Saturday, 26 February 2011

PCNFS (Microsoft services for Unix) and Netapp howto

So you want to connect a Windows pc to a shared volume on a Netapp filer, but you either do not have the filer licensed for Cifs, or you want to make it more secure by using the ip to ip nature of nfs. This howto explains how to setup Microsoft services for Unix so that you can mount the volume via nfs (or in Microsoft speak pcnfs).

We will configure the Netapp filer first.

1. Make sure pcnfs is turned on. To do this open the web GUI on the Netapp and navigate to nfs, configure. Here you will find a number of settings, near the top you will find the one we are interested in: "PCNFS Enabled" - make sure this setting is set to "Yes" and apply the changes.

2. Set up the nfs export for the volume/qtree you wish the pc to access. This is done in the normal way for nfs exports through the web GUI, adding the ip address for the pc to either the read-only or read-write section depending on what permissions you need the pc to have. Once these changes have been made don't forget to press the 'Export all" button in order for the changes to take affect!

That concludes the required Netapp changes, we will now move into the pc side of things.

1. Create passwd.txt file in c:\maps directory. This will be used to map the pc username to the Unix username and id later. In this example we will use a user called "aaa" with an id of 63000, so the contents of our file will be:


[Note: the 100 in the above line is our group id that this user belongs to, we will create this in the next step]

2. Create group.txt file in the c:\maps directory. This is used to map the group name to id later. In this example we will create the group bbb with an id of 100, so our file will look like this:


3. Install Microsoft services for Unix - this howto will install it on a windows xp professional machine, the software for other Microsoft versions is also available on the Microsoft website, note however for windows 7 you must be on the versions higher than professional! The windows xp version of the software can be downloaded here. Download the file to the desktop.

4. Extract the downloaded file, by double clicking on it and selecting unzip.

5. Navigate to the directory, the files were unzipped to, this will be: c:\Documents and Settings\<username>\Local Settings\Temp and double click on the SfuSetup.msi file.

Then proceed with the installation as follows:

1. Click next on the welcome screen

2. Enter username and organisation followed by next

3. Accept the licence agreement and hit next

4. Select Standard installation and click next

5. Leave the security settings boxed unchecked and click next

6. Select "local user name" mapping and "password and group files" then click next

7. Enter c:\maps\passwd.txt for the password file and c:\maps\group.txt for the group file, then click on next

8. Windows services for Unix will now install

Once the initial installation is complete we need to make some changes. Find windows serviced for Unix, in control panel, add or remove programs, click on the entry and select change.

At the next screen, select add it remove, then hit next

Expand the authentication tools for nfs, click the red x against server for pcnfs line and select entire feature will be installed on hard disk. Then click on next. The change will now be installed.

Once installed, we need to make sure the user name mapping service is set to automatic and is running. Do this in the normal manner by using the services screen of the control panel.

We now need to start the windows services for Unix GUI, so go to control panel, administrative tools and double click on "services for Unix administration"

First we need to configure the user name mapping, so click on "user name mapping" in the left hand side. Then click on "maps" along the top bar, followed by "show user maps".

Click on both list windows users and list Unix users, both boxes will then be populated with the user lists.

We will map the user, administrator to the aaa Unix user, so select administrator in the windows users list and aaa in the Unix users list, then press add map.

You should then see the mapping appear, so click on apply to save the changes.

We now need to sort out the pcnfs side of things, so click on server for pcnfs on the left hand side. Click on groups as we will need to create the group before we can map the user to it. Enter the group id of 100 and the group name of bbb. Then click on add.

You should then see the group in the current groups table. Click on apply to save the change.

Now click on users tab, followed by new. Enter the following details into the pop-up box:

User name: aaa
User logon name: aaa
Password: <your password>
Confirm password: <your password>
Primary group name: bbb
User id: 63000

Then click on ok, the user should then appear in the all users box.

Finally click on apply.

We are now in a position to test the setup.

Open my computer, and type the following into the location bar:

\\<Netapp filer ip address>\<volume/qtree name>

Eg if our Netapp filer has an ip address of and we are connecting to qtree ddd in volume ccc our location would be:


Upon hitting enter we should see a listing of the files in this qtree.

Creating a new file in this qtree we should see that it is created as the user aaa (uid 63000) and group bbb (gid 100).

No comments:

Post a Comment