Table of ContentsView in Frames

How group mapping supports multiprotocol access to Infinite Volumes

Group mapping improves the accuracy of permissions that appear when NFSv4.1 clients display the ACL of a file or directory that has NTFS file permissions. If an Infinite Volume supports both NFSv4.1 ACLs and SMB, you should configure group mapping, which is similar to user mapping.

Why group mapping is necessary

Groups are often used in ACLs to simplify security management. However, groups in multiple Windows domains cannot be easily translated to the groups of a single NFSv4.1 domain.

Mapping groups from Windows to UNIX ensures that group names appear when NFSv4.1 ACLs are displayed on NFSv4.1 clients.

If a Windows group is not mapped to a UNIX group and a default UNIX group is not configured, the Windows group is displayed to an NFSv4.1 client as nobody (specifically nobody@v4-id-domain).

What group mapping is required

If an Infinite Volume supports both SMB and NFSv4.1 ACLs, you should perform the following configurations:

Comparison of user and group mapping

Group mapping and user mapping share the following similarities:

Group mapping is unique in the following ways: