Configure Legacy Local NAS Authentication
If you are not using a directory service to authenticate user access, you must configure local authentication.
After configuring StorNext NAS for local authentication, you can add, delete, or change a user’s password using the commands described in the following sections.
Note: ACLs are not supported in local authentication. The permission relies on the valid users option to provide access (see Valid Users Option).
Note: For a list of all the Appliance Controller commands, see the Command Index.
Step 1: Configure Local NAS Authentication
- Log in to the Appliance Controller CLI.
- At the prompt, enter the following:
auth config local [WORKGROUP]
Example:
>
auth config localApplying local configuration settings ...
Successfully configured local authentication
The optional parameter is:
<WORKGROUP>Workgroup name for local authentication to allow access to NAS shares.
Configure local authentication using a workgroup
Here's how to determine the workgroup, and configure it with local NAS authentication.
- Log in to the Appliance Controller CLI.
- To determine if a workgroup name has been assigned, enter:
- Enter the following (where TEST is the workgroup name we will assign to use for local authentication):
- Show the new workgroup in place. Enter:
> auth show config detail
Output:
Status: OK
Type: localsam
Domain: localdomain
URL: ldaps://127.0.0.1:636
DC: dc=localdomain
CN: cn=Manager,dc=localdomain
Workgroup: WORKGROUP
Netbios Name: VSOP-NAS01
All ID Map Range: 10-2147483647
In this case, we see that the default workgroup of WORKGROUP (in green) is currently in use, meaning that we can apply a new workgroup name, and configure it for local authentication.
> auth config local TESTAuth-configuration starting ... Applying local configuration settings ... Checking SMB interface list: lo 10.65.181.156 Checking SMB interface 'eth0:10.65.181.156' status ... Successfully configured local directory services authentication
> auth show config detail
Output:
Status: OK
Type: localsam
Domain: localdomain
URL: ldaps://127.0.0.1:636
DC: dc=localdomain
CN: cn=Manager,dc=localdomain
Workgroup: TEST
Netbios Name: VSOP-NAS01
All ID Map Range: 10-2147483647
Notice that the TEST workgroup (in green) has been assigned to be used for local authentication.
Step 2: Add a Local User
- Log in to the Appliance Controller CLI.
- At the prompt. enter the following:
auth add local user <username> [<UID> <GID>]
The parameters are:
<username>User for whom to allow access to NAS shares.
[<UID> <GID>](Optional) Specify a UID and GID for the newly created user.
- At the prompt, enter the user’s password, and re-enter it for verification at the following prompt.
Example:
> auth add local user sally
Please enter a password for the new user
Re-enter the password
Waiting for 'sally' to be added ...
User 'sally' has been added, restarting security services ...
Added user sally
Step 3: Change a Local User's Password
- Log in to the Appliance Controller CLI.
- At the prompt, enter the following:
auth change local password <username>
The parameter is:
<username>User for which to change the password.
- At the prompt, enter the user’s new password, and re-enter it for verification at the following prompt.
Example:
> auth change local password sally
Please enter the new password
Re-enter the password
Modified password for user sally
Step 4: Delete a Local User
- Log in to the Appliance Controller CLI.
- At the prompt, enter the following:
auth delete local user <username>
The parameter is:
<username>User to delete.
- At the prompt, enter Yes to confirm the deletion.
Example:
> auth delete local user sally
Are you sure you want to delete the user sally (Yes/no)?Yes
Deleted user sally
