Enable NAS storage for both Windows and Linux using both NFS and SMB
Create or modify storage VMs to enable NFS and SMB servers to serve data to Linux and Windows clients.
Enable a new or existing storage VM to serve both NFS and SMB protocols using this procedure.
Ensure that you have noted the configuration details for any networking, authentication, or security services required in your environment.
-
Enable NFS and SMB on a storage VM.
-
For new storage VMs: click Storage > Storage VMs, click Add, enter a storage VM name, and in the SMB/CIFS, NFS, S3 tab, select Enable SMB/CIFS and Enable NFS.
-
Enter the following information:
-
Administrator name and password
-
Server name
-
Active directory domain
-
-
Confirm the Organizational Unit.
-
Confirm the DNS values.
-
Confirm the default language.
-
Add network interfaces.
-
Update storage VM administrator account information (optional).
-
For existing storage VMs: click Storage > Storage VMs, select a storage VM, and then click Settings. Complete the following sub-steps if NFS or SMB is not already enabled.
-
Click under NFS.
-
Click under SMB.
-
-
-
Open the export policy of the storage VM root volume:
-
Click Storage > Volumes, select the root volume of the storage VM (which by default is volume-name_root), and then click on the policy that is displayed under Export Policy.
-
Click Add to add a rule.
-
Client specification =
0.0.0.0/0
-
Access protocols = NFS
-
Access details = NFS Read-Only
-
-
-
Configure DNS for host-name resolution:
-
Click Storage > Storage VMs, select the storage VM, click Settings, and then click under DNS.
-
When DNS configuration is complete, switch to the DNS server and map the SMB server.
-
Create forward (A - Address record) and reverse (PTR - Pointer record) lookup entries to map the SMB server name to the IP address of the data network interface.
-
If you use NetBIOS aliases, create an alias canonical name (CNAME resource record) lookup entry to map each alias to the IP address of the SMB server's data network interface.
-
-
-
Configure name services as required:
-
Click Storage > Storage VMs, select the storage VM, click Settings, and then click for LDAP or NIS.
-
Include any changes in the name services switch file: click under Name Services Switch.
-
-
Configure authentication and encryption if required:
Configure TLS for NFS clientsNFS over TLS is available in ONTAP 9.15.1 as a public preview. As a preview offering, NFS over TLS is not supported for production workloads in ONTAP 9.15.1. Steps-
Refer to the requirements for NFS over TLS before you begin.
-
Click Storage > Storage VMs, select the storage VM, and then click Settings.
-
In the NFS tile, click NFS over TLS settings.
-
In the NFS over TLS settings area, select an NFS network interface for which you want to enable TLS.
-
Click the for that interface.
-
Click Enable.
-
In the Network interface TLS configuration dialog, include a certificate for use with TLS by selecting one of the following options:
-
Installed certificate: Choose a previously installed certificate from the drop-down list.
-
New certificate: Choose a common name for the certificate.
-
External CA-signed certificate: Follow the instructions to paste the contents of your certificate and private key into the boxes.
-
-
Click Save.
Configure KerberosSteps-
Click Storage > Storage VMs, select the storage VM, and then click Settings.
-
Click in the Kerberos tile and then click Add.
-
-
Map UNIX and Windows user names if required: click under Name Mapping and then click Add.
You should do this only if your site has Windows and UNIX user accounts that do not map implicitly, which is when the lowercase version of each Windows user name matches the UNIX user name. You can map user names using LDAP, NIS, or local users. If you have two sets of users that do not match, you should configure name mapping.