offers support for various storage protocols, including NFS and CIFS, which are essential for organizations looking to support diverse application workloads. Its easy-to-use management interface makes it simple for IT teams to monitor and configure settings, ensuring optimal performance with minimal effort.

The NX3500 serves as an entry-level model within the NX series, specifically targeted at small to medium-sized businesses. It combines affordability with essential features needed for efficient data storage and sharing. The NX3500 is equipped with a user-friendly interface and includes support for both file-based and block-based storage, offering flexibility for diverse workloads. Moreover, the appliance features integrated backup solutions, which are crucial for ensuring data safety and compliance. Users will also appreciate its robust data deduplication and compression capabilities that significantly reduce storage costs by minimizing the amount of data stored.

In summary, the Dell NX3610, NX3600, and NX3500 are engineered to cater to various business sizes and storage demands. With their sophisticated technologies, including dual-controller systems, rich protocol support, and user-friendly management features, these appliances deliver reliable, scalable, and efficient storage solutions for any organization looking to enhance its data management capabilities.