Figure 1-1 OES CIFS Access Changes in OES
Table 1-1 Summary of CIFS Access Changes
CIFS Access Component |
OES 11 SP2 and Earlier |
OES 2015 and Later |
---|---|---|
Users |
eDirectory users access NSS using their eDirectory credentials. |
eDirectory and Active Directory users can access NSS using their eDirectory and Active Directory credentials, respectively. |
Workstations |
Windows, Linux and Macintosh are supported. |
No changes in platform support. |
Authentication |
Only eDirectory is supported as an identity source. All file service access is controlled by eDirectory authentication through NMAS. |
Both eDirectory and Active Directory are supported as identity sources. For eDirectory users, NMAS authentication is still used. For Active Directory users, CIFS interacts with Active Directory and the Kerberos service is used to authenticate the Active Directory users. |
File Service |
CIFS is among the many file services offered, which also include AFP, NetStorage, NCP, and FTP. |
CIFS offers support for Active Directory users. Beginning with OES 2015 SP1, FTP offers support for Active directory users. No other file services are enabled for AD user access at this point. |
Authorization |
Authorization to access NSS is handled by CIFS working in cooperation with NSS. |
Authorization to access NSS through CIFS is handled by NSS alone. This increases both the efficiency and the reliability of the authorization process. |
Table 1-2 OES Service Changes
Service |
OES Changes and Information |
---|---|
OES CIFS |
You can grant AD users native CIFS access to NSS volumes with OES trustee model.
|
OES Cluster Services (NCS) |
Cluster resources can now join to AD domains. |
Distributed File Services (DFS) |
DFS is supported in NSS AD environment. |
Dynamic Storage Technology (DST) |
DST is supported in NSS AD environment. |
FTP Server |
FTP server is supported in NSS AD environment. |
Novell Identity Translator (NIT) |
NIT lets you ensure that eDirectory and AD users requiring NSS authorization have the required UIDs. It supports AD users in multi-forest environment. |
NSS (Storage Services) |
AD users can now access NSS through CIFS. |
Storage Management Services (SMS) |
SMS now supports backing up AD trustee information in NSS AD environment. |
NSS Auditing Client Logger (VLOG) |
Audit all file operations for AD users. VLOG is enhanced to filter based on user names and application names. |
Beginning with OES 2015 SP1, multi-forest support allows access to NSS resources from Active Directory users belonging to AD forests having bi-directional trust with OES joined forest or AD domains having bi-directional external trust with OES joined forest.
The following OES components supports multi-forest for AD users: NSS, CIFS, DFS, DST, Migration Tool, NIT, SMS, and VLOG.
Table 1-3 OES Utility Changes
Utility |
Changes and Information |
---|---|
NFARM |
Beginning with OES 2018, Active Directory and eDirectory users can perform salvage and purge operation on Mac. For more information, see NFARM Installer for Mac in the Storage Services File System (NSS) Administration Guide for Linux. |
nsscon |
Options are added to update the SEV interval for AD users. Also, provided options to force update the SEV interval for AD users and for a single AD user. For more information, see Security Equivalence Vector Update Commands in the Storage Services File System (NSS) Administration Guide for Linux. |