Configuration of AIX Fast Connect and SMBFS

Configuration of AIX Fast Connect and SMBFS

 
Comments
 

The Common Internet File System (CIFS), also known as Server Message Block (SMB), is a standard remote file system access protocol over the Internet, enabling groups of users to work together and share documents and printers across the Internet or within corporate intranets. CIFS allows multiple clients to access and update the same file, while preventing conflicts with sophisticated file sharing and locking semantics. It also permits aggressive caching and read-ahead and write-behind without loss of cache coherency, thereby increasing the performance, which is the backbone of today's sophisticated enterprise computer networks. CIFS complements HTTP and provides more sophisticated file sharing and file transfer than older protocols, such as FTP.

File sharing between PC operating systems, such as Windows®, is commonly implemented using the CIFS protocol, and file sharing between AIX® systems has been implemented using the Network File System (NFS) protocol. Since these two protocols being non-interoperable, products like AIX Fast Connect and AIX SMBFS allow PC clients to access and share files on the AIX server and vice versa.

Overview of AIX Fast Connect

AIX Fast Connect is server software that allows AIX servers to share files and printers with personal computer clients running the following Windows operating systems:

  • Windows XP
  • Windows 2000
  • Windows 2003
  • Windows NT
  • Windows 98Windows

AIX Fast Connect provides the following:

  • A rich set of security features
  • High performance (SendFile API support and memory-mapped files )
  • File safety specifications (so that multiple machines can access the same file without locking problems and opportunistic locking)
  • Maintenance and administration using the System Management Interface Tool (SMIT)
  • Secure authentication techniques (AIX-based user authentication, NT pass-through authentication, Lightweight Directory Access Protocol (LDAP) support for user authentication, Kerberos-based authentication, and CIFS password encryption protocols)
Figure 1. AIX Fast Connect

Basic Functional Blocks for AIX FastConnect

Note: AIX Fast Connect supports AIX 5.1 and above.

Installation requirements

Install the following filesets to configure AIX Fast Connect:

Figure 2. Configuring AIX Fast Connect

Installation requirements

Only the root user can perform the configuration of Fast Connect for the AIX server; however, any user can access the configuration menu.

Starting the Fast Connect server

There are two ways in which you can start the Fast Connect server:

  1. Using SMIT
  2. Using the command line

Using SMIT

  1. Enter smitty smb.
    Figure 3. Using SMIT
    smitty smb
  2. Select the Start Server.
  3. In the next screen, the command completes and displays the following message:
    1
    Server servername has started successfully on servername

Using the command line

  1. Enter net start /load.
  2. To verify, run the following:
    1
    2
    3
    4
    #ps -eaf | grep cifs
    root 503820      1   0   Aug 23      -  0:00 /usr/sbin/cifsUserProc
    root 565300      1   0   Aug 23      -  0:12 /usr/sbin/cifsServer
    root 823380 757910   0 12:55:44  pts/2  0:00 grep cifs

    These two processes, associated with Fast Connect, are responsible for the SMB request and response:

    • cifsServer is the main server daemon; it is a main server process owned by root.
    • cifsUserProc is a client session daemon; there is one cifsUserProc for each session. For every new request to the AIX Fast Connect server from the Windows client, a new cifsUserProc thread is created.

Defining shares

There are two ways in which you can add a new file system share:

  1. Using SMIT
  2. Using the command line

Using SMIT

  1. Enter the following command: #smitty smb.
  2. Select Server Shares > File Systems (Shared Volumes) > Add File Systems (Shared Volumes).
    Figure 4. Adding file systems
    smitty smb

Using the command line

  1. Enter the following command:
    1
    2
    #net share /add /type:f /netname:TEST
    /path:/home/divya /desc:"File share test"

Configuration of encrypted passwords and defining a user

When the AIX Fast Connect server is configured for encrypted passwords, AIX Fast Connect attempts to authenticate all incoming SMB usernames and encrypted_password logins against the AIX Fast Connect /etc/cifs/cifsPasswd file. This file, initialized and maintained by the net user command, is a database of AIX Fast Connect users (and their encrypted passwords).

All AIX Fast Connect users defined by the net user command should be AIX users.

The passwords of the Fast Connect users are distinct from (and might differ from) the standard AIX passwords in the /etc/security/passwd file. When an AIX user changes their password (using /usr/bin/passwd), the AIX Fast Connect password for that user does not automatically change.

  • To enforce encrypted passwords for AIX Fast Connect, type:
    1
    #net config /encrypt_passwords:2
  • To configure a new user for encrypted passwords, type:
    1
    #net user username password /add

    Or
    1
    #net user username -p /add

    The -p flag prompts for a no-echo password.
  • To change a user's encrypted password and also update that user's AIX password, type:
    1
    #net user username password /changeaixpwd:yes

    Or
    1
    #net user username -p /changaixpwd:yes

Once the above configurations are done, stop and start the server.

  • To stop the server and unload the server daemon, type:
    1
    #net stop /unload
  • To load the server daemon and enable PC clients to connect, type:
    1
    #net start /load

Now the Fast Connect server is ready to allow PC clients to connect and access the exported file shares.

Mapping drives from the PC clients

Typically, PC clients must define drive mappings to use the CIFS exported file shares. These drive mappings can be done from Windows or from the DOS command prompt.

You can use the following mechanisms to define or undefine mappings between PC drives and CIFS file shares. For the following examples, assume that the NetBIOS server name is indus19.in.ibm.com and that file shares test, test1, is defined.

For DOS, enter the following:

1
2
3
4
5
6
7
DOS> net help (help info for DOS)
DOS>net use F: \\indus19.in.ibm.com\test /user:tstuser tstpass
DOS>net use H: \\indus19.in.ibm.com\test1 (When username and password is not
specified in the command line, then a pop window appear asking for the username
and the password)
 DOS> copy F:\oldfile H:\newfile (uses the mapped drives)
 DOS> net use F: /delete (delete the mapped network drive)

For Windows, do the following:

  1. In the Map Network Drive dialog box, select Windows Explorer > Tools > Map Network Drive, or right-click Network Neighborhood and select Map Network Drive.
  2. Select the drive from the Drive: drop-down list, and then Enter the path. For example, see Figure 5 below.
    Figure 5. Mapping drives
    connect as
  3. To access the exported CIFS filesystems from Windows(Y:\), see Figure 6 below:
    Figure 6. Accessing the exported CIFS filesystems from Windows
    Network Map

Here are some other useful commands:

  • To query the server's operational status, type:
    1
    #net status
  • To show general configuration information, type:
    1
    #net config
  • To show statistical information (for example, packets delivered), type:
    1
    #net statistics

    You can reset the statistics counts by typing net statistics /reset on the command line.

  • To query the status of logged-in user sessions, type:
    1
    #net session
  • To list all shares currently exported by the CIFS server, type:
    1
    #net share
  • To list all users configured in the /etc/cifs/cifsPasswd file, type:
    1
    #net user
  • To delete a user from the encrypted passwords database, type:
    1
    #net user username /delete

Overview of SMBFS

AIX SMBFS is the client software that allows AIX servers to mount shares and exports from the SMB server like Windows XP, Windows 2003, Windows 2000, Windows NT, or Windows 98 operating systems into the AIX Virtual File System (VFS). This eliminates the need to install the NFS servers on the PC clients and to enhance the file sharing between SMB servers and AIX through the VFS interface.

Components that make SMBFS

  • The device driver for a pseudo device—This driver allows SMBFS to communicate with the SMB server in case it needs to initiate a reconnection or finish receiving a multi-packet response without the need to stop all threads that are performing file operations.
  • The file system interface—This interface supports VFS and vnode operations.
  • The SMB interface—This interface generates and retrieves SMB information.

Basic configuration

AIX SMBFS requires the installation of the following filesets:

  1. On the server side, share the folder that has to be exported to AIX. Right-click on Select Sharing and Security > Share this Folder > Permissions tab > Check all the permissions - Full control, Change, and Read > Apply and OK.
    Figure 7. Sharing a folder
    Remote Desktop1tstcifs is the shared folder, and the share name is tstcifs.
    Figure 8. The shared folder
    Remote Desktop2
  2. On the client side, execute the following to mount the shares of the windows:
    • Enter the following to ensure that the nsmb0 device is in the available state. The device is a pseudo device that helps SMBFS to communicate with the SMB server (Windows):

      #lsdev -l nsmb0
    • If the device is not present, run /etc/mkcifs_fs, which creates the nsmb0 device and brings it to the available state.
    • Run the following to create a mount point and give the full permission to the mount point.

      #mkdir /mnt #chmod 777 /mnt
    • Run the mount command:

      #mount -v cifs -n (servername)/username/password /(sharename) /(mountpoint)
    Figure 9. The shared folder
    commands
    The main functionality of the mount command is:
    1. To create a SMBIOD thread (It is the parent thread of SMBFS; It is a kernel thread that creates the session and manages the connection. It also helps in sending and receiving the requests and responses between the server and the client. Every mount performed on AIX has a corresponding smbiod thread.)
    2. To establish the network (NETBIOS) connection between the server and the client
    3. To create a TREE CONNECT (directory structure of Windows is put in the mount point of AIX box)
 

Downloadable resources

 

Related topics

 

0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Burn Image to DVD in AIX
Viewed 13330 times since Thu, Sep 20, 2018
AIX oslevel version OS
Viewed 4763 times since Wed, Apr 17, 2019
AIX Reviewing AIX Error and Boot Logs
Viewed 2686 times since Wed, Mar 20, 2019
Create a mksysb + SPOT using NIM (CLI)
Viewed 5477 times since Tue, Jul 17, 2018
https://www.ibm.com/developerworks/learn/aix/index.html
Viewed 11111 times since Wed, May 30, 2018
AIX WIKIS developerworks
Viewed 2253 times since Sun, Jun 17, 2018
Mirroring the rootvg Volume Group for AIX 4.1/4.2
Viewed 2964 times since Mon, May 21, 2018
Understanding dump devices sysdumpdev
Viewed 4454 times since Mon, Jul 9, 2018
How to clear/clean/erase/delete/reset network adapter configuration on AIX?
Viewed 12328 times since Thu, Nov 29, 2018
SSH Essentials: Working with SSH Servers, Clients, and Keys
Viewed 4214 times since Wed, Jun 27, 2018