JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Sun ZFS Storage 7000 System Administration Guide
search filter icon
search icon

Document Information

Preface

1.  Introduction

2.  Status

3.  Configuration

4.  Services

Services

Introduction

Data Services

Directory Services

System Settings

Remote Access

Security

BUI

Viewing a Specific Service Screen

Enabling a Service

Disabling a Service

Defining Properties

Viewing Service Logs

CLI

Selecting a Service

Viewing a Service's State

Enabling a Service

Disabling a Service

Setting Properties

Viewing Service Logs

Service Help

NFS

Introduction

Properties

Kerberos Realms

Logs

Analytics

CLI

Tasks

NFS Tasks

iSCSI

Introduction

Properties

Authentication

Authorization

Targets and Initiators

CLI

Tips

Troubleshooting

SMB

Introduction

Properties

Share Properties

NFS/SMB Interoperability

DFS Namespaces

Autohome Rules

Local Groups

Local Accounts

MMC Integration

Event Viewer

Share Management

Users, Groups and Connections

Services

CLI

Adding autohome rules

Adding a user to a local group

Tasks

SMB Tasks

FTP

Introduction

Properties

FTP Properties

General Settings

Security Settings

Logs

Tasks

FTP Tasks

HTTP

Introduction

Properties

Authentication and Access Control

Logs

Tasks

HTTP Tasks

NDMP

Introduction

Local vs. Remote Configurations

Backup Formats and Types

Backing up with "dump" and "tar"

Backing up with "zfs"

Incremental backups

Properties

Logs

SFTP

Introduction

Properties

SFTP Port

Logs

Tasks

SFTP Tasks

Virus Scan

Introduction

Properties

File Extensions

Scanning Engines

Logs

Tasks

Virus Scan Tasks

NIS

Introduction

Properties

Logs

Tasks

NIS Tasks

LDAP

Introduction

Properties

Custom Mappings

Logs

Tasks

LDAP Tasks

Active Directory

Introduction

Properties

Join Domain

Join Workgroup

Domains and Workgroups

LDAP Signing

Windows Server 2008 Support

Section A: Kerberos issue (KB951191)

Section B: NTLMv2 issue (KB957441)

Section C: Note on NTLMv2

BUI

CLI

Tasks

Active Directory Tasks

Identity Mapping

Concepts

Identity Mapping Concepts

Mapping Modes

IDMU

Directory-based Mapping

Identity Mapping Directory-based Mapping

Properties

Name-based Mapping

Identity Mapping Name-based Mapping

Name-based Mapping Rules

Case Sensitivity

Mapping Persistence

Domain-Wide Rules

Deny Mappings

Mapping Rule Directional Symbols

Ephemeral Mapping

Best Practices

Testing Mappings

Examples

Tasks

Identity Mapping Tasks

DNS

Introduction

Properties

CLI

Logs

Active Directory and DNS

Non-DNS Resolution

DNS-Less Operation

IPMP

Introduction

Properties

Logs

Tasks

NTP

Introduction

Properties

Validation

Authentication

BUI

CLI

BUI Clock

Tips

Tasks

NTP Tasks

Remote Replication

Introduction

Dynamic Routing

RIP and RIPng Dynamic Routing Protocols

Logs

Phone Home

Introduction

Oracle Single Sign-On Account

Properties

Web Proxy

Registration

Status

Service state

Logs

SNMP

Introduction

Properties

MIBs

Sun FM MIB

Sun AK MIB

Tasks

SNMP Tasks

SMTP

Introduction

Properties

Logs

Service Tags

Introduction

Properties

System Identity

Introduction

Properties

Logs

SSH

Introduction

Properties

Logs

Tasks

SSH Tasks

Shadow Migration

Introduction

Properties

Managing Shadow Migration

Syslog

Introduction

Properties

Classic Syslog: RFC 3164

Updated Syslog: RFC 5424

Message Format

Alert Message Format

Receiver Configuration Examples

Configuring a Solaris Receiver

Configuring a Linux Receiver

5.  Shares

6.  Analytics

7.  Integration

Glossary

Services

image:Service configuration

The Services screen features a side panel for quick navigation between services.

Introduction

You can configure the following services on an appliance:

Data Services

Service
Description
Ports Used
Filesystem access via the NFSv3 and NFSv4 protocols
111 and 2049
LUN access via the iSCSI protocol
3260 and 3205
Filesystem access via the SMB protocol
SMB-over-NetBIOS 139
SMB-over-TCP 445
NetBIOS Datagram 138
NetBIOS Name Service 137
Filesystem access via the FTP protocol
21
Filesystem access via the HTTP protocol
80
NDMP host service
10000
Remote replication
216
Shadow data migration
Filesystem access via the SFTP protocol
218
SRP
Block access via the SRP protocol
TFTP
Filesystem access via the TFTP protocol
Filesystem virus scanning

Directory Services

Note: UIDs and GIDs from 0-99 are reserved by the operating system vendor for use in future applications. Their use by end system users or vendors of layered products is not supported and may cause security related issues with future applications.

Service
Description
Ports Used
Authenticate users and groups from an NIS service
Authenticate users and groups from an LDAP directory
389
Authenticate users with a Microsoft Active Directory Server
Map between Windows entities and Unix IDs

System Settings

Service
Description
Ports Used
Domain name service client
53
RIP and RIPng dynamic routing protocols
IP Multipathing for IP fail-over
Network time protocol client
Product registration and support configuration
443
Product inventory support
443
Configure outgoing mail server
SNMP for sending traps on alerts and serving appliance status information
Syslog Relay for sending syslog messages on alerts and forwarding service syslog messages
System name and location

Remote Access

Service
Description
Ports Used
SSH for CLI access
22
BUI
Browser User Interface
215

Security

Service
Description
Ports Used
Kerberos
Kerberos V Authentication
88
Kerberos V Change & Set Password (SET_CHANGE)
464
Kerberos V Change & Set Password (RPCSEC_GSS)
749

BUI

You use the BUI Services screens to view and modify the services and settings described in tables above. Double click a service line to view the definition screen for that service. The following tables describes the icons and buttons in the services screens:

Icon
Description
image:Apply
Go to the service screen to configure properties and view logs. This button appears when you mouse-over a service
image:Status: On
The service is enabled and working normally.
image:Status: Disabled
The service is offline or disabled.
image:Status: Warning
The service has a problem and requires operator attention.
image:Power
Enables or disables the service
image:Restart
Restarts the service
image:Power (disabled)
Enable/disable not available for this service
image:Restart (disabled)
Restarts the currently unavailable service. You must enable the service first)

See the Basic Usage section of the documentation for a full icon list.

Viewing a Specific Service Screen

To view or edit the properties for a specific service, mouse over the service the status icon that is to the left of the service name. The status icon turns into an arrow icon, which you click to display the properties screen for the selected service.

Note: In any of the services screens, you can show a side panel of all services by clicking the small arrow icon to the left of the Services title (near the top left of each screen). Click this icon again to hide the list.

Enabling a Service

If a service is not online, click the power icon image:Power to bring the service online image:Status: On.

Disabling a Service

If a service is online and you want to disabled it, click the power icon image:Power to take the service offline image:Status: Disabled

Defining Properties

You define properties for a service by displaying a service screen (double click a service). Change the properties and then click the APPLY button. Use the REVERT button to reset properties to the state they were in before you edited them.

Viewing Service Logs

Some service screens also provide service logs that provide information to help you diagnose service issues. If a Logs button exists in the top right of a service screen, that service provide logs. Logs can provide information about:

Log content is specific to each individual service and is subject to change with future updates to the appliance software. The following are example messages that are commonly used in this version of the appliance:

Example Log Message
Description
Executing start method
The service is starting up
Method "start" exited with status 0
The service reported a successful start (0 == success)
Method "refresh" exited with status 0
The service successfully refreshed its configuration based on its service settings
Executing stop method
The service is being shut down
Enabled
The service state was checked to see if it should be started (such as during system boot), and it was found to be in the enabled state
Disabled
The service state was checked to see if it should be started (such as during system boot), and it was found to be in the disabled state

The following example is from the NTP service:

[ Oct 11 21:05:31 Enabled. ]
[ Oct 11 21:07:37 Executing start method (...). ]
[ Oct 11 21:13:38 Method "start" exited with status 0. ]

The first log event in the example shows that the system was booted at 21:05. The second entry at 21:07:37 records that the service began startup, which completed at 21:13:38. Due to the nature of NTP and system clock adjustment, this service can take minutes to complete startup, as shown by the log.

CLI

The CLI services section is under configuration services. Use the show command to list the current state of all services:

caji:> configuration services
caji:configuration services> show
Services:
                              ad => disabled
                             smb => disabled
                             dns => online
                      dynrouting => online
                             ftp => disabled
                            http => disabled
                        identity => online
                           idmap => online
                            ipmp => online
                           iscsi => online
                            ldap => disabled
                            ndmp => online
                             nfs => online
                             nis => disabled
                             ntp => disabled
                     replication => online
                            scrk => disabled
                            sftp => disabled
                          shadow => online
                            smtp => online
                            snmp => disabled
                             ssh => online
                          syslog => disabled
                            tags => online
                            tftp => disabled
                           vscan => disabled
                           

Children:
                              ad => Configure Active Directory
                             smb => Configure SMB
                             dns => Configure DNS
                      dynrouting => Configure Dynamic Routing
                             ftp => Configure FTP
                            http => Configure HTTP
                        identity => Configure System Identity
                           idmap => Configure Identity Mapping
                            ipmp => Configure IPMP
                           iscsi => Configure iSCSI
                            ldap => Configure LDAP
                            ndmp => Configure NDMP
                             nfs => Configure NFS
                             nis => Configure NIS
                             ntp => Configure NTP
                     replication => Configure Remote Replication
                            scrk => Configure Phone Home
                            sftp => Configure SFTP
                          shadow => Configure Shadow Migration
                            smtp => Configure SMTP
                            snmp => Configure SNMP
                             srp => Configure SRP
                             ssh => Configure SSH
                          syslog => Configure Syslog
                            tags => Configure Service Tags
                            tftp => Configure TFTP
                           vscan => Configure Virus Scan
                         routing => Configure Routing Table

Selecting a Service

Select a service by entering its name. For example, to select nis:

caji:configuration services> nis
caji:configuration services nis>

After you select a service, you can view its state, enable it, disable it, and set its properties.

Viewing a Service's State

You can view a service's state using the show command:

caji:configuration services nis> show
Properties:
                      <status> = online
                        domain = fishworks
                     broadcast = true
                     ypservers =

Enabling a Service

Use the enable command to enable a service:

caji:configuration services nis> enable

Disabling a Service

Use the disable command to disable a service:

caji:configuration services nis> disable

Setting Properties

Use the set command to set the properties for the selected service. After setting the properties, use the commit command to save and activate the new configuration:

caji:configuration services nis> set domain="mydomain"
                        domain = mydomain (uncommitted)
caji:configuration services nis> commit
caji:configuration services nis> show
Properties:
                      <status> = online
                        domain = mydomain
                     broadcast = true
                     ypservers =

Note: Property names are similar to their names in the BUI, but CLI names are usually shorter and sometimes abbreviated.

Viewing Service Logs

You cannot view service logs from the CLI. Use the BUI as described above.

Service Help

Type help to see all commands for a service:

caji:configuration services nis> help
Subcommands that are valid in this context:

   help [topic]         => Get context-sensitive help. If [topic] is specified,
                           it must be one of "builtins", "commands", "general",
                           "help", "script" or "properties".

   show                 => Show information pertinent to the current context

   commit               => Commit current state, including any changes

   done                 => Finish operating on "nis"

   enable               => Enable the nis service

   disable              => Disable the nis service

   get [prop]           => Get value for property [prop]. ("help properties"
                           for valid properties.) If [prop] is not specified,
                           returns values for all properties.

   set [prop]           => Set property [prop] to [value]. ("help properties"
                           for valid properties.) For properties taking list
                           values, [value] should be a comma-separated list of
                           values.