Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 341
  • Last Modified:

ON QNAP A VOLUME WITH THE DIRECTORIES ONLY ACCESIBLE FOR DEDICATED USERS

I have on a Qnap a shared volume, my active directory users on a Exchange server 2003,   now a user sees all subdirectories , how to set per user only specific directories to see and edit
0
BIAPRO
Asked:
BIAPRO
1 Solution
 
Andrej PirmanCommented:
QNAP uses Samba user authentication on Linux (QNAP) system, so you must edit user by user separately on QNAP, and users will need to login separately into QNAP.

Another option is that you join QNAP to your local domain, so users from AD domain will be synced with users on QNAP Samba and you can then perform some limiting actions on directories.

Probably the most elegant option is to use QNAP as iSCSI attached storage and attach it to your Exchange server. Create some iSCSI target on QNAP, then install iSCSI initiator to your Server 2003 (here: http://www.microsoft.com/en-us/download/details.aspx?id=18986 ) and connect it with QNAP created iSCSI target.
Doing so, Server 2003 will see iSCSI target dedicated space as unformated disk drive, so you format it with NTFS filesystem, set drive letter, and use it as normal disk drive, with all permissions and properties as existing filesystem on Exchange.


If you go with iSCSI, you will find it very usefull, but keep in mind:
- iSCSI target reserves space all at once, so if you set on QNAP that iSCSI target will have 500 GB of space, it gets reserver right now
- for added security, you may configure CHAP password on QNAP, and use the same password in Server's iSCSI initiator under ADVANCED settings before you connect to iSCSI target.
- iSCSI target and initiator communicate via TCP/IP, so both must be in the same IP subnet. I use simple trick to protect it a bit more. I configure additional IP address on Esxchange server, for example 10.10.10.2 with subnet mask 255.255.255.252 so only 2 IP addresses are available. Then I'd use:
- for iSCSI target (QNAP) IP address 10.10.10.1, subnet 255.255.255.252 (/30)
- for iSCSI initiator (Server 2003) IP address 10.10.10.2, subnet 255.255.255.252
- do NOT put Gateway address, as it is not needed, nor DNS

Doing so, you will hide local IP of QNAP from LAN users.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now