Configuring the Active Directory Domain for File Storage Service
The File Storage service in Private Cloud Appliance enables users of Microsoft Windows instances to map a network drive, or mount a network share. Both the NFS and SMB protocols are supported, but SMB requires that the Microsoft Windows instances and Private Cloud Appliance belong to the same Active Directory domain.
Follow these instructions to set up the Active Directory domain in the Service Enclave.
- Using the Service Web UI
-
-
Verify that DNS is configured on the appliance.
-
In the navigation menu, click Network Environment.
-
In the Network Environment Information detail page, select the DNS Servers tab and make sure that DNS servers are configured.
DNS is required because, during domain configuration, the system searches for a matching SRV record in order to locate the controllers of the Active Directory domain.
-
-
In the navigation menu, click Active Directory Domain.
-
Verify that no Active Directory domain is currently configured. The configuration details should show "Status = disabled" and "Domain = Not Available".
-
Click Edit to change the Active Directory domain configuration.
-
In the Active Directory Domain Setting window, enter these parameters:
-
the name of the Active Directory domain the appliance is meant to join
-
a user name and password that enable the appliance to join the domain
-
optionally, an organizational unit
-
-
Click Submit to apply the new configuration.
-
Verify that the Active Directory is configured correctly. The configuration details should show "Status = online" and the newly configured domain name should appear in the Domain field.
-
To remove the ZFS Storage Appliance from the Active Directory domain again, you must use the Service CLI.
-
- Using the Service CLI
-
-
Gather the information that you need to run the command:
-
the name of the Active Directory domain the appliance is meant to join
-
an account (user name and password) with authorization to join the Active Directory domain
-
-
Verify that DNS is configured on the appliance. During domain configuration, the system searches for a matching SRV record in order to locate the controllers of the Active Directory domain.
PCA-ADMIN> show NetworkConfig Data: Uplink Port Speed = 100 Uplink Port Count = 2 Uplink Vlan Mtu = 9216 [...] DNS Address1 = 192.0.2.201 DNS Address2 = 192.0.2.202 DNS Address3 = 10.25.0.101 Management Node1 Hostname = mypca-mn1 Management Node2 Hostname = mypca-mn2 Management Node3 Hostname = mypca-mn3 [...] Network Config Lifecycle State = ACTIVE
-
Verify that no Active Directory domain is currently configured.
PCA-ADMIN> show ZFSAdDomain Data: Status = disabled Mode = workgroup Service href = /api/service/v2/services/ad Domain href = /api/service/v2/services/ad/domain Workgroup href = /api/service/v2/services/ad/workgroup PasswordSet = false Preexist = false Workgroup = WORKGROUP
-
Configure the Active Directory domain by entering the name of the domain, and a user name and password that enables the appliance to join the domain.
PCA-ADMIN> configZFSAdDomain domain=ad.example.com user=Administrator password=************ JobId: 7e6abf2d-9f6a-4c32-8f18-5142f6eda3c5
-
Use the job ID to check the status of your command.
When the job has completed successfully, verify the Active Directory zone configuration and status.
PCA-ADMIN> show ZFSAdDomain Data: Status = online Mode = domain Service href = /api/service/v2/services/ad Domain href = /api/service/v2/services/ad/domain Workgroup href = /api/service/v2/services/ad/workgroup PasswordSet = false Preexist = false
- To remove the ZFS Storage Appliance from the Active Directory domain again, set its configuration back to workgroup mode.
PCA-ADMIN> configZFSAdWorkgroup workgroupName=WORKGROUP JobId: 1329e43a-3ed6-4588-b90b-a45506271df8 PCA-ADMIN> show zfsAdDomain Data: Status = disabled Mode = workgroup Service href = /api/service/v2/services/ad Domain href = /api/service/v2/services/ad/domain Workgroup href = /api/service/v2/services/ad/workgroup PasswordSet = false Preexist = false Workgroup = WORKGROUP
-