Chapter 1 Oracle ZFS Storage Appliance Overview
Chapter 3 Initial Configuration
Chapter 4 Network Configuration
Chapter 5 Storage Configuration
Chapter 6 Storage Area Network Configuration
Chapter 8 Setting ZFSSA Preferences
Chapter 10 Cluster Configuration
Configuring Services Using the BUI
Viewing a Specific Service Screen
Viewing a Specific Service Screen
Configuring Services Using the CLI
iSCSI Service Targets and Initiators
SMB Microsoft Stand-alone DFS Namespace Management Tools Support Matrix
Example: Manipulating DFS Namespaces
Adding a User to an SMB Local Group
SMB Users, Groups, and Connections
Active Directory Configuration
Project and Share Configuration
SMB Data Service Configuration
Allowing FTP Access to a share
HTTP Authentication and Access Control
Allowing HTTP access to a share
NDMP Local vs. Remote Configurations
Allowing SFTP access to a share
Configuring SFTP Services for Remote Access
Allowing TFTP access to a share
Configuring virus scanning for a share
Adding an appliance administrator from NIS
Adding an appliance administrator
Active Directory Join Workgroup
Active Directory Domains and Workgroups
Active Directory Windows Server 2012 Support
Active Directory Windows Server 2008 Support
Active Directory Windows Server 2008 Support Section A: Kerberos issue (KB951191)
Active Directory Windows Server 2008 Support Section B: NTLMv2 issue (KB957441)
Active Directory Windows Server 2008 Support Section C: Note on NTLMv2
Configuring Active Directory Using the BUI
Configuring Active Directory Using the CLI
Example - Configuring Active Directory Using the CLI
Identity Mapping Rule-based Mapping
Identity Mapping Directory-based Mapping
Mapping Rule Directional Symbols
Identity Mapping Best Practices
Identity Mapping Case Sensitivity
Identity Mapping Domain-Wide Rules
RIP and RIPng Dynamic Routing Protocols
Registering the Appliance Using the BUI
Registering the Appliance Using the CLI
Configuring SNMP to Serve Appliance Status
Configuring SNMP to Send Traps
Receiver Configuration Examples
Configuring a Solaris Receiver
Chapter 12 Shares, Projects, and Schema
Minimum supported version - Use this drop-down list to control which versions of NFS the appliance supports.
Maximum supported version - Use this drop-down list to control which versions of NFS the appliance supports.
Maximum # of server threads - Define the maximum number of concurrent NFS requests (from 20 to 1000). This should at least cover the number of concurrent NFS clients that you anticipate.
Grace period - Define the number of seconds that all clients have to recover locking state after an appliance reboot (from 15 to 600 seconds) from an unplanned outage. This property affects only NFS v4 clients (NFS v3 is stateless so there is no state to reclaim). During this period, the NFS service only processes reclaims of the old locking state. No other requests for service are processed until the grace period is over. The default grace period is 90 seconds. Reducing the grace period lets NFS clients resume operation more quickly after a server reboot, but increases the probability that a client cannot recover all of its locking state. The Oracle ZFS Storage Appliance provides grace-less recovery of the locking state for NFSv4 clients during planned outages. Planned outages occur during events such as Updates in Oracle ZFS Storage Appliance Customer Service Manual , and appliance reboot using the CLI maintenance system reboot command, or rebooting using the BUI power icon . For planned outages, the NFS service processes all requests for service without incurring the grace period delay.
Custom NFSv4 identity domain - Use this property to define the domain for mapping NFSv4 users and group identities. If you do not set this property, the appliances uses DNS to obtain the identity domain, first by checking for a _nfsv4idmapdomain DNS resource record, and then by falling back to the DNS domain itself.
Enable NFSv4 delegation - Select this property to allow clients to cache files locally and make modifications without contacting the server. This option is enabled by default and typically results in better performance; but in rare circumstances it can cause problems. You should only disable this setting after careful performance measurements of your particular workload and after validating that the setting has a measurable performance benefit. This option only affects NFSv4 mounts.
Mount visibility - This property lets you limit the availability of information about share access lists and remote mounts from NFS clients. Full allows full access. Restricted restricts access such that a client can see only the shares which it is allowed to access. A client cannot see access lists for shares defined at the server or remote mounts from the server done by other clients. The property is set to Full by default.
Enable Kerberos - Enables/disables Kerberos service.
* Allow weak encryption types in Kerberos - Enables/disables support for DES (des-cbc-crc, des-cbc-md5) and Exportable ArcFour with HMAC/md5 (arcfour-hmac-exp). This property is disabled by default.
* Kerberos realm - A realm is logical network, similar to a domain, that defines a group of systems that are under the same master KDC. Realm names can consist of any ASCII string. Usually, your realm name is the same as your DNS domain name, except that the realm name is in uppercase. Using this convention helps you differentiate problems with the Kerberos service from problems with the DNS namespace, while still using a name that is familiar.
* Kerberos master KDC - In each realm, you must include a server that maintains the master copy of the principal database. The most significant difference between a master KDC and a slave KDC is that only the master KDC handles database administration requests. For instance, you must change a password or add a new principal on the master KDC.
* Kerberos slave KDC - The slave contains duplicate copies of the principal database. Both the master KDC server and the slave KDC server create tickets that are used to establish authentication.
* Kerberos admin principal - This property identifies the administrator. By convention, a principal name is divided into three components: the primary, the instance, and the realm. You can specify a principal as joe, joe/admin, or joe/admin@ENG.EXAMPLE.COM. This property is used only to set up the system's Kerberos service principals and is not retained.
* Kerberos admin password - Defines a password for the administrator. This property is used only to set up the system's Kerberos service principals and is not retained.
Oracle Intelligent Storage Protocol - The NFSv4 service includes support for the Oracle Intelligent Storage Protocol, which lets Oracle Database NFSv4 clients pass optimization information to the ZFS Storage Appliance NFSv4 server. For more information, see Oracle Intelligent Storage Protocol .
Changing services properties is documented in the Configuring Services Using the BUI and Configuring Services Using the CLI.
Setting the NFS minimum and maximum versions to the same value causes the appliance to only communicate with clients using that version. This may be useful if you find an issue with one NFS version or the other (such as the performance characteristics of an NFS version with your workload), and you want to force clients to only use the version that works best.