Filr is now ready for Open Enterprise Server 2015!!!
Let’s take a deep dive into how you can use one of specific feature of Open Enterprise Server 2015 – “NSS-AD Support”.
Overview of NSS-AD Support :
With the NSS-AD support in Open Enterprise Server 2015 release, Active Directory users can seamlessly access the Storage Services (NSS) as eDirectory users do. This feature enables an existing AD user to use the AD services as well the NSS volumes simultaneously.
With Filr 2.0 also, the NSS volumes can be simultaneously accessed by both eDirectory and Active Directory Users from a single Net Folder.
Introduction to Net Folder Servers and Net Folders in Filr :
The storage resources (NSS volumes and NTFS shares) are accessed from Filr by configuring Net Folder Servers (NFS) and Net Folders. Net Folder Servers are connections to NSS volumes on NetWare and Open Enterprise Server file servers, and to shares on Windows file servers. Net Folders are connections to specific directories on Net Folder Servers.
Filr recognizes the type of Volume/Share through the Server-Type of Net Folder Server configured by the administrator.
A recap of Open Enterprise Server Integration with Filr :
In the earlier Filr releases, we had three server types namely Microsoft-Windows for Windows Shares, Novell Open Enterprise Server for NSS volumes and Netware for Netware Volumes. In these releases, only an eDirectory user could access the NSS volumes.
Starting from Filr 1.2 release, Share Point Support was also introduced and thus a new Server Type Microsoft Share Point was added.
Now with NSS-AD support in place in OES 2015, even an Active Directory user could also access the NSS volumes. To support this in Filr, a new server type called “Novell Open Enterprise Server (NSS for AD)” has been added. Information about the “Protocol used and Authentication Type” and configuring NSS-AD Net Folder is described in the below sections.
Authentication and Protocol Information for NSS-AD :
In Filr 2.0, a new Server Type called “Novell-Open-Enterprise Server (NSS for AD)” has been added. This new Server Type can be selected when creating or editing the Net Folder Server in the Filr Administration Page. When this Server Type is selected, the default File Access Protocol is CIFS.
The default Authentication mechanism is Kerberos for Active Directory users and NTLM for e-Directory Users. If Kerberos is not available then the default authentication will be NTLM.
Pre-Configuration to be considered for OES2015 before configuring NSS volumes in Filr :
- Ensure that the NSSAD support for OES 2015 is installed and Configured as per the instructions specified under the documentation link https://www.novell.com/documentation/oes2015/stor_nss_ad_lx/data/b17in544.html.
- The above documentation link also covers on how the NSS volumes must be AD enabled and how to assign rights to Active Directory Users.
Prerequisites to be considered when configuring NSS-AD Net Folders in Filr :
The following pre-requisites need to be kept in mind before configuring
- Ensure Net Folder-Server server type is selected as “Novell-Open-Enterprise Server (NSS for AD)” and the CIFS service is running in Open Enterprise Server.
- There should be time sync between the Filr Server, Open Enterprise Server 2015 Server which joined to the AD Domain and the Domain controllers.
- The proxy user must be an eDirectory user having Supervisor rights on the NCP server object and must be LUM enabled for Filr to successfully create the NFS Trustee Cache.
- For Active Directory Users, the Default Authentication Protocol while accessing NSSAD volumes is Kerberos. Hence the DNS configuration in Filr should be able to resolve both the OES server and the AD server.
- In NSSAD-DFS environment, the Trustee cache file of the DFS Junction will get created only if the Volume is explicitly scanned in iManager.
- There may be scenarios where there is a need to upgrade the OES servers say from OES11SP2 to OES2015 and the Net Folder Server type needs to be changed to support the new features like NSSAD. In such scenarios succeeding to the change in server type, a restart of FAMT is required for the changed protocol corresponding to the changed server type to be effective.
Configuration of NSSAD volumes in Filr :
For Configuring NSSAD net folders in Filr, following are the steps are to be followed.
- Create a Net Folder Server pointing to NSSAD volume and select the server type as Novell-Open-Enterprise Server (NSS for AD) as shown below.The OES server IP address or Host name along with the Volume name must be specified in the Server path.
Figure-1: NFS Creation
- Provide the Proxy User credentials of the Net Folder-Server. Please note that the proxy user is the eDirectory user who is LUM enabled, Universal Password Enabled, belongs to the allowed user CIFS contexts and has supervisor rights on the NCP server object.
Figure 2: NFS Authentication
- Create a Net Folder pointing to the above Net Folder Server as shown below.
Figure 3: Creation of Net Folder
- Assign Rights and Sync the Net Folder.
Figure 4: Assigning Rights to AD user in NF.
- Logout as the admin and Login as the user “filr_ad_user”.
Figure 5: Filr Web-Client Login
- After Navigating to the Net Folder “NSSAD-NETFOLDER”, we could see the File/Folder listing as follows.
Figure 6: AD User Accessing Net Folder
- Similarly on a Windows 10 Filr Client, we could Login to the Filr Client and then access the Net Folder. Please note that there is no need for Filr Client to be joined to the AD domain to access the NSSAD Net folders.
Figure 7: Filr Client Login
Figure 8: User Accessing Net Folders through Filr Client.
Now you are all set to use the capabilities of Open Enterprise Server 2015’s NSS AD with the same ease, security & control you have for OES, Windows & SharePoint 2013 files and folders!!!