© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP OpenVMS Common Internet File System.

Slides:



Advertisements
Similar presentations
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Advertisements

Module 1: Installing Windows XP Professional
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Homework 5b: Samba. Computer Center, CS, NCTU 2 Network-based File Sharing (1)  NFS (UNIX-based) mountd is responsible for mount request nfsd and nfsiod.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.
Samba Integrating SMB file systems with UNIX. Samba Provides a file server compatible with Windows 9x and NT.. SMB Can function in NETBIOS name browsing.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.
Lesson 18: Configuring Application Restriction Policies
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.
CMSC 691X – Summer 2002 Project By Pravin D’Souza.
Installing Samba Vicki Insixiengmay Jonathan Krieger.
UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.
© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.
Ch 8-3 Working with domains and Active Directory.
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.
Chapter 5 File and Printer Services
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Module 7: Configuring TCP/IP Addressing and Name Resolution.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
SAMBA Integrating Linux and Window. What is Samba? Free suite of programs that enables flavors of UNIX to work with other operating systems such as OS/2.
1 Chapter Overview Configuring and Troubleshooting the Display Configuring Power Management Configuring Operating System Settings Configuring and Troubleshooting.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
Samba version What is the Samba? Samba is a suite of programs which work together to allow clients to access to a server's filespace and printers.
FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
Installing Oracle9i RAC Release 2 on HP OpenVMS Systems.
1 Chapter Overview Creating Drive and Folder Shares Using Distributed File System Installing Network Printers Administering Network Printers Managing Share.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.
Windows-Linux Interconnection Campus-Booster ID : **XXXXX Copyright © SUPINFO. All rights reserved Samba.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.
FTP COMMANDS OBJECTIVES. General overview. Introduction to FTP server. Types of FTP users. FTP commands examples. FTP commands in action (example of use).
Active-HDL Server Farm Course 11. All materials updated on: September 30, 2004 Outline 1.Introduction 2.Advantages 3.Requirements 4.Installation 5.Architecture.
CACI Proprietary Information | Date 1 PD² SR13 Client Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead Date: December 8, 2011.
CACI Proprietary Information | Date 1 PD² v4.2 Increment 2 SR13 and FPDS Engine v3.5 Database Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead.
19 Copyright © 2008, Oracle. All rights reserved. Security.
LINUX - SAMBA
Network Administration Module 09
LINUX ADMINISTRATION 1
Active Directory Administration
HP OpenVMS Common Internet File System CIFS v1.1 Training Seminar
Samba.
Chapter 9: Managing Groups, Folders, Files, and Object Security
Presentation transcript:

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP OpenVMS Common Internet File System CIFS v1.1 Training Seminar OpenVMS Technical Update Days, September 2008 Hans Hosang – HP services HP Restricted

2 [26-sept-2008] – HP OpenVMS Technical Update Days Training Overview Introductions Installation & Configuration Management Troubleshooting Migrating Advanced Server to CIFS

Introductions

4 [26-sept-2008] – HP OpenVMS Technical Update Days What is CIFS for OpenVMS? CIFS for OpenVMS V1.1 is a port of the Samba for Linux v3.0.28a code base. Samba is an Open Source/Free Software suite that provides file and print services to SMB/CIFS (primarily Microsoft Windows) clients. Samba is freely available under the GNU General Public License.

5 [26-sept-2008] – HP OpenVMS Technical Update Days Features Security –User authorization –Group support –POSIX ACL support for files and directories Windows client support –Windows 2000, Windows XP, Windows Server 2003 and Windows Vista Interoperability –Active Directory domains –NT4 domains ODS-2 and ODS-5 volume support Support for most RMS file formats

6 [26-sept-2008] – HP OpenVMS Technical Update Days Limitations Cannot be a Backup Domain Controller Relies on OpenVMS auditing for auditing DENY permission is not supported Cannot be a WINS server (WINS client supported) No Kerberos support (no support for ADS security mode) Does not provide External Authentication (use OpenVMS ACME LDAP Agent)

Installation & Configuration

8 [26-sept-2008] – HP OpenVMS Technical Update Days Installation & Configuration Objectives Describe where to find resources. Describe pre-installation considerations. Describe the post-installation steps.

9 [26-sept-2008] – HP OpenVMS Technical Update Days HP OpenVMS CIFS Kits HP OpenVMS CIFS v1.1 was ported using the Samba V3.0.28a code Kit Location Kit Names HP-I64VMS-SAMBA-V PCSI_SFX_I64EXE HP-AXPVMS-SAMBA-V PCSI_SFX_AXPEXE Run the downloaded file to create the PCSI kit files

10 [26-sept-2008] – HP OpenVMS Technical Update Days CIFS Patches Obtain important fixes Download the latest set of patches for CIFS v1.1 $ ftp hprc.external.hp.com Username: pathwork Password: support Sub-dir per product (ASV, ASU, CIFS, PW32) See the release notes (included) for installation instructions

11 [26-sept-2008] – HP OpenVMS Technical Update Days Software Requirements Currently qualified on –OpenVMS I64 Version 8.2-1, 8.3 and 8.3-1H1 –OpenVMS Alpha Version 8.2 and 8.3. TCP/IP –HP TCP/IP Services for OpenVMS –Process Software Multinet for OpenVMS –Process Software TCPware for OpenVMS C Run-Time Library (CRTL) ECO – pageOsid=openvms

12 [26-sept-2008] – HP OpenVMS Technical Update Days OpenVMS Cluster Considerations Each cluster node may be a distinct entity (separate configuration) or multiple nodes may share an identity (common configuration) with other cluster nodes Restrictions for unique identity configurations –Should not share the same installation directory –Should not allow access to the same share through multiple cluster members Restrictions for common identity configurations –OpenVMS v8.3 and later –Must share a common installation directory, SYSUAF and RIGHTLIST

13 [26-sept-2008] – HP OpenVMS Technical Update Days Privileges Required Before you install HP OpenVMS CIFS software, log in to the SYSTEM (or other privileged) account Minimum Privileges Required: CMKRNL, DIAGNOSE, IMPERSONATE, NETMBX, OPER, SYSGBL, SYSLCK, SYSNAM, SYSPRV, TMPMBX, VOLPRO, WORLD Impersonate is new compared to Advanced Server.

14 [26-sept-2008] – HP OpenVMS Technical Update Days Installation Procedure Run the command $ PRODUCT INSTALL SAMBA [/DESTINATION= ] = device and directory name, like: /DESTINATION = DISK$APP1:[000000] No reboot necessary Install latest CIFS patches

15 [26-sept-2008] – HP OpenVMS Technical Update Days CIFS Directories DirectoryDescription SYS$STARTUP:Startup and shutdown procedures SAMBA$ROOT:Main tree; Rooted logical name SAMBA$ROOT:[BIN]Binaries, command procedures SAMBA$ROOT:[LIB]SMB.CONF, lmhosts, config files, etc. SAMBA$ROOT:[PRIVATE]Encrypted password and secrets files SAMBA$ROOT:[TMP]User directories SAMBA$ROOT:[VAR]Log files SAMBA$ROOT:[VAR.LOCKS ] TDB files SAMBA$ROOT:[SWAT]Place holder for SWAT related files. SAMBA$ROOT:[UTILS]Swat and Migration backup savesets

16 [26-sept-2008] – HP OpenVMS Technical Update Days Questions

Management and Controlling access to Resources

18 [26-sept-2008] – HP OpenVMS Technical Update Days Agenda Managing File shares and VFS modules User/Group management (including winbind, username mapping) Controlling Access (permissions/protections/ACL's and inheritance) Tools and Utilities to Manage the CIFS server

19 [26-sept-2008] – HP OpenVMS Technical Update Days Managing File/Dir shares

20 [26-sept-2008] – HP OpenVMS Technical Update Days Managing File/Dir share - Adding share Edit the SAMBA$ROOT:[LIB]SMB.CONF file and add the share as a section with appropriate parameters. Example: To create the share “test” with path DKA100:[TEST] add the following lines in SMB.CONF file. [test] comment = my directory test folder path = /dka100/test read only = No valid users = user1, user2 inherit permissions = yes inherit acls = yes

21 [26-sept-2008] – HP OpenVMS Technical Update Days Managing File/Dir share - VFS VMS specific features provided by VFS objects: - Variable Record Formatted files (VARVFC) - StreamLF - VTF VFS objects are specified as share level parameters using: vfs objects = varvfc Automatically selects ODS2 and VMS Path Names parameters

22 [26-sept-2008] – HP OpenVMS Technical Update Days Managing File/Dir share - International Char support The European characters are supported in ISO For configuring to support ISO characters specify the below parameter [global] unix charset = ISO For Japanese or Chinese character set support specify the below: [global] dos charset = unix charset = UTF-8 vfs objects = vtf Specify the Windows codepage in For Windows codepage for English is "cp850" For Windows codepage for Japanese is "SJIS" or "CP932"

23 [26-sept-2008] – HP OpenVMS Technical Update Days Managing Users and Groups

24 [26-sept-2008] – HP OpenVMS Technical Update Days Users and Groups Windows users must have a corresponding host user. Groups are implemented using resource identifiers. Domain users and groups are automatically mapped to host usernames and resource identifies using winbind NOTE: Winbind does not create host user or group identifier if explicit mapping exists.

25 [26-sept-2008] – HP OpenVMS Technical Update Days Winbind Why is it needed? - Automatic mapping of users and groups. - Winbind is used for all queries to SAM (WNT) or Windows Active Directory (ADS). - Used for nested group support. - Trust functionality. If the above functionality is not required we recommend to disable the winbind. By default winbind is enabled. To disable Winbind on CIFS, define the following logical: $ DEFINE/SYSTEM WINBINDD_DONT_ENV 1 It is also disabled if smb.conf does not contain the "idmap uid" and "idmap gid" parameters

26 [26-sept-2008] – HP OpenVMS Technical Update Days Winbind Windbind functionality is integrated with SMBD process. Hence, no separate winbind process is created. SMB.CONF file must have the parameters: idmap uid = idmap gid = Winbind mapping is stored in samba$root:[var.locks]winbindd_idmap.tdb

27 [26-sept-2008] – HP OpenVMS Technical Update Days Winbind – User and Group mapping To view the already mapped host users and resource identifiers, execute: 1 - Convert all CIFS$XXXX VMS usernames to CIFS usernames 2 - Convert all CIFS$GRPXXXX VMS resource identifiers to CIFS groupnames 3 - Convert a CIFS$XXXX name to CIFS username 4 - Convert a CIFS$GRPXXXX name to CIFS groupname [E] – Exit Enter your option: 1 Hostname UID CIFSnames CIFS$7D UTOPWAS\bakker CIFS$7D UTOPWAS\hanstest2 CIFS$7D UTOPWAS\Administrator

28 [26-sept-2008] – HP OpenVMS Technical Update Days Username Mapping (1 of 2) Similar to host mapping in Advanced Server, which allows you to map domain usernames to host names. Specified using the following parameter in the smb.conf file under [global] section: username map = samba$root:[lib]username.map NOTE: CIFS supplies the template file samba$root:[lib]username.map. If you create your own username map file, make sure it is STREAM_LF format. In the map file “#” or “;” is used to indicate the comment line The entries includes a single on the left of "=" and a list of usernames on the right. system=GANGES\administrator

29 [26-sept-2008] – HP OpenVMS Technical Update Days Username Mapping (2 of 2) Allows you to map Windows usernames that have spaces in them by using double quotes around the name. Ganga=“Himalaya River“ Allows you to map multiple users to a single hostname asvuser=GANGES\narmada GANGES\kaveri Allows you to map all the users to a single hostuser samba$guest=* Note: this line overrules all others unless you FIRST do: “!” stops the search if mapping entry is found !cifsuser=GANGES\Tunga

30 [26-sept-2008] – HP OpenVMS Technical Update Days Managing Security in CIFS

31 [26-sept-2008] – HP OpenVMS Technical Update Days Security — Setting ACL There are 2 ways to set ACLs on shares/folders/files. I.From Windows system which is a member of the domain 1.Make sure you connect to the CIFS share using a privileged user. 2.Go to Properties -> Security tab and Click the “Add” button. 3.In the “Select User, Computers and Groups” dialog box, enter the appropriate user or group (domain or local) and click “Check Names”. 4.If name is recognized, click the OK or Apply button. 5.Verify the ACL setting appropriately by executing the VMS command $Dir/sec 6.You would see the appropriate ACEs that have been added with the host usernames or with the Identifiers. 7.Use the SAMBA$UAF_TO_CIFSNAME.COM procedure to get the user and group mappings as explained previously.

32 [26-sept-2008] – HP OpenVMS Technical Update Days Security — Setting ACL II. Setting permissions using $ SET SECURITY DCL command: 1. Login to VMS system using a sufficiently privileged VMS account, say “SYSTEM” 2. For setting ACLs based on the “users”, find out the identifier of an user as below: - For "local" user, use the VMS username. - For "Domain" user execute the script and choose the option 1 The hostname column gives the identifier to use for each domain user. You may also have to take a look at the file samba$root:[lib]username.map. 3. For setting ACL's based on the groups, find out the resource identifier of the group as below: - For "Domain" group execute the above script and choose the option 2 The hostname displayed for each domain group is the resource identifier for that domain group. - For "local" group execute the following command: $ net groupmap list The name that maps to the corresponding local group is the resource identifier. Winbind groups will have a resource identifier of the format CIFS$GRP Winbind users will have a resource identifier of the format CIFS$

33 [26-sept-2008] – HP OpenVMS Technical Update Days Security — Setting ACL 4. Execute the following command to add an ACL to the file/share/folder. For example, if you want to grant “read” and “execute”, permissions, you can execute: $ set security/acl=(identifier= - access=read+execute) 5. To remove the ACL execute the following command: $ set security/acl=(identifier= )/delete - 4/5. It could be much easier to use the ACL editor in VMS $ edit/acl

34 [26-sept-2008] – HP OpenVMS Technical Update Days Security — ACLs Example After setting the ACL for user and group (From Windows) the “Access control List” is as below: $ dir/sec test123.dir Directory DKA0:[ARAVINDA.SAMBA.TEMP.TEST] test123.DIR;1 [TELNETS,TEST1] (RWED,RWED,,) (IDENTIFIER=CIFS$MASK,ACCESS=READ+WRITE+EXECUTE+DELETE) (IDENTIFIER=CIFS$GRP1389,ACCESS=READ+EXECUTE) (IDENTIFIER=[CIFS$2710],ACCESS=READ+WRITE+EXECUTE) Where CIFS$GRP1389 was mapped to “Domain Users” and CIFS$2710 has been mapped to one of the users in the domain. CIFS$MASK acts as a permission mask for all ACL's that specifically mention a user or group. NOTE : - If you need OPTIONS=DEFAULT and DEFAULT_PROTECTION support in ACL's, you need explicitly set the “inherit acls = yes” for the share.

35 [26-sept-2008] – HP OpenVMS Technical Update Days Questions

Troubleshooting

37 [26-sept-2008] – HP OpenVMS Technical Update Days Overview Testparm utility Performance Issues TDB File Information Debug Logging Samba$define_commands References

38 [26-sept-2008] – HP OpenVMS Technical Update Days TESTPARM Utility Always use TESTPARM after modifying SMB.CONF Reports obvious mistakes in the SMB.CONF file Displays server role (based on SMB.CONF parameters) Lists non-default parameter settings and share stanzas For usage information, enter $ testparm -? (not –h)

39 [26-sept-2008] – HP OpenVMS Technical Update Days TESTPARM Utility (continued) $ TESTPARM Load smb config files from /SAMBA$ROOT/LIB/SMB.CONF Processing section "[homes]" Processing section "[test]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = UTOPWAS server string = Samba %v running on %h (OpenVMS) security = DOMAIN log file = /samba$root/var/log_%h.%m domain logons = No domain master = No idmap uid = idmap gid = include = samba$root:[lib]smb.conf_%h [homes] comment = Home Directories read only = No [test] comment = Test Directory path = dka0/test read only = No

40 [26-sept-2008] – HP OpenVMS Technical Update Days Performance Issues To improve CIFS performance: Install the latest CIFS version and patches Do not put the samba$root: directory tree on the System disk Disable volume highwater marking to improve writes Use ODS-5 volumes (for variable length files) Use a disk cluster size that is a multiple of 16 [Global] parameters to improve performance: mangled names = no(Don’t calculate 8.3 file names) host msdfs = no(Disable MS DFS support) Log level = 0(Minimize debug logging) case sensitive = yes(Don’t translate filenames) change notify = no(Don’t watch for directory changes)

41 [26-sept-2008] – HP OpenVMS Technical Update Days Debug Logging Samba logging features can prove extremely useful The amount of debug information output is set using “log level” in values between (10 = most verbose) The log level may be set in 3 ways: –Using the "log level" global parameter in smb.conf –Using the -d option on the command line (precedence) –Using the SMBCONTROL utility ($ smbcontrol debug 5) CIFS utilities output debug information to the standard output device –E.g. $ net rpc testjoin –d5

42 [26-sept-2008] – HP OpenVMS Technical Update Days Debug Logging (continued) SMBD debug log file Name and location set by SMB.CONF global parameter “log file” Default setting creates separate log for each client log file = /samba$root/var/log_%h.%m %h = hostname of the server %m = NetBIOS name of client Use the include statement for workstation specific debugging –Include = samba$root:[lib]smb.conf-%m –This smb.conf- should have: log level = 1 to 10 New version of log file is NOT created if one exists

43 [26-sept-2008] – HP OpenVMS Technical Update Days Samba$define_commands NMBLOOKUP – Test NetBIOS name resolution NET CACHE LIST – Display NetBIOS name cache NET CACHE FLUSH – Clear NetBIOS name cache SMBVER – Display image versions SMBSHOW – Display CIFS processes SMBCLIENT – Access SMB/CIFS resources SMBSTATUS – Display CIFS status information SMBCONTROL – Send signals to nmbd and smbd processes –$ smbcontrol debug NET RPC TESTJOIN – Verify domain membership TDBBACKUP – Make backup copies of.TDB file

44 [26-sept-2008] – HP OpenVMS Technical Update Days References HP OpenVMS CIFS Home Page Samba Home Page

45 [26-sept-2008] – HP OpenVMS Technical Update Days Questions

Migrating From Advanced Server to CIFS

47 [26-sept-2008] – HP OpenVMS Technical Update Days What Needs to be Migrated? SAM database accounts Host mappings File and Print shares and their security Files and Folders and their security Print queues, print forms, print drivers and queue logicals

48 [26-sept-2008] – HP OpenVMS Technical Update Days What will not be migrated? Share and File Audit policies Registry parameters like Alerternames WINS address Number of clients configured on AS In case of MS: (in user accounts) –Workstation restriction details –Some of the logon flags viz. logon script, account policy etc. –Account passwords

49 [26-sept-2008] – HP OpenVMS Technical Update Days Migration Tidbits Most of the migration steps are the same whether you migrate on the same node or to a different node. Differences are mentioned wherever applicable Acronyms used: –AS:Advanced Server for OpenVMS –CIFS:HP OpenVMS CIFS –SAM:Security Accounts Manager –PDC:Primary Domain Controller –BDC:Backup Domain Controller –MS:Member Server –AD:Active Directory domain

50 [26-sept-2008] – HP OpenVMS Technical Update Days Prerequisites HP Advanced Server V7.3B for OpenVMS is installed on A.S. system Use latest patch set on Advanced Server system. Migration can be done only if the Advanced Server and CIFS have been configured as Member Server and in the same domain. Migration across different AS and CIFS configurations is not supported Copy SAMBA$ROOT:[UTILS]ASV_MIGRATION.BCK file provided with the CIFS kit to the Advanced Server system.

51 [26-sept-2008] – HP OpenVMS Technical Update Days Generating reports on A.S. (1 of 2) Verify that the Advanced Server is running and configured as Member Server. Restore ASV_MIGRATION.BCK to any work directory; for example $ backup asv_migration.bck/save disk$data1:[asv_migration] NOTE: samba$root:[utils]asv_migration.bck is supplied as part of CIFS. Install migration files; for example: $ SET DEF DISK$DATA1:[ASV_MIGRATION] $ COPY PWRK$MIGRATION.EXE;1 SYS$COMMON:[SYSEXE] $ COPY GET_DRIVER_INFO.EXE SYS$COMMON:[SYSEXE] $ COPY GET_QUEU_INFO.EXE SYS$COMMON:[SYSEXE]

52 [26-sept-2008] – HP OpenVMS Technical Update Days Generating reports on A.S. (2 of 2) On AS node which is configured as MS: Verify that you have a user account in the local MS database and in the domain. The user accounts must be locally privileged (i.e., member of the local Administrators group) Prepare the migration steps: –$ set command PWRK$COMMANDS.CLD (this is omitted from the documentation) Execute the migration procedure:

53 [26-sept-2008] – HP OpenVMS Technical Update Days Main Menu Advanced Server for OpenVMS to HP OpenVMS CIFS migration utility Welcome to Advanced Server to CIFS migration utility This migration utility generates reports required as input for migrating Advanced Server data to CIFS. Main Menu Advanced Server to CIFS Migration utility comprises the options: 1 - Display reports to be generated 2 - Generate Individual reports 3 - Generate all reports 4 - Display reports 5 - Edit File and Print share report 6 - Backup reports [E] - Exit Enter your option:

54 [26-sept-2008] – HP OpenVMS Technical Update Days Cleanup of files Once all the reports are generated on AS, make sure you backup all the reports using option 6 Then delete the files: PWRK$MIGRATION.EXE, GET_DRIVER_INFO.EXE and GET_QUEU_INFO.EXE in SYS$COMMON:[SYSEXE]

55 [26-sept-2008] – HP OpenVMS Technical Update Days Transfer reports to CIFS node Verify AS2CIFS_MIGRATION_REPORTS.BCK is present in DISK$DATA1 :[ASV_MIGRATION] If not, execute pwrk$cifs_migration.com again and backup reports through option 6. Copy AS2CIFS_MIGRATION_REPORTS.BCK and PRINTER_DRIVERS.BCK to CIFS node. On CIFS node, restore files present in the backup saveset AS2CIFS_MIGRATION_REPORTS.BCK to the directory SAMBA$ROOT:[BIN]

56 [26-sept-2008] – HP OpenVMS Technical Update Days Migration Steps on CIFS SAM database migration Hostmapping migration File migration File and Print share related migration Share Security migration File Security migration

57 [26-sept-2008] – HP OpenVMS Technical Update Days SAM database migration — MS (1 of 4) Log in to OpenVMS (with a privileged account) Verify CIFS is a MS $ TESTPARM... Server role: ROLE_DOMAIN_MEMBER Verify CIFS is in the same domain as AS: $ pipe testparm -sv | search sys$pipe workgroup

58 [26-sept-2008] – HP OpenVMS Technical Update Days SAM database migration — MS (2 of 4) Create a local CIFS account, assuming the same username that you used while creating the reports. SAMBA$DEFINE_COMMANDS.COM $ PDBEDIT -A new password: Any1willd0 retype new password: Any1willd0 Edit SAMBA$ROOT:[LIB]SMB.CONF and add the following line in the [global] section: admin users =

59 [26-sept-2008] – HP OpenVMS Technical Update Days SAM database migration — MS (3 of 4) If migrating on the same node, shutdown AS pwstop) Start CIFS smbstart) Migrate users NOTE: Before running this command make sure the users can be created in the SYSUAF database. All the migrated accounts will have the password THISISCIFS The user administrator will give an error as the username is 13 characters long.

60 [26-sept-2008] – HP OpenVMS Technical Update Days SAM database migration — MS (3 of 4) Migrate groups When prompted, specify privileged username/password

61 [26-sept-2008] – HP OpenVMS Technical Update Days Hostmapping migration This migration should be performed only after successful SAM migration and it is assumed that A.S. users are migrated as part of SAM migration. Edit SAMBA$ROOT:[LIB]SMB.CONF and in the [global] section set, add username map = /samba$root/lib/username.map To Add the hostmappings execute the below command This procedure assumes that CIFS accounts and domain accounts already exist. It does not verify the validity of the accounts. This migration adds VMS user account in SYSUAF database if it is not already present. The created user accounts - Do not have the EXTAUTH flag set - Non-interactive user - NETMBX and TMPMBX privileges NOTE: system management should verify the accounts that were created

62 [26-sept-2008] – HP OpenVMS Technical Update Days File Migration It is the system administrator’s responsibility to transfer files and directories from Advanced Server to CIFS node Make sure the directory structure remains same on CIFS node just as it existed on Advanced Server node If the device names and logical names pointing to the share path differ on CIFS node, edit the File and print share report and update the device and logical name information This step can be skipped if it is a same node migration

63 [26-sept-2008] – HP OpenVMS Technical Update Days File and print share migration Before this procedure ensure successful migration of SAM database and hostmapping. It is most likely required to make changes to the share report $ EDIT SAMBA$ROOT:[BIN]ASV_SHARE_INFO.COM Be it only to remove the shares pointing to pwrk$root:… (users,netlogon,,,) Also insert “$ set noon” on the first line Perform the migration. Restore the printer driver files from the backup saveset PRINTER_DRIVERS.BCK to the directory path pointed by the share, PRINT$

64 [26-sept-2008] – HP OpenVMS Technical Update Days Share security migration Make sure a privileged account exists on the Advanced server “local” database, which is configured as MS. Execute the below command for share security migration: $ NET RPC SHARE MIGRATE SECURITY "-S" "-U %password” Supply privileged account for NOTE1: Advanced Server must be running for this migrate command to work. NOTE2: If you have edited ASV_SHARE_INFO.COM and removed shares, this command will fail. This step cannot be executed for a same-node migration Note: This will be addressed in a future release

65 [26-sept-2008] – HP OpenVMS Technical Update Days File Security Migration Before this procedure ensure all the below are migrated to where CIFS is running: - Users and Groups - Advanced Server files - Advanced Server file and print shares Shutdown A.S. and start CIFS if it’s a same node migration Execute the command: NOTE: There can be hundreds of these procedures that needs to be run.

66 [26-sept-2008] – HP OpenVMS Technical Update Days Questions

67 [26-sept-2008] – HP OpenVMS Technical Update Days Thanks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.