All Data Domain systems
DDOS 5.1 and above
To restrict access to a CIFS share to one or more users or groups, Data Domain system administrator typically uses Data Domain CLI command "cifs share create" or "cifs share modify" with "users" option. This option is also available through GUI prior DDOS 5.1 release and is available from DDOS 5.2 onward.
Below are two DDMS screenshots when a Data Domain admin adds users or groups to a CIFS share. In DDOS 5.1, CIFS share ACL feature is removed from GUI (DDMS). The user/group option in CLI remains valid.
NOTE: When adding users or Groups to a CIFS share do not use the asterisk (*) as the Data Domain system will not interpret this symbol as a wildcard but attempt to look for a user or group with the name of *. It is always a best practice to use the user name or the group name for example: "Domain\<username > Corp\steve (OR) Domain\<group> corp\IT"
In DDOS 5.1:
Please check for the steps to follow using MMC for adding user and groups to the CIFS share.
From DDOS 5.2
Customer will be able to add users and groups to a particular CIFS share using DDEM.
Procedure to set CIFS share ACL through Windows client
- From a Windows client running Windows operation system, connect to DataDomain system using a local administrator account (sysadmin or other local account when DataDomain system uses non-AD mode) or domain administrator account (when DataDomain system is joined to AD).
- Right click on "My Computer" or equivalent icon and select "Manage". This will launch Computer Management Tool.
- Client on "Action" and select "Connect to another computer". Then, enter the name or IP-address of the DataDomain system used in step #1.
- Navigate to "System Tools" -> "Shared Folders" and “Shares".
- Right click on a share, select "Properties" and click on "Share permissions".
- Set appropriate permissions and click on "Apply" or "OK" button.
Note: If DataDomain system uses a local administrator account (sysadmin or other local account), the user needs to have the same account and password in Windows client node. This is because Windows MMC passes current Windows user/password to DataDomain node for authentication.
There is no problem if the windows client and Data Domain system are in the same Active Directory and the user logs into the Windows client using an AD account. Otherwise, the user must map a drive from the DataDomain system using a user with administrative privileges such as local admin account or domain admin account.
Below is a screenshot of MMC at step 5.
EMC Support Solution Number: 181965
Copying the RPM file to the releases directory via FTP 181306
Copying the RPM file to the releases directory in NFS 181312
Copying the RPM File to The Releases Folder Using CIFS 181322
Copying files from and to /ddvar via SCP 181182