Removing an NFS audit client from the audit share

NFS audit clients are granted access to an audit share based on their IP address. You can remove an existing audit client by removing its IP address.

Before you begin

About this task

You cannot remove the last IP address permitted to access the audit share.

Steps

  1. From the service laptop, log in to the primary Admin Node:
    1. Enter the following command: ssh admin@primary_Admin_Node_IP
    2. Enter the password listed in the Passwords.txt file.
    3. Enter the following command to switch to root: su -
    4. Enter the password listed in the Passwords.txt file.
      When you are logged in as root, the prompt changes from $ to #.
  2. Start the NFS configuration utility: config_nfs.rb
    -----------------------------------------------------------------
    | Shares               | Clients              | Config          |
    -----------------------------------------------------------------
    | add-audit-share      | add-ip-to-share      | validate-config |
    | enable-disable-share | remove-ip-from-share | refresh-config  |
    |                      |                      | help            |
    |                      |                      | exit            |
    -----------------------------------------------------------------
  3. Remove the IP address from the audit share: remove-ip-from-share
    A numbered list of audit shares configured on the server is displayed. The audit share is listed as: /var/local/audit/export
  4. Enter the number corresponding to the audit share: audit_share_number
    A numbered list of IP addresses permitted to access the audit share is displayed.
  5. Enter the number corresponding to the IP address you want to remove.
    The audit share is updated, and access is no longer permitted from any audit client with this IP address.
  6. When prompted, press Enter.
    The NFS configuration utility is displayed.
  7. Close the NFS configuration utility: exit
  8. If your StorageGRID Webscale deployment is a multiple data center site deployment with additional Admin Nodes at the other sites, disable these audit shares as required:
    1. Remotely log in to each site’s Admin Node:
      1. Enter the following command: ssh admin@grid_node_IP
      2. Enter the password listed in the Passwords.txt file.
      3. Enter the following command to switch to root: su -
      4. Enter the password listed in the Passwords.txt file.
    2. Repeat steps 2 through 7 to configure the audit shares for each additional Admin Node.
    3. Close the remote secure shell login to the remote Admin Node: exit
  9. Log out of the command shell: exit