Mounting NFS on a Windows Client
Describes how to mount an NFS share on a Windows client, and configure the relevant user and group IDs.
About this task
To set up the Windows NFS client, mount the cluster, map a network drive, and configure the user ID (UID) and group ID (GID). The Windows client must access NFS using a valid UID and GID from the Linux domain. Mismatched UID or GID results in permission problems when MapReduce jobs try to access files that were copied from Windows over an NFS share.
Due to Windows directory caching, the .snapshot
directory may not appear in the
root directory of each volume. As a workaround, you can force Windows to re-load the
volume's root directory by updating its modification time (for example, by creating
an empty file or directory in the volume's root directory).
With Windows NFS clients, use the -o nolock
option on the NFS server to prevent
the Linux NLM from registering with the portmapper. The native Linux NLM conflicts
with the HPE Ezmeral Data
Fabric NFS server.
Complete the following steps to mount NFS on a Windows client:
Procedure
-
Mount the Cluster.
Complete the following steps for Windows 10 Enterprise
- Open Start > Control Panel > Programs.
- Select Turn Windows features on or off.
- Select Services for NFS.
- Click OK.
- Enable write permissions for the anonymous user as the default
options only grant read permissions when mounting a UNIX
share using the anonymous user. To grant write permissions, make a change to the Windows registry by performing the following steps:
- Open
regedit
by typing it in the search box and pressing Enter. - Create a new New DWORD (32-bit) Value
inside the
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default
folder namedAnonymousUid
andAnonymousGid
and assign the UID and GID found on the UNIX directory as shared by the NFS system.
- Open
- Restart the NFS client or reboot the machine to apply the changes.
- Mount the cluster and map it to a drive using the Map Network Drive
tool or from the command line.
For more information, see step 2.mount -o anon usa-node01:/mapr z:
Complete the following steps for Windows 7 Ultimate or Windows 7 Enterprise- Open Start > Control Panel > Programs.
- Select Turn Windows features on or off.
- Select Services for NFS.
- Click OK.
- Mount the cluster and map it to a drive using the Map Network Drive tool or
from the command line.
For more information, see step 2.mount -o nolock usa-node01:/mapr z:
Complete the following steps for all other versions of Windows:- Download and install Microsoft Windows Services for Unix (SFU). You only need to install the NFS Client and the User Name Mapping.
- Configure the user authentication in SFU to match the authentication used by the cluster (LDAP or operating system users). You can map local Windows users to cluster Linux users, if desired.
- Once SFU is installed and configured, mount the cluster and map it to a
drive using the Map Network Drive tool or from the command
line.
For more information, see step 2.mount -o nolock usa-node01:/mapr z:
-
Map a network drive with the Map Network Drive tool.
- Open Start > My Computer.
- Select Tools > Map Network Drive.
- In the Map Network Drive window, choose an unused drive letter from the Drive drop-down list.
- Specify the folder by browsing for the MapR cluster, or by typing the hostname and directory into the text field.
- Browse for the MapR cluster or type the name of the folder to map. This name must follow UNC. Alternatively, click Browse… to find the correct folder by browsing available network shares.
- Select Reconnect at login to reconnect automatically to the MapR cluster whenever you log into the computer.
- Click Finish.
-
Configure the UID and GID for NFS access.
For a system that is part of the Active Directory Domain, you must instruct the NFS client to access an AD server to get
uidNumber
andgidNumber
.- Ensure that the AD Users schema has auxiliary class
posixAccount
. - Populate the AD
uidNumber
andgidNumber
fields with the matchinguid
andgid
from Linux. - Configure the NFS client to look up
uid
andgid
in the AD DS store. - Refer to details here:
http://technet.microsoft.com/en-us/library/hh509016(v=ws.10).aspx
.
For a standalone Windows 7 or Vista machine (not using Active Directory), Windows always uses its configured anonymous UID and GID for NFS access, which by default are-2
. However, you can configure Windows to use specific values, which results in being able to access NFS using those values.The UID and GID values are set in the Windows Registry and are global on the Windows NFS client box. This solution might not work well if your Windows box has multiple users who each need access to NFS with their own permissions, but there is no obvious way to avoid this limitation.
The values are stored in the registry path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default
. The two DWORD values areAnonymousUid
andAnonymousGid
. If they do not exist, you must create them.Refer to details here:
https://docs.microsoft.com/en-us/archive/blogs/msdn/sfu/can-i-set-up-user-name-mapping-in-windows-vista
. - Ensure that the AD Users schema has auxiliary class
-
(Optional) Deactivate the
nlockmgr
service.If thenlockmgr
service is active on a Windows machine, attempts to mount a HPE Ezmeral Data Fabric NFS share fail with the following message:C:\Users\administrator.Client1>mount -o nolock -u:mapr -p:mapr ClusterNode1:/mapr / g: Network Error - 53 Type 'NET HELPMSG 53' for more information.
Configuring Access When ACES are set
About this task
Some NFS clients, such as the Microsoft native Windows NFSv3 client, check mode
bits to determine if access is allowed even before contacting the NFS server. If
Access Control Expression (ACE)s are set
on a directory or file, the client-side permission checks based solely on mode
bits prevent the client from accessing the file or directory. You can set the
value for the WindowsAceSupport
property to
true
in the nfsserver.conf
file to allow the Windows client access to the file or
directory. The default value for this property is false
, and
denies access to the client even before contacting the NFS server.
When the WindowsAceSupport
property value is set to
true
, HPE Ezmeral Data Fabric returns mode bits 777 to the client if
ACE is set on
the file or directory, thus allowing the client to establish a connection to the
server. However, when the client actually tries to read or write from the
server, HPE Ezmeral Data
Fabric performs permission checks against the mode bits and
ACEs on the
directory and/or file, ensuring proper access.
WindowsAceSupport
property value is set to
true
:- Tools that visually display access information might show read/write access for users who do not have that access.
- Files that are not executables might appear executable.
- You cannot use the NFSv3 to access an NFSv4 server, because the NFSv4 server only supports the v4 protocol.