----- Original Message ----- | On Oct 27 15:28:37, James A. Peltier wrote: | > ----- Original Message ----- | > | James A. Peltier wrote: | > | | > | > Now, that said, is there anything that you could recommend | > | > instead | > | > of NFSv4 for offering secure file services to multiple | > | > platforms? | > | | > | Apache with SSL may be a solution. I've used it on small scale | > | projects. | > | You can auth users against LDAP, AD, etc. Should work with any | > | client | > | that has a SSL capable web browser/client of some sort. It's very | > | portable, file system and client agnostic. | > | | > | The one downside (IMO) is that the clients won't see it as a | > | native | > | file | > | system mount, but there are interfaces available and you can | > | always | > | write your own or customize one to fit your needs. | > | | > | Your own little dropbox-ish solution. | > | | > | Brad | > | > I deal with research data. Most of which are tens to hundreds of | > gigabytes in size, so it's not a solution for me, but we did | > evaluate that for some smaller scale uses. | > | > Our users are used to typing cd /cs/<some lab> and having their | > files be available to them. They are used to seeing the same files | > in the UNIX home as is in their Windows or Mac shares. This better | > describes what I mean by transparent. | > | | OK. So what exactly does NFSv4 do for you in this situation | that NFSv3 did not? Also, exactly which NFS client (v3, v4) | are you using on Windows?
What it offers: Kerberos security, selectable security level (-o sec=krb5/krb5i/krb5p), firewall friendly For Windows, we re-share the NFS volume via Samba or have them speak directly to a NetApp that speaks AD/Kerberos -- James A. Peltier Systems Analyst (FASNet), VIVARIUM Technical Director Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.fas.sfu.ca | http://vivarium.cs.sfu.ca http://blogs.sfu.ca/people/jpeltier MSN : subatomic_s...@hotmail.com
