Table of ContentsView in Frames

Mapping UNIX and Windows user names

If your site has both Windows and UNIX user accounts, you should use name mapping to ensure that Windows users can access files with UNIX file permissions and to ensure that UNIX users can access files with NTFS file permissions. Name mapping can involve conversion rules and default users.

About this task

Steps

  1. Navigate to the Vserver:
    1. From the home page, double-click the appropriate storage system.
    2. Expand the Vservers hierarchy in the left navigation pane.
    3. In the navigation pane, select the Vserver.
  2. If you want to control or track access at an individual level, create name-mapping conversion rules that convert UNIX user accounts to Windows user accounts, and vice versa:
    1. Select Configuration > Local Users and Groups > Name Mapping .
    2. Click Add, retain the default Windows to UNIX direction, and then create a mapping that produces a UNIX credential when a Windows user tries to access a file that uses UNIX file permissions.
      Mappings use regular expressions to convert one user name to another. For information about name mapping conversion rules, see the OnCommand System Manager Help.
    3. Click Add, select UNIX to Windows direction, and then create the corresponding mapping that produces a Windows credential when a UNIX user tries to access a file that has NTFS file permissions.
    4. Repeat steps 2b and 2c to map all of the domains and names on the selected Vserver.
      The position of each rule determines the order in which the rules are applied.
    Example
    The following example converts any Windows user in the ENG domain to a UNIX user with the same name, and vice versa.

  3. Define a default Windows user that is used as the Windows credential when a UNIX user accesses a file with NTFS file permissions and neither implicit name mapping nor name-mapping conversion rules map the user to a specific Windows user:
    1. If you use a name service, use the name service to create a Windows user account for unmapped UNIX users.
    2. If you use Windows users that are local to the Vserver, select Configuration > Local Users and Groups > Windows and create a user account for unmapped UNIX users.
    3. Set the default Windows user by selecting Configuration > Protocols > NFS > Edit, and entering the user name that you created for unmapped UNIX users.
    Example
    You can create a local Windows user named "unixusers" and set it as the default Windows user.
  4. Define a default UNIX user that is used as the UNIX credential when a Windows user accesses a file with UNIX file permissions and neither implicit name mapping nor name-mapping conversion rules map the user to a specific UNIX user:
    1. If you use a name service, use the name service to create a UNIX user account for unmapped Windows users.
    2. If you use UNIX users that are local to the Vserver, select Configuration > Local Users and Groups > UNIX and then create a user account for unmapped Windows users.
    3. Set the default UNIX user by selecting Configuration > Protocols > CIFS > Options and entering the user name that you created for unmapped Windows users.
    Alternatively, you can use the default value for the default UNIX user, which is the "pcuser" user.
    Example
    You can create a local UNIX user named "winusers" and set it as the default UNIX user.

After you finish