| System Info
The System Info page
includes general server information, registration panel, reference documentation,
and administrator options.
General Setup
This section will
explain the various options available in the General Setup screen
in the Web Control Panel. You will be able to see this server in Windows
Network Neighborhood once you enter the hostname and workgroup information.
Note: The web
configuration tool makes changes in real time. When you make a change it
typically takes effect immediately. No reboots are necessary. To confirm
a change has been accepted, click the page tab or refresh button. Do
not use the browser refresh button, doing so will close your secure connection
to the web server.
Hostname
This field contains
the current NetBios hostname of the NAS server. The NetBios hostname
is the computer name you see when you browse Network Neighborhood in
Windows.
Workgroup
This field contains
the Workgroup name of the network. The NAS server and other computers normally
use the same Workgroup name in Windows network environments.
IP Address and
Netmask
The IP address identifies
your server on the network and must be unique. You may also assign the
IP address with the optional keypad on the front of the NAS server.
WINS Server
This field contains
the IP address of the WINS server that the NAS server currently uses
to resolve NetBios hostnames. Use IP address 0.0.0.0 to disable WINS
name resolution. Even when using a DHCP server, you may need to specify
a WINS server if you are using a Virtual Private Network (VPN) and want
to browse to the NAS server.
Back
to Top
Date and Time
The date and time
should be correct for time sensitive data.
Changing Administrator
Password
To change the Administrator
password, enter the General Setup page in the Web Configuration
Tool. Enter the old password, then the new password, and then verify
the new password.
Note: Please
secure the administrator password with care. We are unable to provide
support for lost passwords due to security measures built into the
software. Contact tech support for a replacement operating system module
if you forget your password.
Security Options
The NAS server may
be configured for security locally or with Windows NT/2000/2003 domain
security. The suggested configuration is with a Windows server on the
network acting as a Primary Domain Controller (PDC). A properly configured
Windows domain will authenticate a user when they logon to the network,
then allow that user to access network resources defined in the user
security database.
On a peer-to-peer
network, with no dedicated Windows authentication server, the NAS server
may be configured to provide user security. Please be aware that peer-to-peer
networks are inherently less secure due to limitations in Windows 95/98.
Each user at a Windows 95/98 workstation needs to have a username and
password to logon. Do not leave the password field blank on the workstation!
If the password field is blank, then a user tries to access the NAS
server, they will be prompted for a password. If the user enters a
password at that point, Windows will prompt to save the password in
the password list. This is a gaping security hole in Win98 and Win95
and security for that user will be compromised.
Note: Windows
95A (and possibly OSR2) clients transmit passwords in plain text across
the network. If you are worried about users with packet sniffers this
may be of concern to you. Using the NAS server without a domain controller
is potentially insecure, and not recommended for networks with high
security requirements. The NAS server will work best with a domain
environment, with encrypted passwords and all of the security benefits
of domains.
Back to Top
Store Passwords
Locally
Users must be defined
on the NAS server if you do not have a Windows domain controller (otherwise
known as a peer-to-peer network) or if you have non-domain member clients
that need access to the NAS server. The sections below will explain the
process of adding users with or without a domain controller.
Join a Windows
Domain
Having a Windows
domain network is the ideal situation. The NAS server will recognize
domain users and passwords when joined to the domain. To join the NAS
server to the domain:
- Choose Join
Windows NT 4 Compatible Domain
- Enter the PDC
Computer Name, which is the NetBios computer name of the domain
controller, not the name of the domain
- Select Apply
- Select Join
Domain
- Enter the user
name and password of someone authorized to join the domain
Without a Windows
Domain Controller
On a peer-to-peer network
passwords are stored on the NAS server. It is only necessary to add users
on the NAS if it is not joined to a domain or when you have non-domain
member clients that need access to the NAS server. Please see the warnings
in the Security Options section of this document for more information regarding
Windows 95/98/ME security. To add a user:
- Make sure Store
Password Locally is selected on the General Setup page
- Go to the User
Setup page
- Click New
- Add a user name
that matches a valid user on the network
- Enter a password.
(User must logon to Windows with same password)
- Click Add
Back to Top
User Setup
Current Users
If you are joined
to a domain you will already see a list of users from your domain controller.
You may also add local users for peer-to-peer style authentication. Domain
and non-domain users can coexist.
User Quotas
Storage usage is a
common administration concern. The Web Control Panel allows the administrator
to manage the disk-usage quotas of individual users and groups of users.
For example you may want to restrict Bob down the hall from using more
drive space than you want him to. More information about Group Quotas can
be found in the Group Setup section.
- Go to the User
Setup page
- Select a user
- Click the Enable
User Quota on this Volume checkbox
- Type a number
in megabytes
- Click the Apply button
Note: Quotas
are calculated by the file size of all files owned by a user. Please
see the File Sharing section below for more information about
file Ownership.
Change User Password
You may change local
user passwords here. Domain passwords should be managed on your domain
controller.
Back
to Top
Group Setup
Administrators often
use groups to save time when assigning permissions to network users.
By default, any users added will be included in the User Group.
You may further define new groups of users, and then assign file permissions
based on groups as well as users. To add a group:
- Go to the Group
Setup page
- Click New
- Name the group
- Click Add
- Add or Remove
users to the group
Group Quotas
The Web Control Panel
allows the administrator to manage the disk-usage quotas of individual
users and groups of users. For example, you may want to restrict the
accounting group from using more drive space than you want them to.
- Go to the Group
Setup page
- Select a Group from
the drop down list
- Choose a Volume to
apply this Quota to
- Click the Group
Quota Enabled checkbox
- You may also set
a fixed Quota size for all users in the Set All Members User Quotas section
- Type a number
in megabytes
- Click the Apply button
Note: Quotas
are calculated by the file size of all files owned by a user. Please
see the File Sharing section below for more information about
file Ownership.
Back to Top
Disk Config
RAID stands for Redundant
Array of Inexpensive Disks. RAID allows you to combine multiple disks
into one chunk of high-performance and/or fault-tolerant storage space.
There are three main RAID levels that the Darma NAS OS supports:
RAID 0 - This is
also known as striping. It splits any data stored on the array into
multiple chunks and puts them on different disks. This increases performance,
but provides no fault tolerance. In fact, it is less fault tolerant
than no RAID at all, because if any individual disk fails all of the
data on the array is lost.
RAID 1 - This is
also known as mirroring. You only get the storage capacity of one drive,
but you have an exact copy of the same data on each drive.
RAID 5 - This RAID
level is striping with parity and requires 3 or more disks. In other
words, the data you write to a RAID 5 array is split between the disks
in the array like in RAID 0, but there is also backup information written
to the array. With RAID 5 you lose one disks worth of storage space,
but any single disk in the array can fail without data loss. This RAID
level also has the option of Hot Spare devices. A disk designated as
a Hot Spare for a RAID 5 array will be introduced as a data disk in
the event of a disk failure. Using a hot spare, a RAID 5 array will
repair itself to a fault-tolerant state as soon as a failure occurs.
Back
to Top
Available Disks
and Arrays
The Disk Config page
is used to manage RAID arrays. All of the disks and arrays detected by
the system are listed under Available Disks/Arrays. RAID arrays
can be formed using these disks and arrays. After making any changes
on this page, you must click the Activate Changes button to synchronize
the system with the choices you've made.
Creating an Array:
 1.
Click the New Array button
2. Choose a RAID
Level and click OK
3. Add RAID volumes
from the Available Disks/Arrays list to the RAID
Volumes list
by selecting a disk and clicking Add RAID Volume
4. If using RAID 5,
you can add volumes to the Spare Volumes list as well
5. Finally, click Activate
Changes and wait for the operation to complete.
This
process can take several minutes.
After clicking Remove
Array, the disks that were part of the selected array are moved
back into the Available Disks/Arrays list.
Removing an Array
You can remove an array by clicking the Remove Array button. To
remove an array, it must not contain any Logical Volumes.
Back to Top
Disk Failures
When a disk fails in a RAID 1 or RAID 5 array, the Array Status will
be listed as Disk Failure. To restore the array, shut down the
NAS system and replace the failed disk with a disk of equal or greater
size. Power on the NAS and find the affected disk in the list of RAID
Volumes. Select the disk by clicking on it and then click Reinitialize. This
will format the disk and introduce it to the running array.
Back
to Top
LVM Explained
The Logical Volume
Manager (LVM) is a layer of abstraction between physical volumes (disks
and arrays) and logical volumes (places to store your data.) What LVM
does is combine all of your physical volumes into a pool of storage.
You can then use any amount of that physical storage to create a logical
volume. Logical volumes are then used to store network shares.
Create New Logical
Volume
Before creating a
new logical volume, click the Refresh VG button to make sure that
all connected drives and configured arrays have been introduced to the
storage pool.
NOTE: Clicking Refresh
VG will format your disks if they have not been introduced to
the storage pool already. Disks are not added to the storage pool
by default to prevent accidental data loss.
Click the New Volume
button and choose a name for this logical volume.
If you want, you
can choose the order of physical volumes that space will be allocated
from. For example, if you have one RAID array and one individual disk
listed under Available Disks/Arrays, and you want to create a volume
using space from the RAID array only, you would add the RAID array
to the list of Target Volumes by selecting it and clicking the Add
button. Space will be allocated from the volumes listed under Target
Disks/Arrays in order.
If no volumes are
selected for Target Disks Arrays, storage will be allocated
from the volumes that are listed under Available Disks/Arrays in
order. Now you can click the Format Volume to allocate space
from the storage pool for this volume. Choose the size you want this
volume to be, in megabytes.
Back
to Top
Volume Information
This section displays
general volume information along administrative tools to format, expand,
and repair a volume.
Format a Volume
After you have created
a Logical Volume you must specify how much space you wish to assign
to the file system with the Format Volume button. You may expand
the volume later with the Expand Volume button.
Expand a Volume
To expand an existing
volume, just click the Expand Volume button and enter a new size.
If there is enough space available, the Logical Volume will be expanded.
Repair a Volume -
Experts Only
Clicking the Repair
Volume button will attempt to repair the filesystem on a Logical
Volume using xfs_repair. This utility should only be used in the
event of severe filesystem damage. If you do not have a backup of the
data you should consult a data recovery specialist before using this
utility.
XFS Filesystem
Explained
The Darma NAS OS uses
the high-performance XFS file system created by SGI. More information
is located at www.sgi.com.
Back to Top
File Sharing
Creating Shares
The NAS server must
have at least one Share, which will appear as a folder in Windows
Explorer/Network Neighborhood. After creating your shares, you will be
able to organize data and restrict access to certain users (or groups
of users). Shares can be mapped as drive letters on network clients and
servers.
You must have at
least one Logical Volume defined before you will be able to
create a Share. Please see the LVM Config section of
this manual.
Note: Some
NAS products complicate matters by referring to a share as a volume,
storage pools and other terminology. For simplicity, we will refer
to a share as a share. To create a share:
- Go to the File
Access page
- Choose New
- Name the Share,
and choose a Logical Volume for the share to use
- Restart the File
Sharing Service by clicking the Restart File Sharing button
This share will
appear as a folder in Network Neighborhood. At this time, you may copy
data to the share, and then configure permissions for files contained
in this share.
Share Permissions
and Special Settings
When you create a
share, you will have several advanced options, explained below.
Permissions
By default, all groups
and users will have access to files created in a share. A typical server
might have shares named Public, Company, MP3 and so on. Often, you will
want to control access to files in a share using file permissions. The
Darma NAS OS has full support for Access Control Lists, which
is the same mechanism that Windows uses for file permissions.
Briefly, Access
Control Lists (or ACL's) are lists of permission settings on
a file. Each entry in a file's Access Control List specifies an entity
and the permissions that entity has for the file. Entities are user
names, group names, or simply global, to specify permissions for
everyone that isn't mentioned in a file's ACL. The permissions can
be Read and/or Write access. Examples of entries in a file's ACL
would be:
user:administrator rw
group:users rw
global r
There are always
at least three entries in a file's ACL:
1. Owner - this is a user ACL entry. By default this is set to
the username of the person who created the file.
2. Group - this is a group ACL entry. By default this is set to
the primary group of the person who created the file.
3. Global Access - this is a special ACL entry that controls the
default permissions on a file for someone whom none of the other ACL
entries apply to.
You can change permissions
on files using Windows or through the NAS Web Control Panel. You must
first select the file(s) that you wish to change the permissions for.
To use the Web Control Panel follow these steps:
Go to the File
Access page and select a share from the Current Share drop
down list. Select a file or folder to administer. You may hold down
the shift key to select multiple files and folders
To change the Owner user
and group, simply select a new Owner or Group from the
drop-down menus.
To delete a non-permanent
ACL entry, highlight it in the list of ACL entries and click Delete
ACL Entry.
To add or change
an ACL entry, select an entity from the drop-down list, choose the
permission settings for that entity and click Apply. Select
the Apply to Subdirectories checkbox if you wish to recursively
apply the new ACL entry to the contents of every folder you've selected.
. |
Server Information