Support
Request a quote
Call AssistanceSoftware Related Questions
It is possible under Console Tools (ALT+CTRL+N) by selecting desired NIC, editing DHCP and checking box DNS.
This is known problem of MAC OSX from version 10.4.
Here are several steps which might help:
- Please delete keychain (place where the system stores logins and passwords),
- Login through terminal ( smbclient //address_ip/share -U username -d4 ; the -d4 parameter will allow you to watch the connection),
- Please create file /etc/nsmb.conf containing:
[default] minauth=none - tail console.log will help observing the problem
In our software we are using UTF-8 Code Page, so there shouldn't be any problems with
Asian languages like Japanese or Chinese.
The software is preinstalled and preconfigured. So no user software installation is needed, and our intention was to limit user influence on base system, but with allowing him to change its behavior.
Implementation of additional security may be done on any external server.
Implementation of additional security may be done on any external server.
To have NFS with support of ACL on Linux system you need to have an Kernel compiled with support for nfs v3 with acl.
Probably you have only compiled acl support for local file systems (like ext2, ext3) and you need to have acl for nfs.
There is a document describing in details the way how ACL works: http://www.suse.de/~agruen/acl/linux-acls/online/ (search on the page phrase: "nfs and acls").
If your kernel doesn't have an 'acl for nfs' option you will need to download a patch and recompile the kernel. (it is available at: http://acl.bestbits.at/download.html#Kernel ) NOTE: Please make sure that on every system using acl all users exist and they have same UIDs.
Probably you have only compiled acl support for local file systems (like ext2, ext3) and you need to have acl for nfs.
There is a document describing in details the way how ACL works: http://www.suse.de/~agruen/acl/linux-acls/online/ (search on the page phrase: "nfs and acls").
If your kernel doesn't have an 'acl for nfs' option you will need to download a patch and recompile the kernel. (it is available at: http://acl.bestbits.at/download.html#Kernel ) NOTE: Please make sure that on every system using acl all users exist and they have same UIDs.
To activate snapshots you must in order: * in target manager reserve some space for snapshots, * in function number of snapshots select at least 1, * in snapshot definition decide what percentage of space will this snapshot use, Schedule (if a client wants the snapshot to be done every day at 12:00, he needs to mark each day in schedule, and set time to 12:00), and finally in TGV choose target. If you would have any further technical trouble with snapshots please send us logs.
Currently, following browsers are supported:
In General – browsers based on HTML 4.01.
- MS Internet Explorer 5.0 and above, (IE 5.xx is already an obsolete version that Microsoft hardly supports; we strongly recommends upgrading to IE 6.0; For Windows 95 which does not support IE 6.0 we recommend installing a standalone modern browser like Mozilla Firefox or Opera;
- Mozilla Firefox 1.0 and above (recommended browser)
- Mozilla 1.7 and above
- Netscape 7.0 and above
(Netscape 4.xx is definitely not supported; this is obsolete web browser which does not support many of the key features of our dynamic GUI interface) - Opera 8.0 and above • Konqueror - There are known issues and problems with this browser
- Mac OS X Safari Browser is based on Konqueror's KHTML Engine (not Gecko) – not tested
- MAC OS X Camino (mozilla project) version 0.8 and above.
In General – browsers based on HTML 4.01.
Once space for snapshot is reserved and snapshot is created you can access it in the same way as every other share created in the NAS.
Every snapshot has automatically assigned following share name: snap001, snap002, ... You can access directly from the Explorer typing
: \\NAS_server_name\snap002
\\NAS_server_name\snap003
....
or using IP address of your server.
\\192.168.0.220\snap002
\\192.168.0.220\snap003
...
In case you want to map network drive to a NAS share, please use following syntax:
\\NAS_server_name\snap002
You can find your NAS server and all shares in the network neighborhood
Every snapshot has automatically assigned following share name: snap001, snap002, ... You can access directly from the Explorer typing
: \\NAS_server_name\snap002
\\NAS_server_name\snap003
....
or using IP address of your server.
\\192.168.0.220\snap002
\\192.168.0.220\snap003
...
In case you want to map network drive to a NAS share, please use following syntax:
\\NAS_server_name\snap002
You can find your NAS server and all shares in the network neighborhood
In order to get the list, the share you are trying to manage has to be mapped to drive letter on w2k - use 'map network disk...'. Additionally you must use 'connect using different user name' feature.
Please enter your valid NAS user account data:
Windows will prompt you for user and password before it will display the user list. Please provide the same settings as above.
Please enter your valid NAS user account data:
- user with NAS name or IP e.g. 192.168.0.2\user or mynas\user
- password now you can access the share using drive letter and enter your ACL settings.
Windows will prompt you for user and password before it will display the user list. Please provide the same settings as above.
Inside netatalk share points you will find several files and directories which are created automatically by the afpd process only for its own internal use or for the internal use of the Mac OS.
These files are:
These files are:
- AppleDouble This directory exists inside each folder on a Netatalk share. It contains meta information like creator/type and eventually the resource fork of each file in that folder
- AppleDouble / Parent This file specifically contains meta information about the directory.
- AppleDesktop This directory exists under the top level of each share point. It contains the "desktop database" which is the method by which the MacOS associates a type/creator code with a particular application
- AppleDesktop / volinfo This file contains afpd internal volume specific information like / AppleDouble scheme CNID backend (including cnid_metad settings if applicable) dbpath and the like
- AppleDB This folder will exist eventually at the top level of each sharepoint driven by the cdb or dbd.
http//netatalk.sourceforge.net/2.0/... - Network Trash Folder Exists at the top level of each share point. This is the trash folder of the network clients. Volume Settings Folder This folder is created at the top level of each share point. It always appears to be empty Which files do Windows clients see Three of them are invisible: AppleDB, AppleDesktop, .AppleDouble. Andthree of them are read-only: Network Trash Folder, Temporary Items, The VolumeSettings Folder.
Please unmount the network drive on your MAC clients and remount them again. If this does not solve the problem, please contact our support and provide the log-file of your NAS-Server.
Please read following document, which describes how to set up access to files and directories on your NAS (ACL -Access Control Lis):
Deny access to Directory for (group) everyone
Allow full access for group "WORK" to this Directory
Set only read permissions to file for everyone
Changing owner for directory
Allow full access for user "BIG BOSS" to this Directory
Allow read access for group "COMPANY" to this directory
Make readily directory with full access for subdirectories for group ALL (using inheriting permissions)
With those settings users from group ALL can't remove "ROOT" folder and can't crate/remove any folder or file in this folder, but any file or folder will by created with inherited permissions that allows to create files and folders/change them and remove them. Example: File /ROOT/some_file.txt can by changed but can't by removed Directory /ROOT/directory can't by removed but users from group ALL can create folders and files in this directory
File /ROOT/directory/my_file.txt can by removed and changed by group ALL (if inherited permissions wasn't changed)
Inherited permissions
UNIX Rights in Windows:
Example use of ACL permission in a small company:
First create users and groups in Your Domain:
Connect to windows domain:
Create shares and set permission:
If you use SUPERUSER all files and directories will by created as local ROOT user.
*New directories with no inherited permissions haven't ACL permissions at start - they have only standard UNIX permissions 0777 (Windows2003 shows - in normal view on security window - that special permissions are enabled and full access in advanced view. Windows2000 don't show any permission in normal view - only in advanced). To enable ACL for this directory first select Full Access for everyone and click Apply, then do this same for your group and user. Directories created in this directory should have ACL permissions inherited from parent.
If permissions are inherited then ALLOW column is grey. To disable permission just use Deny column.
If you set ACL permissions always check that setting permissions for some group don't change permission for user or for everyone for some connections between those accounts. Windows 2003 handle much better with that as Windows 2000
***Kerberos is server for distributing security keys. Normally is also on the domain but it can by on some external server. In Windows 2003 this server is ignoring specify key type, and authorization work only with entering share be IP not be NAS name.
Deny access to Directory for (group) everyone
- Create new folder or select one of yours folders (you must by owner or superuser to set ACL permissions)*
- Go to "directory properties" (right mouse click->properties on directory)
- Select the tab "security"
- Choose the group "Everyone"
- Click Remove button - Group Everyone will not by removed but all permissions but group don't have permissions*
- Apply Now access to this directory is denied for everyone else than you. *In FusionStor Atomic ACL permissions have always minimum owner user, owner group and everyone group.
Allow full access for group "WORK" to this Directory
- Make sure that group WORK is created
- In security window click Add button
- Select group "WORK" (Advanced->Find Now will show you all users and groups) and click OK
- Enable Full Control in Allow column
- Apply
Set only read permissions to file for everyone
- Create new file (you must by owner or super user to set permissions)*
- Go to permission window
- Select everyone group
- Leave only permission for Read in Allow column
- Click "Apply" button
- Make the same for your group and your user now everyone (besides you and your group) have only Read permissions to this file.
Changing owner for directory
- On Fusionstor web interface go to resources->shares
- In set Superuser function select your user and restart connection (or wait about 15 minutes)
- Go to directory/file properties (right mouse click->properties on directory)
- Click "Advanced" button
- Select Owner tab
- Click "Other Users or Group" button and select user that will by new owner (Advanced->Find Now will show all users and groups). Click OK**
- Select User from list and click Apply and OK
- Click OK and reopen this window to refresh owner
Allow full access for user "BIG BOSS" to this Directory
- Make sure that "BIG BOSS" exists
- In security window click Add button
- Select user "BIG BOSS" (Advanced->Find Now will show you all users and groups) and click OK
- Enable Full Control in Allow column
- Apply
Allow read access for group "COMPANY" to this directory
- Make sure that group "COMPANY" exists
- In security window click Add button
- Select group "COMPANY" (Advanced->Find Now will show you all users and groups) and click OK
- Enable Read & Execute in Allow column
- Apply
Make readily directory with full access for subdirectories for group ALL (using inheriting permissions)
- Create folder "ROOT"
- Go to security window
- Remove Everyone and Your group
- Click Advanced button and then Add in Advanced window
- Select ALL group and click OK
- Change "Apply onto" to "This folder only"
- In permissions leave only "Traverse Folder / Execute File" and "List Folder / Read Data". Click OK
- Click once again Add button and add ALL group
- This time select "Apply onto" to "Subfolders and files only" (this will by the inherited permissions)
- Select Full Control and OK
- Apply for Save permissions
With those settings users from group ALL can't remove "ROOT" folder and can't crate/remove any folder or file in this folder, but any file or folder will by created with inherited permissions that allows to create files and folders/change them and remove them. Example: File /ROOT/some_file.txt can by changed but can't by removed Directory /ROOT/directory can't by removed but users from group ALL can create folders and files in this directory
File /ROOT/directory/my_file.txt can by removed and changed by group ALL (if inherited permissions wasn't changed)
Inherited permissions
If folder or directory have inherited permissions then this permissions will by seen in security windows as checked grey checkbox and in advanced windows you can see more details - like from exactly this permissions are inherited. In subfolders permissions that are inherited can by changed by subfolder owner.
UNIX Rights in Windows:
- Rights in folders: Rights - - x r - - - w - r - x r w - - w x r w x
- Traverse Folder / Execute File X X X X
- List Folder / Read Data X X X X
- Read Attributes X X X X X X
- Read Extended Attrributes X X X X
- Create Files / Write Data X X X X
- Create Folders / Append Data X X X X
- Write Attributes X X X X
- Write Extended Attributes X X X X
- Delete Subfolders and Files X
- Delete X
- Read Permissions X X X X X X X
- Change Permissions X
- Take Ownership X
Example use of ACL permission in a small company:
- The company has 10 users Name; Group; Position; Rights
- Chris; Firma; Director; All rights for everything
- Robert; Firma; Manager; All rights for everything besides Directors home directory
- Jennifer; Firma; Secretary; Read access to "DOCUMENTS" directory
- Clint; Firma; Entwickler; Main Developer; Read and write to "DEVELOPERS" directory
- read and write to "CHANGES" directory
- Brad; Firma; Entwickler; Entwickler Read in "DEVELOPERS" Read and write in "Changes"
- Johnny; Firma; Entwickler; Entwickler Read in "DEVELOPERS" Read and write in "Changes"
- Tom; Firma; Entwickler; Entwickler Read in "DEVELOPERS" Read and write in "Changes"
- John; Firma; Grafiker; Graphic Artist Read in "GRAPHICS" Read and write in "Changes"
- Ben; Firma; Grafiker; Graphic Artist Read in "GRAPHICS"Read and write in "Changes"
- Bill; Firma; Cleaner; Only access to his home directory
First create users and groups in Your Domain:
- Run Menu Start->Programs->Administrative Tools->Active Directory Users and Computers
- Click with right mouse button on your domain name and select New->User
- Enter all necessary fields to create user Chris.
- Create all users (back to point 2).
- Click with right mouse button on your domain name and select New->Group
- Create groups: Developers, Graphics, and Company.
- Add users to groups - click with right mouse button on group Developers. In Members tab click Add. Add users to groups (groups Company, Developers, Graphics) what they
Connect to windows domain:
- Go to Fusionstor NAS web interface Setup->NAS server setup
- Select ADS or PDC (deepens on your system - if you have NT4 Domain or Windows 2003 (with no Kerberos*** fix) then select PDC, else select ADS).
- Enter your domain name - in PDC this will by the short domain name (example. COMPANY) in ADS enter full domain name (example. COMPANY.COM.DE).
- Enter your domain/Kerberos server IP
- Enter name and password of an existing Administrator user account on your domain.
- Click Apply to join into domain.
Create shares and set permission:
- Create a share Company (FusionStor Atomic web interface->Resources->Shares).
- Set permissions for all or select only Company group.
- Go to share \\YOUR_NAS_SERVER_NAME\\Company
- Create folder "WORK", "HOME" and "FORALL".
- Set permissions of folder WORK - right mouse click->properties->security.
- Deny access for everyone (point I), change owner to Chris user (point IV) with full access and add Robert with full access.
- In folder WORK create folder DEVELOPER, GRAPHIC, DOCUMENTS and CHANGES.
- Change owner of DEVELOPER directory to Clint (with full rights). Add group Developers with read access.
- Add group Graphics with full access to directory GRAPHIC.
- Change owner of CHANGES directory to Clint (with full rights). Add group Graphics and Developers with full rights.
- Add secretary to DOCUMENTS directory with read access.
- In home directory create for each user own private directory, change user (make that owner and directory name are the same). Remove access for Company group (point I).
- Add group Company with full access to directory "FORALL". ** This function is available on Windows 2003; in other Windows You can select only your user.
If you use SUPERUSER all files and directories will by created as local ROOT user.
*New directories with no inherited permissions haven't ACL permissions at start - they have only standard UNIX permissions 0777 (Windows2003 shows - in normal view on security window - that special permissions are enabled and full access in advanced view. Windows2000 don't show any permission in normal view - only in advanced). To enable ACL for this directory first select Full Access for everyone and click Apply, then do this same for your group and user. Directories created in this directory should have ACL permissions inherited from parent.
If permissions are inherited then ALLOW column is grey. To disable permission just use Deny column.
If you set ACL permissions always check that setting permissions for some group don't change permission for user or for everyone for some connections between those accounts. Windows 2003 handle much better with that as Windows 2000
***Kerberos is server for distributing security keys. Normally is also on the domain but it can by on some external server. In Windows 2003 this server is ignoring specify key type, and authorization work only with entering share be IP not be NAS name.
Sometimes when the Hard Drives are in very bad condition and constantly failing file system is damaged. You need to start file system check
You can access your shares on FusionStor Atomic in following ways.
Access hints: SMB/CIFS/NFS: Windows Network Neighborhood (Windows Desktop) \\NAS_server_name\share_name (Windows Explorer) NAS_Server_Name (Windows Start-Search-Computer) Here is NFS mount command for shares shared with SMB/CIFS:
mount -t nfs IP_addr:/share/share_name /local_mount_point
NFS: Here is NFS mount command for separate space assigned to NFS only.
mount -t nfs IP_addr:/nfs /local_mount_point
FTP: user: anonymous; password: any; port:21 (FTP-client)
ftp://NAS_server_name (Internet Browser).
ftp://NAS_IP_addr (Internet Browser)
In case of no standard ftp port:
ftp://NAS_server_name:port (Internet Browser)
ftp://NAS_IP_addr:port (Internet Browser)
Access hints: SMB/CIFS/NFS: Windows Network Neighborhood (Windows Desktop) \\NAS_server_name\share_name (Windows Explorer) NAS_Server_Name (Windows Start-Search-Computer) Here is NFS mount command for shares shared with SMB/CIFS:
mount -t nfs IP_addr:/share/share_name /local_mount_point
NFS: Here is NFS mount command for separate space assigned to NFS only.
mount -t nfs IP_addr:/nfs /local_mount_point
FTP: user: anonymous; password: any; port:21 (FTP-client)
ftp://NAS_server_name (Internet Browser).
ftp://NAS_IP_addr (Internet Browser)
In case of no standard ftp port:
ftp://NAS_server_name:port (Internet Browser)
ftp://NAS_IP_addr:port (Internet Browser)
I am sorry, but 64 bit mode filesystem is not compatible with filesystem which was created in 32 bits mode and it crashes. It happens in both direction. In order to switch kernel first all the data must be backed up, disk reformated and data restored.
You must enter to Console Tools (ALT+CTRL+T) -> Boot Options -> Select system architecture and choose desired kernel.
Yes, the FusionStor Atomic, Cosmic and Infinit support Logical Volumes greater than 2TB and physical size of up to 16TB.
It is possible under Console Tools (ALT+CTRL+N) , selcting desired NIC and editing DHCP and checking box DHCP.
IPfrag Tuning - it is a packet fragmentation section. You can set a range of it in this option
Jumbo Frames Config also called MTU (Maximum Transmission Unit) - refers to the size (in bytes) of the largest packet that a given layer of a communications protocol can pass onwards.
NFS Daemon tuning - you can set how many NFS daemons you want to have run in the system. On some system NFS causes NFS timeouts and changing this value then helps. It also can improve NFS performance.
Read ahead disk tuning - with this option you can increase for better performance size of cache. In some cases it is required to decrees it for better compatibility.
iSCSI daemon option - in this option you can set values of iSCSI target:
1. MaxRecvDataSegmentLength - Sets the maximum data segment length that can be received. This value should be set to multiples of PAGE_SIZE. Currently the maximum supported value is 64* PAGE_SIZE, e.g. 262144 if PAGE_SIZE is 4kB. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 8192.
2. MaxBurstLength - Sets the maximum amount of either unsolicited or solicited data the initiator may send in a single burst. Any amount of data exceeding explicitly solicited by the target. This value should be set to multiples of PAGE_SIZE. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 262144.
3. MaxXmitDataSegmentLength - Sets the maximum data segment length that can be sent. This value actually used is the minimum of MaxXmitDataSegmentLength and the MaxRecvDataSegmentLength announced by the initiator. It should be set to multiples of PAGE_SIZE. Currently the maximum supported value is 64* PAGE_SIZE, e.g. 262144 if PAGE_SIZE is 4kB. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 8192.
4. DataDigest - If set to "CRC32C" and the initiator is configured accordingly, the integrity of an iSCSI PDU's data segment will be protected by a CRC32C checksum. The default is "None". Note that data digests are not supported during discovery sessions.
5. MaxOutstandingR2T - Controls the maximum number of data transfers the target may request at once, each of up to MaxBurstLength bytes. The default is 1.
6. InitialR2T - If set to "Yes" (default), the initiator has to wait for the target to solicit SCSI data before sending it. Setting it to "No" allows the initiator to send a burst of FirstBurstLength bytes unsolicited right after and/or (depending on the setting of ImmediateData together with the command. Thus setting it to "No" may improve performance.
7. ImmediateData - This allows the initiator to append unsolicited data to a command. To achieve better performance, this should be set to "Yes". The default is "No".
8. DataPDUInOrder - It tells initiator if data has to be sent in order. Defualt is "Yes", which is also recommended.
9. DataSequencerInOrder - It tells initiator if data has to be sent in order. Defualt is "Yes", which is also recommended.
10. HeaderDigest - If set to "CRC32C" and the initiator is configured accordingly, the integrity of an iSCSI PDU's header segments will be protected by a CRC32C checksum. The default is "None". Note that header digests are not supported during discovery sessions.
11. Wthreads - The iSCSI target employs several threads to perform the actual block I/O to the device. Depending on your hardware and your (expected) workload, the number of these threads may be carefully adjusted. The default value of 8 should be sufficient for most purposes.
Jumbo Frames Config also called MTU (Maximum Transmission Unit) - refers to the size (in bytes) of the largest packet that a given layer of a communications protocol can pass onwards.
NFS Daemon tuning - you can set how many NFS daemons you want to have run in the system. On some system NFS causes NFS timeouts and changing this value then helps. It also can improve NFS performance.
Read ahead disk tuning - with this option you can increase for better performance size of cache. In some cases it is required to decrees it for better compatibility.
iSCSI daemon option - in this option you can set values of iSCSI target:
1. MaxRecvDataSegmentLength - Sets the maximum data segment length that can be received. This value should be set to multiples of PAGE_SIZE. Currently the maximum supported value is 64* PAGE_SIZE, e.g. 262144 if PAGE_SIZE is 4kB. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 8192.
2. MaxBurstLength - Sets the maximum amount of either unsolicited or solicited data the initiator may send in a single burst. Any amount of data exceeding explicitly solicited by the target. This value should be set to multiples of PAGE_SIZE. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 262144.
3. MaxXmitDataSegmentLength - Sets the maximum data segment length that can be sent. This value actually used is the minimum of MaxXmitDataSegmentLength and the MaxRecvDataSegmentLength announced by the initiator. It should be set to multiples of PAGE_SIZE. Currently the maximum supported value is 64* PAGE_SIZE, e.g. 262144 if PAGE_SIZE is 4kB. Configuring too large values may lead to problems allocating sufficient memory, which in turn may lead to SCSI commands timing out at the initiator host. The default value is 8192.
4. DataDigest - If set to "CRC32C" and the initiator is configured accordingly, the integrity of an iSCSI PDU's data segment will be protected by a CRC32C checksum. The default is "None". Note that data digests are not supported during discovery sessions.
5. MaxOutstandingR2T - Controls the maximum number of data transfers the target may request at once, each of up to MaxBurstLength bytes. The default is 1.
6. InitialR2T - If set to "Yes" (default), the initiator has to wait for the target to solicit SCSI data before sending it. Setting it to "No" allows the initiator to send a burst of FirstBurstLength bytes unsolicited right after and/or (depending on the setting of ImmediateData together with the command. Thus setting it to "No" may improve performance.
7. ImmediateData - This allows the initiator to append unsolicited data to a command. To achieve better performance, this should be set to "Yes". The default is "No".
8. DataPDUInOrder - It tells initiator if data has to be sent in order. Defualt is "Yes", which is also recommended.
9. DataSequencerInOrder - It tells initiator if data has to be sent in order. Defualt is "Yes", which is also recommended.
10. HeaderDigest - If set to "CRC32C" and the initiator is configured accordingly, the integrity of an iSCSI PDU's header segments will be protected by a CRC32C checksum. The default is "None". Note that header digests are not supported during discovery sessions.
11. Wthreads - The iSCSI target employs several threads to perform the actual block I/O to the device. Depending on your hardware and your (expected) workload, the number of these threads may be carefully adjusted. The default value of 8 should be sufficient for most purposes.
